用于maven部署的travis加密文件

Question

在我的电脑上：

travis login --org
Username: xxxxxx
Password: xxxxxx
Successfully logged in as xxxxxx!
travis encrypt-file codesigning.asc -r XXXXXX/XXXXXX
encrypting codesigning.asc for XXXXXX/XXXXXX
storing result as codesigning.asc.enc
storing secure env variables for decryption

Please add the following to your build script (before_install stage in your .travis.yml, for instance):

    openssl aes-256-cbc -K $encrypted_abcd1234_key -iv $encrypted_abcd1234_iv -in codesigning.asc.enc -out codesigning.asc -d

Pro Tip: You can add it automatically by running with --add.

Make sure to add codesigning.asc.enc to the git repository.
Make sure not to add codesigning.asc to the git repository.
Commit all changes to your .travis.yml.

关于我的travis帐号：

在我的GitHub存储库中：

我将codesigning.asc.enc文件粘贴到test文件夹test/codesigning.asc.enc。

我添加了这个shell脚本：

if [ "$TRAVIS_BRANCH" = 'master' ] && [ "$TRAVIS_PULL_REQUEST" == 'false' ]; then
     echo "******** Starting gpg"
     openssl aes-256-cbc -K "$encrypted_abcd1234_key" -iv "$encrypted_abcd1234_iv" -in test/codesigning.asc.enc -out test/codesigning.asc -d
     gpg --fast-import test/codesigning.asc
fi

我的travis控制台出现此错误：

bad decrypt
139864985556640:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:539:
gpg: invalid radix64 character FE skipped
gpg: invalid radix64 character C4 skipped
gpg: read_block: read error: invalid packet
gpg: import from `test/codesigning.asc' failed: invalid keyring
gpg: Total number processed: 0

Answer 1

OpenPGP（由gpg实现的加密协议）和X.509（OpenSSL使用的加密协议）不兼容。你不能将这个密钥导入GnuPG（你可以gpgsm实现X.509，但这不是你想要使用的正常gpg。您必须坚持使用OpenSSL或GnuTLS来处理密钥和加密消息。