diff options
Diffstat (limited to 'bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java')
-rw-r--r-- | bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java index 14ab78d..5f82d40 100644 --- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java +++ b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaContentVerifierProviderBuilder.java @@ -190,9 +190,10 @@ public class JcaContentVerifierProviderBuilder private class SigVerifier implements ContentVerifier { - private SignatureOutputStream stream; private AlgorithmIdentifier algorithm; + protected SignatureOutputStream stream; + SigVerifier(AlgorithmIdentifier algorithm, SignatureOutputStream stream) { this.algorithm = algorithm; @@ -239,6 +240,27 @@ public class JcaContentVerifierProviderBuilder this.rawSignature = rawSignature; } + public boolean verify(byte[] expected) + { + try + { + return super.verify(expected); + } + finally + { + // we need to do this as in some PKCS11 implementations the session associated with the init of the + // raw signature will not be freed if verify is not called on it. + try + { + rawSignature.verify(expected); + } + catch (Exception e) + { + // ignore + } + } + } + public boolean verify(byte[] digest, byte[] expected) { try @@ -251,6 +273,19 @@ public class JcaContentVerifierProviderBuilder { throw new RuntimeOperatorException("exception obtaining raw signature: " + e.getMessage(), e); } + finally + { + // we need to do this as in some PKCS11 implementations the session associated with the init of the + // standard signature will not be freed if verify is not called on it. + try + { + stream.verify(expected); + } + catch (Exception e) + { + // ignore + } + } } } |