堆栈内存溢出
  简体   繁体   English

PGP,验证证书上的签名

[英]PGP, verify signature on a certificate

 原文  2015-01-10 16:35:47       java/ cryptography/ digital-signature/ bouncycastle/ pgp

问题描述

I'm developing a simple Java code that, using BouncyCastle v1.51, opens a PGP public key and verifies the signatures contained in it. 我正在开发一个简单的Java代码,该代码使用BouncyCastle v1.51打开PGP公钥并验证其中包含的签名。 Currently, I'm able to load the public key and to iterate through all the signatures. 目前,我可以加载公钥并遍历所有签名。 However, the verification always returns "false", even if I test the signature using the public key that corresponds to the private key that produced the signature. 但是,即使我使用与产生签名的私钥相对应的公钥测试签名,验证也始终返回“ false”。

This is my code: 这是我的代码: 

    try {
        PGPPublicKey pkey = PGPEncryptionUtils.readPublicKey(new FileInputStream(new File(HOME_DIR + "to_verify")));
        Iterator it = pkey.getSignatures();

        PGPPublicKey signing_key = PGPEncryptionUtils.readPublicKey(
                new FileInputStream(new File(HOME_DIR + "my_public_key")));

        while (it.hasNext()) {
            PGPSignature sig = (PGPSignature) it.next();
            sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), signing_key);
            // Here I'd expect to see at least a "true".
            println(sig.verify());
        }

    } catch (FileNotFoundException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (IOException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    } catch (PGPException e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }

The code for readPublicKey is taken from here: https://github.com/damico/OpenPgp-BounceCastle-Example/blob/master/src/org/jdamico/bc/openpgp/utils/PgpHelper.java . readPublicKey的代码从此处获取: https : //github.com/damico/OpenPgp-BounceCastle-Example/blob/master/src/org/jdamico/bc/openpgp/utils/PgpHelper.java

What am I doing wrong? 我究竟做错了什么? Thank you! 谢谢!

1 个解决方案

解决方案1
 0 已采纳  2015-01-22 22:56:43

I don't have experience with PGPSignatures however to verify a signature in public key cryptography you need three things: 我没有PGPSignatures经验,但是要验证公钥密码学中的签名,您需要三件事:

  1. The signature. 签名。
  2. The publicKey. publicKey。
  3. The original message which is supposed to be signed. 应该签名的原始消息。

In your example the original message is missing, you need to provide the original message which was signed though PGPSignature.update(byte[]) method, so your code must looks something like: 在您的示例中, original message丢失了,您需要提供通过PGPSignature.update(byte[])方法签名的original message ,因此您的代码必须类似于: 

while (it.hasNext()) {
        PGPSignature sig = (PGPSignature) it.next();
        sig.init(new >JcaPGPContentVerifierBuilderProvider().setProvider("BC"), signing_key);

       // here you need the original message
        sig.update("signature original message".getBytes());

        // now you can try to verify!
        println(sig.verify());
}

Hope this helps, 希望这可以帮助,

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用 Bouncycastle 验证 PGP 分离签名 - How to verify PGP detached signature using Bouncycastle 如何验证 x509 证书的签名? - How to verify the signature of a x509 certificate? 签名验证前发件人证书已过期 - Certificate of sender expired before signature verify 无法使用证书java验证签名值 - Can not verify signature value with certificate java Bouncycastle PGP 解密和验证 - Bouncycastle PGP decrypt and verify PGP 签名格式阅读器 - PGP signature format reader 使用 OpenSSL 生成的密钥和证书验证 Java 中的签名 - Verify a signature in Java using OpenSSL generated key and certificate 如何借助 Java 中的公钥证书验证 aadhar XML 签名? - How to verify aadhar XML signature with the help of public key certificate in Java? 验证签名 - Verify signature 如何在 Java 中生成 PGP 证书 - How to generate a PGP Certificate in Java
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM