Class SignatureChecker


  • public class SignatureChecker
    extends Object
    Utility for validating signatures on a Simple Notification Service JSON message.
    • Constructor Detail

      • SignatureChecker

        public SignatureChecker()
    • Method Detail

      • verifyMessageSignature

        public boolean verifyMessageSignature​(String message,
                                              PublicKey publicKey)
        Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto and Jackson for parsing
        Parameters:
        message - A JSON-encoded Simple Notification Service message. Note: the JSON may be only one level deep.
        publicKey - The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.
        Returns:
        True if the message was correctly validated, otherwise false.
      • verifySignature

        public boolean verifySignature​(Map<String,​String> parsedMessage,
                                       PublicKey publicKey)
        Validates the signature on a Simple Notification Service message. No Amazon-specific dependencies, just plain Java crypto
        Parameters:
        parsedMessage - A map of Simple Notification Service message.
        publicKey - The Simple Notification Service public key, exactly as you'd see it when retrieved from the cert.
        Returns:
        True if the message was correctly validated, otherwise false.
      • verifySignature

        public boolean verifySignature​(String message,
                                       String signature,
                                       PublicKey publicKey)
        Does the actual Java cryptographic verification of the signature. This method does no handling of the many rare exceptions it is required to catch. This can also be used to verify the signature from the x-amz-sns-signature http header
        Parameters:
        message - Exact string that was signed. In the case of the x-amz-sns-signature header the signing string is the entire post body
        signature - Base64-encoded signature of the message
        Returns: