diff options
author | Sergio Giro <sgiro@google.com> | 2015-04-09 14:10:16 +0100 |
---|---|---|
committer | Sergio Giro <sgiro@google.com> | 2015-04-20 15:41:23 +0100 |
commit | 028ab6e01e3b911024b9b9243e9a0f4ac377c0fa (patch) | |
tree | 35d98bf60cbe7a6487bd0014728eb263e89004bb /bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java | |
parent | b44aff7a3b88138f0070630d467c7527cd90c2f3 (diff) | |
download | bouncycastle-028ab6e01e3b911024b9b9243e9a0f4ac377c0fa.tar.gz |
bouncycastle: upgrade to version 1.52
Change-Id: I227db8e458e67af46ccb1c07bfca77a733f25979
Diffstat (limited to 'bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java')
-rw-r--r-- | bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java index 14ab78df..5f82d405 100644 --- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java +++ b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java @@ -190,9 +190,10 @@ public class JcaContentVerifierProviderBuilder private class SigVerifier implements ContentVerifier { - private SignatureOutputStream stream; private AlgorithmIdentifier algorithm; + protected SignatureOutputStream stream; + SigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream) { this.algorithm = algorithm; @@ -239,6 +240,27 @@ public class JcaContentVerifierProviderBuilder this.rawSignature = rawSignature; } + public boolean verify(byte[] expected) + { + try + { + return super.verify(expected); + } + finally + { + // we need to do this as in some PKCS11 implementations the session associated with the init of the + // raw signature will not be freed if verify is not called on it. + try + { + rawSignature.verify(expected); + } + catch (Exception e) + { + // ignore + } + } + } + public boolean verify(byte[] digest, byte[] expected) { try @@ -251,6 +273,19 @@ public class JcaContentVerifierProviderBuilder { throw new RuntimeOperatorException("exception obtaining raw signature: " + e.getMessage(), e); } + finally + { + // we need to do this as in some PKCS11 implementations the session associated with the init of the + // standard signature will not be freed if verify is not called on it. + try + { + stream.verify(expected); + } + catch (Exception e) + { + // ignore + } + } } } |