private static boolean isLicenseServerStampValid()

in src/main/java/com/company/license/CheckLicense.java [195:228]

• 25 lines of code
• 5 McCabe index (conditional complexity)

  private static boolean isLicenseServerStampValid(String serverStamp) {
    try {
      final String[] parts = serverStamp.split(":");
      final Base64.Decoder base64 = Base64.getMimeDecoder();

      final String expectedMachineId = parts[0];
      final long timeStamp = Long.parseLong(parts[1]);
      final String machineId = parts[2];
      final String signatureType = parts[3];
      final byte[] signatureBytes = base64.decode(parts[4].getBytes(StandardCharsets.UTF_8));
      final byte[] certBytes = base64.decode(parts[5].getBytes(StandardCharsets.UTF_8));
      final Collection<byte[]> intermediate = new ArrayList<>();
      for (int idx = 6; idx < parts.length; idx++) {
        intermediate.add(base64.decode(parts[idx].getBytes(StandardCharsets.UTF_8)));
      }

      final Signature sig = Signature.getInstance(signatureType);

      // the last parameter of 'createCertificate()' set to 'true' causes the certificate to be checked for
      // expiration. Expired certificates from a license server cannot be trusted
      sig.initVerify(createCertificate(certBytes, intermediate, true));

      sig.update((timeStamp + ":" + machineId).getBytes(StandardCharsets.UTF_8));
      if (sig.verify(signatureBytes)) {
        // machineId must match the machineId from the server reply and
        // server reply should be relatively 'fresh'
        return expectedMachineId.equals(machineId) && Math.abs(System.currentTimeMillis() - timeStamp) < TIMESTAMP_VALIDITY_PERIOD_MS;
      }
    }
    catch (Throwable ignored) {
      // consider serverStamp invalid
    }
    return false;
  }