如何在java和Bouncy Castle中生成PGP密钥撤销
我想在生成公钥和私钥对的同时生成吊销证书 正确生成私钥和公钥 我试着这样做:如何在java和Bouncy Castle中生成PGP密钥撤销,java,bouncycastle,pgp,Java,Bouncycastle,Pgp,我想在生成公钥和私钥对的同时生成吊销证书 正确生成私钥和公钥 我试着这样做: public void generateRevoke(String id, PGPPublicKey pk, PGPSecretKey secretKey, char[] passPhrase, OutputStream out) throws PGPException, IOException { PGPSignatureGenerator signatureGenerator = new PGPSigna
public void generateRevoke(String id, PGPPublicKey pk, PGPSecretKey secretKey, char[] passPhrase, OutputStream out) throws PGPException, IOException {
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
new JcaPGPContentSignerBuilder(secretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(
new JcePBESecretKeyDecryptorBuilder().setProvider(new BouncyCastleProvider())
.build(passPhrase));
signatureGenerator.init(PGPSignature.KEY_REVOCATION, pgpPrivKey);
PGPSignature signature = signatureGenerator.generateCertification(id, pk);
PGPPublicKey key = PGPPublicKey.addCertification(pk, id, signature);
key.encode(new ArmoredOutputStream(out));
}
我做错了什么?我解决了这个问题。正确的方法返回包含吊销证书的公钥:
public void generateRevoke(String id, PGPSecretKey secretKey, char[] passPhrase, OutputStream out) throws PGPException, IOException {
PGPPublicKey oldKey = secretKey.getPublicKey();
PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(
new JcePBESecretKeyDecryptorBuilder().setProvider( provider )
.build(passPhrase));
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
new JcaPGPContentSignerBuilder( secretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1 ) );
signatureGenerator.init( PGPSignature.CERTIFICATION_REVOCATION, pgpPrivKey );
PGPSignature signature = signatureGenerator.generateCertification(id, oldKey);
PGPPublicKey newKey = PGPPublicKey.addCertification(oldKey, id, signature);
out = new ArmoredOutputStream(out);
newKey.encode(out);
out.close();
}