Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8255494

PKCS7 should use digest algorithm to verify the signature

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2
    • Resolution: Fixed
    • Affects Version/s: 16
    • Fix Version/s: 16
    • Component/s: security-libs
    • Labels:
    • Subcomponent:
    • Resolved In Build:
      b23
    • Verification:
      Verified

      Description

      PKCS7 SignerInfo contains both a digest algorithm and a signature algorithm. When verifying a signature, it should use the digest algorithm and the key algorithm part of the signature algorithm to derive the actual signature algorithm. We used to do it this way but JDK-8242068 modified this behavior and use the signature algorithm directly.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              weijun Weijun Wang
              Reporter:
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: