Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4083831

SignerInfo.verify() incorrect with authenticated attributes

XMLWordPrintable

    • 1.2beta2
    • x86, sparc
    • solaris_2.5.1, windows_95, windows_nt
    • Not verified

      pkcs.SignerInfo.verify() verifies signatures by operating directly on the data that is either in the ambient PKCS7 object or given externally. This is correct only when the PKCS object contains no authenticated attributes.

      When there authenticated attributes, one of the attributes contains the message digest of the given data, and the signature in the SignerInfo is obtained by signing the DER encoding of the authenticated attributes. In practice, that encoding consists of the encoded attributes as received, but with the tag byte changed to 0x31 (SET OF).

            duke J. Duke
            duke J. Duke
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: