com.amazonaws.services.sns.util

Class SignatureChecker

java.lang.Object

com.amazonaws.services.sns.util.SignatureChecker

public class SignatureChecker
extends java.lang.Object

Utility for validating signatures on a Simple Notification Service JSON message.

Constructor Summary

Constructors

Constructor and Description
SignatureChecker()

Method Summary

Modifier and Type	Method and Description
boolean	verifyMessageSignature(java.lang.String message, java.security.PublicKey publicKey) Validates the signature on a Simple Notification Service message.
boolean	verifySignature(java.util.Map<java.lang.String,java.lang.String> parsedMessage, java.security.PublicKey publicKey) Validates the signature on a Simple Notification Service message.
boolean	verifySignature(java.lang.String message, java.lang.String signature, java.security.PublicKey publicKey) Does the actual Java cryptographic verification of the signature.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SignatureChecker

public SignatureChecker()

Method Detail

verifyMessageSignature

public boolean verifyMessageSignature(java.lang.String message,
                                      java.security.PublicKey publicKey)

Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto and AwsJsonReader for parsing

Parameters:

message - A JSON-encoded Simple Notification Service message. Note: the JSON may be only one level deep.

publicKey - The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.

Returns:

True if the message was correctly validated, otherwise false.

verifySignature

public boolean verifySignature(java.util.Map<java.lang.String,java.lang.String> parsedMessage,
                               java.security.PublicKey publicKey)

Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto

Parameters:

parsedMessage - A map of Simple Notification Service message.

publicKey - The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.

Returns:

True if the message was correctly validated, otherwise false.

verifySignature

public boolean verifySignature(java.lang.String message,
                               java.lang.String signature,
                               java.security.PublicKey publicKey)

Does the actual Java cryptographic verification of the signature. This method does no handling of the many rare exceptions it is required to catch. This can also be used to verify the signature from the x-amz-sns-signature http header

Parameters:

message - Exact string that was signed. In the case of the x-amz-sns-signature header the signing string is the entire post body

signature - Base64-encoded signature of the message

Returns: