RFR: 8254935: Deprecate the PSSParameterSpec(int) constructor
Weijun Wang
weijun at openjdk.java.net
Wed Mar 23 02:58:28 UTC 2022
On Wed, 23 Mar 2022 00:29:16 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
> Can someone help review this update to the PSSParameterSpec class regarding the constructor with int argument and the DEFAULT static field? Just added @Deprecate javadoc tag and caution about their usage as suggested in the bug record.
>
> A CSR will be filed once the wording changes are reviewed.
>
> Thanks,
> Valerie
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 114:
> 112: * recommended to explicitly specify all desired parameter
> 113: * values with
> 114: * {@link #PSSParameterSpec(String, String, AlgorithmParameterSpec, int, int) PSSParameterSpec}.
We are deprecating a field so I would say "This field uses default values defined in ... which may become...".
Do we need to write "PKCS #1" with a blank inside? Same below.
Also, the "all desired parameter values" phrase is perfect for the constructor below but this is for a field not a method so "parameters" does not make sense to me. How about something like "Instead of using this field, user should create a new `PSSParameterSpec` object by calling..." or we can just not mention it. User would need to create one anyway.
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 118:
> 116: * @since 1.5
> 117: */
> 118: @Deprecated(since="19", forRemoval=true)
Do we really want to remove it in the future? It's awkward but probably not so harmful. Removing it may unnecessarily break existing codes. Same with the constructor below.
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 178:
> 176: * less than 0
> 177: * @deprecated This constructor uses the default values as defined in
> 178: * ASN.1 encoding in PKCS#1 except for the salt length. These
Add "the" before "ASN.1 encoding".
src/java.base/share/classes/sun/security/rsa/PSSParameters.java line 83:
> 81: @Override
> 82: protected void engineInit(byte[] encoded) throws IOException {
> 83: // first initialize with the ASN.1 DEFAULT defined in PKCS#1 v2.2
"DEFAULT values"? Also, "PKCS #1".
-------------
PR: https://git.openjdk.java.net/jdk/pull/7913
More information about the security-dev
mailing list