public static X509Certificate verify()

in google-http-client/src/main/java/com/google/api/client/util/SecurityUtils.java [179:213]

• 35 lines of code
• 7 McCabe index (conditional complexity)

  public static X509Certificate verify(Signature signatureAlgorithm, X509TrustManager trustManager,
      List<String> certChainBase64, byte[] signatureBytes, byte[] contentBytes)
      throws InvalidKeyException, SignatureException {
    CertificateFactory certificateFactory;
    try {
      certificateFactory = getX509CertificateFactory();
    } catch (CertificateException e) {
      return null;
    }
    X509Certificate[] certificates = new X509Certificate[certChainBase64.size()];
    int currentCert = 0;
    for (String certBase64 : certChainBase64) {
      byte[] certDer = Base64.decodeBase64(certBase64);
      ByteArrayInputStream bis = new ByteArrayInputStream(certDer);
      try {
        Certificate cert = certificateFactory.generateCertificate(bis);
        if (!(cert instanceof X509Certificate)) {
          return null;
        }
        certificates[currentCert++] = (X509Certificate) cert;
      } catch (CertificateException e) {
        return null;
      }
    }
    try {
      trustManager.checkServerTrusted(certificates, "RSA");
    } catch (CertificateException e) {
      return null;
    }
    PublicKey pubKey = certificates[0].getPublicKey();
    if (verify(signatureAlgorithm, pubKey, signatureBytes, contentBytes)) {
      return certificates[0];
    }
    return null;
  }