List of usage examples for org.bouncycastle.openpgp PGPKeyFlags CAN_ENCRYPT_STORAGE
int CAN_ENCRYPT_STORAGE
To view the source code for org.bouncycastle.openpgp PGPKeyFlags CAN_ENCRYPT_STORAGE.
Click Source Link
From source file:org.sufficientlysecure.keychain.pgp.PgpKeyOperation.java
License:Open Source License
/** Creates new secret key. */ private PGPKeyPair createKey(SubkeyAdd add, Date creationTime, OperationLog log, int indent) { try {//w w w. j a va2s.com // Some safety checks if (add.mAlgorithm == Algorithm.ECDH || add.mAlgorithm == Algorithm.ECDSA) { if (add.mCurve == null) { log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent); return null; } } else { if (add.mKeySize == null) { log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent); return null; } if (add.mKeySize < 2048) { log.add(LogType.MSG_CR_ERROR_KEYSIZE_2048, indent); return null; } } int algorithm; KeyPairGenerator keyGen; switch (add.mAlgorithm) { case DSA: { if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) { log.add(LogType.MSG_CR_ERROR_FLAGS_DSA, indent); return null; } progress(R.string.progress_generating_dsa, 30); keyGen = KeyPairGenerator.getInstance("DSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME); keyGen.initialize(add.mKeySize, new SecureRandom()); algorithm = PGPPublicKey.DSA; break; } case ELGAMAL: { if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) { log.add(LogType.MSG_CR_ERROR_FLAGS_ELGAMAL, indent); return null; } progress(R.string.progress_generating_elgamal, 30); keyGen = KeyPairGenerator.getInstance("ElGamal", Constants.BOUNCY_CASTLE_PROVIDER_NAME); BigInteger p = Primes.getBestPrime(add.mKeySize); BigInteger g = new BigInteger("2"); ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g); keyGen.initialize(elParams); algorithm = PGPPublicKey.ELGAMAL_ENCRYPT; break; } case RSA: { progress(R.string.progress_generating_rsa, 30); keyGen = KeyPairGenerator.getInstance("RSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME); keyGen.initialize(add.mKeySize, new SecureRandom()); algorithm = PGPPublicKey.RSA_GENERAL; break; } case ECDSA: { if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) { log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent); return null; } progress(R.string.progress_generating_ecdsa, 30); ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.mCurve); keyGen = KeyPairGenerator.getInstance("ECDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME); keyGen.initialize(ecParamSpec, new SecureRandom()); algorithm = PGPPublicKey.ECDSA; break; } case ECDH: { // make sure there are no sign or certify flags set if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) { log.add(LogType.MSG_CR_ERROR_FLAGS_ECDH, indent); return null; } progress(R.string.progress_generating_ecdh, 30); ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.mCurve); keyGen = KeyPairGenerator.getInstance("ECDH", Constants.BOUNCY_CASTLE_PROVIDER_NAME); keyGen.initialize(ecParamSpec, new SecureRandom()); algorithm = PGPPublicKey.ECDH; break; } default: { log.add(LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent); return null; } } // build new key pair return new JcaPGPKeyPair(algorithm, keyGen.generateKeyPair(), creationTime); } catch (NoSuchProviderException | InvalidAlgorithmParameterException e) { throw new RuntimeException(e); } catch (NoSuchAlgorithmException e) { log.add(LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent); return null; } catch (PGPException e) { Log.e(Constants.TAG, "internal pgp error", e); log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent); return null; } }