View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.ksb.security;
17  
18  import java.io.IOException;
19  import java.io.InputStream;
20  import java.security.GeneralSecurityException;
21  import java.security.Signature;
22  
23  import javax.servlet.ServletInputStream;
24  
25  /**
26   * An InputStream which decorates another InputStream with a wrapper that verifies the digital signature
27   * of the data after the last piece of data is read.  The digital signature to verify against is
28   * passed into the constructor of this stream.
29   * 
30   * @author Kuali Rice Team (rice.collab@kuali.org)
31   */
32  public class SignatureVerifyingInputStream extends ServletInputStream {
33  
34  	private byte[] digitalSignature;
35  	private Signature signature;
36  	private InputStream wrappedInputStream;
37  	
38  	public SignatureVerifyingInputStream(byte[] digitalSignature, Signature signature, InputStream wrappedInputStream) {
39  		this.digitalSignature = digitalSignature;
40  		this.signature = signature;
41  		this.wrappedInputStream = wrappedInputStream;
42  	}
43  
44  	@Override
45  	public synchronized int read() throws IOException {
46  		int data = this.wrappedInputStream.read();
47  		try {
48  			if (data == -1) {
49  				verifySignature();
50  			} else {
51  			    this.signature.update((byte)data);
52  			}
53  		} catch (GeneralSecurityException e) {
54  			IOException exception = new IOException("Error processing digital signature.");
55  			exception.initCause(e);
56  			throw exception;
57  		}
58  		return data;
59  	}
60  	
61  	protected void verifySignature() throws IOException, GeneralSecurityException {
62  		boolean verifies = this.signature.verify(this.digitalSignature);
63  		if (!verifies) {
64  			throw new IOException("The digital signature could not be successfully verified!");
65  		}
66  	}
67  
68  }