Integrated: 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints
Artur Barashev
abarashev at openjdk.org
Fri Sep 19 13:10:17 UTC 2025
On Mon, 8 Sep 2025 15:31:44 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
> RSASSA-PSS is currently the only signature algorithm we support that comes with algorithm parameters. We don't check for those parameters when validating certificates against supported signature algorithm constraints.
This pull request has now been integrated.
Changeset: 3798dcf7
Author: Artur Barashev <abarashev at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/3798dcf75b547a3707cdfdacf62886648c8653cf
Stats: 852 lines in 12 files changed: 686 ins; 108 del; 58 mod
8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints
Reviewed-by: mullan
-------------
PR: https://git.openjdk.org/jdk/pull/27146
More information about the security-dev
mailing list