我正在写和sns http终点。我必须使用SignatureChecker的verifyMessageSignature方法验证SNS消息。如何从消息中获取publicKey属性。是否有它的util方法。请帮忙。
答案 0 :(得分:1)
来自亚马逊的SNS消息包含字段SigningCertURL。将此位置的字节读取为字符串cert,然后从中创建公钥:
/**
* Build a PublicKey object from a cert
*
* @param cert the cert body
* @return a public key
*/
private PublicKey makePublicKey(String cert) {
try {
CertificateFactory fact = CertificateFactory.getInstance("X.509");
InputStream stream = new ByteArrayInputStream(cert.getBytes(StandardCharsets.UTF_8));
X509Certificate cer = (X509Certificate) fact.generateCertificate(stream);
return cer.getPublicKey();
} catch (Exception e) {
LOGGER.error("Failed to make a public key from Amazon cert", e);
return null;
}
}
然后你可以用它作为第二个参数调用signatureChecker.verifySignature。