Package org.bouncycastle.bcpg

Class SecretKeyPacket

java.lang.Object

org.bouncycastle.bcpg.Packet

org.bouncycastle.bcpg.ContainedPacket

org.bouncycastle.bcpg.SecretKeyPacket

All Implemented Interfaces:

PacketTags, PublicKeyAlgorithmTags, org.bouncycastle.util.Encodable

Direct Known Subclasses:

SecretSubkeyPacket

public class SecretKeyPacket
extends ContainedPacket
implements PublicKeyAlgorithmTags

Base class for OpenPGP secret (primary) keys.

Field Summary

Fields

Modifier and Type	Field	Description
static final int	USAGE_AEAD	S2K-usage octet indicating that the secret key material is protected using an AEAD scheme.
static final int	USAGE_CHECKSUM	Deprecated. Use of MalleableCFB is deprecated.
static final int	USAGE_NONE	S2K-usage octet indicating that the secret key material is unprotected.
static final int	USAGE_SHA1	S2K-usage octet indicating that the secret key material is protected using a cipher in CFB mode.

Fields inherited from interface org.bouncycastle.bcpg.PacketTags

AEAD_ENC_DATA, COMPRESSED_DATA, EXPERIMENTAL_1, EXPERIMENTAL_2, EXPERIMENTAL_3, EXPERIMENTAL_4, LITERAL_DATA, MARKER, MOD_DETECTION_CODE, ONE_PASS_SIGNATURE, PADDING, PUBLIC_KEY, PUBLIC_KEY_ENC_SESSION, PUBLIC_SUBKEY, RESERVED, SECRET_KEY, SECRET_SUBKEY, SIGNATURE, SYM_ENC_INTEGRITY_PRO, SYMMETRIC_KEY_ENC, SYMMETRIC_KEY_ENC_SESSION, TRUST, USER_ATTRIBUTE, USER_ID

Fields inherited from interface org.bouncycastle.bcpg.PublicKeyAlgorithmTags

AEDH, AEDSA, DIFFIE_HELLMAN, DSA, EC, ECDH, ECDSA, Ed25519, Ed448, EDDSA, EDDSA_LEGACY, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, EXPERIMENTAL_1, EXPERIMENTAL_10, EXPERIMENTAL_11, EXPERIMENTAL_2, EXPERIMENTAL_3, EXPERIMENTAL_4, EXPERIMENTAL_5, EXPERIMENTAL_6, EXPERIMENTAL_7, EXPERIMENTAL_8, EXPERIMENTAL_9, RSA_ENCRYPT, RSA_GENERAL, RSA_SIGN, X25519, X448

Constructor Summary

Constructors

Constructor	Description
SecretKeyPacket(PublicKeyPacket pubKeyPacket, int encAlgorithm, int aeadAlgorithm, int s2kUsage, S2K s2k, byte[] iv, byte[] secKeyData)	Construct a SecretKeyPacket or SecretSubkeyPacket.
SecretKeyPacket(PublicKeyPacket pubKeyPacket, int encAlgorithm, int s2kUsage, S2K s2k, byte[] iv, byte[] secKeyData)	Construct a SecretKeyPacket or SecretSubkeyPacket.
SecretKeyPacket(PublicKeyPacket pubKeyPacket, int encAlgorithm, S2K s2k, byte[] iv, byte[] secKeyData)	Construct a SecretKeyPacket.

Method Summary

Modifier and Type	Method	Description
void	encode(BCPGOutputStream out)	Encode the packet into the given BCPGOutputStream.
int	getAeadAlgorithm()	Return the algorithm ID of the AEAD algorithm that was used to protect the secret key material.
int	getEncAlgorithm()	Return the algorithm ID of the symmetric key algorithm that was used to encrypt the secret key material.
byte[]	getEncodedContents()	Return the encoded packet content without packet frame.
byte[]	getIV()	Return the IV that was used to protect the secret key material.
PublicKeyPacket	getPublicKeyPacket()	Return the public key packet corresponding to the secret key packet.
S2K	getS2K()	Return the S2K identifier describing, how to derive the symmetric key to protect the secret key material with.
int	getS2KUsage()	Return the S2K usage mode indicating how the secret key material is protected.
byte[]	getSecretKeyData()	Return the encrypted/checksum'd secret key data.

Methods inherited from class org.bouncycastle.bcpg.ContainedPacket

getEncoded, getEncoded

Methods inherited from class org.bouncycastle.bcpg.Packet

getPacketTag, hasNewPacketFormat, isCritical

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

USAGE_NONE

public static final int USAGE_NONE

S2K-usage octet indicating that the secret key material is unprotected.

See Also:

• Constant Field Values

USAGE_CHECKSUM

public static final int USAGE_CHECKSUM

Deprecated.

Use of MalleableCFB is deprecated. For v4 keys, use USAGE_SHA1 instead. For v6 keys use USAGE_AEAD instead.

S2K-usage octet indicating that the secret key material is protected using malleable CFB. Malleable-CFB-encrypted keys are vulnerable to corruption attacks that can cause leakage of secret data when the secret key is used.

