Package org.pgpainless.policy

Class Policy.PublicKeyAlgorithmPolicy

java.lang.Object

org.pgpainless.policy.Policy.PublicKeyAlgorithmPolicy

Enclosing class:

Policy

public static final class Policy.PublicKeyAlgorithmPolicy
extends Object

Constructor Summary

Constructors

Constructor	Description
PublicKeyAlgorithmPolicy(Map<PublicKeyAlgorithm,Integer> minimalAlgorithmBitStrengths)

Method Summary

Modifier and Type	Method	Description
static Policy.PublicKeyAlgorithmPolicy	defaultPublicKeyAlgorithmPolicy()	Return PGPainless' default public key algorithm policy.
boolean	isAcceptable(int algorithmId, int bitStrength)
boolean	isAcceptable(PublicKeyAlgorithm algorithm, int bitStrength)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PublicKeyAlgorithmPolicy

public PublicKeyAlgorithmPolicy(Map<PublicKeyAlgorithm,Integer> minimalAlgorithmBitStrengths)

Method Detail

isAcceptable

public boolean isAcceptable(int algorithmId,
                            int bitStrength)

isAcceptable

public boolean isAcceptable(PublicKeyAlgorithm algorithm,
                            int bitStrength)

defaultPublicKeyAlgorithmPolicy

public static Policy.PublicKeyAlgorithmPolicy defaultPublicKeyAlgorithmPolicy()

Return PGPainless' default public key algorithm policy. This policy is based upon recommendations made by the German Federal Office for Information Security (BSI). Basically this policy requires keys based on elliptic curves to have a bit strength of at least 250, and keys based on prime number factorization / discrete logarithm problems to have a strength of at least 2000 bits.

Returns:

default algorithm policy

See Also:

BSI - Technical Guideline - Cryptographic Mechanisms: Recommendations and Key Lengths (2021-01), BlueKrypt | Cryptographic Key Length Recommendation