java.security.SignedObject Maven / Gradle / Ivy
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package java.security;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
/**
* A {@code SignedObject} instance acts as a container for another object. The
* {@code SignedObject} contains the target in serialized form along with a
* digital signature of the serialized data.
*/
public final class SignedObject implements Serializable {
private static final long serialVersionUID = 720502720485447167L;
private byte[] content;
private byte[] signature;
private String thealgorithm;
private void readObject(ObjectInputStream s) throws IOException,
ClassNotFoundException {
s.defaultReadObject();
byte[] tmp = new byte[content.length];
System.arraycopy(content, 0, tmp, 0, content.length);
content = tmp;
tmp = new byte[signature.length];
System.arraycopy(signature, 0, tmp, 0, signature.length);
signature = tmp;
}
/**
* Constructs a new instance of {@code SignedObject} with the target object,
* the private key and the engine to compute the signature. The given
* {@code object} is signed with the specified key and engine.
*
* @param object
* the object to bes signed.
* @param signingKey
* the private key, used to sign the {@code object}.
* @param signingEngine
* the engine that performs the signature generation.
* @throws IOException
* if a serialization error occurs.
* @throws InvalidKeyException
* if the private key is not valid.
* @throws SignatureException
* if signature generation failed.
*/
public SignedObject(Serializable object, PrivateKey signingKey,
Signature signingEngine) throws IOException, InvalidKeyException,
SignatureException {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
try {
// Serialize
oos.writeObject(object);
oos.flush();
} finally {
oos.close();
}
content = baos.toByteArray();
signingEngine.initSign(signingKey);
thealgorithm = signingEngine.getAlgorithm();
signingEngine.update(content);
signature = signingEngine.sign();
}
/**
* Returns the encapsulated object. Each time this method is invoked, the
* encapsulated object is deserialized before it is returned.
*
* @return the encapsulated object.
* @throws IOException
* if deserialization failed.
* @throws ClassNotFoundException
* if the class of the encapsulated object can not be found.
*/
public Object getObject() throws IOException, ClassNotFoundException {
// deserialize our object
ObjectInputStream ois = new ObjectInputStream(new ByteArrayInputStream(
content));
try {
return ois.readObject();
} finally {
ois.close();
}
}
/**
* Returns the signature data of the encapsulated serialized object.
*
* @return the signature data of the encapsulated serialized object.
*/
public byte[] getSignature() {
byte[] sig = new byte[signature.length];
System.arraycopy(signature, 0, sig, 0, signature.length);
return sig;
}
/**
* Returns the name of the algorithm of this {@code SignedObject}.
*
* @return the name of the algorithm of this {@code SignedObject}.
*/
public String getAlgorithm() {
return thealgorithm;
}
/**
* Indicates whether the contained signature for the encapsulated object is
* valid.
*
* @param verificationKey
* the public key to verify the signature.
* @param verificationEngine
* the signature engine.
* @return {@code true} if the contained signature for the encapsulated
* object is valid, {@code false} otherwise.
* @throws InvalidKeyException
* if the public key is invalid.
* @throws SignatureException
* if signature verification failed.
*/
public boolean verify(PublicKey verificationKey,
Signature verificationEngine) throws InvalidKeyException,
SignatureException {
verificationEngine.initVerify(verificationKey);
verificationEngine.update(content);
return verificationEngine.verify(signature);
}
}