Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8255494

PKCS7 should use digest algorithm to verify the signature

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P2
    • 16
    • 16
    • security-libs
    • b23
    • Verified

    Description

      PKCS7 SignerInfo contains both a digest algorithm and a signature algorithm. When verifying a signature, it should use the digest algorithm and the key algorithm part of the signature algorithm to derive the actual signature algorithm. We used to do it this way but JDK-8242068 modified this behavior and use the signature algorithm directly.

      Attachments

        Issue Links

          Activity

            People

              weijun Weijun Wang
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: