java用bouncycastle签名公共pgp密钥

java用bouncycastle签名公共pgp密钥

本文介绍了java用bouncycastle签名公共pgp密钥的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个疑问。
我必须使用bouncycastle api签名pgp公钥。
现在:据我了解,以另一种方式签署密钥意味着最终向该公共密钥添加证书。
由于缺少其他方法,我在图书馆里盲目搜索。到目前为止,我唯一发现的
是PGPSignatureGenerator中的generateCertification方法。但是这种方法会在主PgpPublicKey和另一个PgpPublicKey之间生成一个证书。这让我感到奇怪:
我假设为了信任另一个公共密钥,必须使用自己的私有pgp密钥进行签名,就像在具有CA认证的常规x.509中,以某种方式..
这是我在尝试从其他库中获取一些想法时看到的一些方法的假设:例如didisoft在密钥库中有一个类似的方法,您必须提供PgpPrivatekey keyuid ...

I've got a doubt..I have to sign a pgp public key using bouncycastle api supposedly.Now: to my understanding signing a key with another means ultimately adding to this public key a "certificate".Thus lacking any other way, I've gone blind searching in the library.my only find so far has been method generateCertification inside PGPSignatureGenerator. But this method generate a certification between a master PgpPublicKey and another PgpPublicKey.. And this strikes me as strange:I assumed that in order to trust another public key, that has to be signed with your own private pgp key just like in regular x.509 with CA certification in a manner..This was assumption by some methods that I saw when trying to get some ideas from other library: didisoft for example has a similar method on a keystore where you have to provide the PgpPrivatekey keyuid...

任何人都可以提出任何提示或一段代码吗?
预先感谢。

Anyone has any hint or a piece of code to propose?Thanks in advance.

推荐答案

下面是一个签名公共密钥的代码示例:

Here's a Codeexample to sign a public Key:

    PGPSecretKey mySecretKey;
    PGPPublicKey publicKeyToBeSigned;
    PGPPrivateKey pgpPrivKey = mySecretKey
            .extractPrivateKey(new JcePBESecretKeyDecryptorBuilder()
                    .setProvider("BC").build("password for your private key"));
    PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
            new JcaPGPContentSignerBuilder(mySecretKey.getPublicKey()
                    .getAlgorithm(), PGPUtil.SHA512));
    signatureGenerator.init(PGPSignature.DIRECT_KEY, pgpPrivKey);

    PGPSignature signature = signatureGenerator.generateCertification(
            id, publicKeyToBeSigned);

这段代码只是创建签名。您需要将其添加到公用密钥,然后:

This piece of code just creates the signature. You need to add it to your the public key then:

PGPPublicKey.addCertification(publicKeyToBeSigned, signature);

希望对您有帮助:)

这篇关于java用bouncycastle签名公共pgp密钥的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-22 17:35