src/java.base/share/classes/java/security/cert/X509Certificate.java

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -674,18 +674,20 @@
      * @since 1.8
      */
     public void verify(PublicKey key, Provider sigProvider)
         throws CertificateException, NoSuchAlgorithmException,
         InvalidKeyException, SignatureException {
-        String sigName = getSigAlgName();
         Signature sig = (sigProvider == null)
-            ? Signature.getInstance(sigName)
-            : Signature.getInstance(sigName, sigProvider);
+            ? Signature.getInstance(getSigAlgName())
+            : Signature.getInstance(getSigAlgName(), sigProvider);
 
+        sig.initVerify(key);
+
+        // set parameters after Signature.initSign/initVerify call,
+        // so the deferred provider selections occur when key is set
         try {
-            SignatureUtil.initVerifyWithParam(sig, key,
-                SignatureUtil.getParamSpec(sigName, getSigAlgParams()));
+            SignatureUtil.specialSetParameter(sig, getSigAlgParams());
         } catch (ProviderException e) {
             throw new CertificateException(e.getMessage(), e.getCause());
         } catch (InvalidAlgorithmParameterException e) {
             throw new CertificateException(e);
         }