< prev index next >
src/share/classes/sun/security/pkcs10/PKCS10.java
Print this page
rev 12532 : 8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms
Reviewed-by: coffeys
@@ -165,11 +165,12 @@
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
- sig = Signature.getInstance(id.getName());
+ sigAlg = id.getName();
+ sig = Signature.getInstance(sigAlg);
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
@@ -216,10 +217,11 @@
* Sign it ...
*/
signature.update(certificateRequestInfo, 0,
certificateRequestInfo.length);
sig = signature.sign();
+ sigAlg = signature.getAlgorithm();
/*
* Build guts of SIGNED macro
*/
AlgorithmId algId = null;
@@ -249,10 +251,15 @@
*/
public PublicKey getSubjectPublicKeyInfo()
{ return subjectPublicKeyInfo; }
/**
+ * Returns the signature algorithm.
+ */
+ public String getSigAlg() { return sigAlg; }
+
+ /**
* Returns the additional attributes requested.
*/
public PKCS10Attributes getAttributes()
{ return attributeSet; }
@@ -346,8 +353,9 @@
return(retval);
}
private X500Name subject;
private PublicKey subjectPublicKeyInfo;
+ private String sigAlg;
private PKCS10Attributes attributeSet;
private byte[] encoded; // signed
}
< prev index next >