Package org.c02e.jpgpj

Class Encryptor

    • Field Detail

      • MAX_ENCRYPT_COPY_BUFFER_SIZE

        public static final int MAX_ENCRYPT_COPY_BUFFER_SIZE
        See Also:
        Constant Field Values

      • DEFAULT_ASCII_ARMORED

        public static final boolean DEFAULT_ASCII_ARMORED
        See Also:
        Constant Field Values

      • DEFAULT_REMOVE_DEFAULT_ARMORED_VERSION_HEADER

        public static final boolean DEFAULT_REMOVE_DEFAULT_ARMORED_VERSION_HEADER
        See Also:
        Constant Field Values

      • DEFAULT_COMPRESSION_LEVEL

        public static final int DEFAULT_COMPRESSION_LEVEL
        See Also:
        Constant Field Values

      • DEFAULT_COMPRESSION_ALGORITHM

        public static final CompressionAlgorithm DEFAULT_COMPRESSION_ALGORITHM

      • DEFAULT_ENCRYPTION_ALGORITHM

        public static final EncryptionAlgorithm DEFAULT_ENCRYPTION_ALGORITHM

      • DEFAULT_SIGNING_ALGORITHM

        public static final HashingAlgorithm DEFAULT_SIGNING_ALGORITHM

      • DEFAULT_KEY_DERIVATION_ALGORITHM

        public static final HashingAlgorithm DEFAULT_KEY_DERIVATION_ALGORITHM

      • DEFAULT_KEY_DERIVATION_ALGORITHM_WORK_FACTOR

        public static final int DEFAULT_KEY_DERIVATION_ALGORITHM_WORK_FACTOR
        See Also:
        Constant Field Values

      • DEFAULT_MAX_FILE_BUFFER_SIZE

        public static final int DEFAULT_MAX_FILE_BUFFER_SIZE
        See Also:
        Constant Field Values

      • DEFAULT_LOGGING_ENABLED

        public static final boolean DEFAULT_LOGGING_ENABLED
        See Also:
        Constant Field Values

      • asciiArmored

        protected boolean asciiArmored

      • removeDefaultArmoredVersionHeader

        protected boolean removeDefaultArmoredVersionHeader

      • armoredHeaders

        protected java.util.Map<java.lang.String,​java.lang.String> armoredHeaders

      • compressionLevel

        protected int compressionLevel

      • symmetricPassphraseChars

        protected char[] symmetricPassphraseChars

      • symmetricPassphrase

        @Deprecated
protected java.lang.String symmetricPassphrase
        Deprecated.
        Null unless explicitly set by user.

      • keyDerivationWorkFactor

        protected int keyDerivationWorkFactor

      • maxFileBufferSize

        protected int maxFileBufferSize

      • loggingEnabled

        protected boolean loggingEnabled

      • ring

        protected Ring ring

      • log

        protected final org.slf4j.Logger log

    • Constructor Detail

      • Encryptor

        public Encryptor()
        Constructs an encryptor with an empty key ring.

      • Encryptor

        public Encryptor​(Ring ring)
        Constructs an encryptor with the specified key ring.

      • Encryptor

        public Encryptor​(Key... keys)
        Constructs an encryptor with the specified keys.

    • Method Detail

      • isAsciiArmored

        public boolean isAsciiArmored()
        Returns:
        true to encode final output with ASCII Armor. Defaults to false.
        See Also:
        DEFAULT_ASCII_ARMORED

      • setAsciiArmored

        public void setAsciiArmored​(boolean x)
        Parameters:
        x - true to encode final output with ASCII Armor. Defaults to false.
        See Also:
        DEFAULT_ASCII_ARMORED

      • isRemoveDefaultArmoredVersionHeader

        public boolean isRemoveDefaultArmoredVersionHeader()
        By default the ArmoredOutputStream adds a "Version" header - this setting allows users to remove this header (and perhaps replace it and/or add others - see headers manipulation methods).
        Returns:
        true if "Version" should be removed - default=false
        See Also:
        DEFAULT_REMOVE_DEFAULT_ARMORED_VERSION_HEADER

