On Tue, 18 Mar 2025 19:14:40 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> Anthony Scarpino has updated the pull request incrementally with one >> additional commit since the last revision: >> >> check for dup > > src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java > line 210: > >> 208: new CertPathConstraintsParameters(trustedPubKey, >> variant, >> 209: anchor, date); >> 210: dac.permits(KeyUtil.getAlgorithm(trustedPubKey), > > Do you plan to have a unit test for `AlgorithmChecker` changes? It looks like > certificates using `ED25519` algorithm didn't match that check before. It > would be useful to have a test where we disable `ED25519` in java.security > and then try to use a certificate with `ED25519` algorithm. This is checked by an existing test ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23647#discussion_r2006034135
