RFR 8177334: Update xmldsig implementation to Apache Santuario 2.1.1
Sean Mullan
sean.mullan at oracle.com
Wed Jun 13 12:17:35 UTC 2018
In StorageResolver.java:
41 private static final com.sun.org.slf4j.internal.Logger LOG =
42
com.sun.org.slf4j.internal.LoggerFactory.getLogger(StorageResolver.class);
Shouldn't the previous code using java.util.logging.Logger be retained?
There is no com.sun.org.slf4j package in the JDK.
--Sean
On 5/24/18 1:50 AM, Weijun Wang wrote:
> Please review the change at
>
> webrev: http://cr.openjdk.java.net/~weijun/8177334/webrev.00/
> CSR: https://bugs.openjdk.java.net/browse/JDK-8203460
>
> New features include the support of SHA-224 and SHA-3 MessageMethod, and RSASSA-PSS SignatureMethods.
>
> The change is done in 2 steps:
>
> 1. Copying files from Apache Santuario Release 2.1.1 [1]. Making cosmetic changes like changing package names.
>
> 2. More changes, including
>
> a. Applying patches in OpenJDK that were not pushed to Apache Santuario (yet)
> b. Using the RSASSA-PSS Signature algorithm in OpenJDK, because we don't have names like SHA256withRSAandMGF1
> c. Copying standard digest method and signature method names into public API (see the CSR)
>
> For your convenience, there is a separate webrev for step 2 above at
>
> http://cr.openjdk.java.net/~weijun/8177334/changes/
>
> Thanks
> Max
>
> [1] http://www.apache.org/dyn/closer.lua/santuario/java-library/2_1_1/xmlsec-2.1.1-source-release.zip
>
More information about the security-dev
mailing list