      • setRemoveDefaultArmoredVersionHeader

        public void setRemoveDefaultArmoredVersionHeader​(boolean x)
        By default the ArmoredOutputStream adds a "Version" header - this setting allows users to remove this header (and perhaps replace it and/or add others - see headers manipulation methods). Note: affects the output only if armored setting is used.
        Parameters:
        x - true if "Version" should be removed - default=false. Note: relevant only if armored setting was also set.
        See Also:
        DEFAULT_REMOVE_DEFAULT_ARMORED_VERSION_HEADER

      • getArmoredHeader

        public java.lang.String getArmoredHeader​(java.lang.String name)
        Retrieves the value for the specified armored header.
        Parameters:
        name - Case sensitive name of header to get
        Returns:
        The header value - null if header not set
        Throws:
        java.lang.NullPointerException - If no header name provided

      • getArmoredHeaders

        public java.util.Map<java.lang.String,​java.lang.String> getArmoredHeaders()
        Returns:
        An unmodifiable Map of the current armored headers - Note: header name access is case sensitive

      • setArmoredHeaders

        public void setArmoredHeaders​(java.util.Map<java.lang.String,​java.lang.String> headers)
        Replaces the current armored headers with the provided ones. Note: affects the output only if armored setting is used.
        Parameters:
        headers - The new headers to set - may be null/empty. Note:

      • withArmoredHeaders

        public Encryptor withArmoredHeaders​(java.util.Map<java.lang.String,​java.lang.String> headers)
        See Also:
        setArmoredHeaders(Map)

      • addArmoredHeaders

        public void addArmoredHeaders​(java.util.Map<java.lang.String,​java.lang.String> headers)
        Adds the specified headers - replaces existing ones and adds the new ones. Note: affects the output only if armored setting is used.
        Parameters:
        headers - The headers to add - may be null/empty. Note: header names are case sensitive.

      • updateArmoredHeader

        public java.lang.String updateArmoredHeader​(java.lang.String name,
                                            java.lang.String value)
        Sets the specified header value - replaces it if already set. Note: affects the output only if armored setting is used.
        Parameters:
        name - Case sensitive name of header to set. Note: this method can be used to override the default version header value.
        value - Value to set - if null then equivalent to header removal
        Returns:
        The replaced value - null if no previous value set
        Throws:
        java.lang.NullPointerException - If no header name provided
        See Also:
        setRemoveDefaultArmoredVersionHeader(boolean)

      • removeArmoredHeader

        public java.lang.String removeArmoredHeader​(java.lang.String name)
        Removes the specified armored header Note: affects the output only if armored setting is used.
        Parameters:
        name - Case sensitive name of header to remove - Note: in order to remove the version header must use setRemoveDefaultArmoredVersionHeader(boolean).
        Returns:
        The removed value - null if header was not set
        Throws:
        java.lang.NullPointerException - If no header name provided

      • getCompressionLevel

        public int getCompressionLevel()
        Returns:
        Compression level, from 1 (fastest and biggest) to 9 (slowest and smallest). Defaults to 6.
        See Also:
        DEFAULT_COMPRESSION_LEVEL

      • setCompressionLevel

        public void setCompressionLevel​(int x)
        Parameters:
        x - Compression level, from 1 (fastest and biggest) to 9 (slowest and smallest). Defaults to 6.
        See Also:
        DEFAULT_COMPRESSION_LEVEL

      • getSymmetricPassphraseChars

        public char[] getSymmetricPassphraseChars()
        Returns:
        Passphrase to use to encrypt with a symmetric key; or empty char[]. Note that this char[] itself (and not a copy) will be cached and used until clearSecrets() is called (or setSymmetricPassphraseChars(char[]) is called again with a different passphrase), and then the char[] will be zeroed.

      • setSymmetricPassphraseChars

        public void setSymmetricPassphraseChars​(char[] x)
        Parameters:
        x - Passphrase to use to encrypt with a symmetric key; or empty char[]. Note that this char[] itself (and not a copy) will be cached and used until clearSecrets() is called (or setSymmetricPassphraseChars(char[]) is called again with a different passphrase, and then the char[] will be zeroed.

      • getSymmetricPassphrase

        public java.lang.String getSymmetricPassphrase()
        Returns:
        Passphrase to use to encrypt with a symmetric key; or empty string. Prefer getSymmetricPassphraseChars() to avoid creating extra copies of the passphrase in memory that cannot be cleaned up.
        See Also:
        getSymmetricPassphraseChars()

      • getKeyDeriviationWorkFactor

        public int getKeyDeriviationWorkFactor()
        Returns:
        Key-derivation work factor (aka s2k count) to use, from 0 to 255 (where 1 = 1088 iterations, and 255 = 65,011,712 iterations). Defaults to 255.
        See Also:
        DEFAULT_KEY_DERIVATION_ALGORITHM_WORK_FACTOR

      • setKeyDeriviationWorkFactor

        public void setKeyDeriviationWorkFactor​(int x)
        Parameters:
        x - Key-derivation work factor (aka s2k count) to use, from 0 to 255 (where 1 = 1088 iterations, and 255 = 65,011,712 iterations). Defaults to 255.
        See Also:
        DEFAULT_KEY_DERIVATION_ALGORITHM_WORK_FACTOR

      • getMaxFileBufferSize

        public int getMaxFileBufferSize()

      • setMaxFileBufferSize

        public void setMaxFileBufferSize​(int maxFileBufferSize)
        Parameters:
        maxFileBufferSize - Encryptor will choose the most appropriate read/write buffer size for each file. Defaults to 1MB.
        See Also:
        DEFAULT_MAX_FILE_BUFFER_SIZE

      • getRing

        public Ring getRing()
        Returns:
        Keys to use for encryption and signing.

      • setRing

        public void setRing​(Ring x)
        Parameters:
        x - Keys to use for encryption and signing.

      • isLoggingEnabled

        public boolean isLoggingEnabled()
        Returns:
        true if logging a brief summary of the execution every time encryption is executed (e.g. file name/path, size, compression type, etc.). Note: errors/warnings logging are not affected by this setting

      • setLoggingEnabled

        public void setLoggingEnabled​(boolean enabled)
        Parameters:
        enabled - true if should log a brief summary of the execution every time encryption is executed (e.g. file name/path, size, compression type, etc.). Note: errors/warnings logging are not affected by this setting

      • clearSecrets

        public void clearSecrets()
        Zeroes-out the cached passphrase for all keys, and releases the extracted private key material for garbage collection.

      • encrypt

        public FileMetadata encrypt​(java.io.File plaintext,
                            java.io.File ciphertext)
                     throws java.io.IOException,
                            org.bouncycastle.openpgp.PGPException
        Signs, compresses, and encrypts the specified file to the output location specified by the second file. If a file already exists in the output file's location, it will be deleted. If an exception occurs during this processing, the output file will be deleted.

        Use the setSigningAlgorithm(org.c02e.jpgpj.HashingAlgorithm), setCompressionAlgorithm(org.c02e.jpgpj.CompressionAlgorithm), and setEncryptionAlgorithm(org.c02e.jpgpj.EncryptionAlgorithm) before running this method to turn off or adjust signing, compression, or encryption.

        Parameters:
        plaintext - File to encrypt.
        ciphertext - Location of output file.
        Returns:
        The FileMetadata of the encrypted plaintext
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • encrypt

        public FileMetadata encrypt​(java.nio.file.Path plaintext,
                            java.nio.file.Path ciphertext)
                     throws java.io.IOException,
                            org.bouncycastle.openpgp.PGPException
        Signs, compresses, and encrypts the specified file to the output location specified by the second file. If a file already exists in the output file's location, it will be deleted. If an exception occurs during this processing, the output file will be deleted.

        Use the setSigningAlgorithm(org.c02e.jpgpj.HashingAlgorithm), setCompressionAlgorithm(org.c02e.jpgpj.CompressionAlgorithm), and setEncryptionAlgorithm(org.c02e.jpgpj.EncryptionAlgorithm) before running this method to turn off or adjust signing, compression, or encryption.

        Parameters:
        plaintext - Path of file to encrypt.
        ciphertext - Path location of output ciphertext file.
        Returns:
        The FileMetadata of the encrypted plaintext
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • wrapSourceInputStream

        public java.io.InputStream wrapSourceInputStream​(java.io.InputStream sourceStream,
                                                 long inputSize)
                                          throws java.io.IOException
        Parameters:
        sourceStream - Original source (plaintext) InputStream
        inputSize - Expected input (plaintext) size
        Returns:
        A wrapper buffered stream optimized for the input size according to the current encryptor settings
        Throws:
        java.io.IOException - If failed to generate the wrapper

      • wrapTargetOutputStream

        public java.io.OutputStream wrapTargetOutputStream​(java.io.OutputStream targetStream,
                                                   long inputSize)
                                            throws java.io.IOException
        Parameters:
        targetStream - Original target (ciphertext) OutputStream
        inputSize - Expected input (plaintext) size
        Returns:
        A wrapper buffered stream optimized for the input size according to the current encryptor settings.
        Throws:
        java.io.IOException - If failed to generate the wrapper
        See Also:
        estimateOutFileBufferSize(long)

      • encryptBytes

        public FileMetadata encryptBytes​(byte[] data,
                                 java.lang.String name,
                                 java.io.File ciphertext)
                          throws java.io.IOException,
                                 org.bouncycastle.openpgp.PGPException
        Parameters:
        data - Data buffer to be used as plaintext input
        name - The "file" name to report as being encrypted - can be null
        ciphertext - Target ciphertext File
        Returns:
        The FileMetadata of the encrypted plaintext
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • encryptBytes

        public FileMetadata encryptBytes​(byte[] data,
                                 java.lang.String name,
                                 java.nio.file.Path ciphertext)
                          throws java.io.IOException,
                                 org.bouncycastle.openpgp.PGPException
        Parameters:
        data - Data buffer to be used as plaintext input
        name - The "file" name to report as being encrypted - can be null
        ciphertext - Target ciphertext Path
        Returns:
        The FileMetadata of the encrypted plaintext
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • encryptBytes

        public FileMetadata encryptBytes​(byte[] data,
                                 java.lang.String name,
                                 java.io.OutputStream ciphertext)
                          throws java.io.IOException,
                                 org.bouncycastle.openpgp.PGPException
        Parameters:
        data - Data buffer to be used as plaintext input
        name - The "file" name to report as being encrypted - can be null
        ciphertext - Target ciphertext OutputStream
        Returns:
        The FileMetadata of the encrypted plaintext
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • encrypt

        public FileMetadata encrypt​(java.io.InputStream plaintext,
                            java.io.OutputStream ciphertext)
                     throws java.io.IOException,
                            org.bouncycastle.openpgp.PGPException
        Signs, compresses, and encrypts the specified content as a PGP message into the specified output stream (with no optional metadata). Does not close or flush the streams.

        Use the setSigningAlgorithm(org.c02e.jpgpj.HashingAlgorithm), setCompressionAlgorithm(org.c02e.jpgpj.CompressionAlgorithm), and setEncryptionAlgorithm(org.c02e.jpgpj.EncryptionAlgorithm) before running this method to turn off or adjust signing, compression, or encryption.

        Parameters:
        plaintext - InputStream content to encrypt.
        ciphertext - OutputStream for PGP message, in binary or ASCII Armor format.
        Returns:
        A FileMetadata placeholder that contains at the very least the number of bytes processed from the plaintext stream
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • encrypt

        public FileMetadata encrypt​(java.io.InputStream plaintext,
                            java.io.OutputStream ciphertext,
                            FileMetadata meta)
                     throws java.io.IOException,
                            org.bouncycastle.openpgp.PGPException
        Signs, compresses, and encrypts the specified content as a PGP message into the specified output stream with the specified content metadata. Does not close or flush the streams.

        Use the setSigningAlgorithm(org.c02e.jpgpj.HashingAlgorithm), setCompressionAlgorithm(org.c02e.jpgpj.CompressionAlgorithm), and setEncryptionAlgorithm(org.c02e.jpgpj.EncryptionAlgorithm) before running this method to turn off or adjust signing, compression, or encryption.

        Parameters:
        plaintext - Content to encrypt.
        ciphertext - PGP message, in binary or ASCII Armor format.
        meta - Metadata of original file that contains at the very least the number of bytes processed from the plaintext stream
        Throws:
        java.io.IOException - if an IO error occurs reading from or writing to the underlying input or output streams.
        org.bouncycastle.openpgp.PGPException - if no encryption keys and no passphrase for symmetric encryption were supplied (and the message is not unencrypted), or if no signing keys were supplied (and the message is not unsigned).
        PassphraseException - if an incorrect passphrase was supplied for one of the signing keys.

      • prepareCiphertextOutputStream

        public java.io.OutputStream prepareCiphertextOutputStream​(FileMetadata plainMeta,
                                                          java.io.File ciphertext)
                                                   throws java.io.IOException,
                                                          org.bouncycastle.openpgp.PGPException
        Builds a wrapper OutputStream where everything written to the it is encrypted+compressed+signed according to the encryptor's configuration, and then written to the specified target file. Closing the wrapper stream finalizes the encryption and signature, and finishes writing all the wrapper stream's content to the original stream as well as closing the file stream.
        Parameters:
        plainMeta - The FileMetadata describing the plaintext file - if null an empty ad-hoc instance will be created
        ciphertext - The target File for the encrypted data
        Returns:
        The wrapper stream
        Throws:
        java.io.IOException - If failed to wrap the stream
        org.bouncycastle.openpgp.PGPException - If failed to apply a PGP wrapper

      • prepareCiphertextOutputStream

        public java.io.OutputStream prepareCiphertextOutputStream​(FileMetadata plainMeta,
                                                          java.nio.file.Path ciphertext)
                                                   throws java.io.IOException,
                                                          org.bouncycastle.openpgp.PGPException
        Builds a wrapper OutputStream where everything written to the it is encrypted+compressed+signed according to the encryptor's configuration, and then written to the specified target file. Closing the wrapper stream finalizes the encryption and signature, and finishes writing all the wrapper stream's content to the original stream as well as closing the file stream.
        Parameters:
        plainMeta - The FileMetadata describing the plaintext file - if null an empty ad-hoc instance will be created
        ciphertext - The target Path for the encrypted data
        Returns:
        The wrapper stream
        Throws:
        java.io.IOException - If failed to wrap the stream
        org.bouncycastle.openpgp.PGPException - If failed to apply a PGP wrapper

      • prepareCiphertextOutputStream

        public java.io.OutputStream prepareCiphertextOutputStream​(java.io.OutputStream ciphertext,
                                                          FileMetadata meta,
                                                          boolean closeOriginal)
                                                   throws java.io.IOException,
                                                          org.bouncycastle.openpgp.PGPException
        Builds a new wrapper OutputStream to wrap the original specified OutputStream, where everything written to the it is automatically encrypted+compressed+signed according to the encryptor's configuration, and then written to the original stream. Closing the wrapper stream finalizes the encryption and signature, and finishes writing all the wrapper stream's content to the original stream. The original stream will be closed if closeOriginal parameter is true - otherwise, it is the caller's responsibility to close it after having closed the wrapper.
        Parameters:
        ciphertext - The original OutputStream into which the encryption results are to be written. Note: the stream will not be closed when the returned wrapper is closed
        meta - The original plaintext file's FileMetadata if available - if null an ad-hoc empty instance is used.
        closeOriginal - Whether to also close the original wrapped stream when the wrapper is closed.
        Returns:
        A wrapper stream - Note: actual encryption and signature is finalized when it is closed.
        Throws:
        java.io.IOException - If failed to wrap the stream
        org.bouncycastle.openpgp.PGPException - If failed to apply a PGP wrapper

      • pipeline

        protected java.io.OutputStream pipeline​(java.io.OutputStream out,
                                        java.util.List<java.io.OutputStream> stack)
        Pushes output stream onto stack if not null, and returns top of stack.

      • encrypt

        protected java.io.OutputStream encrypt​(java.io.OutputStream out,
                                       FileMetadata meta)
                                throws java.io.IOException,
                                       org.bouncycastle.openpgp.PGPException
        Wraps with stream that outputs encrypted data packet.
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException

      • compress

        protected java.io.OutputStream compress​(java.io.OutputStream out,
                                        FileMetadata meta)
                                 throws java.io.IOException,
                                        org.bouncycastle.openpgp.PGPException
        Wraps with stream that outputs compressed data packet.
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException

      • packet

        protected java.io.OutputStream packet​(java.io.OutputStream out,
                                      FileMetadata meta)
                               throws java.io.IOException,
                                      org.bouncycastle.openpgp.PGPException
        Wraps with stream that ouputs literal data packet.
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException

