RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0

Weijun Wang weijun at openjdk.java.net
Sat Dec 12 02:49:58 UTC 2020


On Fri, 13 Nov 2020 22:00:26 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
>> 
>> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
>> 
>> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
>> 
>> Several tests need to be updated because of internal method signature changes.
>> 
>> The "Support RSA-PSS with parameters" commit introduces a new public API and would need a CSR.
>> 
>> The last patch is one we just fixed several days ago.
>
> The "Support RSA-PSS with parameters" commit is rewritten. Now a `PSSParameterSpec` object is encapsulated inside a `RSAPSSParameterSpec`.
> 
> Note: https://tools.ietf.org/html/rfc6931#section-2.3.9 define the algorithm name as RSASSA-PSS with URI fragment `#rsa-pss` (no SSA). So in comments I always use the long name but the `SignatureMethod` constant is named `RSA_PSS`. Hopefully this is fine.

> @wangweij This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

Sure.

-------------

PR: https://git.openjdk.java.net/jdk/pull/1206



More information about the security-dev mailing list