See Also:

• Klíma, V. and T. Rosa, "Attack on Private Signature Keys of the OpenPGP Format, PGP(TM) Programs and Other Applications Compatible with OpenPGP"
• Bruseghini, L., Paterson, K. G., and D. Huigens, "Victory by KO: Attacking OpenPGP Using Key Overwriting"
• Constant Field Values

USAGE_SHA1

public static final int USAGE_SHA1

S2K-usage octet indicating that the secret key material is protected using a cipher in CFB mode. CFB-encrypted keys are vulnerable to corruption attacks that can cause leakage of secret data when the secret key is use.

See Also:

• Klíma, V. and T. Rosa, "Attack on Private Signature Keys of the OpenPGP Format, PGP(TM) Programs and Other Applications Compatible with OpenPGP"
• Bruseghini, L., Paterson, K. G., and D. Huigens, "Victory by KO: Attacking OpenPGP Using Key Overwriting"
• Constant Field Values

USAGE_AEAD

public static final int USAGE_AEAD

S2K-usage octet indicating that the secret key material is protected using an AEAD scheme. This usage protects against above-mentioned attacks. Passphrase-protected secret key material in a v6 Secret Key or v6 Secret Subkey packet SHOULD be protected with AEAD encryption unless it will be transferred to an implementation that is known to not support AEAD. Users should migrate to AEAD with all due speed.

See Also:

• Constant Field Values

Constructor Details

SecretKeyPacket

public SecretKeyPacket(PublicKeyPacket pubKeyPacket,
 int encAlgorithm,
 S2K s2k,
 byte[] iv,
 byte[] secKeyData)

Construct a SecretKeyPacket. Note:

secKeyData

needs to be prepared by applying encryption/checksum beforehand.

Parameters:

pubKeyPacket - pubkey packet corresponding to this secret key packet.

encAlgorithm - algorithm id of the symmetric key algorithm that was used to encrypt the secret key material

s2k - s2k identifier for deriving a key from a passphrase

iv - IV that was used to encrypt the secret key material

secKeyData - encrypted/checksum'd secret key material

SecretKeyPacket

public SecretKeyPacket(PublicKeyPacket pubKeyPacket,
 int encAlgorithm,
 int s2kUsage,
 S2K s2k,
 byte[] iv,
 byte[] secKeyData)

Construct a SecretKeyPacket or SecretSubkeyPacket. Note:

secKeyData

needs to be prepared by applying encryption/checksum beforehand.

Parameters:

pubKeyPacket - pubkey packet corresponding to this secret key packet.

encAlgorithm - algorithm id of the symmetric key algorithm that was used to encrypt the secret key material

s2kUsage - octet indicating, how the secert key material was protected

s2k - s2k identifier for deriving a key from a passphrase

iv - IV that was used to encrypt the secret key material

secKeyData - encrypted/checksum'd secret key material

SecretKeyPacket

public SecretKeyPacket(PublicKeyPacket pubKeyPacket,
 int encAlgorithm,
 int aeadAlgorithm,
 int s2kUsage,
 S2K s2k,
 byte[] iv,
 byte[] secKeyData)

Construct a SecretKeyPacket or SecretSubkeyPacket. Note:

secKeyData

needs to be prepared by applying encryption/checksum beforehand.

Parameters:

pubKeyPacket - pubkey packet corresponding to this secret key packet.

encAlgorithm - algorithm id of the symmetric key algorithm that was used to encrypt the secret key material

aeadAlgorithm - AEAD algorithm scheme used to protect the secret key material with

s2kUsage - octet indicating how the secret key material was encrypted

s2k - s2k identifier for deriving a key from a passphrase

iv - IV that was used to encrypt the secret key material

secKeyData - encrypted/checksum'd secret key material

Method Details

getEncAlgorithm

public int getEncAlgorithm()

Return the algorithm ID of the symmetric key algorithm that was used to encrypt the secret key material.

Returns:

symmetric key enc algorithm id

getAeadAlgorithm

public int getAeadAlgorithm()

Return the algorithm ID of the AEAD algorithm that was used to protect the secret key material.

Returns:

aead algorithm id

getS2KUsage

public int getS2KUsage()

Return the S2K usage mode indicating how the secret key material is protected.

Returns:

s2k usage

getIV

public byte[] getIV()

Return the IV that was used to protect the secret key material.

Returns:

IV

getS2K

public S2K getS2K()

Return the S2K identifier describing, how to derive the symmetric key to protect the secret key material with.

Returns:

s2k identifier

getPublicKeyPacket

public PublicKeyPacket getPublicKeyPacket()

Return the public key packet corresponding to the secret key packet.

Returns:

public key packet

getSecretKeyData

public byte[] getSecretKeyData()

Return the encrypted/checksum'd secret key data.

Returns:

secret key data

getEncodedContents

public byte[] getEncodedContents()
                          throws IOException

Return the encoded packet content without packet frame.

Returns:

encoded packet contents

Throws:

IOException

encode

public void encode(BCPGOutputStream out)
            throws IOException

Encode the packet into the given BCPGOutputStream. If the packet output stream has PacketFormat.ROUNDTRIP set, the packet format to encode the packet length with depends on the result of Packet.hasNewPacketFormat(). Otherwise, the packet output stream dictates the packet format.

Specified by:

encode in class ContainedPacket

Parameters:

out - packet output stream

Throws:

IOException