001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jose; 019 020 021import com.nimbusds.jose.util.Base64URL; 022 023 024/** 025 * JSON Web Signature (JWS) verifier. 026 * 027 * @author Vladimir Dzhuvinov 028 * @version 2015-04-21 029 */ 030public interface JWSVerifier extends JWSProvider { 031 032 033 /** 034 * Verifies the specified {@link JWSObject#getSignature signature} of a 035 * {@link JWSObject JWS object}. 036 * 037 * @param header The JSON Web Signature (JWS) header. Must 038 * specify a supported JWS algorithm and must not 039 * be {@code null}. 040 * @param signingInput The signing input. Must not be {@code null}. 041 * @param signature The signature part of the JWS object. Must not 042 * be {@code null}. 043 * 044 * @return {@code true} if the signature was successfully verified, 045 * {@code false} if the signature is invalid or if a critical 046 * header is neither supported nor marked for deferral to the 047 * application. 048 * 049 * @throws JOSEException If the JWS algorithm is not supported, or if 050 * signature verification failed for some other 051 * internal reason. 052 */ 053 boolean verify(final JWSHeader header, final byte[] signingInput, final Base64URL signature) 054 throws JOSEException; 055}