RFR: 8254935: Deprecate the PSSParameterSpec(int) constructor [v5]
Sean Mullan
mullan at openjdk.java.net
Mon Mar 28 14:39:45 UTC 2022
On Thu, 24 Mar 2022 23:34:30 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Can someone help review this update to the PSSParameterSpec class regarding the constructor with int argument and the DEFAULT static field? Just added @Deprecate javadoc tag and caution about their usage as suggested in the bug record.
>>
>> A CSR will be filed once the wording changes are reviewed.
>>
>> Thanks,
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> More minor edits.
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 32:
> 30: /**
> 31: * This class specifies a parameter spec for RSASSA-PSS signature scheme,
> 32: * as defined in the
On line 31, add "the" before "RSASSA-PSS".
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 67:
> 65: * }
> 66: * </pre>
> 67: * <p>Note: the {@code PSSParameterSpec.DEFAULT} uses the following:
Suggest rewording as:
`Note: {@code PSSParameterSpec.DEFAULT} uses the following values:`
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 77:
> 75: * from the PKCS#1 standard and may become obsolete as time progresses.
> 76: * Please do not rely on {@code PSSParameterSpec.DEFAULT} unless these
> 77: * values are really what you want to use.
Some suggested rewordings:
`Its values are based on the default values defined in the PKCS#1 standard, as defined above. Some of these defaults are no longer recommended due to advances in cryptanalysis -- see RFC 8017 for more details. Thus, {@code PSSParameterSpec.DEFAULT} is deprecated and should be used at your own risk.`
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 114:
> 112: * Thus, it is recommended to create a new {@code PSSParameterSpec}
> 113: * object with the desired parameter values using
> 114: * {@link #PSSParameterSpec(String, String, AlgorithmParameterSpec, int, int) PSSParameterSpec}.
Similar rewording suggestion here:
"This field uses the default values defined in the PKCS#1 standard. Some of these defaults are no longer recommended due to advances in cryptanalysis -- see RFC 8017 for more details. Thus ..."
src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 179:
> 177: * @deprecated This constructor uses the default values defined in
> 178: * the ASN.1 encoding in PKCS#1 except for the salt length.
> 179: * These default values may become obsolete as time progresses.
Similar rewording suggestion as above.
-------------
PR: https://git.openjdk.java.net/jdk/pull/7913
More information about the security-dev
mailing list