summaryrefslogtreecommitdiff
path: root/bkucommon/src/main/java/at/gv/egiz
diff options
context:
space:
mode:
Diffstat (limited to 'bkucommon/src/main/java/at/gv/egiz')
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALPrivateKey.java8
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java7
-rw-r--r--bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java3
3 files changed, 13 insertions, 5 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALPrivateKey.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALPrivateKey.java
index 8da52227..8e71fa7c 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALPrivateKey.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALPrivateKey.java
@@ -11,9 +11,11 @@ public class STALPrivateKey implements PrivateKey {
private static final long serialVersionUID = 1L;
private String algorithm;
+ private String digestAlgorithm;
- public STALPrivateKey(String algorithm) {
+ public STALPrivateKey(String algorithm, String digestAlgorithm) {
this.algorithm = algorithm;
+ this.digestAlgorithm = digestAlgorithm;
}
@Override
@@ -21,6 +23,10 @@ public class STALPrivateKey implements PrivateKey {
return algorithm;
}
+ public String getDigestAlgorithm() {
+ return digestAlgorithm;
+ }
+
@Override
public byte[] getEncoded() {
throw new UnsupportedOperationException("STALPrivateKey does not support the getEncoded() method.");
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java
index 0a2140c3..7c8b2b4e 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/STALSecurityProvider.java
@@ -60,8 +60,9 @@ public class STALSecurityProvider extends IaikProvider {
throws SignatureException, InvalidKeyException, NoSuchAlgorithmException {
log.debug("calculateSignatureFromSignedAttributes: " + signatureAlgorithm + ", " + digestAlgorithm);
+ STALPrivateKey spk = (STALPrivateKey) privateKey;
SignRequest signRequest = getSTALSignRequest(keyboxIdentifier, signedAttributes,
- privateKey.getAlgorithm(), hashDataInput);
+ spk.getAlgorithm(), spk.getDigestAlgorithm(), hashDataInput);
log.debug("Sending STAL request ({})", privateKey.getAlgorithm());
List<STALResponse> responses =
@@ -86,7 +87,8 @@ public class STALSecurityProvider extends IaikProvider {
}
private static SignRequest getSTALSignRequest(String keyboxIdentifier,
- byte[] signedAttributes, String signatureMethod, List<HashDataInput> hashDataInput) {
+ byte[] signedAttributes, String signatureMethod, String digestMethod,
+ List<HashDataInput> hashDataInput) {
SignRequest signRequest = new SignRequest();
signRequest.setKeyIdentifier(keyboxIdentifier);
log.debug("SignedAttributes: " + Util.toBase64String(signedAttributes));
@@ -95,6 +97,7 @@ public class STALSecurityProvider extends IaikProvider {
signedInfo.setIsCMSSignedAttributes(true);
signRequest.setSignedInfo(signedInfo);
signRequest.setSignatureMethod(signatureMethod);
+ signRequest.setDigestMethod(digestMethod);
signRequest.setHashDataInput(hashDataInput);
return signRequest;
}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
index 307f0bfc..9e76bf22 100644
--- a/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
+++ b/bkucommon/src/main/java/at/gv/egiz/bku/slcommands/impl/cms/Signature.java
@@ -95,7 +95,6 @@ public class Signature {
private AlgorithmID signatureAlgorithm;
private AlgorithmID digestAlgorithm;
private String signatureAlgorithmURI;
- @SuppressWarnings("unused")
private String digestAlgorithmURI;
public Signature(CMSDataObjectRequiredMetaType dataObject, String structure,
@@ -116,7 +115,7 @@ public class Signature {
new iaik.x509.X509Certificate(signingCertificate.getEncoded());
CertificateIdentifier signerIdentifier =
new IssuerAndSerialNumber(sigcert);
- PrivateKey privateKey = new STALPrivateKey(signatureAlgorithmURI);
+ PrivateKey privateKey = new STALPrivateKey(signatureAlgorithmURI, digestAlgorithmURI);
signerInfo = new SignerInfo(signerIdentifier, digestAlgorithm,
signatureAlgorithm, privateKey);
}