From d311d0f7b7ef9ed5bc383d6744b7d61239aafbc1 Mon Sep 17 00:00:00 2001 From: tkellner Date: Fri, 13 Dec 2013 01:26:39 +0000 Subject: Extend STAL to support CMS SignedAttributes git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1262 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../at/gv/egiz/bku/online/applet/AppletSecureViewer.java | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'BKUApplet/src/main/java/at') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java index ca93aa50..c6a2f72a 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java @@ -196,12 +196,16 @@ public class AppletSecureViewer implements SecureViewer { log.debug("Digesting reference " + signedRefId + " (" + mimeType + ";" + encoding + ")"); } - byte[] hashDataInputDigest = digest(hdi, signedDigestAlg); + if (signedDigestAlg.startsWith("CMS:")) { + log.info("CMS signature - skip verifying hashdata for now"); + } else { + byte[] hashDataInputDigest = digest(hdi, signedDigestAlg); - log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId); - if (!Arrays.equals(hashDataInputDigest, signedDigest)) { - log.error("Bad digest value for reference {}.", signedRefId); - throw new DigestException("Bad digest value for reference " + signedRefId); + log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId); + if (!Arrays.equals(hashDataInputDigest, signedDigest)) { + log.error("Bad digest value for reference {}.", signedRefId); + throw new DigestException("Bad digest value for reference " + signedRefId); + } } verifiedHashDataInputs.add(new ByteArrayHashDataInput(hdi, signedRefId, mimeType, encoding, filename)); -- cgit v1.2.3