DSS-949 : Empty unsigned attributes in PAdES-B-B generation

esig · Oct 3, 2016 · 4878d5f · 4878d5f
1 parent 8bfd2b4
commit 4878d5f
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 11 deletions.
diff --git a/dss-document/src/test/java/eu/europa/esig/dss/signature/AbstractTestSignature.java b/dss-document/src/test/java/eu/europa/esig/dss/signature/AbstractTestSignature.java
@@ -85,14 +85,14 @@ public void signAndVerify() throws IOException {
 
 		// signedDocument.save("target/xades.xml");
 
-		if (logger.isDebugEnabled()) {
-			try {
-				byte[] byteArray = IOUtils.toByteArray(signedDocument.openStream());
-				onDocumentSigned(byteArray);
-				// LOGGER.debug(new String(byteArray));
-			} catch (Exception e) {
-				logger.error("Cannot display file content", e);
+		try {
+			byte[] byteArray = IOUtils.toByteArray(signedDocument.openStream());
+			onDocumentSigned(byteArray);
+			if (logger.isDebugEnabled()) {
+				logger.debug(new String(byteArray));
 			}
+		} catch (Exception e) {
+			logger.error("Cannot display file content", e);
 		}
 
 		checkMimeType(signedDocument);

diff --git a/dss-pades/src/main/java/eu/europa/esig/dss/pades/signature/PAdESLevelBaselineB.java b/dss-pades/src/main/java/eu/europa/esig/dss/pades/signature/PAdESLevelBaselineB.java
@@ -20,7 +20,6 @@
  */
 package eu.europa.esig.dss.pades.signature;
 
-import java.util.Hashtable;
 import java.util.Map;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
@@ -58,7 +57,8 @@ AttributeTable getSignedAttributes(Map params, CAdESLevelBaselineB cadesProfile,
 	}
 
 	AttributeTable getUnsignedAttributes() {
-		return new AttributeTable(new Hashtable());
+		// Unsigned attributes can't be an empty set (RFC 5652 5.3.)
+		return null;
 	}
 
 }
diff --git a/dss-pades/src/test/java/eu/europa/esig/dss/pades/signature/PAdESLevelBTest.java b/dss-pades/src/test/java/eu/europa/esig/dss/pades/signature/PAdESLevelBTest.java
@@ -128,8 +128,6 @@ protected void onDocumentSigned(byte[] byteArray) {
 
 				logger.info("Byte range : " + Arrays.toString(pdSignature.getByteRange()));
 
-				// IOUtils.write(contents, new FileOutputStream("sig.p7s"));
-
 				ASN1InputStream asn1sInput = new ASN1InputStream(contents);
 				ASN1Sequence asn1Seq = (ASN1Sequence) asn1sInput.readObject();
 
@@ -161,6 +159,9 @@ protected void onDocumentSigned(byte[] byteArray) {
 				logger.info("SIGNER INFO ASN1 : " + signerInfosAsn1.toString());
 				SignerInfo signedInfo = SignerInfo.getInstance(ASN1Sequence.getInstance(signerInfosAsn1.getObjectAt(0)));
 
+				ASN1Set unauthenticatedAttributes = signedInfo.getUnauthenticatedAttributes();
+				assertNull(unauthenticatedAttributes);
+
 				ASN1Set authenticatedAttributeSet = signedInfo.getAuthenticatedAttributes();
 				logger.info("AUTHENTICATED ATTR : " + authenticatedAttributeSet);