On Mon, 8 Sep 2025 15:31:44 GMT, Artur Barashev <[email protected]> wrote:
> RSASSA-PSS is currently the only signature algorithm we support that comes > with algorithm parameters. We don't check for those parameters when > validating certificates against supported signature algorithm constraints. This pull request has now been integrated. Changeset: 3798dcf7 Author: Artur Barashev <[email protected]> URL: https://git.openjdk.org/jdk/commit/3798dcf75b547a3707cdfdacf62886648c8653cf Stats: 852 lines in 12 files changed: 686 ins; 108 del; 58 mod 8367104: Check for RSASSA-PSS parameters when validating certificates against algorithm constraints Reviewed-by: mullan ------------- PR: https://git.openjdk.org/jdk/pull/27146
