public void verify(Map headers, byte[] body, PublicKey key) throws SignatureException
{
String algorithm = getAlgorithm();
if (algorithm == null || !SigningAlgorithm.SHA256withRSA.getRfcNotation().toLowerCase().equals(algorithm.toLowerCase()))
{
throw new SignatureException("Unsupported algorithm " + algorithm);
}
Signature verifier = null;
try
{
verifier = Signature.getInstance(SigningAlgorithm.SHA256withRSA.getJavaSecNotation());
verifier.initVerify(key);
}
catch (Exception e)
{
throw new SignatureException(e);
}
String encodedBh = attributes.get("bh");
if (encodedBh == null)
{
throw new SignatureException("There was no body hash (bh) in header");
}
byte[] bh = hash(body, SigningAlgorithm.SHA256withRSA.getJavaHashNotation());
byte[] enclosedBh = null;
try
{
enclosedBh = Base64.decode(encodedBh);
}
catch (IOException e)
{
throw new SignatureException("Failed to parse body hash (bh)", e);
}
if (Arrays.equals(bh, enclosedBh) == false)
{
throw new SignatureException("Body hashes do not match.");
}
updateSignatureWithHeader(headers, verifier);
ParameterParser parser = new ParameterParser();
String strippedHeader = parser.setAttribute(headerValue.toCharArray(), 0, headerValue.length(), ';', "b", "");
verifier.update(strippedHeader.getBytes());
if (verifier.verify(getSignature()) == false)
{
throw new SignatureException("Failed to verify signature.");
}
}