On Tue, 30 Mar 2021 15:04:29 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> update XMLUtils (not used by tests here) > > src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java > line 36: > >> 34: * Parameters for the <a >> href="http://www.w3.org/2007/05/xmldsig-more#rsa-pss";> >> 35: * XML Signature RSASSA-PSS Algorithm</a>. The parameters are expressed >> as a >> 36: * {@link PSSParameterSpec} object encapsulated. > > I suggest removing "encapsulated", I found use of that word a little > confusing. Maybe just "The parameters are represented as a {@link > PSSParameterSpec} object." Similar comment about "encapsulated" in other > methods. OK. > src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java > line 75: > >> 73: * {@code TrailerField}. This is equivalent to the parameter-less >> signature >> 74: * method as defined by >> http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1. >> 75: * > > Normally I don't like to hardcode defaults (in case they weaken later) but > since this is specified by RFC 6931, I don't think we have a choice, and I > think we need to use this default for interoperability. Yes, we need to support `xMLSignatureFactory.newSignatureMethod(SignatureMethod.RSA_PSS, null)`. > src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java > line 89: > >> 87: * >> 88: * @param spec the input {@code PSSParameterSpec} to be encapsulated >> 89: */ > > Should this throw NPE if spec is null? I currently throw one. Do I need to mention it in the spec? ------------- PR: https://git.openjdk.java.net/jdk/pull/3181
