// For external signatures, inputStream parameter is the data being signed (external eContent) public boolean verifyExternalWithContent(InputStream inputStream) throws CMSException, IOException, NoSuchAlgorithmException, NoSuchProviderException, CertStoreException, OperatorCreationException, CertificateException { CMSSignedDataParser sp = new CMSSignedDataParser(new CMSTypedStream(inputStream), cmsSignedData.getEncoded()); sp.getSignedContent() .drain(); // here digests are computed and passed to newly created SignerInformation objects Collection signers = sp.getSignerInfos().getSigners(); if (signers.size() != 1) hasMultipleSignerInfos = true; Iterator iterator = signers.iterator(); firstSignerInfo = (SignerInformation) iterator.next(); return CMSVerifier.verify(firstSignerInfo, cmsSignedData.getCertificates()); }
// For external signatures, digest parameter is the digest of the data being signed (external // eContent pre-digested with digestAlgo specified in signerInfo) public boolean verifyExternalWithReference(byte[] digest) throws InvalidKeyException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, IOException { return CMSVerifier.verifyReference(digest, firstSignerInfo, cmsSignedData.getCertificates()); }
// For encapsulated signatures, data being signed is inside the CMS structure, under the // EncapsulatedContentInfo field public boolean verifyEncapsulated() throws InvalidKeyException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, IOException, CertStoreException, OperatorCreationException, CMSException { return CMSVerifier.verify(firstSignerInfo, cmsSignedData.getCertificates()); }