Package co.elastic.apm.attach.bouncycastle

Class BouncyCastleVerifier

java.lang.Object
co.elastic.apm.attach.bouncycastle.BouncyCastleVerifier
All Implemented Interfaces:
PgpSignatureVerifier
public class BouncyCastleVerifier extends Object implements PgpSignatureVerifier
DO NOT ACCESS DIRECTLY FROM PRODUCTION CODE! This class should only be accessed through PgpSignatureVerifierLoader because it depends on Bouncy Castle that must be loaded in the original jars through a dedicated class loader. It is excluded from the CLI jar during build. The only reason it is public is so we can instantiate through reflection without invoking the deprecated setAccessible(true).

  • Constructor Details

    • BouncyCastleVerifier

      public BouncyCastleVerifier()

  • Method Details

    • verifyPgpSignature

      public boolean verifyPgpSignature(InputStream toVerify, InputStream expectedPgpSignature, InputStream rawPublicKey, String keyID) throws Exception
      A Bouncy Castle implementation for PGP signature verification. Verifying the given file's PGP signature based on the given public key ID and the expected signature.
      Specified by:
      verifyPgpSignature in interface PgpSignatureVerifier
      Parameters:
      toVerify - the file to verify
      expectedPgpSignature - the expected PGP signature, based on the public key corresponding the given key ID
      rawPublicKey - PGP public key
      keyID - PGP public key ID corresponding the publicKeyIS argument
      Returns:
      true if the provided file was verified successfully, false otherwise
      Throws:
      Exception - indication failure to read from any of the given InputStreams or failure during the execution of PGP verification