RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0 [v3]

Weijun Wang weijun at openjdk.java.net
Mon Jan 11 17:31:00 UTC 2021 

> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
> 
> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
> 
> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
> 
> Several tests need to be updated because of internal method signature changes.
> 
> The "Support RSA-PSS with parameters" commit introduces a new public API and would need a CSR.
> 
> The last patch is one we just fixed several days ago.

Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains 13 additional commits since the last revision:

 - No more newInstance calls
 - Support RSA-PSS with parameters
 - Reapply 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
 - Fix test failures
 - Supporting named RSASSA-PSS without parameters
 - Reapply 8008744: Rework part of fix for JDK-6741606
 - Reapply 8151893: Add security property to configure XML Signature secure validation mode
   
   Reapply 8140353: Improve signature checking
 - Reapply Reapply 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
 - Reapply 8038913: Bolster XML support (Init.java part)
 - Various warnings, the version, and abnormal copyright lines
 - ... and 3 more: https://git.openjdk.java.net/jdk/compare/3ab6657f...f7ee7648

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/1206/files
  - new: https://git.openjdk.java.net/jdk/pull/1206/files/73c73381..f7ee7648

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=1206&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=1206&range=01-02

  Stats: 124959 lines in 1924 files changed: 67184 ins; 45132 del; 12643 mod
  Patch: https://git.openjdk.java.net/jdk/pull/1206.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/1206/head:pull/1206

PR: https://git.openjdk.java.net/jdk/pull/1206

More information about the security-dev mailing list