--- a/src/java.base/share/classes/sun/security/x509/X509CertImpl.java Tue Apr 09 16:32:22 2019 -0700
+++ b/src/java.base/share/classes/sun/security/x509/X509CertImpl.java Wed Apr 10 02:35:18 2019 +0000
@@ -422,18 +422,16 @@
}
// Verify the signature ...
Signature sigVerf = null;
+ String sigName = algId.getName();
if (sigProvider.isEmpty()) {
- sigVerf = Signature.getInstance(algId.getName());
+ sigVerf = Signature.getInstance(sigName);
} else {
- sigVerf = Signature.getInstance(algId.getName(), sigProvider);
+ sigVerf = Signature.getInstance(sigName, sigProvider);
}
- sigVerf.initVerify(key);
-
- // set parameters after Signature.initSign/initVerify call,
- // so the deferred provider selection happens when key is set
try {
- SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
+ SignatureUtil.initVerifyWithParam(sigVerf, key,
+ SignatureUtil.getParamSpec(sigName, getSigAlgParams()));
} catch (ProviderException e) {
throw new CertificateException(e.getMessage(), e.getCause());
} catch (InvalidAlgorithmParameterException e) {
@@ -478,18 +476,16 @@
}
// Verify the signature ...
Signature sigVerf = null;
+ String sigName = algId.getName();
if (sigProvider == null) {
- sigVerf = Signature.getInstance(algId.getName());
+ sigVerf = Signature.getInstance(sigName);
} else {
- sigVerf = Signature.getInstance(algId.getName(), sigProvider);
+ sigVerf = Signature.getInstance(sigName, sigProvider);
}
- sigVerf.initVerify(key);
-
- // set parameters after Signature.initSign/initVerify call,
- // so the deferred provider selection happens when key is set
try {
- SignatureUtil.specialSetParameter(sigVerf, getSigAlgParams());
+ SignatureUtil.initVerifyWithParam(sigVerf, key,
+ SignatureUtil.getParamSpec(sigName, getSigAlgParams()));
} catch (ProviderException e) {
throw new CertificateException(e.getMessage(), e.getCause());
} catch (InvalidAlgorithmParameterException e) {
@@ -587,22 +583,19 @@
InvalidKeyException, InvalidAlgorithmParameterException,
NoSuchProviderException, SignatureException {
try {
- if (readOnly)
+ if (readOnly) {
throw new CertificateEncodingException(
- "cannot over-write existing certificate");
+ "cannot over-write existing certificate");
+ }
Signature sigEngine = null;
- if (provider == null || provider.isEmpty())
+ if (provider == null || provider.isEmpty()) {
sigEngine = Signature.getInstance(algorithm);
- else
+ } else {
sigEngine = Signature.getInstance(algorithm, provider);
-
- sigEngine.initSign(key);
+ }
- if (signingParams != null) {
- // set parameters after Signature.initSign/initVerify call, so
- // the deferred provider selection happens when the key is set
- sigEngine.setParameter(signingParams);
- }
+ SignatureUtil.initSignWithParam(sigEngine, key, signingParams,
+ null);
// in case the name is reset
if (signingParams != null) {