Module org.eclipse.jgit

Package org.eclipse.jgit.lib

Interface SignatureVerifier

public interface SignatureVerifier

A SignatureVerifier can verify signatures on git commits and tags.

Since:

7.0

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final record	SignatureVerifier.SignatureVerification	A SignatureVerification returns data about a (positively or negatively) verified signature.
static enum	SignatureVerifier.TrustLevel	The owner's trust in a public key.

Method Summary

Modifier and Type	Method	Description
void	clear()	A SignatureVerifier may cache public keys to speed up verifying signatures on multiple objects.
String	getName()	Retrieves the name of this verifier.
SignatureVerifier.SignatureVerification	verify(Repository repository, GpgConfig config, byte[] data, byte[] signatureData)	Verifies a given signature for given data.

Method Details

verify

SignatureVerifier.SignatureVerification verify(@NonNull
 Repository repository,
 @NonNull
 GpgConfig config,
 byte[] data,
 byte[] signatureData)
                                        throws IOException

Verifies a given signature for given data.

Parameters:

repository - the Repository the data comes from.

config - the GpgConfig

data - the signature is for

signatureData - the ASCII-armored signature

Returns:

a SignatureVerifier.SignatureVerification describing the outcome

Throws:

IOException - if the signature cannot be parsed

JGitInternalException - if signature verification fails

getName

@NonNull
String getName()

Retrieves the name of this verifier. This should be a short string identifying the engine that verified the signature, like "gpg" if GPG is used, or "bc" for a BouncyCastle implementation.

Returns:

the name

clear

void clear()

A SignatureVerifier may cache public keys to speed up verifying signatures on multiple objects. This clears this cache, if any.