File tree Expand file tree Collapse file tree
sigstore-java/src/main/java/dev/sigstore/encryption/signers Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1515 */
1616package dev .sigstore .encryption .signers ;
1717
18+ import dev .sigstore .AlgorithmRegistry ;
1819import java .security .*;
1920
2021/** ECDSA verifier, instantiated by {@link Verifiers#newVerifier(PublicKey)}. */
2122public class EcdsaVerifier implements Verifier {
2223
2324 private final PublicKey publicKey ;
25+ private final AlgorithmRegistry .HashAlgorithm hashAlgorithm ;
2426
25- EcdsaVerifier (PublicKey publicKey ) {
27+ EcdsaVerifier (PublicKey publicKey , AlgorithmRegistry . HashAlgorithm hashAlgorithm ) {
2628 this .publicKey = publicKey ;
29+ this .hashAlgorithm = hashAlgorithm ;
2730 }
2831
2932 @ Override
@@ -34,7 +37,7 @@ public PublicKey getPublicKey() {
3437 @ Override
3538 public boolean verify (byte [] artifact , byte [] signature )
3639 throws NoSuchAlgorithmException , InvalidKeyException , SignatureException {
37- var verifier = Signature .getInstance ("SHA256withECDSA " );
40+ var verifier = Signature .getInstance (hashAlgorithm + "withECDSA " );
3841 verifier .initVerify (publicKey );
3942 verifier .update (artifact );
4043 return verifier .verify (signature );
Original file line number Diff line number Diff line change 1515 */
1616package dev .sigstore .encryption .signers ;
1717
18+ import dev .sigstore .AlgorithmRegistry ;
1819import java .security .*;
1920
2021/** RSA verifier, instantiated by {@link Verifiers#newVerifier(PublicKey)}. */
2122public class RsaVerifier implements Verifier {
2223
2324 private final PublicKey publicKey ;
25+ private final AlgorithmRegistry .HashAlgorithm hashAlgorithm ;
2426
25- RsaVerifier (PublicKey publicKey ) {
27+ RsaVerifier (PublicKey publicKey , AlgorithmRegistry . HashAlgorithm hashAlgorithm ) {
2628 this .publicKey = publicKey ;
29+ this .hashAlgorithm = hashAlgorithm ;
2730 }
2831
2932 @ Override
@@ -34,7 +37,7 @@ public PublicKey getPublicKey() {
3437 @ Override
3538 public boolean verify (byte [] artifact , byte [] signature )
3639 throws NoSuchAlgorithmException , InvalidKeyException , SignatureException {
37- var verifier = Signature .getInstance ("SHA256withRSA " );
40+ var verifier = Signature .getInstance (hashAlgorithm + "withRSA " );
3841 verifier .initVerify (publicKey );
3942 verifier .update (artifact );
4043 return verifier .verify (signature );
Original file line number Diff line number Diff line change 1515 */
1616package dev .sigstore .encryption .signers ;
1717
18+ import dev .sigstore .AlgorithmRegistry ;
1819import java .security .NoSuchAlgorithmException ;
1920import java .security .PublicKey ;
2021import org .bouncycastle .asn1 .ASN1ObjectIdentifier ;
@@ -25,10 +26,10 @@ public class Verifiers {
2526 /** Returns a new verifier for the provided public key to use during verification. */
2627 public static Verifier newVerifier (PublicKey publicKey ) throws NoSuchAlgorithmException {
2728 if (publicKey .getAlgorithm ().equals ("RSA" )) {
28- return new RsaVerifier (publicKey );
29+ return new RsaVerifier (publicKey , AlgorithmRegistry . HashAlgorithm . SHA2_256 );
2930 }
3031 if (publicKey .getAlgorithm ().equals ("EC" ) || publicKey .getAlgorithm ().equals ("ECDSA" )) {
31- return new EcdsaVerifier (publicKey );
32+ return new EcdsaVerifier (publicKey , AlgorithmRegistry . HashAlgorithm . SHA2_256 );
3233 }
3334 if (publicKey .getAlgorithm ().equals ("Ed25519" )) {
3435 return new Ed25519Verifier (publicKey );
You can’t perform that action at this time.
0 commit comments