private boolean verifySignature(
Principal principal,
byte[] dataToSign,
String signature,
ContainerRequestContext requestContext) {
try {
final byte[] signatureData = StringUtils.base64Decode(signature);
if (logger.isDebugEnabled()) {
logger.debug(
"Verifying REST request - principal: "
+ principal
+ " data: "
+ fingerprint(dataToSign)
+ " signature: "
+ fingerprint(signatureData));
}
SignatureVerificationKey key = findVerificationKey(principal);
if (key == null) {
return false;
}
try {
cryptoEngine.verifySignature(key, digestAlgorithm, dataToSign, signatureData);
return true;
} catch (InvalidKeyException e) {
logServerError(
"Invalid key found while verifying signature: " + e.getMessage(), e, requestContext);
throw new WebApplicationException(INTERNAL_SERVER_ERROR);
} catch (SignatureException e) {
return false;
}
} catch (BackendAccessException e) {
logServerError("Unexpected BackendAccessException: " + e.getMessage(), e, requestContext);
throw new WebApplicationException(INTERNAL_SERVER_ERROR);
}
}
