RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0
Weijun Wang
weijun at openjdk.java.net
Fri Nov 13 17:28:25 UTC 2020
This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
Several tests need to be updated because of internal method signature changes.
The "Support RSA-PSS with parameters" commit introduces a new public API and would need a CSR.
The last patch is one we just fixed several days ago.
-------------
Commit messages:
- Reapply 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
- Support RSA-PSS with parameters
- Fix test failures
- Supporting named RSASSA-PSS without parameters
- Reapply 8008744: Rework part of fix for JDK-6741606
- Reapply 8151893: Add security property to configure XML Signature secure validation mode
- Reapply Reapply 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
- Reapply 8038913: Bolster XML support (Init.java part)
- Various warnings, the version, and abnormal copyright lines
- Remove lines related to XML encryption
- ... and 2 more: https://git.openjdk.java.net/jdk/compare/e8b75b13...ccb0caf3
Changes: https://git.openjdk.java.net/jdk/pull/1206/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=1206&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8255255
Stats: 8044 lines in 188 files changed: 2705 ins; 3934 del; 1405 mod
Patch: https://git.openjdk.java.net/jdk/pull/1206.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/1206/head:pull/1206
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list