Class S2K

  • All Implemented Interfaces:
    org.bouncycastle.util.Encodable

    public class S2K
    extends BCPGObject
    Parameter specifier for the PGP string-to-key password based key derivation function.

    In iterated mode, S2K takes a single byte iteration count specifier, which is converted to an actual iteration count using a formula that grows the iteration count exponentially as the byte value increases.

    e.g. 0x01 == 1088 iterations, and 0xFF == 65,011,712 iterations.

    • Field Detail

      • SIMPLE

        public static final int SIMPLE
        Simple key generation. A single non-salted iteration of a hash function
        See Also:
        Constant Field Values
      • SALTED

        public static final int SALTED
        Salted key generation. A single iteration of a hash function with a (unique) salt
        See Also:
        Constant Field Values
      • SALTED_AND_ITERATED

        public static final int SALTED_AND_ITERATED
        Salted and iterated key generation. Multiple iterations of a hash function, with a salt
        See Also:
        Constant Field Values
      • ARGON_2

        public static final int ARGON_2
        Memory-hard, salted key generation using Argon2 hash algorithm.
        See Also:
        Constant Field Values
      • GNU_PROTECTION_MODE_NO_PRIVATE_KEY

        public static final int GNU_PROTECTION_MODE_NO_PRIVATE_KEY
        See Also:
        Constant Field Values
      • GNU_PROTECTION_MODE_DIVERT_TO_CARD

        public static final int GNU_PROTECTION_MODE_DIVERT_TO_CARD
        See Also:
        Constant Field Values
    • Constructor Detail

      • S2K

        public S2K​(int algorithm)
        Constructs a specifier for a simple S2K generation.
        Parameters:
        algorithm - the digest algorithm to use.
      • S2K

        public S2K​(int algorithm,
                   byte[] iv)
        Constructs a specifier for a salted S2K generation.
        Parameters:
        algorithm - the digest algorithm to use.
        iv - the salt to apply to input to the key generation.
      • S2K

        public S2K​(int algorithm,
                   byte[] iv,
                   int itCount)
        Constructs a specifier for a salted and iterated S2K generation.
        Parameters:
        algorithm - the digest algorithm to iterate.
        iv - the salt to apply to input to the key generation.
        itCount - the single byte iteration count specifier.
      • S2K

        public S2K​(S2K.GNUDummyParams gnuDummyParams)
        Construct a specifier for an S2K using the GNU_DUMMY_S2K method.
        Parameters:
        gnuDummyParams - GNU_DUMMY_S2K parameters
    • Method Detail

      • simpleS2K

        public static S2K simpleS2K​(int algorithm)
        Return a new S2K instance using the SIMPLE method, using the given hash
        algorithm
        .
        Parameters:
        algorithm - hash algorithm tag
        Returns:
        S2K
      • saltedS2K

        public static S2K saltedS2K​(int algorithm,
                                    byte[] salt)
        Return a new S2K instance using the SALTED method, using the given hash
        algorithm
        and
        salt
        .
        Parameters:
        algorithm - hash algorithm tag
        salt - salt
        Returns:
        S2K
      • saltedAndIteratedS2K

        public static S2K saltedAndIteratedS2K​(int algorithm,
                                               byte[] salt,
                                               int iterationCount)
        Return a new S2K instance using the SALTED_AND_ITERATED method, using the given hash
        algorithm
        ,
        salt
        and
        iterationCount
        .
        Parameters:
        algorithm - hash algorithm tag
        salt - salt
        iterationCount - number of iterations
        Returns:
        S2K
      • argon2S2K

        public static S2K argon2S2K​(S2K.Argon2Params parameters)
        Return a new S2K instance using the ARGON_2 method, using the given argon2
        parameters
        .
        Parameters:
        parameters - argon2 parameters
        Returns:
        S2K
      • gnuDummyS2K

        public static S2K gnuDummyS2K​(S2K.GNUDummyParams parameters)
        Return a new S2K instance using the GNU_DUMMY_S2K method, using the given GNU Dummy S2K
        parameters
        .
        Parameters:
        parameters - GNU Dummy S2K parameters
        Returns:
        S2K
      • getHashAlgorithm

        public int getHashAlgorithm()
        Gets the hash algorithm for this S2K.
      • getIV

        public byte[] getIV()
        Gets the iv/salt to use for the key generation.
      • getIterationCount

        public long getIterationCount()
        Gets the actual (expanded) iteration count.
      • getPasses

        public int getPasses()
        Return the number of passes - only Argon2
        Returns:
        number of passes
      • getProtectionMode

        public int getProtectionMode()
        Gets the protection mode - only if GNU_DUMMY_S2K
      • getParallelism

        public int getParallelism()
        Gets the degree of parallelism - only if ARGON_2
        Returns:
        parallelism
      • getMemorySizeExponent

        public int getMemorySizeExponent()
        Gets the memory size exponent - only if ARGON_2
        Returns:
        memory size exponent