Class OCBPBEProtectionRemoverFactory

java.lang.Object
org.eclipse.jgit.gpg.bc.internal.keys.OCBPBEProtectionRemoverFactory
All Implemented Interfaces:
org.bouncycastle.openpgp.operator.PBEProtectionRemoverFactory

class OCBPBEProtectionRemoverFactory extends Object implements org.bouncycastle.openpgp.operator.PBEProtectionRemoverFactory
A PBEProtectionRemoverFactory using AES/OCB/NoPadding for decryption. It accepts an AAD in the factory's constructor, so the factory can be used to create a PBESecretKeyDecryptor only for a particular input.

For JGit's needs, this is sufficient, but for a general upstream implementation that limitation might not be acceptable.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private final byte[]
     
    private final org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider
     
    private final char[]
     
  • Constructor Summary

    Constructors
    Constructor
    Description
    OCBPBEProtectionRemoverFactory(char[] passphrase, org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider calculatorProvider, byte[] aad)
    Creates a new factory instance with the given parameters.
  • Method Summary

    Modifier and Type
    Method
    Description
    org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor
    createDecryptor(String protection)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

    • calculatorProvider

      private final org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider calculatorProvider
    • passphrase

      private final char[] passphrase
    • aad

      private final byte[] aad
  • Constructor Details

    • OCBPBEProtectionRemoverFactory

      OCBPBEProtectionRemoverFactory(char[] passphrase, org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider calculatorProvider, byte[] aad)
      Creates a new factory instance with the given parameters.

      Because the AAD is given at factory level, the PBESecretKeyDecryptors created by the factory can be used to decrypt only a particular input matching this AAD.

      Parameters:
      passphrase - to use for secret key derivation
      calculatorProvider - for computing digests
      aad - for the OCB decryption
  • Method Details

    • createDecryptor

      public org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor createDecryptor(String protection) throws org.bouncycastle.openpgp.PGPException
      Specified by:
      createDecryptor in interface org.bouncycastle.openpgp.operator.PBEProtectionRemoverFactory
      Throws:
      org.bouncycastle.openpgp.PGPException