bool
PolicyManager::verifySignature
(const Signature* signature, const SignedBlob& signedBlob,
const Blob& publicKeyDer)
{
if (dynamic_cast<const Sha256WithRsaSignature *>(signature)) {
if (publicKeyDer.isNull())
return false;
return verifySha256WithRsaSignature
(signature->getSignature(), signedBlob, publicKeyDer);
}
else if (dynamic_cast<const Sha256WithEcdsaSignature *>(signature)) {
if (publicKeyDer.isNull())
return false;
return verifySha256WithEcdsaSignature
(signature->getSignature(), signedBlob, publicKeyDer);
}
else if (dynamic_cast<const DigestSha256Signature *>(signature))
return verifyDigestSha256Signature(signature->getSignature(), signedBlob);
else
throw SecurityException("PolicyManager::verify: Signature type is unknown");
}
/**
* Verify that the DigestSha256 of the data equals the signature.
* @param signature The signature bytes.
* @param data The byte array to verify.
* @return True if the signature verifies, false if not.
*/
static bool
verifyDigestSha256Signature(const BlobLite& signature, const BlobLite& data)
{
return verifyDigestSha256Signature
(signature.buf(), signature.size(), data.buf(), data.size());
}
