> RSASSA-PSS is currently the only signature algorithm we support that comes > with algorithm parameters. We don't check for those parameters when > validating certificates against algorithm constraints.
Artur Barashev has updated the pull request incrementally with one additional commit since the last revision: Use default constraints if SIGNATURE_CONSTRAINTS_MODE is NONE. Log warning and return true on InvalidParameterSpecException ------------- Changes: - all: https://git.openjdk.org/jdk/pull/27146/files - new: https://git.openjdk.org/jdk/pull/27146/files/c29f7950..7af212a0 Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk&pr=27146&range=03 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=27146&range=02-03 Stats: 8 lines in 1 file changed: 4 ins; 0 del; 4 mod Patch: https://git.openjdk.org/jdk/pull/27146.diff Fetch: git fetch https://git.openjdk.org/jdk.git pull/27146/head:pull/27146 PR: https://git.openjdk.org/jdk/pull/27146
