diff options
| author | Thomas <> | 2024-07-22 15:20:10 +0200 |
|---|---|---|
| committer | Thomas <> | 2024-07-22 15:20:10 +0200 |
| commit | eebedd18a87c96b61e028d546b21562e23088875 (patch) | |
| tree | 21aae1cc95313eb5bb630d68fa2ef6edcaf775b2 /pdf-as-lib/src/main/java/at/gv/egiz | |
| parent | dbba5fd0f644e5b36ec92bedf1ddf28ea04c601b (diff) | |
| download | pdf-as-4-eebedd18a87c96b61e028d546b21562e23088875.tar.gz pdf-as-4-eebedd18a87c96b61e028d546b21562e23088875.tar.bz2 pdf-as-4-eebedd18a87c96b61e028d546b21562e23088875.zip | |
fix(verify): allow SHA-512 and SHA-384 for signatures
Diffstat (limited to 'pdf-as-lib/src/main/java/at/gv/egiz')
| -rw-r--r-- | pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IntegrityVerifier.java | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IntegrityVerifier.java b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IntegrityVerifier.java index e0b487ec..3bb326fb 100644 --- a/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IntegrityVerifier.java +++ b/pdf-as-lib/src/main/java/at/gv/egiz/pdfas/lib/impl/verify/IntegrityVerifier.java @@ -1,15 +1,5 @@ package at.gv.egiz.pdfas.lib.impl.verify; -import iaik.asn1.ObjectID; -import iaik.asn1.structures.AlgorithmID; -import iaik.asn1.structures.Attribute; -import iaik.cms.ContentInfo; -import iaik.cms.SignedData; -import iaik.cms.SignerInfo; -import iaik.smime.ess.SigningCertificate; -import iaik.smime.ess.SigningCertificateV2; -import iaik.x509.X509Certificate; - import java.io.ByteArrayInputStream; import java.security.SignatureException; import java.util.ArrayList; @@ -24,6 +14,15 @@ import at.gv.egiz.pdfas.common.exceptions.PdfAsSignatureException; import at.gv.egiz.pdfas.lib.api.Configuration; import at.gv.egiz.pdfas.lib.api.verify.VerifyParameter.SignatureVerificationLevel; import at.gv.egiz.pdfas.lib.api.verify.VerifyResult; +import iaik.asn1.ObjectID; +import iaik.asn1.structures.AlgorithmID; +import iaik.asn1.structures.Attribute; +import iaik.cms.ContentInfo; +import iaik.cms.SignedData; +import iaik.cms.SignerInfo; +import iaik.smime.ess.SigningCertificate; +import iaik.smime.ess.SigningCertificateV2; +import iaik.x509.X509Certificate; public class IntegrityVerifier implements IVerifier { @@ -36,8 +35,10 @@ public class IntegrityVerifier implements IVerifier { List<VerifyResult> result = new ArrayList<VerifyResult>(); SignedData signedData = new SignedData(signatureContent, - new AlgorithmID[] { AlgorithmID.sha256, AlgorithmID.sha1, - AlgorithmID.ripeMd160, AlgorithmID.ripeMd160_ISO }); + new AlgorithmID[] { + AlgorithmID.sha512, AlgorithmID.sha384, + AlgorithmID.sha256, + AlgorithmID.sha1, AlgorithmID.ripeMd160, AlgorithmID.ripeMd160_ISO }); ContentInfo ci = new ContentInfo( new ByteArrayInputStream(signature)); if (!ci.getContentType().equals(ObjectID.cms_signedData)) { |