RFR: 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints [v2]
Artur Barashev
abarashev at openjdk.org
Tue Sep 9 16:06:42 UTC 2025
On Tue, 9 Sep 2025 15:01:04 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> More test cases
>
> src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java line 1453:
>
>> 1451: }
>> 1452:
>> 1453: // try the best to check the algorithm constraints
>
> Not part of your change, but can you remove the words "try the best to" - those words make it sound like it will pass even if the constraint checks fail. Also on line 1478.
Good catch! Removing those comments all together as redundant, the new code is self-explanatory.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27146#discussion_r2334117732
More information about the security-dev
mailing list