在向Maven仓库提交jar包时,需要签名,本文介绍如何使用GPG进行签名。如果没有GPG key,提交jar包将会报错:gpg-no-default-secret-key-error-using-maven。

安装GnuPG

下载地址: http://www.gnupg.org/download/

我安装的是Gpg4win,安装信息如下:

$ gpg --version
gpg (GnuPG) 1.4.20
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

在一些系统中会使用gpg2(其实window 7并没有使用),信息如下:

$ gpg2 --version
gpg (GnuPG) 2.0.30 (Gpg4win 2.3.3)
libgcrypt 1.6.6
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: C:/Users/Administrator/AppData/Roaming/gnupg
Supported algorithms:
Pubkey: RSA, RSA, RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

常用命令

$ gpg --gen-key
$ gpg --list-keys
$ gpg --list-secret-keys
$ gpg2 --list-keys
$ gpg2 --list-secret-keys

$ gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys C6EED57A
$ gpg2 --keyserver hkp://pool.sks-keyservers.net --recv-keys C6EED57A

创建密钥对(key pair)

Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$ gpg --gen-key
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Xie Xianbin
Email address: me@xiexianbin.cn
Comment: soft.xiexianbin.cn
You selected this USER-ID:
    "Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.+++++
...+++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
.....+++++
.+++++
gpg: key AA337973 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
pub   2048R/AA337973 2016-08-20
      Key fingerprint = 003E 7783 9598 0611 E6A1  7FF9 EF0B 6FB6 AA33 7973
uid                  Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>
sub   2048R/40EABC01 2016-08-20


Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$ gpg --edit-key '003E 7783 9598 0611 E6A1  7FF9 EF0B 6FB6 AA33 7973'
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  2048R/AA337973  created: 2016-08-20  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/40EABC01  created: 2016-08-20  expires: never       usage: E
[ultimate] (1). Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>

gpg> adduid
Real name: Xie Xianbin
Email address: me@xiexianbin.cn
Comment: soft.xiexianbin.cn
You selected this USER-ID:
    "Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

You need a passphrase to unlock the secret key for
user: "Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>"
2048-bit RSA key, ID AA337973, created 2016-08-20


pub  2048R/AA337973  created: 2016-08-20  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/40EABC01  created: 2016-08-20  expires: never       usage: E
[ultimate] (1)  Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>
[ultimate] (2). Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>

gpg> save

Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$
Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$ gpg --edit-key '003E 7783 9598 0611 E6A1  7FF9 EF0B 6FB6 AA33 7973'
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: key AA337973: duplicated user ID detected - merged
Secret key is available.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
pub  2048R/AA337973  created: 2016-08-20  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/40EABC01  created: 2016-08-20  expires: never       usage: E
[ultimate] (1). Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>

gpg> uid 1

pub  2048R/AA337973  created: 2016-08-20  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/40EABC01  created: 2016-08-20  expires: never       usage: E
[ultimate] (1)* Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>

gpg> primary

You need a passphrase to unlock the secret key for
user: "Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>"
2048-bit RSA key, ID AA337973, created 2016-08-20


pub  2048R/AA337973  created: 2016-08-20  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  2048R/40EABC01  created: 2016-08-20  expires: never       usage: E
[ultimate] (1)* Xie Xianbin (soft.xiexianbin.cn) <me@xiexianbin.cn>

gpg> save

Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$ gpg --keyserver pool.sks-keyservers.net --send-key '003E 7783 9598 0611 E6A1  7FF9 EF0B 6FB6 AA33 7973'
gpg: sending key AA337973 to hkp server pool.sks-keyservers.net

Administrator@scloud-PC MINGW64 ~/git/UEditor-for-aliyun-OSS/ueditor (master)
$

参考地址

http://stackoverflow.com/questions/29885887/gpg-no-default-secret-key-error-using-maven

https://keyring.debian.org/creating-key.html

http://central.sonatype.org/pages/working-with-pgp-signatures.html