Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.81
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.bouncycastle.openpgp.operator
Class PublicKeyKeyEncryptionMethodGenerator

java.lang.Object
  extended byorg.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator
All Implemented Interfaces:
PGPKeyEncryptionMethodGenerator
Direct Known Subclasses:
BcPublicKeyKeyEncryptionMethodGenerator, JcePublicKeyKeyEncryptionMethodGenerator
public abstract class PublicKeyKeyEncryptionMethodGenerator
extends java.lang.Object
implements PGPKeyEncryptionMethodGenerator

Abstract generator class for encryption methods that produce PKESK (public-key encrypted session key) packets. PKESKs are used when encrypting a message for a recipients public key. The purpose of this class is to allow subclasses to decide, which implementation to use.

Field Summary
static java.lang.String SESSION_KEY_OBFUSCATION_PROPERTY
           
protected  boolean sessionKeyObfuscation
           
protected  boolean useWildcardRecipient
           
static long WILDCARD
          Deprecated. use WILDCARD_KEYID
static byte[] WILDCARD_FINGERPRINT
           
static long WILDCARD_KEYID
           
 
Constructor Summary
protected PublicKeyKeyEncryptionMethodGenerator(PGPPublicKey pubKey)
           
 
Method Summary
protected  byte[] createSessionInfo(byte algorithm, byte[] keyBytes)
           
 byte[][] encodeEncryptedSessionInfo(byte[] encryptedSessionInfo)
           
protected abstract  byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionKey, byte symAlgId, boolean isV3)
          Encrypt a session key using the recipients public key.
 ContainedPacket generate(PGPDataEncryptorBuilder dataEncryptorBuilder, byte[] sessionKey)
          Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 3.
protected static byte[] getSessionInfo(byte[] ephPubEncoding, byte optSymKeyAlgorithm, byte[] wrappedSessionKey)
           
 PublicKeyKeyEncryptionMethodGenerator setSessionKeyObfuscation(boolean enabled)
          Controls whether to obfuscate the size of ECDH session keys using extra padding where necessary.
 PublicKeyKeyEncryptionMethodGenerator setUseWildcardKeyID(boolean enabled)
          Deprecated. use setUseWildcardRecipient(boolean) instead TODO: Remove in a future release
 PublicKeyKeyEncryptionMethodGenerator setUseWildcardRecipient(boolean enabled)
          Controls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SESSION_KEY_OBFUSCATION_PROPERTY

public static final java.lang.String SESSION_KEY_OBFUSCATION_PROPERTY
See Also:
Constant Field Values

WILDCARD_KEYID

public static final long WILDCARD_KEYID
See Also:
Constant Field Values

WILDCARD

public static final long WILDCARD
Deprecated. use WILDCARD_KEYID

See Also:
Constant Field Values

WILDCARD_FINGERPRINT

public static final byte[] WILDCARD_FINGERPRINT

sessionKeyObfuscation

protected boolean sessionKeyObfuscation

useWildcardRecipient

protected boolean useWildcardRecipient
Constructor Detail

PublicKeyKeyEncryptionMethodGenerator

protected PublicKeyKeyEncryptionMethodGenerator(PGPPublicKey pubKey)
Method Detail

setSessionKeyObfuscation

public PublicKeyKeyEncryptionMethodGenerator setSessionKeyObfuscation(boolean enabled)
Controls whether to obfuscate the size of ECDH session keys using extra padding where necessary.

The default behaviour can be configured using the system property "org.bouncycastle.openpgp.session_key_obfuscation", or else it will default to enabled.

Returns:
the current generator.

setUseWildcardKeyID

public PublicKeyKeyEncryptionMethodGenerator setUseWildcardKeyID(boolean enabled)
Deprecated. use setUseWildcardRecipient(boolean) instead TODO: Remove in a future release

Controls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).

Parameters:
enabled - boolean
Returns:
this

setUseWildcardRecipient

public PublicKeyKeyEncryptionMethodGenerator setUseWildcardRecipient(boolean enabled)
Controls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).

Parameters:
enabled - boolean
Returns:
this

encodeEncryptedSessionInfo

public byte[][] encodeEncryptedSessionInfo(byte[] encryptedSessionInfo)
                                    throws PGPException
Throws:
PGPException

generate

public ContainedPacket generate(PGPDataEncryptorBuilder dataEncryptorBuilder,
                                byte[] sessionKey)
                         throws PGPException
Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 3. PKESKv3 packets are used with Symmetrically-Encrypted-Integrity-Protected Data (SEIPD) packets of version 1 or with Symmetrically-Encrypted Data (SED) packets and MUST NOT be used with SEIPDv2 packets. PKESKv3 packets are used with keys that do not support Features.FEATURE_SEIPD_V2 or as a fallback.

Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 6. PKESKv6 packets are used with Symmetrically-Encrypted Integrity-Protected Data (SEIPD) packets of version 2 only. PKESKv6 packets are used with keys that support Features.FEATURE_SEIPD_V2.

Specified by:
generate in interface PGPKeyEncryptionMethodGenerator
Parameters:
sessionKey - session-key algorithm id + session-key + checksum
Returns:
PKESKv6 or v3 packet
Throws:
PGPException - if the PKESK packet cannot be generated
See Also:
RFC9580 - Version 6 Public Key Encrypted Session Key Packet, RFC9580 - Version 3 Public Key Encrypted Session Key Packet

createSessionInfo

protected byte[] createSessionInfo(byte algorithm,
                                   byte[] keyBytes)

encryptSessionInfo

protected abstract byte[] encryptSessionInfo(PGPPublicKey pubKey,
                                             byte[] sessionKey,
                                             byte symAlgId,
                                             boolean isV3)
                                      throws PGPException
Encrypt a session key using the recipients public key.

Parameters:
pubKey - recipients public key
sessionKey - session-key
symAlgId - for v3: session key algorithm ID; for v6: 0
Returns:
encrypted session info
Throws:
PGPException

getSessionInfo

protected static byte[] getSessionInfo(byte[] ephPubEncoding,
                                       byte optSymKeyAlgorithm,
                                       byte[] wrappedSessionKey)
Overview  Package   Class  Tree  Deprecated  Index  Help 
Bouncy Castle Cryptography Library 1.81
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD