diff options
Diffstat (limited to 'BKUApplet')
-rw-r--r-- | BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java index ca93aa50..c6a2f72a 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java @@ -196,12 +196,16 @@ public class AppletSecureViewer implements SecureViewer { log.debug("Digesting reference " + signedRefId + " (" + mimeType + ";" + encoding + ")"); } - byte[] hashDataInputDigest = digest(hdi, signedDigestAlg); + if (signedDigestAlg.startsWith("CMS:")) { + log.info("CMS signature - skip verifying hashdata for now"); + } else { + byte[] hashDataInputDigest = digest(hdi, signedDigestAlg); - log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId); - if (!Arrays.equals(hashDataInputDigest, signedDigest)) { - log.error("Bad digest value for reference {}.", signedRefId); - throw new DigestException("Bad digest value for reference " + signedRefId); + log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId); + if (!Arrays.equals(hashDataInputDigest, signedDigest)) { + log.error("Bad digest value for reference {}.", signedRefId); + throw new DigestException("Bad digest value for reference " + signedRefId); + } } verifiedHashDataInputs.add(new ByteArrayHashDataInput(hdi, signedRefId, mimeType, encoding, filename)); |