001// SPDX-FileCopyrightText: 2018 Paul Schaub <vanitasvitae@fsfe.org> 002// 003// SPDX-License-Identifier: Apache-2.0 004 005package org.pgpainless.key.generation.type; 006 007import java.security.spec.AlgorithmParameterSpec; 008 009import org.pgpainless.algorithm.PublicKeyAlgorithm; 010import org.pgpainless.key.generation.type.ecc.EllipticCurve; 011import org.pgpainless.key.generation.type.ecc.ecdh.ECDH; 012import org.pgpainless.key.generation.type.ecc.ecdsa.ECDSA; 013import org.pgpainless.key.generation.type.eddsa.EdDSA; 014import org.pgpainless.key.generation.type.eddsa.EdDSACurve; 015import org.pgpainless.key.generation.type.rsa.RsaLength; 016import org.pgpainless.key.generation.type.rsa.RSA; 017import org.pgpainless.key.generation.type.xdh.XDH; 018import org.pgpainless.key.generation.type.xdh.XDHSpec; 019 020public interface KeyType { 021 022 /** 023 * Return the encryption algorithm name. 024 * 025 * @return algorithm name. 026 */ 027 String getName(); 028 029 /** 030 * Return the public key algorithm. 031 * 032 * @return public key algorithm 033 */ 034 PublicKeyAlgorithm getAlgorithm(); 035 036 /** 037 * Return the strength of the key in bits. 038 * @return strength of the key in bits 039 */ 040 int getBitStrength(); 041 042 /** 043 * Return an implementation of {@link AlgorithmParameterSpec} that can be used to generate the key. 044 * 045 * @return algorithm parameter spec 046 */ 047 AlgorithmParameterSpec getAlgorithmSpec(); 048 049 /** 050 * Return true if the key that is generated from this type is able to carry the SIGN_DATA key flag. 051 * See {@link org.pgpainless.algorithm.KeyFlag#SIGN_DATA}. 052 * 053 * @return true if the key can sign. 054 */ 055 default boolean canSign() { 056 return getAlgorithm().isSigningCapable(); 057 } 058 059 /** 060 * Return true if the key that is generated from this type is able to carry the CERTIFY_OTHER key flag. 061 * See {@link org.pgpainless.algorithm.KeyFlag#CERTIFY_OTHER}. 062 * 063 * @return true if the key is able to certify other keys 064 */ 065 default boolean canCertify() { 066 return canSign(); 067 } 068 069 /** 070 * Return true if the key that is generated from this type is able to carry the AUTHENTICATION key flag. 071 * See {@link org.pgpainless.algorithm.KeyFlag#AUTHENTICATION}. 072 * 073 * @return true if the key can be used for authentication purposes. 074 */ 075 default boolean canAuthenticate() { 076 return canSign(); 077 } 078 079 /** 080 * Return true if the key that is generated from this type is able to carry the ENCRYPT_COMMS key flag. 081 * See {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_COMMS}. 082 * 083 * @return true if the key can encrypt communication 084 */ 085 default boolean canEncryptCommunication() { 086 return getAlgorithm().isEncryptionCapable(); 087 } 088 089 /** 090 * Return true if the key that is generated from this type is able to carry the ENCRYPT_STORAGE key flag. 091 * See {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_STORAGE}. 092 * 093 * @return true if the key can encrypt for storage 094 */ 095 default boolean canEncryptStorage() { 096 return getAlgorithm().isEncryptionCapable(); 097 } 098 099 static KeyType RSA(RsaLength length) { 100 return RSA.withLength(length); 101 } 102 103 static KeyType ECDH(EllipticCurve curve) { 104 return ECDH.fromCurve(curve); 105 } 106 107 static KeyType ECDSA(EllipticCurve curve) { 108 return ECDSA.fromCurve(curve); 109 } 110 111 static KeyType EDDSA(EdDSACurve curve) { 112 return EdDSA.fromCurve(curve); 113 } 114 115 static KeyType XDH(XDHSpec curve) { 116 return XDH.fromSpec(curve); 117 } 118}