private void verifyRSASignatures(CMSSignedData s, byte[] contentDigest) throws Exception {
Store certStore = s.getCertificates();
SignerInformationStore signers = s.getSignerInfos();
Collection c = signers.getSigners();
Iterator it = c.iterator();
while (it.hasNext()) {
SignerInformation signer = (SignerInformation) it.next();
Collection certCollection = certStore.getMatches(signer.getSID());
Iterator certIt = certCollection.iterator();
X509CertificateHolder cert = (X509CertificateHolder) certIt.next();
if (!signer.verify(
new BcRSASignerInfoVerifierBuilder(
new DefaultCMSSignatureAlgorithmNameGenerator(),
new DefaultSignatureAlgorithmIdentifierFinder(),
new DefaultDigestAlgorithmIdentifierFinder(),
new BcDigestCalculatorProvider())
.build(cert))) {
fail("signature verification failed");
}
if (contentDigest != null) {
if (!Arrays.areEqual(contentDigest, signer.getContentDigest())) {
fail("digest verification failed");
}
}
}
}
