GpgSignatureVerifier.java

/*
 * Copyright (C) 2021, Thomas Wolf <thomas.wolf@paranor.ch> and others
 *
 * This program and the accompanying materials are made available under the
 * terms of the Eclipse Distribution License v. 1.0 which is available at
 * https://www.eclipse.org/org/documents/edl-v10.php.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
package org.eclipse.jgit.lib;

import java.io.IOException;
import java.util.Date;

import org.eclipse.jgit.annotations.NonNull;
import org.eclipse.jgit.annotations.Nullable;
import org.eclipse.jgit.api.errors.JGitInternalException;
import org.eclipse.jgit.revwalk.RevObject;

/**
 * A {@code GpgVerifier} can verify GPG signatures on git commits and tags.
 *
 * @since 5.11
 */
public interface GpgSignatureVerifier {

	/**
	 * Verifies the signature on a signed commit or tag.
	 *
	 * @param object
	 *            to verify
	 * @param config
	 *            the {@link GpgConfig} to use
	 * @return a {@link SignatureVerification} describing the outcome of the
	 *         verification, or {@code null} if the object was not signed
	 * @throws IOException
	 *             if an error occurs getting a public key
	 * @throws org.eclipse.jgit.api.errors.JGitInternalException
	 *             if signature verification fails
	 */
	@Nullable
	SignatureVerification verifySignature(@NonNull RevObject object,
			@NonNull GpgConfig config) throws IOException;


	/**
	 * Verifies a given signature for given data.
	 *
	 * @param data
	 *            the signature is for
	 * @param signatureData
	 *            the ASCII-armored signature
	 * @return a {@link SignatureVerification} describing the outcome
	 * @throws IOException
	 *             if the signature cannot be parsed
	 * @throws JGitInternalException
	 *             if signature verification fails
	 */
	public SignatureVerification verify(byte[] data, byte[] signatureData)
			throws IOException;

	/**
	 * Retrieves the name of this verifier. This should be a short string
	 * identifying the engine that verified the signature, like "gpg" if GPG is
	 * used, or "bc" for a BouncyCastle implementation.
	 *
	 * @return the name
	 */
	@NonNull
	String getName();

	/**
	 * A {@link GpgSignatureVerifier} may cache public keys to speed up
	 * verifying signatures on multiple objects. This clears this cache, if any.
	 */
	void clear();

	/**
	 * A {@code SignatureVerification} returns data about a (positively or
	 * negatively) verified signature.
	 */
	interface SignatureVerification {

		// Data about the signature.

		@NonNull
		Date getCreationDate();

		// Data from the signature used to find a public key.

		/**
		 * Obtains the signer as stored in the signature, if known.
		 *
		 * @return the signer, or {@code null} if unknown
		 */
		String getSigner();

		/**
		 * Obtains the short or long fingerprint of the public key as stored in
		 * the signature, if known.
		 *
		 * @return the fingerprint, or {@code null} if unknown
		 */
		String getKeyFingerprint();

		// Some information about the found public key.

		/**
		 * Obtains the OpenPGP user ID associated with the key.
		 *
		 * @return the user id, or {@code null} if unknown
		 */
		String getKeyUser();

		/**
		 * Tells whether the public key used for this signature verification was
		 * expired when the signature was created.
		 *
		 * @return {@code true} if the key was expired already, {@code false}
		 *         otherwise
		 */
		boolean isExpired();

		/**
		 * Obtains the trust level of the public key used to verify the
		 * signature.
		 *
		 * @return the trust level
		 */
		@NonNull
		TrustLevel getTrustLevel();

		// The verification result.

		/**
		 * Tells whether the signature verification was successful.
		 *
		 * @return {@code true} if the signature was verified successfully;
		 *         {@code false} if not.
		 */
		boolean getVerified();

		/**
		 * Obtains a human-readable message giving additional information about
		 * the outcome of the verification.
		 *
		 * @return the message, or {@code null} if none set.
		 */
		String getMessage();
	}

	/**
	 * The owner's trust in a public key.
	 */
	enum TrustLevel {
		UNKNOWN, NEVER, MARGINAL, FULL, ULTIMATE
	}
}