[jdk17u-dev] RFR: 8305972: Update XML Security for Java to 3.0.2 [v5]
Martin Balao
mbalao at openjdk.org
Sat Jan 6 00:20:29 UTC 2024
On Mon, 4 Dec 2023 14:31:45 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
>> I backport this for parity with 17.0.11-oracle.
>>
>> The backport was almost clean, except for two trivial resolves due to differences in whitespace in the context.
>>
>> The change comes with a CSR, which is already approved for 17.
>> But the CSR requires changes wrt. to the original change.
>> In 17, no EDDSA support is added.
>>
>> The PR comes with two commits:
>> 1. the almost clean backport. I already skipped two comments added in head but not needed in 17 (SignatureMethod, DigestMethod).
>> 2. removing the eddsa support.
>>
>> Tests pass, SAP nightly testing passed.
>
> Goetz Lindenmaier has updated the pull request incrementally with one additional commit since the last revision:
>
> Do the whitespace fix properly.
Hi Goetz,
Thanks for proposing this backport.
One minor comment:
* test/jdk/javax/xml/crypto/dsig/GenerationTests.java
* The import of X509Certificate and the definition of x5ks are dead code.
Otherwise, looks good to me. I'll give my approval anyways, as this is a minor comment.
On a final note, I agree with your changes of removing EdDSA code and aligning to the approved CSR. However, I have to say that doing this for 17u does not only prevent users from the enhancement but also increases the maintenance cost as there will be more chances of updates not applying cleanly for the years to come. I would have treated 17u differently than previous releases.
Martin.-
-------------
Marked as reviewed by mbalao (Reviewer).
PR Review: https://git.openjdk.org/jdk17u-dev/pull/2006#pullrequestreview-1807104143
More information about the jdk-updates-dev
mailing list