diff -r 43ac80b688cd -r e275cd2f9319 jdk/src/java.base/share/classes/java/security/cert/X509CRL.java
--- a/jdk/src/java.base/share/classes/java/security/cert/X509CRL.java	Sat Mar 25 01:43:49 2017 +0000
+++ b/jdk/src/java.base/share/classes/java/security/cert/X509CRL.java	Fri Mar 31 13:28:26 2017 -0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,6 +32,7 @@
 import java.security.Principal;
 import java.security.Provider;
 import java.security.PublicKey;
+import java.security.Signature;
 import javax.security.auth.x500.X500Principal;
 
 import java.math.BigInteger;
@@ -241,7 +242,17 @@
     public void verify(PublicKey key, Provider sigProvider)
         throws CRLException, NoSuchAlgorithmException,
         InvalidKeyException, SignatureException {
-        X509CRLImpl.verify(this, key, sigProvider);
+        Signature sig = (sigProvider == null)
+            ? Signature.getInstance(getSigAlgName())
+            : Signature.getInstance(getSigAlgName(), sigProvider);
+        sig.initVerify(key);
+
+        byte[] tbsCRL = getTBSCertList();
+        sig.update(tbsCRL, 0, tbsCRL.length);
+
+        if (sig.verify(getSignature()) == false) {
+            throw new SignatureException("Signature does not match.");
+        }
     }
 
     /**