Package gov.usgs.earthquake.distribution

Class SignatureVerifier

java.lang.Object
gov.usgs.util.DefaultConfigurable
gov.usgs.earthquake.distribution.SignatureVerifier
All Implemented Interfaces:
Configurable
public class SignatureVerifier extends DefaultConfigurable
Verifies certificate/key signatures

  • Field Details

    • VERIFY_SIGNATURES_PROPERTY_NAME

      public static final String VERIFY_SIGNATURES_PROPERTY_NAME
      Property for whether or not to verify signatures.
      See Also:

    • DEFAULT_VERIFY_SIGNATURE

      public static final String DEFAULT_VERIFY_SIGNATURE
      Don't verify signatures (Default).
      See Also:

    • TEST_VERIFY_SIGNATURE

      public static final String TEST_VERIFY_SIGNATURE
      Test signatures, but don't reject invalid.
      See Also:

    • ONLY_VERIFY_KNOWN

      public static final String ONLY_VERIFY_KNOWN
      Allow products that do not have a configured key.
      See Also:

    • KEYCHAIN_PROPERTY_NAME

      public static final String KEYCHAIN_PROPERTY_NAME
      Property for a list of keys.
      See Also:

    • KEYCHAIN_FILE_PROPERTY_NAME

      public static final String KEYCHAIN_FILE_PROPERTY_NAME
      Property for a file of keys.
      See Also:

    • HISTORY_DEPTH_NAME

      public static final String HISTORY_DEPTH_NAME
      Property for verifying signature history based on depth
      See Also:

    • HISTORY_DEPTH_DEFAULT

      public static final int HISTORY_DEPTH_DEFAULT
      History depth default. Go 3 indices deep in signature history list
      See Also:

  • Constructor Details

    • SignatureVerifier

      public SignatureVerifier()

  • Method Details

    • configure

      public void configure(Config config) throws Exception
      Description copied from class: DefaultConfigurable
      Process configuration settings. Called before startup().
      Specified by:
      configure in interface Configurable
      Overrides:
      configure in class DefaultConfigurable
      Parameters:
      config - the Config object with settings.
      Throws:
      Exception - if configuration exceptions occur.

    • isRejectInvalidSignatures

      public boolean isRejectInvalidSignatures()
      Returns:
      boolean RejectInvalidSignatures

    • setRejectInvalidSignatures

      public void setRejectInvalidSignatures(boolean rejectInvalidSignatures)
      Parameters:
      rejectInvalidSignatures - boolean to set

    • isTestSignatures

      public boolean isTestSignatures()
      Returns:
      boolean TestSignatures

    • setTestSignatures

      public void setTestSignatures(boolean testSignatures)
      Parameters:
      testSignatures - boolean to set

    • getKeychain

      public ProductKeyChain getKeychain()
      Returns:
      Product keychain

    • setKeychain

      public void setKeychain(ProductKeyChain keychain)
      Parameters:
      keychain - ProductKeyChain to set

    • getHistoryDepth

      public Integer getHistoryDepth()

    • setHistoryDepth

      public void setHistoryDepth(Integer historyDepth)

    • isAllowUnknownSigner

      public boolean isAllowUnknownSigner()
      Returns:
      boolean AllowUnknownSigner

    • setAllowUnknownSigner

      public void setAllowUnknownSigner(boolean allowUnknownSigner)
      Parameters:
      allowUnknownSigner - boolean to set

    • verifySignature

      public boolean verifySignature(Product product) throws Exception
      Attempt to verify a products signature.
      Parameters:
      product - product to verify.
      Returns:
      true if the signature is from a key in the keychain.
      Throws:
      InvalidSignatureException - if rejectInvalidSignatures=true, and signature was not verified; allowUnknownSigner=true prevents this exception when no keys are found in the keychain for the product.
      Exception - if error occurs