Continuing my 5 part series on using the Bouncy Castle API to create your own Java library to manage Private / Public key pairs. Part 2 went over digitally signing and verifying messages using the generated key pair from Part 1. Also, just a note, the signature generation from Part 2 are not detached signatures, they’re embedded within the information. I’ll talk about why I prefer to do this when we get to Part 4.
Encryption is done using the recipients public key and does not require us to enter a pass phrase. When the recipient receives the encrypted message they will need to enter their pass phrase in order to decrypt the message. This is mainly so because their public key is protected by password based symmetric encryption inside the key ring.
Below we add the encrypt and decrypt methods to our PGPCryptoTools source file.