コード例 #1
0
 private boolean verifySignature(
     Principal principal,
     byte[] dataToSign,
     String signature,
     ContainerRequestContext requestContext) {
   try {
     final byte[] signatureData = StringUtils.base64Decode(signature);
     if (logger.isDebugEnabled()) {
       logger.debug(
           "Verifying REST request - principal: "
               + principal
               + " data: "
               + fingerprint(dataToSign)
               + " signature: "
               + fingerprint(signatureData));
     }
     SignatureVerificationKey key = findVerificationKey(principal);
     if (key == null) {
       return false;
     }
     try {
       cryptoEngine.verifySignature(key, digestAlgorithm, dataToSign, signatureData);
       return true;
     } catch (InvalidKeyException e) {
       logServerError(
           "Invalid key found while verifying signature: " + e.getMessage(), e, requestContext);
       throw new WebApplicationException(INTERNAL_SERVER_ERROR);
     } catch (SignatureException e) {
       return false;
     }
   } catch (BackendAccessException e) {
     logServerError("Unexpected BackendAccessException: " + e.getMessage(), e, requestContext);
     throw new WebApplicationException(INTERNAL_SERVER_ERROR);
   }
 }
コード例 #2
0
 private String signResponse(Principal principal, byte[] data)
     throws InvalidKeyException, BackendAccessException {
   SigningKey key = findSigningKey(principal);
   if (key == null) {
     logServerError("Unable to find key for response signing: " + principal.getName(), null, null);
     throw new WebApplicationException(INTERNAL_SERVER_ERROR);
   }
   return StringUtils.base64Encode(cryptoEngine.sign(key, digestAlgorithm, data));
 }
コード例 #3
0
 public RESTAuthenticationFilter(
     CryptoEngine cryptoEngine,
     Long contentMaxSize,
     DigestAlgorithm digestAlgorithm,
     long expiry,
     ReplayAttackValidator replayAttackValidator) {
   this.cryptoEngine = cryptoEngine;
   this.contentMaxSize = contentMaxSize;
   this.digestAlgorithm = digestAlgorithm;
   this.expiry = expiry;
   this.replayAttackValidator = replayAttackValidator;
   logger.debug(
       "REST Authentication filter using crypto engine: " + cryptoEngine.getClass().getName());
 }