如何使用Bouncycastle验证PGP分离签名

时间:2020-08-26 14:39:23

标签: java kotlin cryptography bouncycastle

我想使用Bouncycastle解析和验证OpenPGP分离签名。签名将如下所示:

-----BEGIN PGP SIGNATURE-----
Version: fast-openpgp

wsBcBAABCAAQBQJfRm9jCRDzeoZuOgUYnQAAVkoIAEReZ6Pp3SimYKbH+JHzwW8q
LiWeQIPNatFwDQHgD4ipT9aXMaObnXXl83KUQ5lPx8Bw77BxParpUbtCRNTrWoU5
XZ1ikfqzmeVEJrk4YsNKDiBpvjbyF86F8KSkXhwdLWSm1e6yemnXKcTHg2L13AiS
6TIqXXbcRmFF7RTO4DQrjira2YYlW8eHPIcCmOq0YjR4Qpz+R/+3BlfV2TAcL/sd
SeKAczgvdP6CS6be1rPA0nlgw9T853BpgqplQVM30pUhVlni7ga1YRzENm6Qic5A
uEbmPyunim2WHytPuLQq+BQvAq+Wrr2kiM7DhyvYFihDNdFWW67Y+fSlgPxOi/8=
=QKpc
-----END PGP SIGNATURE-----

这是我尝试在Kotlin中创建CMSSignedData的方法:

fun verifyDetached(signatureString: String, dataString: String): Boolean {
    val dataBytes = dataString.toByteArray()
    val signatureBytes = signatureString.toByteArray()
    val processableDataBytes = CMSProcessableByteArray(dataBytes)
    val ci = ContentInfo.getInstance(ASN1Sequence.fromByteArray(signatureBytes))
    val cms = CMSSignedData(processableDataBytes, ci)
    ...
}

当我将整个签名块传递给函数(包括----- BEGIN PGP SIGNATURE -----)时,我得到java.io.IOException: unknown tag 13 encountered

当我删除签名包装并将签名内容传递到函数中时,我得到java.io.IOException: Extra data detected in stream at org.bouncycastle.asn1.ASN1Primitive.fromByteArray

当我直接将signatureBytes传递给CMSSignedData构造函数时,我得到java.lang.IllegalArgumentException: unknown object in getInstance: org.bouncycastle.asn1.DLApplicationSpecific

我应该如何使用Bouncycastle验证这种签名?

1 个答案:

答案 0 :(得分:1)

CMS与PGP完全不同,与之无关。对于PGP,请在bcpg中使用PGP的BouncyCastle实现,而不要在bcpkix中使用CMS的实现。参见例如Verification of PGP signature using BouncyCastleHow to sign and verify the file in JAVA

相关问题
最新问题