Generate DH/DSS OpenPGP key
This example will demonstrate how to generate an OpenPGP key pair compatible with the Diffie Hellman algorithm that is recognized by PGP (r) version 10 and all OpenPGP standard compatible software systems as DH/DSS type key.
import com.didisoft.pgp.*; public class GenerateKeyPairDHDSS { public static void main(String[] args) throws Exception { // initialize the KeyStore where the key will be generated KeyStore ks = new KeyStore("pgp.keystore", "changeit"); // key primary user Id String userId = "demo@didisoft.com"; // preferred hashing algorithms String[] hashingAlgorithms = new String[] {HashAlgorithm.SHA1, HashAlgorithm.SHA256, HashAlgorithm.SHA384, HashAlgorithm.SHA512, HashAlgorithm.MD5}; // preferred compression algorithms String[] compressions = new String[] {CompressionAlgorithm.ZIP, CompressionAlgorithm.ZLIB, CompressionAlgorithm.UNCOMPRESSED}; // preferred symmetric key algorithms String[] cyphers = new String[] {CypherAlgorithm.AES_128, CypherAlgorithm.AES_192, CypherAlgorithm.AES_256, CypherAlgorithm.CAST5, CypherAlgorithm.TWOFISH}; String privateKeyPassword = "changeit"; int keySizeInBytes = 2048; ks.generateKeyPair(keySizeInBytes, userId, KeyAlgorithm.ELGAMAL, privateKeyPassword, compressions, hashingAlgorithms, cyphers); } }
After the key is generated it can be exported in a standalone file and imported into another OpenPGP software.
You may notice that the key algorithm parameter is ELGAMAL. The ElGamal is an implementation of the Diffie Hellman algorithm and the key is accepted with no complains from PGP (r) 10. The screenshot below shows the key properties for the exported public key in PGP (r) 10.
Although we have requested the key size to be 2048 bits the DSS (digital signature standards) signing sub key is 1024 bits length. The explanation is that we use DSA (digital signature algorithm) to produce the signing sub key and it is limited to 1024 bits.
