001package co.codewizards.cloudstore.core.auth; 002 003import static co.codewizards.cloudstore.core.auth.AuthTokenSigner.*; 004import static co.codewizards.cloudstore.core.util.Util.*; 005 006import java.security.KeyFactory; 007import java.security.PublicKey; 008import java.security.Signature; 009import java.security.spec.EncodedKeySpec; 010import java.security.spec.X509EncodedKeySpec; 011 012public class AuthTokenVerifier { 013 private PublicKey publicKey; 014 015 public AuthTokenVerifier(byte[] publicKeyData) { 016 assertNotNull("publicKeyData", publicKeyData); 017 BouncyCastleRegistrationUtil.registerBouncyCastleIfNeeded(); 018 try { 019 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 020 EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyData); 021 this.publicKey = keyFactory.generatePublic(publicKeySpec); 022 } catch (RuntimeException e) { 023 throw e; 024 } catch (Exception e) { 025 throw new RuntimeException(e); 026 } 027 } 028 029 public void verify(SignedAuthToken signedAuthToken) { 030 assertNotNull("signedAuthToken", signedAuthToken); 031 assertNotNull("signedAuthToken.authTokenData", signedAuthToken.getAuthTokenData()); 032 assertNotNull("signedAuthToken.signature", signedAuthToken.getSignature()); 033 try { 034 Signature verificationEngine = Signature.getInstance(SIGNATURE_ALGORITHM); 035 verificationEngine.initVerify(publicKey); 036 verificationEngine.update(signedAuthToken.getAuthTokenData()); 037 if (!verificationEngine.verify(signedAuthToken.getSignature())) { 038 throw new SignatureException("Signature not valid."); 039 } 040 } catch (RuntimeException e) { 041 throw e; 042 } catch (Exception e) { 043 throw new RuntimeException(e); 044 } 045 } 046}