      • sign

        protected Encryptor.SigningOutputStream sign​(java.io.OutputStream out,
                                             FileMetadata meta)
                                      throws java.io.IOException,
                                             org.bouncycastle.openpgp.PGPException
        Wraps with stream that outputs signature packets as header and footer to envelope.
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException

      • copy

        protected long copy​(java.io.InputStream i,
                    java.io.OutputStream o,
                    Encryptor.SigningOutputStream s,
                    FileMetadata meta)
             throws java.io.IOException,
                    org.bouncycastle.openpgp.PGPException
        Copies the content from the specified input stream to the specified output stream.
        Parameters:
        i - The plaintext InputStream
        o - The prepared target ciphertext {@link OutputStream)
        s - The Encryptor.SigningOutputStream used to calculate the signature - null if no signature provided
        meta - The provided FileMetadata
        Returns:
        Total number of processed bytes from input stream
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException

      • buildEncryptor

        protected org.bouncycastle.openpgp.PGPEncryptedDataGenerator buildEncryptor()
        Builds a PGPEncryptedDataGenerator for the configured encryption algorithm.

      • buildPublicKeyEncryptor

        protected org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator buildPublicKeyEncryptor​(Key key,
                                                                                                          FileMetadata meta)
        Builds a PublicKeyKeyEncryptionMethodGenerator for the specified key.

      • buildSymmetricKeyEncryptor

        protected org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator buildSymmetricKeyEncryptor​(FileMetadata meta)
                                                                                                throws org.bouncycastle.openpgp.PGPException
        Builds a PublicKeyKeyEncryptionMethodGenerator for the specified key to encrypt the file.
        Throws:
        org.bouncycastle.openpgp.PGPException

      • isUsableForSigning

        protected boolean isUsableForSigning​(Subkey subkey)

      • buildSigner

        protected org.bouncycastle.openpgp.PGPSignatureGenerator buildSigner​(Key key,
                                                                     FileMetadata meta)
                                                              throws org.bouncycastle.openpgp.PGPException
        Builds a PGPSignatureGenerator for the specified key and content.
        Throws:
        org.bouncycastle.openpgp.PGPException

      • buildSignerBuilder

        protected org.bouncycastle.openpgp.operator.PGPContentSignerBuilder buildSignerBuilder​(int keyAlgorithm,
                                                                                       int hashAlgorithm)
        Builds a PGPContentSignerBuilder for the specified algorithms.

      • getEncryptionBuffer

        public byte[] getEncryptionBuffer​(FileMetadata meta)
        Internal buffer for encrypted-data packets, sized based on plaintext length.

      • getEncryptionBuffer

        public byte[] getEncryptionBuffer​(long inputSize)
        Internal buffer for encrypted-data packets, sized based on plaintext length.

      • getCompressionBuffer

        public byte[] getCompressionBuffer​(FileMetadata meta)
        Internal buffer for compressed-data packets, sized based on plaintext length.

      • getCompressionBuffer

        public byte[] getCompressionBuffer​(long inputSize)
        Internal buffer for compressed-data packets, sized based on plaintext length.

      • getLiteralBuffer

        public byte[] getLiteralBuffer​(FileMetadata meta)
        Internal buffer for literal-data packets, sized based on plaintext length.

      • getLiteralBuffer

        public byte[] getLiteralBuffer​(long inputSize)
        Internal buffer for literal-data packets, sized based on plaintext length.

      • getCopyBuffer

        public byte[] getCopyBuffer​(FileMetadata meta)
        Internal buffer for copying plaintext into the encryption pipeline, sized based on plaintext length.

      • getCopyBuffer

        public byte[] getCopyBuffer​(long inputSize)
        Internal buffer for copying plaintext into the encryption pipeline, sized based on plaintext length.

      • bestPacketSize

        public int bestPacketSize​(FileMetadata meta)
        Calculates optimal PGP packet size, based on plaintext length.

      • bestPacketSize

        public int bestPacketSize​(long inputSize)
        Calculates optimal PGP packet size, based on plaintext length.

      • estimateOutFileBufferSize

        public int estimateOutFileBufferSize​(long inFileSize)
        Parameters:
        inFileSize - Input (plaintext) file size
        Returns:
        The recommended buffering for the target (ciphertext) output stream
        See Also:
        getMaxFileBufferSize()

      • clone

        public Encryptor clone()
        Overrides:
        clone in class java.lang.Object