Package org.bouncycastle.bcpg

Class S2K

java.lang.Object
org.bouncycastle.bcpg.BCPGObject
org.bouncycastle.bcpg.S2K
All Implemented Interfaces:
org.bouncycastle.util.Encodable
public class S2K extends BCPGObject
Parameter specifier for the PGP string-to-key password based key derivation function.

In iterated mode, S2K takes a single byte iteration count specifier, which is converted to an actual iteration count using a formula that grows the iteration count exponentially as the byte value increases.

e.g. 0x01 == 1088 iterations, and 0xFF == 65,011,712 iterations.

  • Field Details

    • SIMPLE

      public static final int SIMPLE
      Simple key generation. A single non-salted iteration of a hash function
      See Also:

    • SALTED

      public static final int SALTED
      Salted key generation. A single iteration of a hash function with a (unique) salt
      See Also:

    • SALTED_AND_ITERATED

      public static final int SALTED_AND_ITERATED
      Salted and iterated key generation. Multiple iterations of a hash function, with a salt
      See Also:

    • ARGON_2

      public static final int ARGON_2
      Memory-hard, salted key generation using Argon2 hash algorithm.
      See Also:

    • GNU_DUMMY_S2K

      public static final int GNU_DUMMY_S2K
      See Also:

    • GNU_PROTECTION_MODE_NO_PRIVATE_KEY

      public static final int GNU_PROTECTION_MODE_NO_PRIVATE_KEY
      See Also:

    • GNU_PROTECTION_MODE_DIVERT_TO_CARD

      public static final int GNU_PROTECTION_MODE_DIVERT_TO_CARD
      See Also:

  • Constructor Details

    • S2K

      public S2K(int algorithm)
      Constructs a specifier for a simple S2K generation.
      Parameters:
      algorithm - the digest algorithm to use.

    • S2K

      public S2K(int algorithm, byte[] iv)
      Constructs a specifier for a salted S2K generation.
      Parameters:
      algorithm - the digest algorithm to use.
      iv - the salt to apply to input to the key generation.

    • S2K

      public S2K(int algorithm, byte[] iv, int itCount)
      Constructs a specifier for a salted and iterated S2K generation.
      Parameters:
      algorithm - the digest algorithm to iterate.
      iv - the salt to apply to input to the key generation.
      itCount - the single byte iteration count specifier.

    • S2K

      public S2K(S2K.Argon2Params argon2Params)
      Constructs a specifier for an S2K method using Argon2.
      Parameters:
      argon2Params - argon2 parameters

    • S2K

      public S2K(S2K.GNUDummyParams gnuDummyParams)
      Construct a specifier for an S2K using the GNU_DUMMY_S2K method.
      Parameters:
      gnuDummyParams - GNU_DUMMY_S2K parameters

  • Method Details

    • simpleS2K

      public static S2K simpleS2K(int algorithm)
      Return a new S2K instance using the SIMPLE method, using the given hash 
      algorithm
      .
      Parameters:
      algorithm - hash algorithm tag
      Returns:
      S2K

    • saltedS2K

      public static S2K saltedS2K(int algorithm, byte[] salt)
      Return a new S2K instance using the SALTED method, using the given hash 
      algorithm
      and 
      salt
      .
      Parameters:
      algorithm - hash algorithm tag
      salt - salt
      Returns:
      S2K

    • saltedAndIteratedS2K

      public static S2K saltedAndIteratedS2K(int algorithm, byte[] salt, int iterationCount)
      Return a new S2K instance using the SALTED_AND_ITERATED method, using the given hash 
      algorithm
      , 
      salt
      and 
      iterationCount
      .
      Parameters:
      algorithm - hash algorithm tag
      salt - salt
      iterationCount - number of iterations
      Returns:
      S2K

    • argon2S2K

      public static S2K argon2S2K(S2K.Argon2Params parameters)
      Return a new S2K instance using the ARGON_2 method, using the given argon2 
      parameters
      .
      Parameters:
      parameters - argon2 parameters
      Returns:
      S2K

    • gnuDummyS2K

      public static S2K gnuDummyS2K(S2K.GNUDummyParams parameters)
      Return a new S2K instance using the GNU_DUMMY_S2K method, using the given GNU Dummy S2K 
      parameters
      .
      Parameters:
      parameters - GNU Dummy S2K parameters
      Returns:
      S2K

    • getType

      public int getType()
      Gets the digest algorithm specified.

    • getHashAlgorithm

      public int getHashAlgorithm()
      Gets the hash algorithm for this S2K.

    • getIV

      public byte[] getIV()
      Gets the iv/salt to use for the key generation.

    • getIterationCount

      public long getIterationCount()
      Gets the actual (expanded) iteration count.

    • getPasses

      public int getPasses()
      Return the number of passes - only Argon2
      Returns:
      number of passes

    • getProtectionMode

      public int getProtectionMode()
      Gets the protection mode - only if GNU_DUMMY_S2K

    • getParallelism

      public int getParallelism()
      Gets the degree of parallelism - only if ARGON_2
      Returns:
      parallelism

    • getMemorySizeExponent

      public int getMemorySizeExponent()
      Gets the memory size exponent - only if ARGON_2
      Returns:
      memory size exponent

    • encode

      public void encode(BCPGOutputStream out) throws IOException
      Specified by:
      encode in class BCPGObject
      Throws:
      IOException