Hi Josh,
Joshua Turner wrote:
> Hi all --
>
> I'm using XStream to process large streams of objects via
> ObjectInputStream. As one of my requirements, I have to validate the
> SHA1 digest of the entire stream received against what was sent. To
> accomplish this, I'd hoped to be able to just wrap the InputStream that
> gets passed to XStream.getObjectInputStream() with a plain old
> java.security.DigestInputStream, and read the digest off the stream at
> the end.
>
> Here's where it gets strange:
>
> InputStream is;
> InputStream is2; // Known to feed the same bytes as is.
> XStream xstream;
>
> DigestInputStream dis = new DigestInputStream(is, "SHA1");
> ObjectInputStream ois = xstream.createObjectInputStream(dis);
> while(ois.hasNext()) {
> ois.next();
> }
// consume anything left
while(dis.read() != -1) {
}
> byte[] digest = dis.getDigest().digest();
>
> DigestInputStream dis2 = new DigestInputStream(is2, "SHA1");
> while(dis2.read() != -1) {
> }
> byte[] digest2 = dis2.getDigest().digest();
>
> At this point, digest and digest2 do /not/ contain the same bytes.
> digest2 jives with what I get from third-party SHA1 tools. I'd really
> prefer not to have to buffer the whole stream to disk, digest it, and
> then feed it to xstream: the latency this would introduce is prohibitive.
>
> It's quite possible that I've misunderstood the intent of the API, but
> if that's the case, I'd be happier hearing it from someone else.
XStream does not control the underlaying XML parser, but I simply suspect
that it stops after the root element's end tag, since nobody is requesting
any further bytes. So there might be some whitespaces left.
- Jörg
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
