src/java.base/share/classes/sun/security/pkcs/SignerInfo.java

@@ -1,7 +1,7 @@
 /*
- * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License version 2 only, as
  * published by the Free Software Foundation.  Oracle designates this

@@ -445,27 +445,31 @@
                 }
             }
 
             Signature sig = Signature.getInstance(algname);
 
+            sig.initVerify(key);
+
+            // set parameters after Signature.initSign/initVerify call,
+            // so the deferred provider selections occur when key is set
             AlgorithmParameters ap =
                 digestEncryptionAlgorithmId.getParameters();
             try {
-                SignatureUtil.initVerifyWithParam(sig, key,
-                    SignatureUtil.getParamSpec(algname, ap));
-            } catch (ProviderException | InvalidAlgorithmParameterException |
-                     InvalidKeyException e) {
+                SignatureUtil.specialSetParameter(sig, ap);
+            } catch (ProviderException | InvalidAlgorithmParameterException e) {
                 throw new SignatureException(e.getMessage(), e);
             }
 
             sig.update(dataSigned);
             if (sig.verify(encryptedDigest)) {
                 return this;
             }
         } catch (IOException e) {
             throw new SignatureException("IO error verifying signature:\n" +
                                          e.getMessage());
+        } catch (InvalidKeyException e) {
+            throw new SignatureException("InvalidKey: " + e.getMessage());
         }
         return null;
     }
 
     /* Verify the content of the pkcs7 block. */