RFR: 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints [v14]
Artur Barashev
abarashev at openjdk.org
Thu Sep 18 22:19:20 UTC 2025
On Thu, 18 Sep 2025 21:57:24 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Artur Barashev has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Add exception's cause type check
>
> test/jdk/sun/security/ssl/X509TrustManagerImpl/CertChainAlgorithmConstraints.java line 183:
>
>> 181: assertTrue(ex instanceof ValidatorException);
>> 182: assertTrue(
>> 183: ex.getCause() instanceof SunCertPathBuilderException);
>
> What about the cause's message? Can you check for a constraints check failed in the message to eliminate failures due to the wrong reason?
We already checking for it below, it's being appended to the outer exception's message. But I can check for it separately if it would look cleaner.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27146#discussion_r2361299384
More information about the security-dev
mailing list