[jdk21u-dev] RFR: 8319124: Update XML Security for Java to 3.0.3
Matthias Baesken
mbaesken at openjdk.org
Wed Jan 3 17:05:47 UTC 2024
On Sat, 23 Dec 2023 15:23:05 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> I backport this for parity with 21.0.3-oracle.
>
> The patch applied clean (first commit).
>
> I removed the strings from SignatureMethod.java as documented in the backport CSR.
> I did not change DOMSignatureMethod.java.
>
> I skipped the changes to GenerationTest.java. The test passes.
Hi Goetz , looks mostly good.
But I am not sure about this change
src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/DOMXMLSignatureFactory.java
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA3_224_MGF1)) {
return new DOMSignatureMethod.SHA3_224withRSAandMGF1(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA3_256_MGF1)) {
return new DOMSignatureMethod.SHA3_256withRSAandMGF1(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA3_384_MGF1)) {
return new DOMSignatureMethod.SHA3_384withRSAandMGF1(params);
} else if (algorithm.equals(DOMSignatureMethod.RSA_SHA3_512_MGF1)) {
return new DOMSignatureMethod.SHA3_512withRSAandMGF1(params);
here you reference new algorithms from higher jdk versions; should they really be present here in jdk21 ?
-------------
PR Comment: https://git.openjdk.org/jdk21u-dev/pull/94#issuecomment-1875687231
More information about the jdk-updates-dev
mailing list