Hi Josh, Joshua Turner wrote:
> Hi all -- > > I'm using XStream to process large streams of objects via > ObjectInputStream. As one of my requirements, I have to validate the > SHA1 digest of the entire stream received against what was sent. To > accomplish this, I'd hoped to be able to just wrap the InputStream that > gets passed to XStream.getObjectInputStream() with a plain old > java.security.DigestInputStream, and read the digest off the stream at > the end. > > Here's where it gets strange: > > InputStream is; > InputStream is2; // Known to feed the same bytes as is. > XStream xstream; > > DigestInputStream dis = new DigestInputStream(is, "SHA1"); > ObjectInputStream ois = xstream.createObjectInputStream(dis); > while(ois.hasNext()) { > ois.next(); > } // consume anything left while(dis.read() != -1) { } > byte[] digest = dis.getDigest().digest(); > > DigestInputStream dis2 = new DigestInputStream(is2, "SHA1"); > while(dis2.read() != -1) { > } > byte[] digest2 = dis2.getDigest().digest(); > > At this point, digest and digest2 do /not/ contain the same bytes. > digest2 jives with what I get from third-party SHA1 tools. I'd really > prefer not to have to buffer the whole stream to disk, digest it, and > then feed it to xstream: the latency this would introduce is prohibitive. > > It's quite possible that I've misunderstood the intent of the API, but > if that's the case, I'd be happier hearing it from someone else. XStream does not control the underlaying XML parser, but I simply suspect that it stops after the root element's end tag, since nobody is requesting any further bytes. So there might be some whitespaces left. - Jörg --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email