RFR: 8241306: Add SignatureMethodParameterSpec subclass for RSASSA-PSS params [v3]
Sean Mullan
mullan at openjdk.java.net
Fri Apr 9 19:53:09 UTC 2021
On Fri, 9 Apr 2021 17:28:45 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 74:
>>
>>> 72: * {@code MaskGenerationFunction}, 32 as {@code SaltLength}, and 1 as
>>> 73: * {@code TrailerField}. This is equivalent to the parameter-less signature
>>> 74: * method as defined by http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1.
>>
>> http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1 is just a placeholder page for the namespace. I would instead link to `SignatureMethod.SHA256_RSA_MGF1` and also reference the RFC for more information. How about:
>>
>> `This is equivalent to the {@link SignatureMethod#SHA256_RSA_MGF1 parameter-less signature method} as defined in <a href="https://www.ietf.org/rfc/rfc6931.txt#section-2.3.10">RFC 6931</a>.
>> `
>
> Correct.
>
> How about:
> This is equivalent to the parameter-less signature
> method {@link SignatureMethod#SHA256_RSA_MGF1 SHA256_RSA_MGF1} as defined
> in <a href="https://tools.ietf.org/html/rfc6931#section-2.3.10">RFC 6931</a>.
>
> SHA256_RSA_MGF1 is not the only parameter-less method so I prefer showing its name.
Works for me.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3181
More information about the security-dev
mailing list