SignedObjectpublic final class SignedObject extends Object implements SerializableA {@code SignedObject} instance acts as a container for another object. The
{@code SignedObject} contains the target in serialized form along with a
digital signature of the serialized data. |
Fields Summary |
---|
private static final long | serialVersionUID | private byte[] | content | private byte[] | signature | private String | thealgorithm |
Constructors Summary |
---|
public SignedObject(Serializable object, PrivateKey signingKey, Signature signingEngine)Constructs a new instance of {@code SignedObject} with the target object,
the private key and the engine to compute the signature. The given
{@code object} is signed with the specified key and engine.
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
try {
// Serialize
oos.writeObject(object);
oos.flush();
} finally {
oos.close();
}
content = baos.toByteArray();
signingEngine.initSign(signingKey);
thealgorithm = signingEngine.getAlgorithm();
signingEngine.update(content);
signature = signingEngine.sign();
|
Methods Summary |
---|
public java.lang.String | getAlgorithm()Returns the name of the algorithm of this {@code SignedObject}.
return thealgorithm;
| public java.lang.Object | getObject()Returns the encapsulated object. Each time this method is invoked, the
encapsulated object is deserialized before it is returned.
// deserialize our object
ObjectInputStream ois = new ObjectInputStream(new ByteArrayInputStream(
content));
try {
return ois.readObject();
} finally {
ois.close();
}
| public byte[] | getSignature()Returns the signature data of the encapsulated serialized object.
byte[] sig = new byte[signature.length];
System.arraycopy(signature, 0, sig, 0, signature.length);
return sig;
| private void | readObject(java.io.ObjectInputStream s)
s.defaultReadObject();
byte[] tmp = new byte[content.length];
System.arraycopy(content, 0, tmp, 0, content.length);
content = tmp;
tmp = new byte[signature.length];
System.arraycopy(signature, 0, tmp, 0, signature.length);
signature = tmp;
| public boolean | verify(java.security.PublicKey verificationKey, java.security.Signature verificationEngine)Indicates whether the contained signature for the encapsulated object is
valid.
verificationEngine.initVerify(verificationKey);
verificationEngine.update(content);
return verificationEngine.verify(signature);
|
|