如何在没有 public-key 的情况下使用 Java 中的 BouncyCastle 验证 PGP 签名的文本
How to verify a PGP-signed text with BouncyCastle in Java without a public-key
我研究了很多示例并进行了大量研究,但我不知道如何在没有 public 密钥的情况下验证签名文本 (PGP)。
我只是想确保文本在创建后没有被更改。
欢迎任何提示!
示例:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Beispiel text
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.59
iQEcBAEBAgAGBQJbbYOlAAoJEOvsgYjY/KHJUrkH/RDoFkONolpEEjafqjk3NOlg
uELyCF0vE/msFD2SO5O98HD4egnpxlO+fyJiZ2x+c0B52KQuOztAOYTHly2NKrL7
65gEIzOmpu+yQhYlZr4Qp2xGStJqxfgMeAIv3UUjUoRE7DWMZwgpO1KqGUhB05TL
XXyzWLJND27SzpNjpRmUmf+uuLKZHQ55q1dapwZym2Xg5il+UzYuJjfle9jvBWtc
uPJ40ghE/ms8WjAUAEOsdPB3rFd65pjwcauClM05L7w7KIv3/hgoAI/zZyGWW40B
yQuTbt2nYeZO4NbXkosiq9db4Lo5tEPdUH1NI3e34e2gymhCFOOguT3dAoafYYw=
=JrA1
-----END PGP SIGNATURE-----
感谢大家!
我错了!解密和验证需要public密钥!
看看gpg的输出,是事实上的标准:
cat |gpg --verify
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Beispiel text
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.59
iQEcBAEBAgAGBQJbbYOlAAoJEOvsgYjY/KHJUrkH/RDoFkONolpEEjafqjk3NOlg
uELyCF0vE/msFD2SO5O98HD4egnpxlO+fyJiZ2x+c0B52KQuOztAOYTHly2NKrL7
65gEIzOmpu+yQhYlZr4Qp2xGStJqxfgMeAIv3UUjUoRE7DWMZwgpO1KqGUhB05TL
XXyzWLJND27SzpNjpRmUmf+uuLKZHQ55q1dapwZym2Xg5il+UzYuJjfle9jvBWtc
uPJ40ghE/ms8WjAUAEOsdPB3rFd65pjwcauClM05L7w7KIv3/hgoAI/zZyGWW40B
yQuTbt2nYeZO4NbXkosiq9db4Lo5tEPdUH1NI3e34e2gymhCFOOguT3dAoafYYw=
=JrA1
-----END PGP SIGNATURE-----
gpg: Signature made Fri Aug 10 14:23:01 2018 CEST
gpg: using RSA key EBEC8188D8FCA1C9
gpg: Can't check signature: No public key
我研究了很多示例并进行了大量研究,但我不知道如何在没有 public 密钥的情况下验证签名文本 (PGP)。
我只是想确保文本在创建后没有被更改。
欢迎任何提示!
示例:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Beispiel text
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.59
iQEcBAEBAgAGBQJbbYOlAAoJEOvsgYjY/KHJUrkH/RDoFkONolpEEjafqjk3NOlg
uELyCF0vE/msFD2SO5O98HD4egnpxlO+fyJiZ2x+c0B52KQuOztAOYTHly2NKrL7
65gEIzOmpu+yQhYlZr4Qp2xGStJqxfgMeAIv3UUjUoRE7DWMZwgpO1KqGUhB05TL
XXyzWLJND27SzpNjpRmUmf+uuLKZHQ55q1dapwZym2Xg5il+UzYuJjfle9jvBWtc
uPJ40ghE/ms8WjAUAEOsdPB3rFd65pjwcauClM05L7w7KIv3/hgoAI/zZyGWW40B
yQuTbt2nYeZO4NbXkosiq9db4Lo5tEPdUH1NI3e34e2gymhCFOOguT3dAoafYYw=
=JrA1
-----END PGP SIGNATURE-----
感谢大家!
我错了!解密和验证需要public密钥!
看看gpg的输出,是事实上的标准:
cat |gpg --verify
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Beispiel text
-----BEGIN PGP SIGNATURE-----
Version: BCPG v1.59
iQEcBAEBAgAGBQJbbYOlAAoJEOvsgYjY/KHJUrkH/RDoFkONolpEEjafqjk3NOlg
uELyCF0vE/msFD2SO5O98HD4egnpxlO+fyJiZ2x+c0B52KQuOztAOYTHly2NKrL7
65gEIzOmpu+yQhYlZr4Qp2xGStJqxfgMeAIv3UUjUoRE7DWMZwgpO1KqGUhB05TL
XXyzWLJND27SzpNjpRmUmf+uuLKZHQ55q1dapwZym2Xg5il+UzYuJjfle9jvBWtc
uPJ40ghE/ms8WjAUAEOsdPB3rFd65pjwcauClM05L7w7KIv3/hgoAI/zZyGWW40B
yQuTbt2nYeZO4NbXkosiq9db4Lo5tEPdUH1NI3e34e2gymhCFOOguT3dAoafYYw=
=JrA1
-----END PGP SIGNATURE-----
gpg: Signature made Fri Aug 10 14:23:01 2018 CEST
gpg: using RSA key EBEC8188D8FCA1C9
gpg: Can't check signature: No public key