Module org.eclipse.jgit

Package org.eclipse.jgit.lib

Interface GpgSignatureVerifier

All Known Implementing Classes:

AbstractGpgSignatureVerifier

public interface GpgSignatureVerifier

A GpgSignatureVerifier can verify GPG signatures on git commits and tags.

Since:

5.11

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static interface	GpgSignatureVerifier.SignatureVerification	A SignatureVerification returns data about a (positively or negatively) verified signature.
static enum	GpgSignatureVerifier.TrustLevel	The owner's trust in a public key.

Method Summary

Modifier and Type	Method	Description
void	clear()	A GpgSignatureVerifier may cache public keys to speed up verifying signatures on multiple objects.
String	getName()	Retrieves the name of this verifier.
GpgSignatureVerifier.SignatureVerification	verify(byte[] data, byte[] signatureData)	Deprecated. since 6.9, use verify(GpgConfig, byte[], byte[]) instead
default GpgSignatureVerifier.SignatureVerification	verify(GpgConfig config, byte[] data, byte[] signatureData)	Verifies a given signature for given data.
GpgSignatureVerifier.SignatureVerification	verifySignature(RevObject object, GpgConfig config)	Verifies the signature on a signed commit or tag.

Method Details

verifySignature

@Nullable
GpgSignatureVerifier.SignatureVerification verifySignature(@NonNull
 RevObject object,
 @NonNull
 GpgConfig config)
                                                    throws IOException

Verifies the signature on a signed commit or tag.

Parameters:

object - to verify

config - the GpgConfig to use

Returns:

a GpgSignatureVerifier.SignatureVerification describing the outcome of the verification, or null if the object was not signed

Throws:

IOException - if an error occurs getting a public key

JGitInternalException - if signature verification fails

verify

default GpgSignatureVerifier.SignatureVerification verify(@NonNull
 GpgConfig config,
 byte[] data,
 byte[] signatureData)
                                                   throws IOException

Verifies a given signature for given data.

Parameters:

config - the GpgConfig

data - the signature is for

signatureData - the ASCII-armored signature

Returns:

a GpgSignatureVerifier.SignatureVerification describing the outcome

Throws:

IOException - if the signature cannot be parsed

JGitInternalException - if signature verification fails

Since:

6.9

verify

@Deprecated
GpgSignatureVerifier.SignatureVerification verify(byte[] data,
 byte[] signatureData)
                                           throws IOException

Deprecated.

since 6.9, use verify(GpgConfig, byte[], byte[]) instead

Verifies a given signature for given data.

Parameters:

data - the signature is for

signatureData - the ASCII-armored signature

Returns:

a GpgSignatureVerifier.SignatureVerification describing the outcome

Throws:

IOException - if the signature cannot be parsed

JGitInternalException - if signature verification fails

getName

@NonNull
String getName()

Retrieves the name of this verifier. This should be a short string identifying the engine that verified the signature, like "gpg" if GPG is used, or "bc" for a BouncyCastle implementation.

Returns:

the name

clear

void clear()

A GpgSignatureVerifier may cache public keys to speed up verifying signatures on multiple objects. This clears this cache, if any.