Coverage Report

Coverage Report - org.kuali.rice.ksb.security.SignatureVerifyingInputStream

Classes in this File

Line Coverage

Branch Coverage

Complexity

SignatureVerifyingInputStream

0/19

0/4

2.667

 /*
  * Copyright 2005-2007 The Kuali Foundation
  * 
  * 
  * Licensed under the Educational Community License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * 
  * http://www.opensource.org/licenses/ecl2.php
  * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.kuali.rice.ksb.security;
 
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.GeneralSecurityException;
 import java.security.Signature;
 
 import javax.servlet.ServletInputStream;
 
 /**
  * An InputStream which decorates another InputStream with a wrapper that verifies the digital signature
  * of the data after the last piece of data is read.  The digital signature to verify against is
  * passed into the constructor of this stream.
  * 
  * @author Kuali Rice Team (rice.collab@kuali.org)
  */
 public class SignatureVerifyingInputStream extends ServletInputStream {
 
         private byte[] digitalSignature;
         private Signature signature;
         private InputStream wrappedInputStream;
         
         public SignatureVerifyingInputStream(byte[] digitalSignature, Signature signature, InputStream wrappedInputStream) {
                 this.digitalSignature = digitalSignature;
                 this.signature = signature;
                 this.wrappedInputStream = wrappedInputStream;
         }
 
         @Override
         public synchronized int read() throws IOException {
                 int data = this.wrappedInputStream.read();
                 try {
                         if (data == -1) {
                                 verifySignature();
                         } else {
                             this.signature.update((byte)data);
                         }
                 } catch (GeneralSecurityException e) {
                         IOException exception = new IOException("Error processing digital signature.");
                         exception.initCause(e);
                         throw exception;
                 }
                 return data;
         }
         
         protected void verifySignature() throws IOException, GeneralSecurityException {
                 boolean verifies = this.signature.verify(this.digitalSignature);
                 if (!verifies) {
                         throw new IOException("The digital signature could not be successfully verified!");
                 }
         }
 
 }

1		/*
2		* Copyright 2005-2007 The Kuali Foundation
3		*
4		*
5		* Licensed under the Educational Community License, Version 2.0 (the "License");
6		* you may not use this file except in compliance with the License.
7		* You may obtain a copy of the License at
8		*
9		* http://www.opensource.org/licenses/ecl2.php
10		*
11		* Unless required by applicable law or agreed to in writing, software
12		* distributed under the License is distributed on an "AS IS" BASIS,
13		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14		* See the License for the specific language governing permissions and
15		* limitations under the License.
16		*/
17		package org.kuali.rice.ksb.security;
18
19		import java.io.IOException;
20		import java.io.InputStream;
21		import java.security.GeneralSecurityException;
22		import java.security.Signature;
23
24		import javax.servlet.ServletInputStream;
25
26		/**
27		* An InputStream which decorates another InputStream with a wrapper that verifies the digital signature
28		* of the data after the last piece of data is read. The digital signature to verify against is
29		* passed into the constructor of this stream.
30		*
31		* @author Kuali Rice Team (rice.collab@kuali.org)
32		*/
33		public class SignatureVerifyingInputStream extends ServletInputStream {
34
35		private byte[] digitalSignature;
36		private Signature signature;
37		private InputStream wrappedInputStream;
38
39	0	public SignatureVerifyingInputStream(byte[] digitalSignature, Signature signature, InputStream wrappedInputStream) {
40	0	this.digitalSignature = digitalSignature;
41	0	this.signature = signature;
42	0	this.wrappedInputStream = wrappedInputStream;
43	0	}
44
45		@Override
46		public synchronized int read() throws IOException {
47	0	int data = this.wrappedInputStream.read();
48		try {
49	0	if (data == -1) {
50	0	verifySignature();
51		} else {
52	0	this.signature.update((byte)data);
53		}
54	0	} catch (GeneralSecurityException e) {
55	0	IOException exception = new IOException("Error processing digital signature.");
56	0	exception.initCause(e);
57	0	throw exception;
58	0	}
59	0	return data;
60		}
61
62		protected void verifySignature() throws IOException, GeneralSecurityException {
63	0	boolean verifies = this.signature.verify(this.digitalSignature);
64	0	if (!verifies) {
65	0	throw new IOException("The digital signature could not be successfully verified!");
66		}
67	0	}
68
69		}