RFR: 8241306: Add SignatureMethodParameterSpec subclass for RSASSA-PSS params [v2]

Sean Mullan mullan at openjdk.java.net
Tue Mar 30 18:41:29 UTC 2021

On Tue, 30 Mar 2021 16:56:22 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 103:
>>> 101:     }
>>> 102: 
>>> 103:     @Override
>> Since you are overriding `Object.hashCode` and `equals`, I think you should document the specification for that.
> For `equals` and `hashCode`, the removed internal `org/jcp/xml/dsig/internal/dom/RSAPSSParameterSpec.java` file had them so I kept them. But now I intend to remove both. `HMACParameterSpec` in the same package does not have them. In fact, I felt a little uncomfortable on using the result of `mgfParamsAsString` in `hashCode` and `equals` because even `PSSParameterSpec` and `MGF1ParameterSpec` have not implemented them.
> As for `toString`, I'm not sure if there needs a spec (and I don't want to specify the output format). `PSSParameterSpec` and `MGF1ParameterSpec` implemented it with no spec. The documentation at https://docs.oracle.com/en/java/javase/16/docs/api/java.base/java/security/spec/MGF1ParameterSpec.html also only list it in the "Methods declared in class java.lang.Object" with all other `Object` methods no matter if it's overridden or not.

I agree with removing `equals` and `hashCode`. For `toString` I think what you have implemented is compliant with Object.toString() so I'm ok with not adding a specific specification for that.


PR: https://git.openjdk.java.net/jdk/pull/3181

More information about the security-dev mailing list