001package co.codewizards.cloudstore.core.auth; 002 003import static co.codewizards.cloudstore.core.auth.AuthTokenSigner.*; 004import static co.codewizards.cloudstore.core.util.Util.*; 005 006import java.security.KeyFactory; 007import java.security.PublicKey; 008import java.security.Signature; 009import java.security.spec.EncodedKeySpec; 010import java.security.spec.X509EncodedKeySpec; 011 012import co.codewizards.cloudstore.core.util.AssertUtil; 013 014public class AuthTokenVerifier { 015 private PublicKey publicKey; 016 017 public AuthTokenVerifier(byte[] publicKeyData) { 018 AssertUtil.assertNotNull(publicKeyData, "publicKeyData"); 019 BouncyCastleRegistrationUtil.registerBouncyCastleIfNeeded(); 020 try { 021 KeyFactory keyFactory = KeyFactory.getInstance("RSA"); 022 EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicKeyData); 023 this.publicKey = keyFactory.generatePublic(publicKeySpec); 024 } catch (RuntimeException e) { 025 throw e; 026 } catch (Exception e) { 027 throw new RuntimeException(e); 028 } 029 } 030 031 public void verify(SignedAuthToken signedAuthToken) { 032 AssertUtil.assertNotNull(signedAuthToken, "signedAuthToken"); 033 AssertUtil.assertNotNull(signedAuthToken.getAuthTokenData(), "signedAuthToken.authTokenData"); 034 AssertUtil.assertNotNull(signedAuthToken.getSignature(), "signedAuthToken.signature"); 035 try { 036 Signature verificationEngine = Signature.getInstance(SIGNATURE_ALGORITHM); 037 verificationEngine.initVerify(publicKey); 038 verificationEngine.update(signedAuthToken.getAuthTokenData()); 039 if (!verificationEngine.verify(signedAuthToken.getSignature())) { 040 throw new SignatureException("Signature not valid."); 041 } 042 } catch (RuntimeException e) { 043 throw e; 044 } catch (Exception e) { 045 throw new RuntimeException(e); 046 } 047 } 048}