use of org.gradle.security.internal.PublicKeyDownloadService in project gradle by gradle.
the class DefaultSignatureVerificationServiceFactory method create.
@Override
public SignatureVerificationService create(BuildTreeDefinedKeys keyrings, List<URI> keyServers, boolean useKeyServers) {
boolean refreshKeys = this.refreshKeys || !useKeyServers;
ExternalResourceRepository repository = transportFactory.createTransport("https", "https", Collections.emptyList(), redirectLocations -> {
}).getRepository();
PublicKeyService keyService;
if (useKeyServers) {
PublicKeyDownloadService keyDownloadService = new PublicKeyDownloadService(ImmutableList.copyOf(keyServers), repository);
keyService = new CrossBuildCachingKeyService(cacheRepository, decoratorFactory, buildOperationExecutor, keyDownloadService, timeProvider, refreshKeys);
} else {
keyService = EmptyPublicKeyService.getInstance();
}
keyService = keyrings.applyTo(keyService);
File effectiveKeyringsFile = keyrings.getEffectiveKeyringsFile();
HashCode keyringFileHash = effectiveKeyringsFile != null && effectiveKeyringsFile.exists() ? fileHasher.hash(effectiveKeyringsFile) : NO_KEYRING_FILE_HASH;
DefaultSignatureVerificationService delegate = new DefaultSignatureVerificationService(keyService);
return new CrossBuildSignatureVerificationService(delegate, fileHasher, buildScopedCache, decoratorFactory, timeProvider, refreshKeys, useKeyServers, keyringFileHash);
}
Aggregations