RFR: 8254935: Deprecate the PSSParameterSpec(int) constructor

Valerie Peng valeriep at openjdk.java.net
Thu Mar 24 00:55:44 UTC 2022


On Wed, 23 Mar 2022 02:46:20 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Can someone help review this update to the PSSParameterSpec class regarding the constructor with int argument and the DEFAULT static field? Just added @Deprecate javadoc tag and caution about their usage as suggested in the bug record.
>> 
>> A CSR will be filed once the wording changes are reviewed.
>> 
>> Thanks,
>> Valerie
>
> src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 114:
> 
>> 112:      *         recommended to explicitly specify all desired parameter
>> 113:      *         values with
>> 114:      *         {@link #PSSParameterSpec(String, String, AlgorithmParameterSpec, int, int) PSSParameterSpec}.
> 
> We are deprecating a field so I would say "This field uses default values defined in ... which may become...".
> 
> Do we need to write "PKCS #1" with a blank inside? Same below.
> 
> Also, the "all desired parameter values" phrase is perfect for the constructor below but this is for a field not a method so "parameters" does not make sense to me. How about something like "Instead of using this field, user should create a new `PSSParameterSpec` object by calling..." or we can just not mention it. User would need to create one anyway.

Well, I did a quick search, it seems both PKCS#X and PKCS #X are used interchangeably. I use PKCS#X to be consistent within this file. Maybe it does not matter much? I thought we tend to return without the space, e.g. PKCS8EncodedKeySpec.getFormat(). Other wording suggestions incorporated. Thanks~

-------------

PR: https://git.openjdk.java.net/jdk/pull/7913



More information about the security-dev mailing list