RFR[11] JDK-8146293 "Add Support for RSA-PSS Signature Algorithm as in PKCS#1 v2.2"
Bradford Wetmore
bradford.wetmore at oracle.com
Mon May 21 16:56:37 UTC 2018
>> SignedObject.java
>> -----------------
>> Now that SignedObject is no longer in the scope of the CSR, we talked
>> about updating the class javadoc with an example about setting the
>> parameters before passing the Signature object in. I didn't see that,
>> so did you want to at least give an example of it here? I don't
>> expect that would require a separate CSR.
>
> Well, I debated about this and feel that it's probably better to leave
> this for later once we are set about the recommended usage for
> SignedObject.
Ok. File a CR to track if you think it's something you want to come
back to.
>> RSAPSSSignature.java
>> --------------------
>> 191: Would you mind inserting a comment that you "skip the JCA
>> overhead"?
> Ok.
>>
>> 264: -> PSSParameterSpec.TRAILER_FIELD_BC instead of hardcoding 1?
I think you might have missed this one.
>> TestOAEPWithParams.java
>> -----------------------
>> 50: Should we also add SHA-384, SHA-512 here?
> I am not so sure as the key size is only 768. We can bump the size up
> and add SHA-384, SHA512, but since other tests in the same directory
> covers SHA-382 and SHA-512, I only added SHA-512/224 and SHA-512/256 to
> this test.
Ok.
>> Offsets.java
>> ------------
>> 43: Should we also add all of the missing RSA variants as well?
>> SHA{1,224,256...}withRSA
> Ok, I added more but left SHA1 out as it's sunsetting and existing
> coverage.
Sounds good.
Brad
More information about the security-dev
mailing list