< prev index next >
src/java.base/share/classes/java/security/cert/X509Certificate.java
Print this page
*** 1,7 ****
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 25,40 ****
--- 25,42 ----
package java.security.cert;
import java.math.BigInteger;
import java.security.*;
+ import java.security.spec.*;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import sun.security.x509.X509CertImpl;
+ import sun.security.util.SignatureUtil;
/**
* <p>
* Abstract class for X.509 certificates. This provides a standard
* way to access all the attributes of an X.509 certificate.
*** 675,686 ****
--- 677,699 ----
throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, SignatureException {
Signature sig = (sigProvider == null)
? Signature.getInstance(getSigAlgName())
: Signature.getInstance(getSigAlgName(), sigProvider);
+
sig.initVerify(key);
+ // set parameters after Signature.initSign/initVerify call,
+ // so the deferred provider selections occur when key is set
+ try {
+ SignatureUtil.specialSetParameter(sig, getSigAlgParams());
+ } catch (ProviderException e) {
+ throw new CertificateException(e.getMessage(), e.getCause());
+ } catch (InvalidAlgorithmParameterException e) {
+ throw new CertificateException(e);
+ }
+
byte[] tbsCert = getTBSCertificate();
sig.update(tbsCert, 0, tbsCert.length);
if (sig.verify(getSignature()) == false) {
throw new SignatureException("Signature does not match.");
< prev index next >