Coverage Report

Coverage Report - org.kuali.rice.ksb.security.SignatureVerifyingInputStream

Classes in this File

Line Coverage

Branch Coverage

Complexity

SignatureVerifyingInputStream

0/19

0/4

2.667

 /**
  * Copyright 2005-2011 The Kuali Foundation
  *
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  * http://www.opensource.org/licenses/ecl2.php
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.ksb.security;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.GeneralSecurityException;
 import java.security.Signature;
 
 import javax.servlet.ServletInputStream;
 
 /**
  * An InputStream which decorates another InputStream with a wrapper that verifies the digital signature
  * of the data after the last piece of data is read.  The digital signature to verify against is
  * passed into the constructor of this stream.
  * 
  * @author Kuali Rice Team (rice.collab@kuali.org)
  */
 public class SignatureVerifyingInputStream extends ServletInputStream {
 
         private byte[] digitalSignature;
         private Signature signature;
         private InputStream wrappedInputStream;
         
         public SignatureVerifyingInputStream(byte[] digitalSignature, Signature signature, InputStream wrappedInputStream) {
                 this.digitalSignature = digitalSignature;
                 this.signature = signature;
                 this.wrappedInputStream = wrappedInputStream;
         }
 
         @Override
         public synchronized int read() throws IOException {
                 int data = this.wrappedInputStream.read();
                 try {
                         if (data == -1) {
                                 verifySignature();
                         } else {
                             this.signature.update((byte)data);
                         }
                 } catch (GeneralSecurityException e) {
                         IOException exception = new IOException("Error processing digital signature.");
                         exception.initCause(e);
                         throw exception;
                 }
                 return data;
         }
         
         protected void verifySignature() throws IOException, GeneralSecurityException {
                 boolean verifies = this.signature.verify(this.digitalSignature);
                 if (!verifies) {
                         throw new IOException("The digital signature could not be successfully verified!");
                 }
         }
 
 }

1		/**
2		* Copyright 2005-2011 The Kuali Foundation
3		*
4		* Licensed under the Educational Community License, Version 2.0 (the "License");
5		* you may not use this file except in compliance with the License.
6		* You may obtain a copy of the License at
7		*
8		* http://www.opensource.org/licenses/ecl2.php
9		*
10		* Unless required by applicable law or agreed to in writing, software
11		* distributed under the License is distributed on an "AS IS" BASIS,
12		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13		* See the License for the specific language governing permissions and
14		* limitations under the License.
15		*/
16		package org.kuali.rice.ksb.security;
17
18		import java.io.IOException;
19		import java.io.InputStream;
20		import java.security.GeneralSecurityException;
21		import java.security.Signature;
22
23		import javax.servlet.ServletInputStream;
24
25		/**
26		* An InputStream which decorates another InputStream with a wrapper that verifies the digital signature
27		* of the data after the last piece of data is read. The digital signature to verify against is
28		* passed into the constructor of this stream.
29		*
30		* @author Kuali Rice Team (rice.collab@kuali.org)
31		*/
32		public class SignatureVerifyingInputStream extends ServletInputStream {
33
34		private byte[] digitalSignature;
35		private Signature signature;
36		private InputStream wrappedInputStream;
37
38	0	public SignatureVerifyingInputStream(byte[] digitalSignature, Signature signature, InputStream wrappedInputStream) {
39	0	this.digitalSignature = digitalSignature;
40	0	this.signature = signature;
41	0	this.wrappedInputStream = wrappedInputStream;
42	0	}
43
44		@Override
45		public synchronized int read() throws IOException {
46	0	int data = this.wrappedInputStream.read();
47		try {
48	0	if (data == -1) {
49	0	verifySignature();
50		} else {
51	0	this.signature.update((byte)data);
52		}
53	0	} catch (GeneralSecurityException e) {
54	0	IOException exception = new IOException("Error processing digital signature.");
55	0	exception.initCause(e);
56	0	throw exception;
57	0	}
58	0	return data;
59		}
60
61		protected void verifySignature() throws IOException, GeneralSecurityException {
62	0	boolean verifies = this.signature.verify(this.digitalSignature);
63	0	if (!verifies) {
64	0	throw new IOException("The digital signature could not be successfully verified!");
65		}
66	0	}
67
68		}