net.robotmedia.billing.security.DefaultSignatureValidator Maven / Gradle / Ivy
/*
* Copyright 2013 serso aka se.solovyev
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Contact details
*
* Email: [email protected]
* Site: http://se.solovyev.org
*/
package net.robotmedia.billing.security;
import android.text.TextUtils;
import android.util.Log;
import net.robotmedia.billing.BillingController;
import net.robotmedia.billing.utils.Base64;
import net.robotmedia.billing.utils.Base64DecoderException;
import java.security.*;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
public class DefaultSignatureValidator implements ISignatureValidator {
protected static final String KEY_FACTORY_ALGORITHM = "RSA";
protected static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
/**
* Generates a PublicKey instance from a string containing the
* Base64-encoded public key.
*
* @param encodedPublicKey Base64-encoded public key
* @throws IllegalArgumentException if encodedPublicKey is invalid
*/
protected PublicKey generatePublicKey(String encodedPublicKey) {
try {
byte[] decodedKey = Base64.decode(encodedPublicKey);
KeyFactory keyFactory = KeyFactory.getInstance(KEY_FACTORY_ALGORITHM);
return keyFactory.generatePublic(new X509EncodedKeySpec(decodedKey));
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
} catch (InvalidKeySpecException e) {
Log.e(BillingController.LOG_TAG, "Invalid key specification.");
throw new IllegalArgumentException(e);
} catch (Base64DecoderException e) {
Log.e(BillingController.LOG_TAG, "Base64 decoding failed.");
throw new IllegalArgumentException(e);
}
}
private BillingController.IConfiguration configuration;
public DefaultSignatureValidator(BillingController.IConfiguration configuration) {
this.configuration = configuration;
}
protected boolean validate(PublicKey publicKey, String signedData, String signature) {
Signature sig;
try {
sig = Signature.getInstance(SIGNATURE_ALGORITHM);
sig.initVerify(publicKey);
sig.update(signedData.getBytes());
if (!sig.verify(Base64.decode(signature))) {
Log.e(BillingController.LOG_TAG, "Signature verification failed.");
return false;
}
return true;
} catch (NoSuchAlgorithmException e) {
Log.e(BillingController.LOG_TAG, "NoSuchAlgorithmException");
} catch (InvalidKeyException e) {
Log.e(BillingController.LOG_TAG, "Invalid key specification");
} catch (SignatureException e) {
Log.e(BillingController.LOG_TAG, "Signature exception");
} catch (Base64DecoderException e) {
Log.e(BillingController.LOG_TAG, "Base64 decoding failed");
}
return false;
}
@Override
public boolean validate(String signedData, String signature) {
final String publicKey;
if (configuration == null || TextUtils.isEmpty(publicKey = configuration.getPublicKey())) {
Log.w(BillingController.LOG_TAG, "Please set the public key or turn on debug mode");
return false;
}
if (signedData == null) {
Log.e(BillingController.LOG_TAG, "Data is null");
return false;
}
PublicKey key = generatePublicKey(publicKey);
return validate(key, signedData, signature);
}
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy