/**
* Verify the signature value computed over the supplied input against the supplied signature
* value.
*
* <p>It is up to the caller to ensure that the specified algorithm ID and isMAC flag are
* consistent with the type of verification credential supplied.
*
* @param verificationCredential the credential containing the verification key
* @param jcaAlgorithmID the Java JCA algorithm ID to use
* @param isMAC flag indicating whether the operation to be performed is a signature or MAC
* computation
* @param signature the computed signature value received from the signer
* @param input the input over which the signature is computed and verified
* @return true if the signature value computed over the input using the supplied key and
* algorithm ID is identical to the supplied signature value
* @throws SecurityException thrown if the signature computation or verification process results
* in an error
*/
public static boolean verify(
Credential verificationCredential,
String jcaAlgorithmID,
boolean isMAC,
byte[] signature,
byte[] input)
throws SecurityException {
Key verificationKey = SecurityHelper.extractVerificationKey(verificationCredential);
if (verificationKey == null) {
log.error(
"No verification key supplied in verification credential for signature verification");
throw new SecurityException("No verification key supplied in verification credential");
}
if (isMAC) {
return verifyMAC(verificationKey, jcaAlgorithmID, signature, input);
} else if (verificationKey instanceof PublicKey) {
return verify((PublicKey) verificationKey, jcaAlgorithmID, signature, input);
} else {
log.error("No PublicKey present in verification credential for signature verification");
throw new SecurityException("No PublicKey supplied for signature verification");
}
}
