通过运行时进程在 Java 中调用 GnuPG 来加密和解密文件 - 解密总是挂起
注意:稍后再回来讨论这个问题,因为我一直无法找到可行的解决方案。手动排空输入流而不是使用 BufferedReaders 似乎没有帮助,因为 inputStream.read() 方法会永久阻止程序。我将 gpg 调用放在一个批处理文件中,并从 Java 调用该批处理文件,只得到相同的结果。一旦使用解密选项调用 gpg,输入流似乎变得不可访问,从而阻塞整个程序。当我有更多时间专注于这项任务时,我必须再回来讨论这个问题。与此同时,我必须通过其他方式(可能是 BouncyCastle)来解密。
最后一个可能尝试的选项是调用 cmd.exe,并通过该进程生成的输入流编写命令...
我感谢对此问题的帮助。
我已经研究这个问题几天了,但没有取得任何进展,所以我想我应该向这里的专家寻求帮助。
我正在创建一个简单的程序,它将通过 Java 运行时进程调用 GnuPG。它需要能够加密和解密文件。加密有效,但我在解密文件时遇到一些问题。每当我尝试解密文件时,进程就会挂起。exitValue() 总是抛出 IllegalThreadStateException,并且程序会嘎嘎作响,就好像它仍在等待一样。这些方法的代码附在下面。该程序的最终目标是解密文件,并用 Java 解析其内容。
我尝试了三种方法来使 gpgDecrypt 方法发挥作用。第一种方法涉及删除 passphrase-fd 选项并通过 catch 块中的 gpgOutput 流将密码写入 gpg,假设它像通过命令行一样提示输入密码。这不起作用,所以我将密码放入文件中并添加了 -passphrase-fd 选项。在这种情况下,程序会无限重复。如果我通过 gpgOutput 流写入任何内容,程序就会完成。打印的 Exit 值将为 2,结果变量将为空。
第三个选项是 BouncyCastle,但我在让它识别我的私钥时遇到问题(这可能是一个单独的帖子)。
我用来加密和解密的密钥是由 GnuPG 生成的 4096 位 RSA 密钥。在使用密码和密码文件的两种情况下,我尝试通过 > 将输出传输到文件myFile.txt,但似乎没有任何区别。
以下是 gpgEncrypt、gpgDecrypt 和 getStreamText 方法。由于加密有效,所以我发布了这两个内容,并且我看不到我在加密和解密方法之间执行和处理过程的方式之间有任何明显的差异。 getStreamText 只是读取流的内容并返回一个字符串。
编辑:快速说明,Windows 环境。如果我复制解密命令输出,它可以通过控制台正常工作。所以我知道该命令是有效的。
public boolean gpgEncrypt(String file, String recipient, String outputFile){
boolean success = true;
StringBuilder gpgCommand = new StringBuilder("gpg --recipient \"");
gpgCommand.append(recipient).append("\" --output \"").append(outputFile).append("\" --yes --encrypt \"");
gpgCommand.append(file).append("\"");
System.out.println("ENCRYPT COMMAND: " + gpgCommand);
try {
Process gpgProcess = Runtime.getRuntime().exec(gpgCommand.toString());
BufferedReader gpgOutput = new BufferedReader(new InputStreamReader(gpgProcess.getInputStream()));
BufferedWriter gpgInput = new BufferedWriter(new OutputStreamWriter(gpgProcess.getOutputStream()));
BufferedReader gpgErrorOutput = new BufferedReader(new InputStreamReader(gpgProcess.getErrorStream()));
boolean executing = true;
while(executing){
try{
int exitValue = gpgProcess.exitValue();
if(gpgErrorOutput.ready()){
String error = getStreamText(gpgErrorOutput);
System.err.println(error);
success = false;
break;
}else if(gpgOutput.ready()){
System.out.println(getStreamText(gpgOutput));
}
executing = false;
}catch(Exception e){
//The process is not yet ready to exit. Take a break and try again.
