[JDK-8255494] PKCS7 should use digest algorithm to verify the signature - Java Bug System

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: P2
Resolution: Fixed
Affects Version/s: 16
Fix Version/s: 16
Component/s: security-libs
Labels:
- regression

Subcomponent:
java.security
Resolved In Build:
b23
Verification:
Verified

Description

PKCS7 SignerInfo contains both a digest algorithm and a signature algorithm. When verifying a signature, it should use the digest algorithm and the key algorithm part of the signature algorithm to derive the actual signature algorithm. We used to do it this way but ~~JDK-8242068~~ modified this behavior and use the signature algorithm directly.

Attachments

Issue Links

relates to

JDK-8242068 Signed JAR support for RSASSA-PSS and EdDSA

Resolved

links to

Commit openjdk/jdk/80380d51

Review openjdk/jdk/916

Activity

People

Assignee:: Weijun Wang

Reporter:: Weijun Wang

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2020-10-27 21:31

Updated:: 2021-01-26 02:59

Resolved:: 2020-10-30 20:23