summaryrefslogtreecommitdiff
path: root/BKUApplet/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'BKUApplet/src/main')
-rw-r--r--BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java14
1 files changed, 9 insertions, 5 deletions
diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java
index ca93aa50..c6a2f72a 100644
--- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java
+++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java
@@ -196,12 +196,16 @@ public class AppletSecureViewer implements SecureViewer {
log.debug("Digesting reference " + signedRefId + " (" + mimeType + ";" + encoding + ")");
}
- byte[] hashDataInputDigest = digest(hdi, signedDigestAlg);
+ if (signedDigestAlg.startsWith("CMS:")) {
+ log.info("CMS signature - skip verifying hashdata for now");
+ } else {
+ byte[] hashDataInputDigest = digest(hdi, signedDigestAlg);
- log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId);
- if (!Arrays.equals(hashDataInputDigest, signedDigest)) {
- log.error("Bad digest value for reference {}.", signedRefId);
- throw new DigestException("Bad digest value for reference " + signedRefId);
+ log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId);
+ if (!Arrays.equals(hashDataInputDigest, signedDigest)) {
+ log.error("Bad digest value for reference {}.", signedRefId);
+ throw new DigestException("Bad digest value for reference " + signedRefId);
+ }
}
verifiedHashDataInputs.add(new ByteArrayHashDataInput(hdi, signedRefId, mimeType, encoding, filename));