RFR [13] 8217878: ENVELOPING XML signature no longer works in JDK 11
Weijun Wang
weijun.wang at oracle.com
Mon Mar 4 03:32:02 UTC 2019
Two questions:
1. There is no DOMCryptoBinary.java. Maybe you forgot "hg add"?
2. The Base64 class is called directly in several places. Aren't the helper methods in XMLUtils enough?
Thanks,
Max
> On Feb 26, 2019, at 4:46 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> In JDK 11, we included an updated version of Apache Santuario (which the JDK XML Signature implementation is based on) [1]. This contained a newer XML marshalling implementation, which has caused a couple of serious regressions (this one and JDK-8218629 [2]).
>
> After unsuccessfully trying to patch the current implementation, we decided to back it out and restore the previous code, which had been very stable for many years. The newer implementation is different in subtle ways and doesn't really offer any advantages other than a bit of reduction in lines of code. The Apache Santuario Project also has backed out the implementation.
>
> webrev: http://cr.openjdk.java.net/~mullan/webrevs/8217878/webrev.00/
> bug: https://bugs.openjdk.java.net/browse/JDK-8217878
>
> New test cases have also been added for the regressions.
>
> Note that this also fixes JDK-8218629 [2]. Since technically they are different issues, I will probably include both bug-ids in this changeset.
>
> --Sean
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8177334
> [2] https://bugs.openjdk.java.net/browse/JDK-8218629
More information about the security-dev
mailing list