使用BouncyCastle验证PGP签名 [英] Verification of PGP signature using BouncyCastle

问题描述

我已经生成了PGP签名：

I've generated a PGP Signature:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBBABCAAGBQJYnkPxAAoJEBFjzYGyXBOsXRoH/3O4bwKK45aUN+m0N4jsZ+n5
W8R/aGti/llvJ62tHBCO5BIp/pp+b1Gdv99xtnJXHu/f0TqPYj+fwq4vfaorNTtA
Vtq8MaMesw1OWZEfu/lyjNOwdg81FUlYkw0Bjo3H/MxWjWYUiHmJo+OGriyf5dv/
433ZqitZMxLHCfZsuoU5teZ0BPUSoNjF6hOFK3ZI7QXsgYUyohzW2goy9bDVCKRq
e73CHpnMKCrnDc+/4+sK349bD/cZp6/c0T8b7cBCeBGGilPD6ovJUQE5vhGTKnJM
lgyxhA87tw9wqFwpZXDr0nzOP+MFfE9WRGecVYZ9G+LP/biefSe5iWRaPIcZIi0=
=qUHb
-----END PGP SIGNATURE-----

代码在此处，由BouncyCastle实现：

The code is here, implemented with BouncyCastle:

(sign "project.clj"
      "project.clj.asc"
      <FILENAME>
      "98B9A74D")

我希望能够阅读此签名并使用公钥进行验证。如何将其转换为BouncyCastle org.bouncycastle.openpgp.PGPSignature 对象？

I want to be able to read this Signature and verify it using the public key. How would this be turned back into a BouncyCastle org.bouncycastle.openpgp.PGPSignature object?

推荐答案

如何将其转换为BouncyCastle ... PGPSignature对象？

How would this be turned back into a BouncyCastle ... PGPSignature object?

从bcpg jar中提供的 org.bouncycastle.openpgp.examples.DetachedSignatureProcessor 中提取相关代码，并将其专门用于您的案例（装甲，未压缩）：

Extracting the relevant code from org.bouncycastle.openpgp.examples.DetachedSignatureProcessor provided in the bcpg jar and specializing it to your case (armored, uncompressed):

InputStream in = new org.bouncycastle.bcpg.ArmoredInputStream (new FileInputStream (filename));
// or substitute other InputStream depending on where this data is available
org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory pgpFact = new org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory(in);
org.bouncycastle.openpgp.PGPSignatureList p3 = (org.bouncycastle.openpgp.PGPSignatureList)pgpFact.nextObject();
org.bouncycastle.openpgp.PGPSignature sig = p3.get(0);
in.close(); // not in example but needed in quality code

我想成为能够读取此签名并使用公共密钥进行验证。

I want to be able to read this Signature and verify it using the public key.

该示例的其余部分显示了一种在给定公钥（示例中为发布文件）和相关数据（在示例中也是文件）。

The remainder of that example shows a way to verify such a PGPSignature given the publickey (in the example from a pubring file) and the relevant data (in the example also a file).

这篇关于使用BouncyCastle验证PGP签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！