转换 PGP 公钥

Question

有人知道是否有办法将 pgp 公钥格式的公钥转换为 X.509 密钥格式吗？也许使用充气城堡或熟悉的东西？

因为现在我可以使用 X509EncodedKeySpecs 和 PublicKey 解码 X.509 公钥，但这不适用于 PGP 密钥格式。

byte[] decodeValue = Base64.decode(schluesselstring.getBytes(), Base64.DEFAULT);
X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(decodeValue);
try {
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    try {
        PublicKey publicKey = keyFact.generatePublic(pubKeySpec);
        schluessel = "schluessel";
        Log.d("TEST", "publicKey = " + publicKey.toString());
        Log.d("TEST", "Algorithm = " + publicKey.getAlgorithm());
        Log.d("TEST", "Format = " + publicKey.getFormat());
      }
  catch...
  }

当我尝试在 PGP 密钥上使用此代码时，我收到一条错误消息，因为它不是 ANSC.1 。我也尝试使用不同的 KeySpec，但没有一个起作用。

Answer 1

“X.509”（SPKI）和“PKCS8”密钥以及证书等其他内容使用的标准是Abstract Syntax Notation One ASN.1。标准 Java 加密不处理 PGP，但是 BouncyCastle (bcpg) 可以很好地做到这一点（2021 年 2 月更新：JcaPGPKeyConverter 完成了整个工作，并且适用于所有算法）：

static void SO40831894PGPPubkeyCvtBC (String[] args) throws Exception {
    // adapted from org.bouncycastle.openpgp.examples.PubringDump
    try (InputStream in = new FileInputStream (args[0])){
        PGPPublicKeyRingCollection    pubRings = new PGPPublicKeyRingCollection(
                PGPUtil.getDecoderStream(in), new JcaKeyFingerprintCalculator());
        Iterator<PGPPublicKeyRing>    rIt = pubRings.getKeyRings();
        while (rIt.hasNext()){
            PGPPublicKeyRing    pgpPub = (PGPPublicKeyRing)rIt.next();
            Iterator<PGPPublicKey>    it = pgpPub.getPublicKeys();
            while (it.hasNext()){
                PGPPublicKey    pgpKey = (PGPPublicKey)it.next();
                System.out.println(pgpKey.getClass().getName()
                        + " KeyID: " + Long.toHexString(pgpKey.getKeyID())
                        + " type: " + pgpKey.getAlgorithm()
                        + " fingerprint: " + new String(Hex.encode(pgpKey.getFingerprint())));
                /* don't need to do this >>>
                BCPGKey bcKey = pgpKey.getPublicKeyPacket().getKey();
                //System.out.println (bcKey.getClass().getName());
                if( bcKey instanceof RSAPublicBCPGKey ){
                    RSAPublicBCPGKey bcRSA = (RSAPublicBCPGKey)bcKey;
                    RSAPublicKeySpec specRSA = new RSAPublicKeySpec( bcRSA.getModulus(), bcRSA.getPublicExponent());
                    PublicKey jceKey = KeyFactory.getInstance("RSA").generatePublic(specRSA);
                <<< instead just: */
                {
                    PublicKey jceKey = new JcaPGPKeyConverter().getPublicKey(pgpKey);
                    // if you want to use the key in JCE, jceKey is now ready
                    // if you want to write "X.509" (SPKI) DER format to a file: 
                    Files.write(new File(args[1]).toPath(), jceKey.getEncoded());
                    // if you want to write in PEM, bouncycastle can do that too
                    return;
                }
            }
        }       
    }
}