On Fri, 9 Apr 2021 23:18:08 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> This enhancement contains the following code changes: >> >> 1. Create a new public API `javax/xml/crypto/dsig/spec/RSAPSSParameterSpec` >> and remove the internal one. >> 2. Update marshaling and unmarshaling code inside `DOMRSAPSSSignatureMethod` >> so it understands extra fields in `PSSParameterSpec` and is aware of the >> defaults in both directions. >> 3. Update `DOMSignedInfo` so that secure validation can restrict >> `DigestMethod` used inside `RSAPSSParameterSpec` >> 4. Tests > > Weijun Wang has updated the pull request incrementally with one additional > commit since the last revision: > > more digest methods and spec change > New commit pushed and CSR at https://bugs.openjdk.java.net/browse/JDK-8259575 > updated. How do you find the `@implSpec` and `@implNote` in > `RSAPSSParameterSpec.java`? The `@implSpec` looks good. I view the `@implNote` more like an `@apiNote` though. test/lib/jdk/test/lib/security/XMLUtils.java line 63: > 61: import java.security.spec.PSSParameterSpec; > 62: import java.util.*; > 63: Can you add some comments about this class, e.g., "A collection of test utility methods for parsing, validating and generating XML Signatures". test/lib/jdk/test/lib/security/XMLUtils.java line 100: > 98: //////////// CONVERT //////////// > 99: > 100: public static String doc2string(Document doc) throws Exception { Add method description. test/lib/jdk/test/lib/security/XMLUtils.java line 111: > 109: } > 110: > 111: public static Document string2doc(String input) throws Exception { Add method description. ------------- PR: https://git.openjdk.java.net/jdk/pull/3181