Java pgp加解密

关于 Java 的 PGP 加解密，你可以使用 Bouncy Castle 库来实现。下面是一个简单的示例代码：

import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.openpgp.*;

import java.io.*;

public class PgpExample {
    public static void main(String[] args) throws Exception {
        // 加密
        String publicKeyFile = "public.key";
        String inputFile = "input.txt";
        String outputFile = "encrypted.pgp";
        encryptFile(publicKeyFile, inputFile, outputFile);

        // 解密
        String privateKeyFile = "private.key";
        String passphrase = "your-passphrase";
        String decryptedFile = "decrypted.txt";
        decryptFile(outputFile, privateKeyFile, passphrase, decryptedFile);
    }

    public static void encryptFile(String publicKeyFile, String inputFile, String outputFile) throws Exception {
        FileInputStream publicKeyStream = new FileInputStream(publicKeyFile);
        FileInputStream inputStream = new FileInputStream(inputFile);
        FileOutputStream outputStream = new FileOutputStream(outputFile);
        encryptStream(publicKeyStream, inputStream, outputStream);
    }

    public static void encryptStream(InputStream publicKeyStream, InputStream inputStream, OutputStream outputStream) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        PGPPublicKey publicKey = readPublicKey(publicKeyStream);

        outputStream = new ArmoredOutputStream(outputStream);

        PGPEncryptedDataGenerator encryptedDataGenerator = new PGPEncryptedDataGenerator(
                new JcePGPDataEncryptorBuilder(PGPEncryptedData.CAST5)
                        .setWithIntegrityPacket(true)
                        .setSecureRandom(new SecureRandom())
                        .setProvider("BC"));

        encryptedDataGenerator.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(publicKey));

        OutputStream encryptedOutputStream = encryptedDataGenerator.open(outputStream, new byte[4096]);
        PGPCompressedDataGenerator compressedDataGenerator = new PGPCompressedDataGenerator(PGPCompressedData.ZIP);
        PGPUtil.writeFileToLiteralData(compressedDataGenerator.open(encryptedOutputStream), PGPLiteralData.BINARY, new File(inputFile));
        compressedDataGenerator.close();
        encryptedOutputStream.close();
        outputStream.close();
    }

    public static void decryptFile(String inputFile, String privateKeyFile, String passphrase, String decryptedFile) throws Exception {
        FileInputStream privateKeyStream = new FileInputStream(privateKeyFile);
        FileInputStream inputStream = new FileInputStream(inputFile);
        FileOutputStream outputStream = new FileOutputStream(decryptedFile);
        decryptStream(privateKeyStream, passphrase.toCharArray(), inputStream, outputStream);
    }

    public static void decryptStream(InputStream privateKeyStream, char[] passphrase, InputStream inputStream, OutputStream outputStream) throws Exception {
        Security.addProvider(new BouncyCastleProvider());

        PGPPrivateKey privateKey = readPrivateKey(privateKeyStream);

        inputStream = PGPUtil.getDecoderStream(inputStream);

        JcaPGPObjectFactory pgpObjectFactory = new JcaPGPObjectFactory(inputStream);
        PGPEncryptedDataList encryptedDataList;

        Object object = pgpObjectFactory.nextObject();
        if (object instanceof PGPEncryptedDataList) {
            encryptedDataList = (PGPEncryptedDataList) object;
        } else {
            encryptedDataList = (PGPEncryptedDataList) pgpObjectFactory.nextObject();
        }

        Iterator<?> encryptedDataObjects = encryptedDataList.getEncryptedDataObjects();
        PGPPrivateKey foundPrivateKey = null;
        PGPPublicKeyEncryptedData encryptedData = null;

        while (foundPrivateKey == null && encryptedDataObjects.hasNext()) {
            encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
            foundPrivateKey = findPrivateKey(privateKey, encryptedData.getKeyID(), passphrase);
        }

        if (foundPrivateKey == null) {
            throw new IllegalArgumentException("Private key for message not found.");
        }

        InputStream decryptedInputStream = encryptedData.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider("BC").build(foundPrivateKey));
        PGPObjectFactory pgpObjectFactory2 = new JcaPGPObjectFactory(decryptedInputStream);
        Object message = pgpObjectFactory2.nextObject();

        if (message instanceof PGPCompressedData) {
            PGPCompressedData compressedData = (PGPCompressedData) message;
            pgpObjectFactory2 = new JcaPGPObjectFactory(compressedData.getDataStream());
            message = pgpObjectFactory2.nextObject();
        }

        if (message instanceof PGPLiteralData) {
            PGPLiteralData literalData = (PGPLiteralData) message;
            InputStream literalInputStream = literalData.getInputStream();
            int ch;
            while ((ch = literalInputStream.read()) >= 0) {
                outputStream.write(ch);
            }
        } else if (message instanceof PGPOnePassSignatureList) {
            throw new PGPException("Encrypted message contains a signed message - not literal data.");
        } else {
            throw new PGPException("Message is not a simple encrypted file - type unknown.");
        }

        if (encryptedData.isIntegrityProtected()) {
            if (!encryptedData.verify()) {
                throw new PGPException("Message failed integrity check.");
            }
        }
    }

    public static PGPPublicKey readPublicKey(InputStream inputStream) throws IOException, PGPException {
        inputStream = PGPUtil.getDecoderStream(inputStream);
        JcaPGPPublicKeyRingCollection publicKeyRingCollection = new JcaPGPPublicKeyRingCollection(inputStream);
        Iterator<PGPPublicKeyRing> publicKeyRings = publicKeyRingCollection.getKeyRings();

        while (publicKeyRings.hasNext()) {
            PGPPublicKeyRing publicKeyRing = publicKeyRings.next();
            Iterator<PGPPublicKey> publicKeys = publicKeyRing.getPublicKeys();

            while (publicKeys.hasNext()) {
                PGPPublicKey publicKey = publicKeys.next();

                if (publicKey.isEncryptionKey()) {
                    return publicKey;
                }
            }
        }

        throw new IllegalArgumentException("Can't find encryption key in key ring.");
    }

    public static PGPPrivateKey readPrivateKey(InputStream inputStream) throws IOException, PGPException {
        inputStream = PGPUtil.getDecoderStream(inputStream);
        JcaPGPSecretKeyRingCollection secretKeyRingCollection = new JcaPGPSecretKeyRingCollection(inputStream);
        Iterator<PGPSecretKeyRing> secretKeyRings = secretKeyRingCollection.getKeyRings();

        while (secretKeyRings.hasNext()) {
            PGPSecretKeyRing secretKeyRing = secretKeyRings.next();
            Iterator<PGPSecretKey> secretKeys = secretKeyRing.getSecretKeys();

            while (secretKeys.hasNext()) {
                PGPSecretKey secretKey = secretKeys.next();

                if (secretKey.isSigningKey()) {
                    PGPPrivateKey privateKey = secretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build("your-passphrase".toCharArray()));
                    return privateKey;
                }
            }
        }

        throw new IllegalArgumentException("Can't find signing key in key ring.");
    }

    public static PGPPrivateKey findPrivateKey(PGPSecretKey secretKey, long keyID, char[] passphrase) throws PGPException {
        PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(passphrase);
        return secretKey.extractPrivateKey(decryptor);
    }
}

在上面的示例代码中，你需要替换以下部分：

- `publicKeyFile`：公钥文件的路径
- `privateKeyFile`：私钥文件的路径
- `inputFile`：要加密的输入文件的路径
- `outputFile`：加密后的输出文件的路径
- `decryptedFile`：解密后的输出文件的路径
- `passphrase`：私钥的密码

请确保你已经安装了 Bouncy Castle 库，并将其添加到你的项目中。你可以从 Bouncy Castle 官方网站下载库文件并将其添加到你的项目中，或者使用 Maven/Gradle 等构建工具来添加依赖。

希望这个示例能帮助到你进行 Java PGP 加解密。如果有任何问题，请随时提问。