jss/jss-fix-SignerInfo-version.patch

# HG changeset patch
# User David Stutzman<david.konrad.stutzman@us.army.mil>
# Date 1516144092 28800
#      Tue Jan 16 15:08:12 2018 -0800
# Node ID 1d858c6d4626b625bb671426e6899d98c2f5bb2e
# Parent  8746a3fc74785e2fd12f86d08a6886ed9160620e
Bug# 386351 SignerInfo version, r=cfu

This patch fixes versioning of SignerInfo to match CMS spec.

cfu for dstutzman

diff --git a/org/mozilla/jss/pkix/cms/SignerInfo.java b/org/mozilla/jss/pkix/cms/SignerInfo.java
--- a/org/mozilla/jss/pkix/cms/SignerInfo.java
+++ b/org/mozilla/jss/pkix/cms/SignerInfo.java
@@ -52,9 +52,6 @@
     private OCTET_STRING encryptedDigest;
     private SET unsignedAttributes; // [1] OPTIONAL
 
-    // we only do CMS in RFC 2630
-    private static final INTEGER VERSION = new INTEGER(3);
-
     ///////////////////////////////////////////////////////////////////////
     ///////////////////////////////////////////////////////////////////////
     // Accessor methods
@@ -198,8 +195,17 @@
         CryptoManager.NotInitializedException, SignatureException,
         TokenException
     {
-        version = VERSION;
+        if (signerIdentifier == null) {
+            throw new IllegalArgumentException("SignerIdentifier may not be null");
+        }
         this.signerIdentifier = signerIdentifier;
+        if (SignerIdentifier.ISSUER_AND_SERIALNUMBER.equals(this.signerIdentifier.getType())) {
+            this.version = new INTEGER(1);
+        } else if (SignerIdentifier.SUBJECT_KEY_IDENTIFIER.equals(this.signerIdentifier.getType())) {
+            this.version = new INTEGER(3);
+        } else {
+            throw new IllegalArgumentException("Unexpected SignerIdentifier type");
+        }
         this.digestAlgorithm =
                 new AlgorithmIdentifier(signingAlg.getDigestAlg().toOID(),null);