RFR: 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints [v11]
Artur Barashev
abarashev at openjdk.org
Thu Sep 18 18:39:02 UTC 2025
On Wed, 17 Sep 2025 21:09:55 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Remove unused import. Adjust comments.
>
> test/jdk/sun/security/ssl/SignatureScheme/RsaSsaPssConstraints.java line 1:
>
>> 1: /*
>
> Can you also add some tests which cause a `CertPathBuilder` to be used. i.e. via the `PKIXValidator.doBuild` method? I'd like to make sure the behavior is the same. You could try mixing up the order of the chain or throwing in a couple of unnecessary certificates.
Done, thanks!
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27146#discussion_r2360676865
More information about the security-dev
mailing list