SignedObject.java
-----------------
Now that SignedObject is no longer in the scope of the CSR, we talked
about updating the class javadoc with an example about setting the
parameters before passing the Signature object in. I didn't see that,
so did you want to at least give an example of it here? I don't
expect that would require a separate CSR.
Well, I debated about this and feel that it's probably better to leave
this for later once we are set about the recommended usage for
SignedObject.
Ok. File a CR to track if you think it's something you want to come
back to.
RSAPSSSignature.java
--------------------
191: Would you mind inserting a comment that you "skip the JCA
overhead"?
Ok.
264: -> PSSParameterSpec.TRAILER_FIELD_BC instead of hardcoding 1?
I think you might have missed this one.
TestOAEPWithParams.java
-----------------------
50: Should we also add SHA-384, SHA-512 here?
I am not so sure as the key size is only 768. We can bump the size up
and add SHA-384, SHA512, but since other tests in the same directory
covers SHA-382 and SHA-512, I only added SHA-512/224 and SHA-512/256 to
this test.
Ok.
Offsets.java
------------
43: Should we also add all of the missing RSA variants as well?
SHA{1,224,256...}withRSA
Ok, I added more but left SHA1 out as it's sunsetting and existing
coverage.
Sounds good.
Brad