RFR: 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints [v14]
Sean Mullan
mullan at openjdk.org
Thu Sep 18 22:40:57 UTC 2025
On Thu, 18 Sep 2025 22:24:29 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> We already checking for it below, it's being appended to the outer exception's message. But I can check for it separately if it would look cleaner.
>
> SunCertPathBuilder doesn't attach any cause itself:
> https://github.com/openjdk/jdk/blob/6e4e966d9b71ec04618e19784b5a661f34595ef6/src/java.base/share/classes/sun/security/provider/certpath/SunCertPathBuilder.java#L148
Ah ok. Yes, in that case you would have to parse the debug log to find the underlying reason, but I'm ok with this as is.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27146#discussion_r2361323502
More information about the security-dev
mailing list