[jdk11u-dev] RFR: 8319124: Update XML Security for Java to 3.0.3
Andrew John Hughes
andrew at openjdk.org
Fri Feb 2 21:48:17 UTC 2024
On Fri, 19 Jan 2024 16:43:59 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> I backport this for parity with 11.0.23-oracle.
>
> Large parts applied clean, see first commit.
>
> I had to do the following mostly trivial resolves:
>
> src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/Init.java
> A larger chunk did not apply, I could not see why so far.
>
> src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/implementations/SignatureBaseRSA.java
> patching file src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMRSAPSSSignatureMethod.java
> patching file src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMSignedInfo.java
> Trivial resolve of imports.
> To make it compile I had to remove RSAPSSParameterSpec from the imports in two places.
>
> patching file test/jdk/javax/xml/crypto/dsig/GenerationTests.java
> All failed to apply automatically because RSAPSS coding is missing in the context.
> Also, the new tests don't work as "JDK-8172680: Support SHA-3 based Hmac algorithms" is not in 11.
>
> I kept the test coding to simplify future backports.
Did `GenerationTests.java` pass prior to this change? If so, introducing these tests we know to be broken - and which will never be fixed, as we're not backporting the SHA-3 enhancement - seems like a regression and that part of the change should be reverted.
-------------
PR Comment: https://git.openjdk.org/jdk11u-dev/pull/2465#issuecomment-1924742670
More information about the jdk-updates-dev
mailing list