-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P2
-
Affects Version/s: 16
-
Component/s: security-libs
-
b23
-
Verified
PKCS7 SignerInfo contains both a digest algorithm and a signature algorithm. When verifying a signature, it should use the digest algorithm and the key algorithm part of the signature algorithm to derive the actual signature algorithm. We used to do it this way but JDK-8242068 modified this behavior and use the signature algorithm directly.
- relates to
-
JDK-8242068 Signed JAR support for RSASSA-PSS and EdDSA
-
- Resolved
-
