Package dev.sigstore.encryption.signers

Class RsaVerifier

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.security.PublicKey getPublicKey()
      Return the public key associated with this verifier.
      boolean verify​(byte[] artifact, byte[] signature)
      Verify an artifact.
      boolean verifyDigest​(byte[] digest, byte[] signature)
      Verify an artifact using the artifact's sha256 digest.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • getPublicKey

        public java.security.PublicKey getPublicKey()
        Description copied from interface: Verifier
        Return the public key associated with this verifier.
        Specified by:
        getPublicKey in interface Verifier

      • verify

        public boolean verify​(byte[] artifact,
                      byte[] signature)
               throws java.security.NoSuchAlgorithmException,
                      java.security.InvalidKeyException,
                      java.security.SignatureException
        Description copied from interface: Verifier
        Verify an artifact. Implementations will hash the artifact with sha256 before verifying.
        Specified by:
        verify in interface Verifier
        Parameters:
        artifact - the artifact that was signed
        signature - the signature associated with the artifact
        Returns:
        true if the signature is valid, false otherwise
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.SignatureException

      • verifyDigest

        public boolean verifyDigest​(byte[] digest,
                            byte[] signature)
                     throws java.security.NoSuchAlgorithmException,
                            java.security.InvalidKeyException,
                            java.security.SignatureException
        Description copied from interface: Verifier
        Verify an artifact using the artifact's sha256 digest. Implementations do not further hash the input.
        Specified by:
        verifyDigest in interface Verifier
        Parameters:
        digest - the sha256 digest of the artifact that was signed
        signature - the signature associated with the artifact
        Returns:
        true if the signature is valid, false otherwise
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
        java.security.SignatureException