Fix 157513: SignerInfo.java does not verify what it have signed.

2002-09-16 19:42:13 +00:00 · 2002-09-16 19:42:13 +00:00 · 798046bbb4
--- a/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java
+++ b/security/jss/org/mozilla/jss/pkcs7/SignerInfo.java
@ -517,7 +517,8 @@ public class SignerInfo implements ASN1Value {
        if( sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
            // create DigestInfo structure
            SEQUENCE digestInfo = new SEQUENCE();
-            digestInfo.addElement( digestAlgorithm.getOID() );
+            digestInfo.addElement(
+                new AlgorithmIdentifier(digestAlgorithm.getOID(), null) );
            digestInfo.addElement( new OCTET_STRING(messageDigest) );
            toBeVerified = ASN1Util.encode(digestInfo);
        } else {
@ -694,15 +695,7 @@ public class SignerInfo implements ASN1Value {

        // verify the contents octets of the DER encoded authenticated attribs
        byte[] toBeDigested;
-        try {
-            byte[] encodedAuthAttrib = ASN1Util.encode(authenticatedAttributes);
-            ANY any = (ANY)
-                ASN1Util.decode( ANY.getTemplate(), encodedAuthAttrib );
-            toBeDigested = any.getContents();
-        } catch(InvalidBERException e ) {
-            Assert.notReached("Unable to decode authenticated attributes");
-            toBeDigested = null;
-        }
+        toBeDigested = ASN1Util.encode(authenticatedAttributes);
    
        MessageDigest md = MessageDigest.getInstance(
                DigestAlgorithm.fromOID(digestAlgorithm.getOID()).toString() );
@ -712,7 +705,8 @@ public class SignerInfo implements ASN1Value {
        if( sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
            // create DigestInfo structure
            SEQUENCE digestInfo = new SEQUENCE();
-            digestInfo.addElement( digestAlgorithm.getOID() );
+            digestInfo.addElement(
+                new AlgorithmIdentifier(digestAlgorithm.getOID(),null) );
            digestInfo.addElement( new OCTET_STRING(digest) );
            toBeVerified = ASN1Util.encode(digestInfo);
        } else {
--- a/security/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
+++ b/security/jss/org/mozilla/jss/pkix/cms/SignerInfo.java
@ -526,7 +526,8 @@ public class SignerInfo implements ASN1Value {
        if( sigAlg.getRawAlg() == SignatureAlgorithm.RSASignature ) {
            // create DigestInfo structure
            SEQUENCE digestInfo = new SEQUENCE();
-            digestInfo.addElement( digestAlgorithm.getOID() );
+            digestInfo.addElement(
+                new AlgorithmIdentifier(digestAlgorithm.getOID(), null) );
            digestInfo.addElement( new OCTET_STRING(messageDigest) );
            toBeVerified = ASN1Util.encode(digestInfo);
        } else {
@ -702,15 +703,7 @@ public class SignerInfo implements ASN1Value {
        sig.initVerify(pubkey);

        // verify the contents octets of the DER encoded signed attribs
-        byte[] toBeDigested;
-        try {
-            byte[] encodedSignedAttrib = ASN1Util.encode(signedAttributes);
-            toBeDigested = encodedSignedAttrib;
-
-        } catch(Exception e ) {
-            Assert.notReached("Unable to decode signed attributes");
-            toBeDigested = null;
-        }
+        byte[] toBeDigested = ASN1Util.encode(signedAttributes);
    
        MessageDigest md = MessageDigest.getInstance(
                DigestAlgorithm.fromOID(digestAlgorithm.getOID()).toString() );