RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0 [v2]
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Sun Jan 10 05:19:59 UTC 2021
On Fri, 13 Nov 2020 22:05:31 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
>>
>> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
>>
>> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
>>
>> Several tests need to be updated because of internal method signature changes.
>>
>> The "Support RSA-PSS with parameters" commit introduces a new public API and would need a CSR.
>>
>> The last patch is one we just fixed several days ago.
>
> Weijun Wang has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR.
Marked as reviewed by xuelei (Reviewer).
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/algorithms/SignatureAlgorithm.java line 196:
> 194: @SuppressWarnings("deprecation")
> 195: SignatureAlgorithmSpi result = implementingClass.newInstance();
> 196: return result;
A IDE may have a warning for the result value as it is not really necessary, except for the suppress warnings. Maybe, the @SuppressWarings could be placed in the method level. Just for your reference, go ahead with your preference.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/c14n/Canonicalizer.java line 112:
> 110: @SuppressWarnings("deprecation")
> 111: CanonicalizerSpi tmp = implementingClass.newInstance();
> 112: canonicalizerSpi = tmp;
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/keys/keyresolver/KeyResolver.java line 198:
> 196: @SuppressWarnings("deprecation")
> 197: KeyResolverSpi tmp = (KeyResolverSpi) ClassLoaderUtils.loadClass(className, KeyResolver.class).newInstance();
> 198: keyResolverSpi = tmp;
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java line 204:
> 202: @SuppressWarnings("deprecation")
> 203: TransformSpi tmp = transformSpiClass.newInstance();
> 204: transformSpiHash.put(algorithmURI, tmp);
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/transforms/Transform.java line 237:
> 235: @SuppressWarnings("deprecation")
> 236: TransformSpi tmp = implementingClass.newInstance();
> 237: transformSpiHash.put(algorithmURI, tmp);
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/XMLUtils.java line 73:
> 71: @SuppressWarnings("deprecation")
> 72: XMLParser tmp = (XMLParser) ClassLoaderUtils.loadClass(xmlParserClass, XMLUtils.class).newInstance();
> 73: return tmp;
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java line 72:
> 70: @SuppressWarnings("deprecation")
> 71: ResourceResolverSpi tmp = resourceResolverClass.newInstance();
> 72: register(tmp, false);
Same comment as the one in SignatureAlgorithm.java.
src/java.xml.crypto/share/classes/com/sun/org/apache/xml/internal/security/utils/resolver/ResourceResolver.java line 93:
> 91: @SuppressWarnings("deprecation")
> 92: ResourceResolverSpi tmp = resourceResolverClass.newInstance();
> 93: register(tmp, true);
Same comment as the one in SignatureAlgorithm.java.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list