当前位置: 首页>>代码示例>>Java>>正文


Java SignatureVerifyingInputStream类代码示例

本文整理汇总了Java中org.kuali.rice.ksb.security.SignatureVerifyingInputStream的典型用法代码示例。如果您正苦于以下问题:Java SignatureVerifyingInputStream类的具体用法?Java SignatureVerifyingInputStream怎么用?Java SignatureVerifyingInputStream使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


SignatureVerifyingInputStream类属于org.kuali.rice.ksb.security包,在下文中一共展示了SignatureVerifyingInputStream类的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getResponseBody

import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //导入依赖的package包/类
/**
 * Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
 * data has been read.
 */
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, HttpResponse postMethod) throws IOException {
    if (isSecure()) {
        // extract and validate the headers
        Header digitalSignatureHeader = postMethod.getFirstHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
        Header keyStoreAliasHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
        Header certificateHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);

        if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
            throw new RuntimeException("A digital signature header was required on the response but none was found.");
        }

        boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
        boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));

        if (!foundValidCertificate && !foundValidKeystoreAlias) {
            throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
        }

        // decode the digital signature from the header into binary
        byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
        String errorQualifier = "General Security Error";

        try {
            Signature signature = null;

            if (foundValidCertificate) {
                errorQualifier = "Error with given certificate";
                // get the Signature for verification based on the alias that was sent to us
                byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
                CertificateFactory cf = CertificateFactory.getInstance("X.509");
                signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
            } else if (foundValidKeystoreAlias) {
                // get the Signature for verification based on the alias that was sent to us
                String keystoreAlias = keyStoreAliasHeader.getValue();
                errorQualifier = "Error with given alias " + keystoreAlias;
                signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
            }

            // wrap the InputStream in an input stream that will verify the signature
            return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
        } catch (GeneralSecurityException e) {
            throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
        }
    }

    return super.getResponseBody(config, postMethod);
}
 
开发者ID:kuali,项目名称:kc-rice,代码行数:53,代码来源:KSBHttpInvokerRequestExecutor.java

示例2: getResponseBody

import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //导入依赖的package包/类
/**
 * Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
 * data has been read.
 */
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, PostMethod postMethod) throws IOException {
	if (isSecure()) {
		// extract and validate the headers
		Header digitalSignatureHeader = postMethod.getResponseHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
		Header keyStoreAliasHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
		Header certificateHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);
		if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
			throw new RuntimeException("A digital signature header was required on the response but none was found.");
		}
		boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
		boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));
		if (!foundValidCertificate && !foundValidKeystoreAlias) {
               throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
		}
		// decode the digital signature from the header into binary
		byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
		String errorQualifier = "General Security Error";
		try {
		    Signature signature = null;
		    if (foundValidCertificate) {
                   errorQualifier = "Error with given certificate";
                // get the Signature for verification based on the alias that was sent to us
		        byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
	            CertificateFactory cf = CertificateFactory.getInstance("X.509");
                signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
		    } else if (foundValidKeystoreAlias) {
                // get the Signature for verification based on the alias that was sent to us
		        String keystoreAlias = keyStoreAliasHeader.getValue();
		        errorQualifier = "Error with given alias " + keystoreAlias;
                signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
		    }
		    
			// wrap the InputStream in an input stream that will verify the signature
			return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
		} catch (GeneralSecurityException e) {
			throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
		}
	}
	return super.getResponseBody(config, postMethod);
}
 
开发者ID:aapotts,项目名称:kuali_rice,代码行数:46,代码来源:KSBHttpInvokerRequestExecutor.java


注:本文中的org.kuali.rice.ksb.security.SignatureVerifyingInputStream类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。