本文整理匯總了Java中org.kuali.rice.ksb.security.SignatureVerifyingInputStream類的典型用法代碼示例。如果您正苦於以下問題:Java SignatureVerifyingInputStream類的具體用法?Java SignatureVerifyingInputStream怎麽用?Java SignatureVerifyingInputStream使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
SignatureVerifyingInputStream類屬於org.kuali.rice.ksb.security包,在下文中一共展示了SignatureVerifyingInputStream類的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: getResponseBody
import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //導入依賴的package包/類
/**
* Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
* data has been read.
*/
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, HttpResponse postMethod) throws IOException {
if (isSecure()) {
// extract and validate the headers
Header digitalSignatureHeader = postMethod.getFirstHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
Header keyStoreAliasHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
Header certificateHeader = postMethod.getFirstHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);
if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
throw new RuntimeException("A digital signature header was required on the response but none was found.");
}
boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));
if (!foundValidCertificate && !foundValidKeystoreAlias) {
throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
}
// decode the digital signature from the header into binary
byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
String errorQualifier = "General Security Error";
try {
Signature signature = null;
if (foundValidCertificate) {
errorQualifier = "Error with given certificate";
// get the Signature for verification based on the alias that was sent to us
byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
} else if (foundValidKeystoreAlias) {
// get the Signature for verification based on the alias that was sent to us
String keystoreAlias = keyStoreAliasHeader.getValue();
errorQualifier = "Error with given alias " + keystoreAlias;
signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
}
// wrap the InputStream in an input stream that will verify the signature
return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
} catch (GeneralSecurityException e) {
throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
}
}
return super.getResponseBody(config, postMethod);
}
示例2: getResponseBody
import org.kuali.rice.ksb.security.SignatureVerifyingInputStream; //導入依賴的package包/類
/**
* Returns a wrapped InputStream which is responsible for verifying the digital signature on the response after all
* data has been read.
*/
@Override
protected InputStream getResponseBody(HttpInvokerClientConfiguration config, PostMethod postMethod) throws IOException {
if (isSecure()) {
// extract and validate the headers
Header digitalSignatureHeader = postMethod.getResponseHeader(KSBConstants.DIGITAL_SIGNATURE_HEADER);
Header keyStoreAliasHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_ALIAS_HEADER);
Header certificateHeader = postMethod.getResponseHeader(KSBConstants.KEYSTORE_CERTIFICATE_HEADER);
if (digitalSignatureHeader == null || StringUtils.isEmpty(digitalSignatureHeader.getValue())) {
throw new RuntimeException("A digital signature header was required on the response but none was found.");
}
boolean foundValidKeystoreAlias = (keyStoreAliasHeader != null && StringUtils.isNotBlank(keyStoreAliasHeader.getValue()));
boolean foundValidCertificate = (certificateHeader != null && StringUtils.isNotBlank(certificateHeader.getValue()));
if (!foundValidCertificate && !foundValidKeystoreAlias) {
throw new RuntimeException("Either a key store alias header or a certificate header was required on the response but neither were found.");
}
// decode the digital signature from the header into binary
byte[] digitalSignature = Base64.decodeBase64(digitalSignatureHeader.getValue().getBytes("UTF-8"));
String errorQualifier = "General Security Error";
try {
Signature signature = null;
if (foundValidCertificate) {
errorQualifier = "Error with given certificate";
// get the Signature for verification based on the alias that was sent to us
byte[] encodedCertificate = Base64.decodeBase64(certificateHeader.getValue().getBytes("UTF-8"));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
signature = getDigitalSignatureService().getSignatureForVerification(cf.generateCertificate(new ByteArrayInputStream(encodedCertificate)));
} else if (foundValidKeystoreAlias) {
// get the Signature for verification based on the alias that was sent to us
String keystoreAlias = keyStoreAliasHeader.getValue();
errorQualifier = "Error with given alias " + keystoreAlias;
signature = getDigitalSignatureService().getSignatureForVerification(keystoreAlias);
}
// wrap the InputStream in an input stream that will verify the signature
return new SignatureVerifyingInputStream(digitalSignature, signature, super.getResponseBody(config, postMethod));
} catch (GeneralSecurityException e) {
throw new RuntimeException("Problem verifying signature: " + errorQualifier,e);
}
}
return super.getResponseBody(config, postMethod);
}