Adrian Lapierre
Reputation: 51
how to generate PGP key revoke in java and Bouncy Castle
I want to generate revocation certificate together with public and private key pair generation.
Private and Public key generated correctly.
I tried to do like this:
public void generateRevoke(String id, PGPPublicKey pk, PGPSecretKey secretKey, char[] passPhrase, OutputStream out) throws PGPException, IOException {
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
new JcaPGPContentSignerBuilder(secretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(
new JcePBESecretKeyDecryptorBuilder().setProvider(new BouncyCastleProvider())
.build(passPhrase));
signatureGenerator.init(PGPSignature.KEY_REVOCATION, pgpPrivKey);
PGPSignature signature = signatureGenerator.generateCertification(id, pk);
PGPPublicKey key = PGPPublicKey.addCertification(pk, id, signature);
key.encode(new ArmoredOutputStream(out));
}
but in output file I got PGP MESSAGE not PGP PUBLIC KEY
What am I doing wrong?
Upvotes: 1
Views: 422
Answers (1)
Adrian Lapierre
Reputation: 51
I solve problem. Correct method return public key with revocation cert inside:
public void generateRevoke(String id, PGPSecretKey secretKey, char[] passPhrase, OutputStream out) throws PGPException, IOException {
PGPPublicKey oldKey = secretKey.getPublicKey();
PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(
new JcePBESecretKeyDecryptorBuilder().setProvider( provider )
.build(passPhrase));
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
new JcaPGPContentSignerBuilder( secretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1 ) );
signatureGenerator.init( PGPSignature.CERTIFICATION_REVOCATION, pgpPrivKey );
PGPSignature signature = signatureGenerator.generateCertification(id, oldKey);
PGPPublicKey newKey = PGPPublicKey.addCertification(oldKey, id, signature);
out = new ArmoredOutputStream(out);
newKey.encode(out);
out.close();
}
Upvotes: 1
Related Questions
- PGP Encrypt using BouncyCastle in Java
- Java: PGP Encryption using Bouncy Castle
- How to generate OpenPGP KeyPair without passphrase using BouncyCastle?
- Bouncy Castle Java PGP encryption & decryption
- Bouncycastle PGP decrypt and verify
- java sign public pgp key with bouncycastle
- How to sign public PGP key with Bouncy Castle in Java
- Revoke pgp key using Bouncy Castle API
- How to generate a PGP Certificate in Java
- Restore PGP public key from private in bouncycastle