Java tutorial
/** * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.camel.component.crypto.processor; import java.security.PublicKey; import java.security.Signature; import java.security.SignatureException; import java.security.cert.Certificate; import org.apache.camel.Exchange; import org.apache.camel.component.crypto.DigitalSignatureConfiguration; import org.apache.camel.component.crypto.DigitalSignatureConstants; import org.apache.camel.util.ExchangeHelper; import org.apache.commons.codec.binary.Base64; /** * <code>VerifyingProcessor</code> */ public class VerifyingProcessor extends DigitalSignatureProcessor { public VerifyingProcessor(DigitalSignatureConfiguration configuration) { super(configuration); } public void process(Exchange exchange) throws Exception { Signature signer = createSignatureService(); Certificate cert = getCertificate(exchange); if (cert == null) { PublicKey pk = getPublicKeyOrCertificateFromHeader(exchange, PublicKey.class, config.getPublicKey()); if (pk == null) { throw new IllegalStateException(String.format( "Cannot verify signature as no Public Key or Certificate has been supplied." + " Either supply one in the route definition or via the message header '%s'", DigitalSignatureConstants.SIGNATURE_PUBLIC_KEY_OR_CERT)); } signer.initVerify(pk); } else { signer.initVerify(cert); } calculateSignature(exchange, signer); byte[] signature = getSignatureFromExchange(exchange); if (!signer.verify(signature)) { throw new SignatureException("Cannot verify signature of exchange"); } clearMessageHeaders(exchange.getIn()); } private byte[] getSignatureFromExchange(Exchange exchange) throws Exception { String encodedSignature = ExchangeHelper.getMandatoryHeader(exchange, config.getSignatureHeader(), String.class); if (encodedSignature == null) { throw new IllegalStateException( "Cannot verify exchange as no " + config.getSignatureHeader() + " header is present."); } return new Base64().decode(encodedSignature); } private Certificate getCertificate(Exchange exchange) throws Exception { Certificate cert = config.getCertificate(getAlias(exchange)); return getPublicKeyOrCertificateFromHeader(exchange, Certificate.class, cert); } private <T> T getPublicKeyOrCertificateFromHeader(Exchange exchange, Class<? extends T> verificationType, T defaultsTo) { T pkOrCert = exchange.getIn().getHeader(DigitalSignatureConstants.SIGNATURE_PUBLIC_KEY_OR_CERT, verificationType); if (pkOrCert == null) { pkOrCert = defaultsTo; } return pkOrCert; } }