Source code: org/lucane/common/signature/Verifier.java
1 /*
2 * Lucane - a collaborative platform
3 * Copyright (C) 2002 Vincent Fiack <vincent@lucane.org>
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19 package org.lucane.common.signature;
20
21 import java.io.*;
22 import java.security.*;
23
24
25 /**
26 * Verify signed documents or streams
27 */
28 public class Verifier implements Serializable
29 {
30 private PublicKey otherkey;
31
32 /**
33 * Constructor.
34 *
35 * @param key the public key used to verify the signature
36 */
37 public Verifier(String key)
38 throws SignatureException
39 {
40 this.otherkey = Base64.decodePublicKey(key);
41 }
42
43 /**
44 * Check a string signature
45 *
46 * @param obj the signed Object
47 * @param signature the signature to check
48 * @return true if the signature is valid, else otherwise
49 */
50 public boolean verify(Object obj, byte[] signature)
51 throws SignatureException
52 {
53 boolean isok = false;
54
55 try
56 {
57 Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
58 sig.initVerify(this.otherkey);
59
60 //fetch the object data
61 ByteArrayOutputStream baos = new ByteArrayOutputStream();
62 ObjectOutputStream oos = new ObjectOutputStream(baos);
63 oos.writeObject(obj);
64 oos.close();
65 byte[] data = baos.toByteArray();
66 baos.close();
67
68 sig.update(data);
69 isok = sig.verify(signature);
70 }
71 catch(java.security.SignatureException e)
72 {
73 isok = false;
74 }
75 catch(Exception e)
76 {
77 throw new SignatureException(e);
78 }
79
80 return isok;
81 }
82
83
84 /**
85 * Check a string signature
86 *
87 * @param str the signed string
88 * @param signature the signature to check
89 * @return true if the signature is valid, else otherwise
90 */
91 public boolean verify(String str, String signature)
92 throws SignatureException
93 {
94 boolean isok = false;
95
96 try
97 {
98 Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
99 sig.initVerify(this.otherkey);
100 sig.update(str.getBytes());
101 isok = sig.verify(Base64.decode(signature));
102 }
103 catch(java.security.SignatureException e)
104 {
105 isok = false;
106 }
107 catch(Exception e)
108 {
109 throw new SignatureException(e);
110 }
111
112 return isok;
113 }
114
115 /**
116 * Verify the signature of a stream
117 *
118 * @param is the signed InputStream
119 * @param signature the signature to verify
120 * @return true if the signature is valid, false otherwise
121 */
122 public boolean verify(InputStream is, String signature)
123 throws SignatureException
124 {
125 boolean isok = false;
126
127 try
128 {
129 Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
130 sig.initVerify(this.otherkey);
131
132 BufferedInputStream bufin = new BufferedInputStream(is);
133 byte[] buffer = new byte[1024];
134 int len;
135
136 while(bufin.available() != 0)
137 {
138 len = bufin.read(buffer);
139 sig.update(buffer, 0, len);
140 }
141
142 bufin.close();
143 isok = sig.verify(Base64.decode(signature));
144 }
145 catch(java.security.SignatureException e)
146 {
147 isok = false;
148 }
149 catch(Exception e)
150 {
151 throw new SignatureException(e);
152 }
153
154 return isok;
155 }
156 }