java - BouncyCaSTLe 在加密文件中自动附加签名

Question

我正在使用 BouncyCaSTLe 包进行 OpenPGP 加密。除了一部分之外，一切都很顺利。当我将加密文本写入文件时，它会附加以下消息

-----BEGIN PGP MESSAGE-----
Version: BCPG v1.47
//encrypted text here
-----END PGP MESSAGE-----

但我不想要文件中的签名部分。这是我用于加密的代码

public void encryptFile(OutputStream out, String fileName, PGPPublicKey encKey, boolean armor, boolean withIntegrityCheck) throws IOException, NoSuchProviderException, PGPException {
            //armor = true; integrityCheck = true
    Security.addProvider(new BouncyCastleProvider());

    if (armor) {
        out = new ArmoredOutputStream(out);
    }

    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    PGPCompressedDataGenerator comData = new PGPCompressedDataGenerator(PGPCompressedData.ZIP);

    PGPUtil.writeFileToLiteralData(comData.open(bOut), PGPLiteralData.BINARY, new File(fileName));

    comData.close();

    BcPGPDataEncryptorBuilder dataEncryptor = new BcPGPDataEncryptorBuilder(PGPEncryptedData.AES_256);
    dataEncryptor.setWithIntegrityPacket(withIntegrityCheck);
    dataEncryptor.setSecureRandom(new SecureRandom());

    PGPEncryptedDataGenerator encryptedDataGenerator = new PGPEncryptedDataGenerator(dataEncryptor);
    encryptedDataGenerator.addMethod(new BcPublicKeyKeyEncryptionMethodGenerator(encKey));

    byte[] bytes = bOut.toByteArray();
    OutputStream cOut = encryptedDataGenerator.open(out, bytes.length);
    cOut.write(bytes);
    cOut.close();
    out.close();
}

Answer 1

这不是签名，而是装甲数据的信封。关闭装甲，您将获得二进制加密数据。如果您去掉信封并保留铠装，一致的解密 OpenPGP 工具将不知道如何处理它 - 它们将无法区分铠装数据和非铠装数据。