aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/at/gv/egiz/pdfas
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/at/gv/egiz/pdfas')
-rw-r--r--src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java25
1 files changed, 20 insertions, 5 deletions
diff --git a/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java b/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java
index 0ab9729..81fe2c0 100644
--- a/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java
+++ b/src/main/java/at/gv/egiz/pdfas/algorithmSuite/AlgorithmSuiteUtil.java
@@ -35,19 +35,34 @@ public class AlgorithmSuiteUtil {
String verify_template = environment.getVerifyTemplate();
- String cert_alg;
+ String cert_alg = null;
String verify_xml = null;
X509Certificate cert = so.getX509Certificate();
String ids_string = so.getSigID();
//AlgorithmSuiteObject algSuite = new AlgorithmSuiteObject(ids_string);
algSuite.parseFrom(ids_string, true);
+ // 1. is specified in sig_id
if (algSuite.isSpecified()) {
log.debug("Algorithm suite defined as parameter. Using new dynamic template replacement.");
- cert_alg = AlgorithmMapper.getUri(algSuite.getSignatureMethod());
-
- } else {
- log.debug("NO algorithm suite defined as parameter. Using old static algorithm.");
+ cert_alg = AlgorithmMapper.getUri(algSuite.getSignatureMethod());
+
+ // 2. is specified in /alg replace -> baik
+ } else if (so.getSigAlgorithm() != null && so.getSigAlgorithm().length() > 0) {
+ String algAbbr = AlgorithmMapper.getAbbreviation(so.getSigAlgorithm());
+ algSuite.parseFrom(algAbbr, false);
+
+ if (algSuite.isSpecified()) {
+ log.debug("Algorithm /alg available. Using: " + so.getSigAlgorithm());
+ cert_alg = AlgorithmMapper.getUri(algSuite.getSignatureMethod());
+// algSuite.setCertDigestMethod("sha1");
+ //algSuite.setPropertiesDigestMethod("sha1");
+ }
+ }
+
+ // 3. default
+ if (cert_alg == null) {
+ log.debug("NO algorithm suite defined. Using default old static algorithm.");
cert_alg = environment.getCertAlgEcdsa();
if (cert.getPublicKey().getAlgorithm().indexOf("RSA") >= 0) //$NON-NLS-1$