/** * Tests that it is possible to specify a signature algorithm who's name is not simply a * concatenation of a digest algorithm and the key algorithm. * * <p>This test also sets the signature provider as a provider supporting the RSASSA-PSS * algorithms might not be installed. * * @throws Exception */ public void testWithSignatureAlgorithmSHA256withRSAandMGF1() throws Exception { File sourceFile = new File("target/test-classes/wineyes.exe"); File targetFile = new File("target/test-classes/wineyes-signed.exe"); FileUtils.copyFile(sourceFile, targetFile); PEFile peFile = null; try { peFile = new PEFile(targetFile); PESigner signer = new PESigner(getKeyStore(), ALIAS, PRIVATE_KEY_PASSWORD) .withTimestamping(false) .withDigestAlgorithm(DigestAlgorithm.SHA1) .withSignatureAlgorithm("SHA256withRSAandMGF1", new BouncyCastleProvider()); signer.sign(peFile); peFile = new PEFile(targetFile); List<CMSSignedData> signatures = peFile.getSignatures(); assertNotNull(signatures); assertEquals(1, signatures.size()); CMSSignedData signedData = signatures.get(0); assertNotNull(signedData); // Check the signature algorithm final SignerInformation si = (SignerInformation) signedData.getSignerInfos().getSigners().iterator().next(); assertEquals( "Digest algorithm", NISTObjectIdentifiers.id_sha256, si.getDigestAlgorithmID().getAlgorithm()); assertEquals( "Encryption algorithm", PKCSObjectIdentifiers.id_RSASSA_PSS.getId(), si.getEncryptionAlgOID()); } finally { if (peFile != null) { peFile.close(); } } }