/// <summary>
/// Verify the buffer against the signature using the public key.
/// </summary>
///
/// <param name="buffer">The input buffer to verify.</param>
/// <param name="signature">The signature bytes.</param>
/// <param name="publicKey">The object containing the public key.</param>
/// <param name="digestAlgorithm">The digest algorithm.</param>
/// <returns>True if verification succeeds, false if verification fails.</returns>
/// <exception cref="System.ArgumentException">for an invalid public key type ordigestAlgorithm.</exception>
public static bool verifySignature(ByteBuffer buffer, byte[] signature,
PublicKey publicKey, DigestAlgorithm digestAlgorithm)
{
if (digestAlgorithm == net.named_data.jndn.security.DigestAlgorithm.SHA256)
{
if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.RSA)
{
try {
KeyFactory keyFactory = System.KeyFactory.getInstance("RSA");
System.SecurityPublicKey securityPublicKey = keyFactory
.generatePublic(new X509EncodedKeySpec(publicKey
.getKeyDer().getImmutableArray()));
System.SecuritySignature rsaSignature = System.SecuritySignature
.getInstance("SHA256withRSA");
rsaSignature.initVerify(securityPublicKey);
rsaSignature.update(buffer);
return(rsaSignature.verify(signature));
} catch (Exception ex) {
return(false);
}
}
else if (publicKey.getKeyType() == net.named_data.jndn.security.KeyType.EC)
{
try {
KeyFactory keyFactory_0 = System.KeyFactory.getInstance("EC");
System.SecurityPublicKey securityPublicKey_1 = keyFactory_0
.generatePublic(new X509EncodedKeySpec(publicKey
.getKeyDer().getImmutableArray()));
System.SecuritySignature ecdsaSignature = System.SecuritySignature
.getInstance("SHA256withECDSA");
ecdsaSignature.initVerify(securityPublicKey_1);
ecdsaSignature.update(buffer);
return(ecdsaSignature.verify(signature));
} catch (Exception ex_2) {
return(false);
}
}
else
{
throw new ArgumentException(
"verifySignature: Invalid key type");
}
}
else
{
throw new ArgumentException(
"verifySignature: Invalid digest algorithm");
}
}
/// <summary>
/// Verify the ECDSA signature on the SignedBlob using the given public key.
/// </summary>
///
/// <param name="signature">The signature bits.</param>
/// <param name="signedBlob">the SignedBlob with the signed portion to verify.</param>
/// <param name="publicKeyDer">The DER-encoded public key used to verify the signature.</param>
/// <returns>true if the signature verifies, false if not.</returns>
protected static internal bool verifySha256WithEcdsaSignature(Blob signature,
SignedBlob signedBlob, Blob publicKeyDer)
{
KeyFactory keyFactory = null;
try {
keyFactory = System.KeyFactory.getInstance("EC");
} catch (Exception exception) {
// Don't expect this to happen.
throw new SecurityException("EC is not supported: "
+ exception.Message);
}
System.SecurityPublicKey publicKey = null;
try {
publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(
publicKeyDer.getImmutableArray()));
} catch (InvalidKeySpecException exception_0) {
// Don't expect this to happen.
throw new SecurityException("X509EncodedKeySpec is not supported: "
+ exception_0.Message);
}
System.SecuritySignature ecSignature = null;
try {
ecSignature = System.SecuritySignature
.getInstance("SHA256withECDSA");
} catch (Exception e) {
// Don't expect this to happen.
throw new SecurityException(
"SHA256withECDSA algorithm is not supported");
}
try {
ecSignature.initVerify(publicKey);
} catch (InvalidKeyException exception_1) {
throw new SecurityException("InvalidKeyException: "
+ exception_1.Message);
}
try {
ecSignature.update(signedBlob.signedBuf());
return(ecSignature.verify(signature.getImmutableArray()));
} catch (SignatureException exception_2) {
throw new SecurityException("SignatureException: "
+ exception_2.Message);
}
}