diff options
Diffstat (limited to 'security/AsymmetricFingerprintDialog/Application/src/main/java/com/example/android/asymmetricfingerprintdialog/server/StoreBackendImpl.java')
| -rw-r--r-- | security/AsymmetricFingerprintDialog/Application/src/main/java/com/example/android/asymmetricfingerprintdialog/server/StoreBackendImpl.java | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/security/AsymmetricFingerprintDialog/Application/src/main/java/com/example/android/asymmetricfingerprintdialog/server/StoreBackendImpl.java b/security/AsymmetricFingerprintDialog/Application/src/main/java/com/example/android/asymmetricfingerprintdialog/server/StoreBackendImpl.java new file mode 100644 index 00000000..8bf48d89 --- /dev/null +++ b/security/AsymmetricFingerprintDialog/Application/src/main/java/com/example/android/asymmetricfingerprintdialog/server/StoreBackendImpl.java @@ -0,0 +1,69 @@ +/* + * Copyright (C) 2015 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +package com.example.android.asymmetricfingerprintdialog.server; + + +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.PublicKey; +import java.security.Signature; +import java.security.SignatureException; +import java.util.HashMap; +import java.util.Map; + +/** + * A fake backend implementation of {@link StoreBackend}. + */ +public class StoreBackendImpl implements StoreBackend { + + private final Map<String, PublicKey> mPublicKeys = new HashMap<>(); + + @Override + public boolean verify(Transaction transaction, byte[] transactionSignature) { + try { + PublicKey publicKey = mPublicKeys.get(transaction.getUserId()); + Signature verificationFunction = Signature.getInstance("SHA256withECDSA"); + verificationFunction.initVerify(publicKey); + verificationFunction.update(transaction.toByteArray()); + if (verificationFunction.verify(transactionSignature)) { + // Transaction is verified with the public key associated with the user + // Do some post purchase processing in the server + return true; + } + } catch (NoSuchAlgorithmException | InvalidKeyException | SignatureException e) { + // In a real world, better to send some error message to the user + } + return false; + } + + @Override + public boolean verify(Transaction transaction, String password) { + // As this is just a sample, we always assume that the password is right. + return true; + } + + @Override + public boolean enroll(String userId, String password, PublicKey publicKey) { + if (publicKey != null) { + mPublicKeys.put(userId, publicKey); + } + // We just ignore the provided password here, but in real life, it is registered to the + // backend. + return true; + } + +} |