On Thu, 15 Oct 2020 20:42:30 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> signing time, jarsigner -directsign, and digest algorithm check
>
> src/java.base/share/classes/sun/security/pkcs/SignerInfo.java line 549:
>
>> 547: return encAlg;
>> 548: default:
>> 549: String digAlg = digAlgId.getName().replace("-", "");
>
> This may be incorrect if the digest algorithm is in the SHA3 family. Maybe we
> should check and apply this conversion
> only when digest algorithm starts with "SHA-".
Good suggestion. I'll also try some tests.
-------------
PR: https://git.openjdk.java.net/jdk/pull/322
