本文整理汇总了Java中org.kuali.rice.ksb.security.SignatureVerifyingInputStream类的典型用法代码示例。如果您正苦于以下问题:Java SignatureVerifyingInputStream类的具体用法?Java SignatureVerifyingInputStream怎么用?Java SignatureVerifyingInputStream使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SignatureVerifyingInputStream类属于org.kuali.rice.ksb.security包,在下文中一共展示了SignatureVerifyingInputStream类的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getResponseBody
import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //导入依赖的package包/类
/**
* Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
* data has been read.
*/
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, HttpResponse postMethod) throws IOException {
if (isSecure()) {
// extract and validate the headers
Header digitalSignatureHeader = postMethod.getFirstHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
Header keyStoreAliasHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
Header certificateHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);
if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
throw new RuntimeException("A digital signature header was required on the response but none was found.");
}
boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));
if (!foundValidCertificate && !foundValidKeystoreAlias) {
throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
}
// decode the digital signature from the header into binary
byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
String errorQualifier = "General Security Error";
try {
Signature signature = null;
if (foundValidCertificate) {
errorQualifier = "Error with given certificate";
// get the Signature for verification based on the alias that was sent to us
byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
} else if (foundValidKeystoreAlias) {
// get the Signature for verification based on the alias that was sent to us
String keystoreAlias = keyStoreAliasHeader.getValue();
errorQualifier = "Error with given alias " + keystoreAlias;
signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
}
// wrap the InputStream in an input stream that will verify the signature
return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
} catch (GeneralSecurityException e) {
throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
}
}
return super.getResponseBody(config, postMethod);
}
示例2: getResponseBody
import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //导入依赖的package包/类
/**
* Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
* data has been read.
*/
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, PostMethod postMethod) throws IOException {
if (isSecure()) {
// extract and validate the headers
Header digitalSignatureHeader = postMethod.getResponseHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
Header keyStoreAliasHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
Header certificateHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);
if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
throw new RuntimeException("A digital signature header was required on the response but none was found.");
}
boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));
if (!foundValidCertificate && !foundValidKeystoreAlias) {
throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
}
// decode the digital signature from the header into binary
byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
String errorQualifier = "General Security Error";
try {
Signature signature = null;
if (foundValidCertificate) {
errorQualifier = "Error with given certificate";
// get the Signature for verification based on the alias that was sent to us
byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
} else if (foundValidKeystoreAlias) {
// get the Signature for verification based on the alias that was sent to us
String keystoreAlias = keyStoreAliasHeader.getValue();
errorQualifier = "Error with given alias " + keystoreAlias;
signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
}
// wrap the InputStream in an input stream that will verify the signature
return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
} catch (GeneralSecurityException e) {
throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
}
}
return super.getResponseBody(config, postMethod);
}