RFR: 8254935: Deprecate the PSSParameterSpec(int) constructor

Valerie Peng valeriep at openjdk.java.net
Thu Mar 24 01:00:46 UTC 2022


On Wed, 23 Mar 2022 02:51:08 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> Can someone help review this update to the PSSParameterSpec class regarding the constructor with int argument and the DEFAULT static field? Just added @Deprecate javadoc tag and caution about their usage as suggested in the bug record.
>> 
>> A CSR will be filed once the wording changes are reviewed.
>> 
>> Thanks,
>> Valerie
>
> src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 118:
> 
>> 116:      * @since 1.5
>> 117:      */
>> 118:     @Deprecated(since="19", forRemoval=true)
> 
> Do we really want to remove it in the future? It's awkward but probably not so harmful. Removing it may unnecessarily break existing codes. Same with the constructor below.

Hmm, I am under the impression that we tend to use forRemoval=true when deprecating stuff, so users may pay more attention to it. This does not mean that we MUST remove it? Also, marking it for removal would give users more time in case something came up and removal become necessary?

> src/java.base/share/classes/sun/security/rsa/PSSParameters.java line 83:
> 
>> 81:     @Override
>> 82:     protected void engineInit(byte[] encoded) throws IOException {
>> 83:         // first initialize with the ASN.1 DEFAULT defined in PKCS#1 v2.2
> 
> "DEFAULT values"? Also, "PKCS #1".

Sure.

-------------

PR: https://git.openjdk.java.net/jdk/pull/7913



More information about the security-dev mailing list