# HG changeset patch

# User David Stutzman<david.konrad.stutzman@us.army.mil>

# Date 1516144092 28800

#      Tue Jan 16 15:08:12 2018 -0800

# Node ID 1d858c6d4626b625bb671426e6899d98c2f5bb2e

# Parent  8746a3fc74785e2fd12f86d08a6886ed9160620e

Bug# 386351 SignerInfo version, r=cfu

This patch fixes versioning of SignerInfo to match CMS spec.

cfu for dstutzman

diff --git a/org/mozilla/jss/pkix/cms/SignerInfo.java b/org/mozilla/jss/pkix/cms/SignerInfo.java

--- a/org/mozilla/jss/pkix/cms/SignerInfo.java

+++ b/org/mozilla/jss/pkix/cms/SignerInfo.java

@@ -52,9 +52,6 @@

     private OCTET_STRING encryptedDigest;

     private SET unsignedAttributes; // [1] OPTIONAL

-    // we only do CMS in RFC 2630

-    private static final INTEGER VERSION = new INTEGER(3);

-

     ///////////////////////////////////////////////////////////////////////

     ///////////////////////////////////////////////////////////////////////

     // Accessor methods

@@ -198,8 +195,17 @@

         CryptoManager.NotInitializedException, SignatureException,

         TokenException

     {

-        version = VERSION;

+        if (signerIdentifier == null) {

+            throw new IllegalArgumentException("SignerIdentifier may not be null");

+        }

         this.signerIdentifier = signerIdentifier;

+        if (SignerIdentifier.ISSUER_AND_SERIALNUMBER.equals(this.signerIdentifier.getType())) {

+            this.version = new INTEGER(1);

+        } else if (SignerIdentifier.SUBJECT_KEY_IDENTIFIER.equals(this.signerIdentifier.getType())) {

+            this.version = new INTEGER(3);

+        } else {

+            throw new IllegalArgumentException("Unexpected SignerIdentifier type");

+        }

         this.digestAlgorithm =

                 new AlgorithmIdentifier(signingAlg.getDigestAlg().toOID(),null);