263.3. 使用 PGPDataFormat 加密

若要管理密钥环，我使用命令行工具，我发现这是管理密钥的最简单方法。如果您希望通过这个方法进行此操作，还提供 http://www.bouncycastle.org/java.html 中的 Java 库。

在 linux 中安装命令行工具

apt-get install gnupg

创建密钥环，输入安全密码

gpg --gen-key

如果您需要导入其他人的公钥，以便您可以为其加密文件。

gpg --import <filename.key

以下文件现在应存在，可用于运行示例

ls -l ~/.gnupg/pubring.gpg ~/.gnupg/secring.gpg

[[crypto-PGPDecrypting/VerifyingofMessagesEncrypted/SignedbyDifferentPrivate/PublicKeys] PGP Decrypting/Verifying of Messages Encrypted/Signed by different # Private/Public Keys

从 Camel 2.12.2 开始。

PGP Data Formater 可以解密/验证由不同公钥加密或由不同私钥签名的消息。只需在 secret keyring 中提供对应的私钥、公共密钥环中的对应公钥，以及密码短语访问器中的密码短语。

Map<String, String> userId2Passphrase = new HashMap<String, String>(2);
// add passphrases of several private keys whose corresponding public keys have been used to encrypt the messages
userId2Passphrase.put("UserIdOfKey1","passphrase1"); // you must specify the exact User ID!
userId2Passphrase.put("UserIdOfKey2","passphrase2");
PGPPassphraseAccessor passphraseAccessor = new PGPPassphraseAccessorDefault(userId2Passphrase);

PGPDataFormat pgpVerifyAndDecrypt = new PGPDataFormat();
pgpVerifyAndDecrypt.setPassphraseAccessor(passphraseAccessor);
// the method getSecKeyRing() provides the secret keyring as byte array containing the private keys
pgpVerifyAndDecrypt.setEncryptionKeyRing(getSecKeyRing()); // alternatively you can use setKeyFileName(keyfileName)
// the method getPublicKeyRing() provides the public keyring as byte array containing the public keys
pgpVerifyAndDecrypt.setSignatureKeyRing((getPublicKeyRing());  // alternatively you can use setSignatureKeyFileName(signatgureKeyfileName)
// it is not necessary to specify the encryption or signer  User Id

from("direct:start")
         ...
        .unmarshal(pgpVerifyAndDecrypt) // can decrypt/verify messages encrypted/signed by different private/public keys
        ...