}
public boolean isResourceSignedBySignature(final InputStream resource,
InputStream signature) {
PGPPublicKey publicKey = null;
PGPSignature pgpSignature = null;
try {
if (!(signature instanceof ArmoredInputStream)) {
signature = new ArmoredInputStream(signature);
}
pgpSignature = isSignatureAcceptable(signature).getPgpSignature();
final PGPPublicKeyRing keyRing = getPublicKey(new PgpKeyId(
pgpSignature));
rememberKey(keyRing);
publicKey = keyRing.getPublicKey();
Validate.notNull(publicKey,
"Could not obtain public key for signer key ID '%s'",
pgpSignature);
pgpSignature.initVerify(publicKey, "BC");
// Now verify the signed content
final byte[] buff = new byte[BUFFER_SIZE];
int chunk;
do {
chunk = resource.read(buff);
if (chunk > 0) {
pgpSignature.update(buff, 0, chunk);
}
} while (chunk >= 0);
return pgpSignature.verify();
}
catch (final Exception e) {
throw new IllegalStateException(e);
}
}