Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4083831

SignerInfo.verify() incorrect with authenticated attributes

    XMLWordPrintable

Details

    • 1.2beta2
    • x86, sparc
    • solaris_2.5.1, windows_95, windows_nt
    • Not verified

    Description

      pkcs.SignerInfo.verify() verifies signatures by operating directly on the data that is either in the ambient PKCS7 object or given externally. This is correct only when the PKCS object contains no authenticated attributes.

      When there authenticated attributes, one of the attributes contains the message digest of the given data, and the signature in the SignerInfo is obtained by signing the DER encoding of the authenticated attributes. In practice, that encoding consists of the encoded attributes as received, but with the tag byte changed to 0x31 (SET OF).

      Attachments

        Activity

          People

            duke J. Duke
            duke J. Duke
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: