From d95afbf5c329d51c2a92099e8db84f7fc2028602 Mon Sep 17 00:00:00 2001 From: David Hook Date: Wed, 4 Dec 2024 09:19:41 +1100 Subject: [PATCH] updated BufferingContentSigner to use ExtendedContentSigner --- .../cms/SignerInfoGeneratorBuilder.java | 24 +++++++++++-------- .../operator/BufferingContentSigner.java | 19 ++++++++++++++- .../operator/ExtendedContentSigner.java | 6 ++--- 3 files changed, 35 insertions(+), 14 deletions(-) diff --git a/pkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java b/pkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java index aea54192d3..7ad627e487 100644 --- a/pkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java +++ b/pkix/src/main/java/org/bouncycastle/cms/SignerInfoGeneratorBuilder.java @@ -147,21 +147,25 @@ private SignerInfoGenerator createGenerator(ContentSigner contentSigner, SignerI } else { + AlgorithmIdentifier digestAlgorithmIdentifier = null; + if (contentSigner instanceof ExtendedContentSigner) { - digester = digestProvider.get(((ExtendedContentSigner)contentSigner).getDigestAlgorithmIdentifier()); + digestAlgorithmIdentifier = ((ExtendedContentSigner)contentSigner).getDigestAlgorithmIdentifier(); + } + + if (digestAlgorithmIdentifier == null) + { + digestAlgorithmIdentifier = digAlgFinder.find(contentSigner.getAlgorithmIdentifier()); + } + + if (digestAlgorithmIdentifier != null) + { + digester = digestProvider.get(digestAlgorithmIdentifier); } else { - AlgorithmIdentifier digAlg = digAlgFinder.find(contentSigner.getAlgorithmIdentifier()); - if (digAlg != null) - { - digester = digestProvider.get(digAlg); - } - else - { - throw new OperatorCreationException("no digest algorithm specified for signature algorithm"); - } + throw new OperatorCreationException("no digest algorithm specified for signature algorithm"); } } diff --git a/pkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java b/pkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java index d174367299..6e71ebf408 100644 --- a/pkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java +++ b/pkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java @@ -10,7 +10,7 @@ * block when ready for signing. */ public class BufferingContentSigner - implements ContentSigner + implements ExtendedContentSigner { private final ContentSigner contentSigner; private final OutputStream output; @@ -67,4 +67,21 @@ public byte[] getSignature() { return contentSigner.getSignature(); } + + + /** + * Return the algorithm identifier describing the digest + * algorithm used by this signature algorithm, if known. + * + * @return algorithm oid and parameters, null otherwise. + */ + public AlgorithmIdentifier getDigestAlgorithmIdentifier() + { + if (contentSigner instanceof ExtendedContentSigner) + { + return ((ExtendedContentSigner)contentSigner).getDigestAlgorithmIdentifier(); + } + + return null; + } } diff --git a/pkix/src/main/java/org/bouncycastle/operator/ExtendedContentSigner.java b/pkix/src/main/java/org/bouncycastle/operator/ExtendedContentSigner.java index 455828e0bd..115e056c37 100644 --- a/pkix/src/main/java/org/bouncycastle/operator/ExtendedContentSigner.java +++ b/pkix/src/main/java/org/bouncycastle/operator/ExtendedContentSigner.java @@ -9,10 +9,10 @@ public interface ExtendedContentSigner extends ContentSigner { /** - * Return the algorithm identifier describing the signature - * algorithm and parameters this signer generates. + * Return the algorithm identifier describing the digest algorithm used by + * this signature algorithm and parameters this signer generates. * - * @return algorithm oid and parameters. + * @return algorithm oid and parameters, null if unknown. */ AlgorithmIdentifier getDigestAlgorithmIdentifier(); }