blob: e7e6be48776d24a756f8b01b7ebc2a3a0c32ff94 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
package org.openslx.imagemaster.util;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.X509EncodedKeySpec;
import org.openslx.imagemaster.db.DbSatellite;
public class AsymMessageVerifier
{
private PublicKey key;
/**
* Load the key
* @param organization the organization to verify
* @throws Exception
* @throws NoSuchAlgorithmException
* @throws CertificateException
* @throws FileNotFoundException
* @throws IOException
* @throws KeyStoreException
* @throws UnrecoverableKeyException
*/
public AsymMessageVerifier(String organization) throws Exception
{
byte[] b = DbSatellite.getKeyfromOrganization( organization );
if (b == null) throw new Exception("Organization not found.");
KeyFactory kf = KeyFactory.getInstance( "RSA" );
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(b);
key = kf.generatePublic(keySpec);
}
/**
* Verify an encrypted message.
*
* @param messageDigest The signed message from hs/uni server
* @param expectedCleartext The message that was sent before
* @return Whether the message could be verfied or not
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
* @throws SignatureException
* @throws UnrecoverableKeyException
* @throws KeyStoreException
*/
public boolean verifyMessage( byte[] messageDigest, byte[] expectedCleartext ) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, UnrecoverableKeyException, KeyStoreException
{
// verify message
Signature signature = Signature.getInstance( "SHA256WITHRSA" );
signature.initVerify( key );
signature.update( expectedCleartext );
return signature.verify( messageDigest );
}
}
|
