/// <summary>
        /// Verify the buffer against the signature using the public key.
        /// </summary>
        ///
        /// <param name="buffer">The input buffer to verify.</param>
        /// <param name="signature">The signature bytes.</param>
        /// <param name="publicKey">The object containing the public key.</param>
        /// <param name="digestAlgorithm">The digest algorithm.</param>
        /// <returns>True if verification succeeds, false if verification fails.</returns>
        /// <exception cref="System.ArgumentException">for an invalid public key type ordigestAlgorithm.</exception>
        public static bool verifySignature(ByteBuffer buffer, byte[] signature,
                                           PublicKey publicKey, DigestAlgorithm digestAlgorithm)
        {
            if (digestAlgorithm == net.named_data.jndn.security.DigestAlgorithm.SHA256)
            {
                if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.RSA)
                {
                    try {
                        KeyFactory keyFactory = System.KeyFactory.getInstance("RSA");
                        System.SecurityPublicKey securityPublicKey = keyFactory
                                                                     .generatePublic(new X509EncodedKeySpec(publicKey
                                                                                                            .getKeyDer().getImmutableArray()));

                        System.SecuritySignature rsaSignature = System.SecuritySignature
                                                                .getInstance("SHA256withRSA");
                        rsaSignature.initVerify(securityPublicKey);
                        rsaSignature.update(buffer);
                        return(rsaSignature.verify(signature));
                    } catch (Exception ex) {
                        return(false);
                    }
                }
                else if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.EC)
                {
                    try {
                        KeyFactory keyFactory_0 = System.KeyFactory.getInstance("EC");
                        System.SecurityPublicKey securityPublicKey_1 = keyFactory_0
                                                                       .generatePublic(new X509EncodedKeySpec(publicKey
                                                                                                              .getKeyDer().getImmutableArray()));

                        System.SecuritySignature ecdsaSignature = System.SecuritySignature
                                                                  .getInstance("SHA256withECDSA");
                        ecdsaSignature.initVerify(securityPublicKey_1);
                        ecdsaSignature.update(buffer);
                        return(ecdsaSignature.verify(signature));
                    } catch (Exception ex_2) {
                        return(false);
                    }
                }
                else
                {
                    throw new ArgumentException(
                              "verifySignature: Invalid key type");
                }
            }
            else
            {
                throw new ArgumentException(
                          "verifySignature: Invalid digest algorithm");
            }
        }
Beispiel #2
0
        /// <summary>
        /// Verify the ECDSA signature on the SignedBlob using the given public key.
        /// </summary>
        ///
        /// <param name="signature">The signature bits.</param>
        /// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param>
        /// <param name="publicKeyDer">The DER-encoded public key used to verify the signature.</param>
        /// <returns>true if the signature verifies, false if not.</returns>
        protected static internal bool verifySha256WithEcdsaSignature(Blob signature,
                                                                      SignedBlob signedBlob, Blob publicKeyDer)
        {
            KeyFactory keyFactory = null;

            try {
                keyFactory = System.KeyFactory.getInstance("EC");
            } catch (Exception exception) {
                // Don't expect this to happen.
                throw new SecurityException("EC is not supported: "
                                            + exception.Message);
            }

            System.SecurityPublicKey publicKey = null;
            try {
                publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(
                                                          publicKeyDer.getImmutableArray()));
            } catch (InvalidKeySpecException exception_0) {
                // Don't expect this to happen.
                throw new SecurityException("X509EncodedKeySpec is not supported: "
                                            + exception_0.Message);
            }

            System.SecuritySignature ecSignature = null;
            try {
                ecSignature = System.SecuritySignature
                              .getInstance("SHA256withECDSA");
            } catch (Exception e) {
                // Don't expect this to happen.
                throw new SecurityException(
                          "SHA256withECDSA algorithm is not supported");
            }

            try {
                ecSignature.initVerify(publicKey);
            } catch (InvalidKeyException exception_1) {
                throw new SecurityException("InvalidKeyException: "
                                            + exception_1.Message);
            }
            try {
                ecSignature.update(signedBlob.signedBuf());
                return(ecSignature.verify(signature.getImmutableArray()));
            } catch (SignatureException exception_2) {
                throw new SecurityException("SignatureException: "
                                            + exception_2.Message);
            }
        }