RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0
Weijun Wang
weijun at openjdk.java.net
Sat Dec 12 02:49:58 UTC 2020
On Fri, 13 Nov 2020 22:00:26 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
>>
>> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
>>
>> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
>>
>> Several tests need to be updated because of internal method signature changes.
>>
>> The "Support RSA-PSS with parameters" commit introduces a new public API and would need a CSR.
>>
>> The last patch is one we just fixed several days ago.
>
> The "Support RSA-PSS with parameters" commit is rewritten. Now a `PSSParameterSpec` object is encapsulated inside a `RSAPSSParameterSpec`.
>
> Note: https://tools.ietf.org/html/rfc6931#section-2.3.9 define the algorithm name as RSASSA-PSS with URI fragment `#rsa-pss` (no SSA). So in comments I always use the long name but the `SignatureMethod` constant is named `RSA_PSS`. Hopefully this is fine.
> @wangweij This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!
Sure.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list