From da6c49cbea9c80ad057a5fc3b698ce14ad9a7415 Mon Sep 17 00:00:00 2001 From: tkellner Date: Fri, 13 Dec 2013 01:57:31 +0000 Subject: Add DigestMethod to STAL SignRequest, check digest value in secure viewer NOTE: This currently disables viewing signature data which uses the ExcludeByteRange feature, e.g. PAdES signatures. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@1263 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'BKUApplet/src') diff --git a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java index c6a2f72a..773bab80 100644 --- a/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java +++ b/BKUApplet/src/main/java/at/gv/egiz/bku/online/applet/AppletSecureViewer.java @@ -196,9 +196,9 @@ public class AppletSecureViewer implements SecureViewer { log.debug("Digesting reference " + signedRefId + " (" + mimeType + ";" + encoding + ")"); } - if (signedDigestAlg.startsWith("CMS:")) { - log.info("CMS signature - skip verifying hashdata for now"); - } else { +// if (signedDigestAlg.startsWith("CMS:")) { +// log.info("CMS signature - skip verifying hashdata for now"); +// } else { byte[] hashDataInputDigest = digest(hdi, signedDigestAlg); log.debug("Comparing digest to claimed digest value for reference {}.", signedRefId); @@ -206,7 +206,7 @@ public class AppletSecureViewer implements SecureViewer { log.error("Bad digest value for reference {}.", signedRefId); throw new DigestException("Bad digest value for reference " + signedRefId); } - } +// } verifiedHashDataInputs.add(new ByteArrayHashDataInput(hdi, signedRefId, mimeType, encoding, filename)); } -- cgit v1.2.3