/** * Check the digital signature. As very large documents can be signed, we represent them as * streams. The document can be way too large to load the whole into memory, so implementations * should calculate the signature by reading portions of it from the stream. * <p> * The method must not throw exception if the signature is bad. e.g. improper, has wrong * structure and so on. Instead, it must return false. * * @param input source data * @param signature signature to check * * @return true if the signature is valid, false if not. * @throws IOException failed to read the input stream (including empty stream, EOF at start) */ public boolean checkSignature(InputStream input, byte[] signature, HashType hashType) throws IOException, IllegalStateException { return checkSignature(input, signature, hashType, MAX_SALT_LENGTH); }
/** * @param data to check the signature against. * @param signature signature to check * @return true if the signature is correct. */ public boolean checkSignature(String data, byte[] signature, HashType hashType) { return checkSignature(data.getBytes(), signature, hashType); }
/** * @param input to check the signature against. * @param signature signature to check * @param hashType type of the hash function used to create the signature * @return true if the signature is correct. */ public boolean checkSignature(byte[] input, byte[] signature, HashType hashType) { try { return checkSignature(new ByteArrayInputStream(input), signature, hashType, MAX_SALT_LENGTH); } catch (IOException e) { return false; } }
/** * @param input to check the signature against. * @param signature signature to check * @param hashType type of the hash function used to create the signature * @return true if the signature is correct. */ public boolean checkSignature(byte[] input, byte[] signature, HashType hashType, int saltLength) { try { return checkSignature(new ByteArrayInputStream(input), signature, hashType, saltLength); } catch (IOException e) { return false; } }
/** * Test {@link RSAOAEPPublicKey#checkSignature}. */ @Test public void checkSignature() throws Exception { // Test sample RSA vectors. AbstractPublicKey rsaPublicKey = pssSpec.getPublicKey(); AbstractPrivateKey rsaPrivateKey = pssSpec.getPrivateKey(); assertArrayEquals( rsaPrivateKey.sign(pssSpec.M, HashType.SHA1, RSASSAPSSTestVectors.salt), pssSpec.S); assertTrue(rsaPublicKey.checkSignature( pssSpec.M, rsaPrivateKey.sign(pssSpec.M, HashType.SHA1, RSASSAPSSTestVectors.salt), HashType.SHA1, RSASSAPSSTestVectors.salt.length)); }
assertFalse(publicKey.checkSignature(message, signature, HashType.SHA1)); assertTrue(publicKey.checkSignature(message, signature, HashType.SHA1, 20)); message[0]++; assertFalse(publicKey.checkSignature(message, signature, HashType.SHA1, 20));