-
Notifications
You must be signed in to change notification settings - Fork 16
/
RsaSignature2018LdVerifier.java
66 lines (46 loc) · 2.29 KB
/
RsaSignature2018LdVerifier.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
package info.weboftrust.ldsignatures.verifier;
import com.danubetech.keyformats.crypto.ByteVerifier;
import com.danubetech.keyformats.crypto.impl.RSA_RS256_PublicKeyVerifier;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSVerifier;
import info.weboftrust.ldsignatures.LdProof;
import info.weboftrust.ldsignatures.adapter.JWSVerifierAdapter;
import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer;
import info.weboftrust.ldsignatures.suites.RsaSignature2018SignatureSuite;
import info.weboftrust.ldsignatures.suites.SignatureSuites;
import info.weboftrust.ldsignatures.util.JWSUtil;
import java.security.GeneralSecurityException;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
public class RsaSignature2018LdVerifier extends LdVerifier<RsaSignature2018SignatureSuite> {
public RsaSignature2018LdVerifier(ByteVerifier verifier) {
super(SignatureSuites.SIGNATURE_SUITE_RSASIGNATURE2018, verifier, new URDNA2015Canonicalizer());
}
public RsaSignature2018LdVerifier(RSAPublicKey publicKey) {
this(new RSA_RS256_PublicKeyVerifier(publicKey));
}
public RsaSignature2018LdVerifier() {
this((ByteVerifier) null);
}
public static boolean verify(byte[] signingInput, LdProof ldProof, ByteVerifier verifier) throws GeneralSecurityException {
// build the JWS and verify
String jws = ldProof.getJws();
boolean verify;
try {
JWSObject detachedJwsObject = JWSObject.parse(jws);
byte[] jwsSigningInput = JWSUtil.getJwsSigningInput(detachedJwsObject.getHeader(), signingInput);
JWSVerifier jwsVerifier = new JWSVerifierAdapter(verifier, JWSAlgorithm.RS256);
verify = jwsVerifier.verify(detachedJwsObject.getHeader(), jwsSigningInput, detachedJwsObject.getSignature());
} catch (JOSEException | ParseException ex) {
throw new GeneralSecurityException("JOSE verification problem: " + ex.getMessage(), ex);
}
// done
return verify;
}
@Override
public boolean verify(byte[] signingInput, LdProof ldProof) throws GeneralSecurityException {
return verify(signingInput, ldProof, this.getVerifier());
}
}