I've written part of my first BC application, and I have few questions about using PGP key rings. I've attached a test program to the email to better illustrate my questions.
1. I create a PGPPublicKeyRingCollection instance
and add two key rings in it at line 71 and 107. I can import the
output key ring file PublicRing.pkr
into GnuPG key ring, but the public key of the encryption subkey
is missing. The output is as follows:
$ gpg2 --import
However, if I create a PGPSecretKeyRing object at line 106 and import it with GPG, I can import the subkey.
I spent some time to trace through the code but failed to find a clue to fix it.
2. Current secret and public key ring constructors that accept a list are protected. I found it convenient to use them if they are public as demoed at line 106. The code works with my compiled org.bouncycastle.openpgp package. Is there any concern to make them public?
There might be better ways to do things that I'd
like to do between 76-108. I feel little awkward to create keys
first and then create certificates and then update the keys,
although it seems logic. But I appreciate if someone can show or
point me to some direction to do this in one pass.
3. What's the best way to use a single password
to protect a key ring collection? I'd like to use a single
password to protect all master secret keys it contains. I assume
that I can do this by adding no-password-protected secret key
ring into a key ring collection and then encrypt it with a PBE
method on the output of the key ring collection. But I want to
reuse the salted and iterated password protection mechanism in
BC. Any suggestion on this?
4. Is it possible in BC to export a secret subkey without revealing the secret part of the master key? Something like in GnuPG with the --export-secret-subkeys option:
PublicRing.java (5K) Download Attachment
I figured out that went wrong with my first question. In PGP's key system, I should not have signed a subkey. Only the master key can be signed.
Can someone help answer question 2, 3, and 4?
Thanks very much,
On 01/02/2017 03:53 PM, Lou Wynn wrote:
-- Thanks, Lou
|Free forum by Nabble||Edit this page|