Re: RFR: 8255494: PKCS7 should use digest algorithm to verify the signature [v2]
On Thu, 29 Oct 2020 18:37:06 GMT, Weijun Wang wrote: >> This is a regression made by >> [JDK-8242068](https://bugs.openjdk.java.net/browse/JDK-8242068). When the >> digest algorithm is not the same as the hash part of the signature >> algorithm, we used to combine the digest algorithm with the key part of the >> signature algorithm into a new signature algorithm and use it when >> generating a signature. The previous code change uses the signature >> algorithm in the SignerInfo directly. This bugfix will revert to the old >> behavior. > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > more comment to the test, and full DER encoding Marked as reviewed by valeriep (Reviewer). - PR: https://git.openjdk.java.net/jdk/pull/916
Re: RFR: 8255494: PKCS7 should use digest algorithm to verify the signature [v2]
> This is a regression made by > [JDK-8242068](https://bugs.openjdk.java.net/browse/JDK-8242068). When the > digest algorithm is not the same as the hash part of the signature algorithm, > we used to combine the digest algorithm with the key part of the signature > algorithm into a new signature algorithm and use it when generating a > signature. The previous code change uses the signature algorithm in the > SignerInfo directly. This bugfix will revert to the old behavior. Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: more comment to the test, and full DER encoding - Changes: - all: https://git.openjdk.java.net/jdk/pull/916/files - new: https://git.openjdk.java.net/jdk/pull/916/files/bc354142..19aa3f4d Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=916&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=916&range=00-01 Stats: 9 lines in 1 file changed: 3 ins; 0 del; 6 mod Patch: https://git.openjdk.java.net/jdk/pull/916.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/916/head:pull/916 PR: https://git.openjdk.java.net/jdk/pull/916