try {
Thread.sleep(100);
} catch (InterruptedException e1) {
System.err.println("This thread has insomnia: " + e1.getMessage());
}
}
}
} catch (IOException e) {
System.err.println("Error running GPG via runtime: " + e.getMessage());
success = false;
}
return success;
}
public String gpgDecrypt(String file, String passphraseFile){
String result = null;
StringBuilder command = new StringBuilder("gpg --passphrase-fd 0 --decrypt \"");
command.append(file).append("\" 0<\"").append(passphraseFile).append("\"");
System.out.println("DECRYPT COMMAND: " + command.toString());
try {
Process gpgProcess = Runtime.getRuntime().exec(command.toString());
BufferedReader gpgOutput = new BufferedReader(new InputStreamReader(gpgProcess.getInputStream()));
BufferedReader gpgErrorOutput = new BufferedReader(new InputStreamReader(gpgProcess.getErrorStream()));
BufferedWriter gpgInput = new BufferedWriter(new OutputStreamWriter(gpgProcess.getOutputStream()));
boolean executing = true;
while(executing){
try{
if(gpgErrorOutput.ready()){
result = getStreamText(gpgErrorOutput);
System.err.println(result);
break;
}else if(gpgOutput.ready()){
result = getStreamText(gpgOutput);
}
int exitValue = gpgProcess.exitValue();
System.out.println("EXIT: " + exitValue);
executing = false;
}catch(IllegalThreadStateException e){
System.out.println("Not yet ready. Stream status: " + gpgOutput.ready() + ", error: " + gpgErrorOutput.ready());
try {
Thread.sleep(100);
} catch (InterruptedException e1) {
System.err.println("This thread has insomnia: " + e1.getMessage());
}
}
}
} catch (IOException e) {
System.err.println("Unable to execute GPG decrypt command via command line: " + e.getMessage());
}
return result;
}
private String getStreamText(BufferedReader reader) throws IOException{
StringBuilder result = new StringBuilder();
try{
while(reader.ready()){
result.append(reader.readLine());
if(reader.ready()){
result.append("\n");
}
}
}catch(IOException ioe){
System.err.println("Error while reading the stream: " + ioe.getMessage());
throw ioe;
}
return result.toString();
}
NOTE: Coming back to this later as I've been unable to find a working solution. Draining the input streams manually instead of using BufferedReaders doesn't seem to help as the inputStream.read() method permanently blocks the program. I placed the gpg call in a batch file, and called the batch file from Java to only get the same result. Once gpg is called with the decrypt option, the input stream seems to become inaccessible, blocking the entire program. I'll have to come back to this when I have more time to focus on the task. In the mean time, I'll have to get decryption working by some other means (probably BouncyCastle).
The last option to probably try is to call cmd.exe, and write the command through the input stream generated by that process...
I appreciate the assistance on this issue.
I've been working on this problem for a couple days and haven't made any progress, so I thought I'd turn to the exeprtise here for some help.
I am creating a simple program that will call GnuPG via a Java runtime process. It needs to be able to encrypt and decrypt files. Encryption works, but I'm having some problems decrypting files. Whenever I try to decrypt a file, the process hangs.exitValue() always throws it's IllegalThreadStateException and the program chugs along as if it's still waiting. The code for these methods is attached below. The ultimate goal of the program is to decrypt the file, and parse it's contents in Java.
I've tried three approaches to getting the gpgDecrypt method to work. The first approach involved removing the passphrase-fd option and writing the passphrase to gpg via the gpgOutput stream in the catch block, assuming it was prompting for the passphrase like it would via the command line. This didn't work, so I put the passphrase in a file and added the -passphrase-fd option. In this case, the program repeats infinitely. If I write anything via the gpgOutput stream the program will complete. The Exit value printed will have a value of 2, and the result variable will be blank.
The third option is BouncyCastle, but I'm having problems getting it to recognize my private key (which is probably a separate post all together).
The keys I'm using to encrypt and decrypt are 4096-bit RSA keys, generated by GnuPG. In both cases using the passphrase and the passphrase file, I've tried piping the output to a file via > myFile.txt, but it doesn't seem to make any difference.
Here are the gpgEncrypt, gpgDecrypt and getStreamText methods. I posted both since the encrypt works, and I can't see any glaring differences between how I'm executing and handling the process between the encrypt and decrypt methods. getStreamText just reads the contents of the streams and returns a string.
EDIT: Quick note, Windows environment. If I copy the decrypt command output, it works via the console just fine. So I know the command is valid.
public boolean gpgEncrypt(String file, String recipient, String outputFile){
boolean success = true;
StringBuilder gpgCommand = new StringBuilder("gpg --recipient \"");
gpgCommand.append(recipient).append("\" --output \"").append(outputFile).append("\" --yes --encrypt \"");
gpgCommand.append(file).append("\"");
System.out.println("ENCRYPT COMMAND: " + gpgCommand);
try {
Process gpgProcess = Runtime.getRuntime().exec(gpgCommand.toString());
BufferedReader gpgOutput = new BufferedReader(new InputStreamReader(gpgProcess.getInputStream()));
BufferedWriter gpgInput = new BufferedWriter(new OutputStreamWriter(gpgProcess.getOutputStream()));
BufferedReader gpgErrorOutput = new BufferedReader(new InputStreamReader(gpgProcess.getErrorStream()));
boolean executing = true;
while(executing){
try{
int exitValue = gpgProcess.exitValue();
if(gpgErrorOutput.ready()){
String error = getStreamText(gpgErrorOutput);
System.err.println(error);
success = false;
break;
}else if(gpgOutput.ready()){
System.out.println(getStreamText(gpgOutput));
}
executing = false;
}catch(Exception e){
//The process is not yet ready to exit. Take a break and try again.
try {
Thread.sleep(100);
} catch (InterruptedException e1) {
System.err.println("This thread has insomnia: " + e1.getMessage());
}
}
}
} catch (IOException e) {
System.err.println("Error running GPG via runtime: " + e.getMessage());
success = false;
}
return success;
}
public String gpgDecrypt(String file, String passphraseFile){
String result = null;
StringBuilder command = new StringBuilder("gpg --passphrase-fd 0 --decrypt \"");
command.append(file).append("\" 0<\"").append(passphraseFile).append("\"");
System.out.println("DECRYPT COMMAND: " + command.toString());
try {
Process gpgProcess = Runtime.getRuntime().exec(command.toString());
BufferedReader gpgOutput = new BufferedReader(new InputStreamReader(gpgProcess.getInputStream()));
BufferedReader gpgErrorOutput = new BufferedReader(new InputStreamReader(gpgProcess.getErrorStream()));
BufferedWriter gpgInput = new BufferedWriter(new OutputStreamWriter(gpgProcess.getOutputStream()));
boolean executing = true;
while(executing){
try{
if(gpgErrorOutput.ready()){
result = getStreamText(gpgErrorOutput);
System.err.println(result);
break;
}else if(gpgOutput.ready()){
result = getStreamText(gpgOutput);
}
int exitValue = gpgProcess.exitValue();
System.out.println("EXIT: " + exitValue);
executing = false;
}catch(IllegalThreadStateException e){
System.out.println("Not yet ready. Stream status: " + gpgOutput.ready() + ", error: " + gpgErrorOutput.ready());
try {
Thread.sleep(100);
} catch (InterruptedException e1) {
System.err.println("This thread has insomnia: " + e1.getMessage());
}
}
}
} catch (IOException e) {
System.err.println("Unable to execute GPG decrypt command via command line: " + e.getMessage());
}
return result;
}
private String getStreamText(BufferedReader reader) throws IOException{
StringBuilder result = new StringBuilder();
try{
while(reader.ready()){
result.append(reader.readLine());
if(reader.ready()){
result.append("\n");
}
}
}catch(IOException ioe){
System.err.println("Error while reading the stream: " + ioe.getMessage());
throw ioe;
}
return result.toString();
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(7)
我忘了你在 Java 中是如何处理它的,有 100 种方法。但我被解密命令本身困住了,它非常有帮助,尽管你不需要所有这些引号,如果你想解密一个大文件,它是这样的:
I forget how you handle it in Java, there are 100 methods for that. But I was stuck with decrypt command itself, it was very helpful, though you didn't need all those quotes and if you wish to decrypt a large file, it goes like this:
您是否尝试过从命令行而不是 Java 代码运行该命令?
当 GnuPG 等待控制台输出时,“仅用于您的眼睛”选项可能会出现问题。
Have you tried to run that command from command-line, not from Java code?
There can be an issue with 'for your eyes only' option, when GnuPG will wait for console output.
这可能是也可能不是问题(在解密函数中)
您正在将
getInputStream的结果包装两次。显然 gpgErrorOutput 应该包装错误流,而不是输入流。This may or may not be the problem (in the decrypt function)
You are wrapping the result of
getInputStreamtwice. ObviouslygpgErrorOutputshould be wrapping the error stream, not the input stream.我今天偶然发现了这个线程,因为就程序挂起而言,我遇到了完全相同的问题。上面的 Cameron 线程包含解决方案,即您必须从进程中排出 inputStream。如果不这样做,流就会填满并挂起。只需添加
在检查 exitValue 之前就可以修复它。
I stumbled upon this thread today because I was having the exact same issue as far as the program hanging. Cameron's thread from above contains the solution, which is that you have to be draining the inputStream from your process. If you don't, the stream fills up and hangs. Simply adding
Before checking the exitValue fixed it for me.
当我用下面的命令替换解密命令时,它对我有用
It worked for me when i replace the decrypt command with below command
// 它给出进程未退出异常
// it gives process has not exited exception
以下代码适用于 GNUPG 2.1.X
The following code works with GNUPG 2.1.X