-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P2
-
Affects Version/s: 1.2.0
-
Component/s: security-libs
-
1.2beta2
-
sparc
-
solaris_2.5.1
-
Not verified
SignerInfos in a PKCS7 object indicate their certificates by issuer name and certificate serial number. Signature verification looks for this certificate
using PKCS7.getCertificate(serialNo, name). The latter, however, looks for a
certificate whose serial number is as given by the argument and whose *subject* name is as given by the second argument. This procedure won't find the proper certificate unless issuer and subject are the same, i.e. the certificate is self-signed.
using PKCS7.getCertificate(serialNo, name). The latter, however, looks for a
certificate whose serial number is as given by the argument and whose *subject* name is as given by the second argument. This procedure won't find the proper certificate unless issuer and subject are the same, i.e. the certificate is self-signed.
- relates to
-
-
- Closed
-