java - Java 中的 OpenPGP 公钥导入

Question

我尝试导入现有的 pgp 公钥:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: Keybase OpenPGP v1.0.0
Comment: https://keybase.io/crypto

xm8EXtFujBMFK4EEACIDAwQNLpTSC8Tvvve477Qw8YLe7toYxzYgDQRQbcaIajuF
QwWbnns+gZ9EDKIijcmi80QYPICDzrxKCaUOIIN+4//AUkCULovLC67qoEkcgDBY
Zig7GIoTPPYHVgEwr9baTqrNHGl2YW4gPGl2YWxiZXJ0bzg5QGdtYWlsLmNvbT7C
jwQTEwoAFwUCXtFujAIbLwMLCQcDFQoIAh4BAheAAAoJEO8cm+rVKFm/INMBgLQn
5itjscBcGoK605Wlsmk0lmTFK2qE7GmhFsFVg4Ut3vL2BjFBtlSzj21CH8bneQGA
1Btl14COww3h2u0rZY7HcsgzsWV8gaKBfAN/KpmOfxXqZ7HqrNc7o4XuXJH5QVrC
zlIEXtFujBMIKoZIzj0DAQcCAwS8t6iC+Ik9ZbgOY2JwmC8eILILiu3HUM/mqa4q
zBNe+gWgpHPNBjPHJKDYCTByy6UAb3eJHCjJZOj6ZU4BdmfPwsAnBBgTCgAPBQJe
0W6MBQkPCZwAAhsuAGoJEO8cm+rVKFm/XyAEGRMKAAYFAl7RbowACgkQUa2LyJhX
0c/6qQD/WWZpNX0O/k6kYrzK1i/xk0NBLLb4nNq0OB04x7gWuGoBAOPpxjoqRURV
0Hozha+XV9u1aTq+fOMDZxTNgL5FG0KGo4cBf0vATKVZw9wcq+s4mZIXZxs4rAod
sFe5fLgpzZvT/RIHVIU6uJieUsee4hgs0H2ErwGAihWWRrnmaJcsaKC9rq2na3fr
X6BcXRlGbavVofoX+nPyJKDDayHXZ2m4jmgllZe+zlIEXtFujBMIKoZIzj0DAQcC
AwTFxy3Kjj8Jy/fW5W21oG6+aY/ekTChtUANz28MiUvy1de4DYZkFxukRzudT3ij
c2zzsi8UBN02q2cvqY0luAvEwsAnBBgTCgAPBQJe0W6MBQkPCZwAAhsuAGoJEO8c
m+rVKFm/XyAEGRMKAAYFAl7RbowACgkQ103VlblSzhyRKAD/ac/TbN5EaFNdEMWn
28OW8uiDbKl/39EYVE/yr6DjQigA/0VkcoPWN3eVxj44d/cAWhRbWqoy04A+lRtC
wAEV6VXNOdUBgN4AuhF9urpqXFfJ/1s1G8GbRzY0wTpHuZEAjyrBtC+hBgVN0Us7
OYpM6CC6dXOejwGAurQgQOH/i++M8olxZAEnVj0vrP93hjs90N8DbtuIc/7Beb6o
uJ9OEwREoizWqTdn
=4fnu
-----END PGP PUBLIC KEY BLOCK-----

但是我的公钥总是得到空值。该公钥是使用算法 ecdsa 创建的，您可以看到此页面中使用的值:keyPropertes

这是我读取公钥的方法，如果创建 key 的算法是 Rsa，它就有效:

public static PGPPublicKey readPublicKey(InputStream in) throws IOException, PGPException {
        in = org.bouncycastle.openpgp.PGPUtil.getDecoderStream(in);

        PGPPublicKeyRingCollection pgpPub = new PGPPublicKeyRingCollection(in);

        //
        // we just loop through the collection till we find a key suitable for encryption, in the real
        // world you would probably want to be a bit smarter about this.
        //
        PGPPublicKey key = null;

        //
        // iterate through the key rings.
        //
        Iterator<PGPPublicKeyRing> rIt = pgpPub.getKeyRings();

        while (key == null && rIt.hasNext()) {
            PGPPublicKeyRing kRing = rIt.next();
            Iterator<PGPPublicKey> kIt = kRing.getPublicKeys();
            while (key == null && kIt.hasNext()) {
                PGPPublicKey k = kIt.next();

                if (k.isEncryptionKey()) {
                    key = k;
                }
            }
        }

        if (key == null) {
            throw new IllegalArgumentException("Can't find encryption key in key ring.");
        }

        return key;
    }

你能给我很大的帮助吗？

提前致谢，最诚挚的问候；)

Answer 1

您的代码正在寻找具有加密功能的 key 。该 key block 中的所有三个 key 都是 ECDSA(算法 19)，仅可用于签名验证，包括“认证”( key 签名)和“授权”(SSH)，这两者实际上都是签名的一种。如果您确实想要加密，您需要一个ECDH(算法 18)子 key 。请参阅https://www.rfc-editor.org/rfc/rfc6637#section-5 。如果您确实想要验证，则需要更改代码。