0

I would like to use BouncyCastle to decrypt a GPG file from Java. All the examples that I found need a passphrase, but that is not applicable in our use case. The file can be decrypted from the command prompt with this command: 

gpg --output test.csv.zip --decrypt test.csv.zip.gpg

This works after using gpg --import for both the public and private key.

How could I do this using BouncyCastle? Do I need the public key at all, as I guess I only need the private key for decrypting?

Jeroen Kransen
  • 1,379
  • 3
  • 19
  • 45

2 Answers2

0

According to this (hopefully not outdated) example, you should be able to do this.

RSADecryption rsaDecryption = new RSADecryption();
privateKeyFilename = args[0].trim();
encryptedData = args[1].trim();
rsaDecryption.decrypt(privateKeyFilename, encryptedData);

That example expects you to pass two arguments; the first one would be the private key file name; and then the encrypted data as string. Probably not exactly what you are looking for, but good enough to get you going.

And if that doesn't do, you could look into the more sophisticated examples given here.

Community
  • 1
  • 1
GhostCat
  • 137,827
  • 25
  • 176
  • 248
0

If anyone is still facing the same problem, this may help. I was trying to decrypt a file without passphrase (it was an empty String), but I was getting an error in the class org.bouncycastle.openpgp.PGPSecretKey, in the method

public PGPPrivateKey extractPrivateKey(
        PBESecretKeyDecryptor decryptorFactory)

The exception was the following one:

Exception in thread "main" java.lang.NoSuchMethodError: org.bouncycastle.util.BigIntegers.modOddInverse(Ljava/math/BigInteger;Ljava/math/BigInteger;)Ljava/math/BigInteger;
    at org.bouncycastle.bcpg.RSASecretBCPGKey.<init>(Unknown Source)
    at org.bouncycastle.openpgp.PGPSecretKey.extractPrivateKey(Unknown Source)
    at com.hp.etl.pipeline.utils.pgptool.KeyFilesOperationsPgpImpl.getPrivateKey(KeyFilesOperationsPgpImpl.java:318)
    at com.hp.etl.pipeline.utils.pgptool.PGPDecryptor.decrypt(PGPDecryptor.java:134)
    at com.hp.etl.pipeline.utils.PGPUtils.decryptRoutine(PGPUtils.java:107)
    at com.hp.etl.pipeline.utils.PGPUtils.decryptPGPFile(PGPUtils.java:56)
    at com.hp.etl.pipeline.connectors.sftp.SFTPConnector.getPGPDecryptedFiles(SFTPConnector.java:392)
    at com.hp.etl.pipeline.connectors.sftp.SFTPConnector.downloadFiles(SFTPConnector.java:292)
    at com.hp.etl.pipeline.connectors.sftp.SFTPConnector.retrieveS3FileNames(SFTPConnector.java:235)
    at bmttest.BMTTest.main(BMTTest.java:90)

I was using the Maven artifact org.bouncycastle » bcpg-jdk15on version 1.68 and after downgrading the Maven artifact to the version 1.63, the file could be decrypted without problem, with an empty passphrase.

Antonio Rodríguez Artacho
  • 11
  • 1
  • 4