非Java 生成签名文件,使用BouncyCastle进行Java签名文件-使用秘密密钥环创建文件签名...

最新推荐文章于 2024-07-02 09:11:28 发布

转载最新推荐文章于 2024-07-02 09:11:28 发布 · 345 阅读

文章标签：

本文介绍了一个Java程序在使用Bouncy Castle库进行文件签名时遇到的编译警告问题。该程序接受文件路径、密钥环和密码作为输入参数，并生成一个*.bpg的独立签名文件。文章详细解释了编译时出现的警告原因，并提供了相应的解决建议。

I'm trying to write a Java program that signs a file with a private key. The program takes 3 arguments - file, secret keyring and a password. The output should be in a detached file *.bpg. The problem is that I get the following errors when I try to compile my code:

C:\CNS3\BCastle>javac Sign.java

Note: Sign.java uses or overrides a deprecated API.

Note: Recompile with -Xlint:deprecation for details.

My code is as follows:

import java.io.*;

import java.security.*;

import java.util.Iterator;

import org.bouncycastle.bcpg.*;

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import org.bouncycastle.openpgp.*;

public class Sign {

public static void main(String[] args) throws Exception {

Security.addProvider(new BouncyCastleProvider());

FileInputStream keyIn = new FileInputStream(args[1]);

FileOutputStream out = new FileOutputStream(args[0] + ".bpg");

InputStream in = PGPUtil.getDecoderStream(keyIn);

PGPSecretKeyRingCollection pgpSec =

new PGPSecretKeyRingCollection(in);

PGPSecretKey key = null;

Iterator rIt = pgpSec.getKeyRings();

while (key == null && rIt.hasNext()) {

PGPSecretKeyRing kRing = (PGPSecretKeyRing)rIt.next();

Iterator kIt = kRing.getSecretKeys();

while ( key == null && kIt.hasNext() ) {

PGPSecretKey k = (PGPSecretKey)kIt.next();

if ( k.isSigningKey() ) { key = k; }

}

if (key == null) {

throw new IllegalArgumentException("Can't find key");

}

PGPPrivateKey pgpPrivKey =

key.extractPrivateKey(args[2].toCharArray(), "BC");

PGPSignatureGenerator sGen = new PGPSignatureGenerator(

key.getPublicKey().getAlgorithm(), PGPUtil.SHA1, "BC");

sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);

PGPCompressedDataGenerator cGen = new PGPCompressedDataGenerator(

PGPCompressedDataGenerator.ZLIB);

BCPGOutputStream bOut = new BCPGOutputStream(cGen.open(out));

FileInputStream fIn = new FileInputStream(args[0]);

int ch = 0;

while ( (ch = fIn.read()) >= 0 ) { sGen.update((byte)ch); }

sGen.generate().encode(bOut);

cGen.close();

out.close();

}

The errors come from the following lines:

PGPPrivateKey pgpPrivKey =

key.extractPrivateKey(args[2].toCharArray(), "BC");

PGPSignatureGenerator sGen = new PGPSignatureGenerator(

key.getPublicKey().getAlgorithm(), PGPUtil.SHA1, "BC");

sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);

Anyone have any suggestion on how I might fix this? Thanks a lot!

解决方案

First of all, the messages mentioned are not errors. They are warnings. Your program will run fine, but the methods or classes you use are marked as deprecated. That means you can still use them, but it is not recommended to do so, because in future versions of bouncy castle, these methods or classes might be removed.

Go to an up to date API documentation of these classes. There should be information what to use instead of the deprecated methods/classes.