JDK 9 Review Request for 8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits
Xuelei Fan
xuelei.fan at oracle.com
Wed Apr 30 02:26:43 UTC 2014
Minor comments.
algorithms/implementations/SignatureDSA.java
============================================
51 public static final String URI = XMLSignature.ALGO_ID_SIGNATURE_DSA;
With this update, this variable can be declared as private, I think.
Is it still necessary to define this variable? I think we may want to
use the uniform XMLSignature definition instead.
security/utils/JavaUtils.java
=============================
162 public static byte[] convertASN1toXMLDSIG ...
201 public static byte[] convertXMLDSIGtoASN1 ...
As the methods above only apply to DSA, and the class now is in utils
package, we might want to use a little bit more instinctive method name
to indicate the DSA algorithm, for example, convertDsaASN1toXMLDSIG.
Need more time to read the update in JavaUtils.java
Xuelei
On 4/30/2014 4:48 AM, Sean Mullan wrote:
> Please review the following change which adds support for 2048-bit DSA
> keys and the DSA-SHA256 algorithm to the XML Signature implementation:
>
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8038349/webrev.00/
>
> JDK 8 already includes the underlying support for both of these in the
> Sun provider. For 2048 bit keys, the ASN.1 parsing code in the XML
> Signature layer needed to be adapted to handle 2048 bit keys, and for
> SHA-256 it was just a matter of registering the algorithm URI and
> instantiating a Signature object with the SHA256WithDSA algorithm.
>
> Thanks,
> Sean
More information about the security-dev
mailing list