Package com.amazonaws.services.sns.util
Class SignatureChecker
- java.lang.Object
-
- com.amazonaws.services.sns.util.SignatureChecker
-
public class SignatureChecker extends Object
Utility for validating signatures on a Simple Notification Service JSON message.
-
-
Constructor Summary
Constructors Constructor Description SignatureChecker()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected String
stringToSign(SortedMap<String,String> signables)
boolean
verifyMessageSignature(String message, PublicKey publicKey)
Validates the signature on a Simple Notification Service message.boolean
verifySignature(String message, String signature, PublicKey publicKey)
Does the actual Java cryptographic verification of the signature.boolean
verifySignature(Map<String,String> parsedMessage, PublicKey publicKey)
Validates the signature on a Simple Notification Service message.
-
-
-
Method Detail
-
verifyMessageSignature
public boolean verifyMessageSignature(String message, PublicKey publicKey)
Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto and Jackson for parsing- Parameters:
message
- A JSON-encoded Simple Notification Service message. Note: the JSON may be only one level deep.publicKey
- The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.- Returns:
- True if the message was correctly validated, otherwise false.
-
verifySignature
public boolean verifySignature(Map<String,String> parsedMessage, PublicKey publicKey)
Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto- Parameters:
parsedMessage
- A map of Simple Notification Service message.publicKey
- The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.- Returns:
- True if the message was correctly validated, otherwise false.
-
verifySignature
public boolean verifySignature(String message, String signature, PublicKey publicKey)
Does the actual Java cryptographic verification of the signature. This method does no handling of the many rare exceptions it is required to catch. This can also be used to verify the signature from the x-amz-sns-signature http header- Parameters:
message
- Exact string that was signed. In the case of the x-amz-sns-signature header the signing string is the entire post bodysignature
- Base64-encoded signature of the message- Returns:
-
-