I am writing an SNS http end point using Spring AWS cloud. I cannot see anything regarding verifying the message signature in the doc. How Can I do this ?
2
votes
1 Answers
1
votes
This is very old question, but maybe somebody have problem with it.
Methodology is quite simple. U need to create InputStream from SignatureUrl and generate certificate based on this InputStream
InputStream inStream = url.openStream();
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) cf.generateCertificate(inStream);
inStream.close();
Next You need to use Signature. Get instance of SHA1withRSA, get Your public key from cert that is generated by You and update Signature with data from Your message
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(cert.getPublicKey());
sig.update(getMessageBytesToSign(msg));
return sig.verify(Base64.decodeBase64(msg.getSignature()));
You can find full example on AmazonDoc
When You create this methods just use it as static utils for Your service which recive messages from SNS eg.
VerifySNS.isMessageSignatureValid(msg);
msg attribute is SNSTopic message.
