使用 BouncyCastle 验证 PGP 签名
Verification of PGP signature using BouncyCastle
我已经生成了 PGP 签名:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBBABCAAGBQJYnkPxAAoJEBFjzYGyXBOsXRoH/3O4bwKK45aUN+m0N4jsZ+n5
W8R/aGti/llvJ62tHBCO5BIp/pp+b1Gdv99xtnJXHu/f0TqPYj+fwq4vfaorNTtA
Vtq8MaMesw1OWZEfu/lyjNOwdg81FUlYkw0Bjo3H/MxWjWYUiHmJo+OGriyf5dv/
433ZqitZMxLHCfZsuoU5teZ0BPUSoNjF6hOFK3ZI7QXsgYUyohzW2goy9bDVCKRq
e73CHpnMKCrnDc+/4+sK349bD/cZp6/c0T8b7cBCeBGGilPD6ovJUQE5vhGTKnJM
lgyxhA87tw9wqFwpZXDr0nzOP+MFfE9WRGecVYZ9G+LP/biefSe5iWRaPIcZIi0=
=qUHb
-----END PGP SIGNATURE-----
code 在这里,用 BouncyCastle 实现:
(sign "project.clj"
"project.clj.asc"
<FILENAME>
"98B9A74D")
我希望能够读取此签名并使用 public 密钥对其进行验证。如何将其变回 BouncyCastle org.bouncycastle.openpgp.PGPSignature 对象?
How would this be turned back into a BouncyCastle ... PGPSignature object?
从 bcpg jar 中提供的 org.bouncycastle.openpgp.examples.DetachedSignatureProcessor 中提取相关代码并将其专门用于您的案例(装甲,未压缩):
InputStream in = new org.bouncycastle.bcpg.ArmoredInputStream (new FileInputStream (filename));
// or substitute other InputStream depending on where this data is available
org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory pgpFact = new org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory(in);
org.bouncycastle.openpgp.PGPSignatureList p3 = (org.bouncycastle.openpgp.PGPSignatureList)pgpFact.nextObject();
org.bouncycastle.openpgp.PGPSignature sig = p3.get(0);
in.close(); // not in example but needed in quality code
I want to be able to read this Signature and verify it using the public key.
该示例的其余部分显示了一种在给定公钥(在示例中来自发布文件)和相关数据(在示例中也是一个文件)的情况下验证此类 PGPSignature 的方法。
我已经生成了 PGP 签名:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBBABCAAGBQJYnkPxAAoJEBFjzYGyXBOsXRoH/3O4bwKK45aUN+m0N4jsZ+n5
W8R/aGti/llvJ62tHBCO5BIp/pp+b1Gdv99xtnJXHu/f0TqPYj+fwq4vfaorNTtA
Vtq8MaMesw1OWZEfu/lyjNOwdg81FUlYkw0Bjo3H/MxWjWYUiHmJo+OGriyf5dv/
433ZqitZMxLHCfZsuoU5teZ0BPUSoNjF6hOFK3ZI7QXsgYUyohzW2goy9bDVCKRq
e73CHpnMKCrnDc+/4+sK349bD/cZp6/c0T8b7cBCeBGGilPD6ovJUQE5vhGTKnJM
lgyxhA87tw9wqFwpZXDr0nzOP+MFfE9WRGecVYZ9G+LP/biefSe5iWRaPIcZIi0=
=qUHb
-----END PGP SIGNATURE-----
code 在这里,用 BouncyCastle 实现:
(sign "project.clj"
"project.clj.asc"
<FILENAME>
"98B9A74D")
我希望能够读取此签名并使用 public 密钥对其进行验证。如何将其变回 BouncyCastle org.bouncycastle.openpgp.PGPSignature 对象?
How would this be turned back into a BouncyCastle ... PGPSignature object?
从 bcpg jar 中提供的 org.bouncycastle.openpgp.examples.DetachedSignatureProcessor 中提取相关代码并将其专门用于您的案例(装甲,未压缩):
InputStream in = new org.bouncycastle.bcpg.ArmoredInputStream (new FileInputStream (filename));
// or substitute other InputStream depending on where this data is available
org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory pgpFact = new org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory(in);
org.bouncycastle.openpgp.PGPSignatureList p3 = (org.bouncycastle.openpgp.PGPSignatureList)pgpFact.nextObject();
org.bouncycastle.openpgp.PGPSignature sig = p3.get(0);
in.close(); // not in example but needed in quality code
I want to be able to read this Signature and verify it using the public key.
该示例的其余部分显示了一种在给定公钥(在示例中来自发布文件)和相关数据(在示例中也是一个文件)的情况下验证此类 PGPSignature 的方法。