RFR: 8241306: Add SignatureMethodParameterSpec subclass for RSASSA-PSS params [v2]
Sean Mullan
mullan at openjdk.java.net
Tue Mar 30 15:38:11 UTC 2021
On Tue, 30 Mar 2021 02:07:06 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> This enhancement contains the following code changes:
>>
>> 1. Create a new public API `javax/xml/crypto/dsig/spec/RSAPSSParameterSpec` and remove the internal one.
>> 2. Update marshaling and unmarshaling code inside `DOMRSAPSSSignatureMethod` so it understands extra fields in `PSSParameterSpec` and is aware of the defaults in both directions.
>> 3. Update `DOMSignedInfo` so that secure validation can restrict `DigestMethod` used inside `RSAPSSParameterSpec`
>> 4. Tests
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> update XMLUtils (not used by tests here)
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 36:
> 34: * Parameters for the <a href="http://www.w3.org/2007/05/xmldsig-more#rsa-pss">
> 35: * XML Signature RSASSA-PSS Algorithm</a>. The parameters are expressed as a
> 36: * {@link PSSParameterSpec} object encapsulated.
I suggest removing "encapsulated", I found use of that word a little confusing. Maybe just "The parameters are represented as a {@link PSSParameterSpec} object." Similar comment about "encapsulated" in other methods.
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 75:
> 73: * {@code TrailerField}. This is equivalent to the parameter-less signature
> 74: * method as defined by http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1.
> 75: *
Normally I don't like to hardcode defaults (in case they weaken later) but since this is specified by RFC 6931, I don't think we have a choice, and I think we need to use this default for interoperability.
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 89:
> 87: *
> 88: * @param spec the input {@code PSSParameterSpec} to be encapsulated
> 89: */
Should this throw NPE if spec is null?
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 99:
> 97: * @return the encapsulated {@code PSSParameterSpec} object
> 98: */
> 99: public PSSParameterSpec getPSSParameterSpec() {
If an XML Signature contained an RSAPSSParams with no DigestMethod, would this return a PSSParameterSpec with the defaults as specified in the @implSpec?
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 103:
> 101: }
> 102:
> 103: @Override
Since you are overriding `Object.hashCode` and `equals`, I think you should document the specification for that.
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 113:
> 111:
> 112: @Override
> 113: public boolean equals(Object obj) {
Add specification.
src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 139:
> 137:
> 138: @Override
> 139: public String toString() {
Add specification.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3181
More information about the security-dev
mailing list