-
Bug
-
Resolution: Fixed
-
P3
-
1.2.0
-
1.2alpha
-
generic
-
generic
-
Verified
PKCS#7 is used as the format of the signature block in a signed JAR file.
PKCS#7 defines the syntax of "ContentInfo" as follows:
ContentInfo ::= SEQUENCE {
contentType ContentType,
content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
In our implementation of PKCS#7, the [0] tag of the "content" field is missing.
This will prevent any standard compliant implementation of PKCS#7 from parsing
the signature block file of a JAR file signed by javakey, and therefore prevent
interoperability.
PKCS#7 defines the syntax of "ContentInfo" as follows:
ContentInfo ::= SEQUENCE {
contentType ContentType,
content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
In our implementation of PKCS#7, the [0] tag of the "content" field is missing.
This will prevent any standard compliant implementation of PKCS#7 from parsing
the signature block file of a JAR file signed by javakey, and therefore prevent
interoperability.