Package dev.sigstore
Class KeylessVerifier
- java.lang.Object
-
- dev.sigstore.KeylessVerifier
-
public class KeylessVerifier extends java.lang.ObjectVerify hashrekords from rekor signed using the keyless signing flow with fulcio certificates.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classKeylessVerifier.Builder
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static KeylessVerifier.Builderbuilder()voidverify(byte[] artifactDigest, Bundle bundle, VerificationOptions options)Verify that the inputs can attest to the validity of a signature using sigstore's keyless infrastructure.voidverify(java.nio.file.Path artifact, Bundle bundle, VerificationOptions options)Convenience wrapper aroundverify(byte[], Bundle, VerificationOptions).
-
-
-
Method Detail
-
builder
public static KeylessVerifier.Builder builder()
-
verify
public void verify(java.nio.file.Path artifact, Bundle bundle, VerificationOptions options) throws KeylessVerificationExceptionConvenience wrapper aroundverify(byte[], Bundle, VerificationOptions).- Throws:
KeylessVerificationException
-
verify
public void verify(byte[] artifactDigest, Bundle bundle, VerificationOptions options) throws KeylessVerificationExceptionVerify that the inputs can attest to the validity of a signature using sigstore's keyless infrastructure. If no exception is thrown, it should be assumed verification has passed.- Parameters:
artifactDigest- the sha256 digest of the artifact that is being verifiedbundle- the sigstore signature bundle to verifyoptions- the keyless verification data and options- Throws:
KeylessVerificationException- if the signing information could not be verified
-
-