RFR: 8241306: Add SignatureMethodParameterSpec subclass for RSASSA-PSS params [v2]
Sean Mullan
mullan at openjdk.java.net
Tue Mar 30 18:44:22 UTC 2021
On Tue, 30 Mar 2021 16:39:37 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java line 99:
>>
>>> 97: * @return the encapsulated {@code PSSParameterSpec} object
>>> 98: */
>>> 99: public PSSParameterSpec getPSSParameterSpec() {
>>
>> If an XML Signature contained an RSAPSSParams with no DigestMethod, would this return a PSSParameterSpec with the defaults as specified in the @implSpec?
>
> There are other fields in `RSASSAParams`, so if there is no DigestMethod, it will be SHA-256 but the other fields (like SaltLength or TrailerField) will still be read if they exist.
>
> If there is no `RSASSAParams` at all or if it's empty, then the defaults will be returned.
I wonder if the @implSpec is clear enough that this will be returned. I might suggest adding a similar @implSpec in this method that basically states what you said above.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3181
More information about the security-dev
mailing list