This example will demonstrate how to generate an OpenPGP key pair compatible with the Diffie Hellman algorithm that is recognized by PGP (r) version 10 and all OpenPGP standard compatible software systems as DH/DSS type key.
import com.didisoft.pgp.*;
public class GenerateKeyPairDHDSS {
public static void main(String[] args) throws Exception {
// initialize the KeyStore where the key will be generated
KeyStore ks = new KeyStore("pgp.keystore", "changeit");
// key primary user Id
String userId = "demo@didisoft.com";
// preferred hashing algorithms
String[] hashingAlgorithms = new String[]
{HashAlgorithm.SHA1,
HashAlgorithm.SHA256,
HashAlgorithm.SHA384,
HashAlgorithm.SHA512,
HashAlgorithm.MD5};
// preferred compression algorithms
String[] compressions = new String[]
{CompressionAlgorithm.ZIP,
CompressionAlgorithm.ZLIB,
CompressionAlgorithm.UNCOMPRESSED};
// preferred symmetric key algorithms
String[] cyphers = new String[]
{CypherAlgorithm.AES_128,
CypherAlgorithm.AES_192,
CypherAlgorithm.AES_256,
CypherAlgorithm.CAST5,
CypherAlgorithm.TWOFISH};
String privateKeyPassword = "changeit";
int keySizeInBytes = 2048;
ks.generateKeyPair(keySizeInBytes,
userId,
KeyAlgorithm.ELGAMAL,
privateKeyPassword,
compressions,
hashingAlgorithms,
cyphers);
}
}
After the key is generated it can be exported in a standalone file and imported into another OpenPGP software.
You may notice that the key algorithm parameter is ELGAMAL. The ElGamal is an implementation of the Diffie Hellman algorithm and the key is accepted with no complains from PGP (r) 10. The screenshot below shows the key properties for the exported public key in PGP (r) 10.
Although we have requested the key size to be 2048 bits the DSS (digital signature standards) signing sub key is 1024 bits length. The explanation is that we use DSA (digital signature algorithm) to produce the signing sub key and it is limited to 1024 bits.
3. Exception Handling
The key pair generation methods simply throw com.didisoft.pgp.PGPException in case the key generation fails.