RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.0 [v6]
Weijun Wang
weijun at openjdk.java.net
Sat Mar 6 17:59:09 UTC 2021
> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
>
> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
>
> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
>
> Several tests need to be updated because of internal method signature changes.
Weijun Wang has updated the pull request incrementally with 14 additional commits since the last revision:
- reapply 8259535: ECDSA SignatureValue do not always have the specified length
- No more newInstance calls
- Reapply 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
- Fix test failures
- Supporting named RSASSA-PSS without parameters
- Reapply 8008744: Rework part of fix for JDK-6741606
- Reapply 8151893: Add security property to configure XML Signature secure validation mode
Reapply 8140353: Improve signature checking
- Reapply Reapply 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
- Reapply 8038913: Bolster XML support (Init.java part)
- Version, and copyright lines
- ... and 4 more: https://git.openjdk.java.net/jdk/compare/f2d01521...7d18f816
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/1206/files
- new: https://git.openjdk.java.net/jdk/pull/1206/files/f2d01521..7d18f816
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=1206&range=05
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=1206&range=04-05
Stats: 7967 lines in 186 files changed: 2626 ins; 3944 del; 1397 mod
Patch: https://git.openjdk.java.net/jdk/pull/1206.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/1206/head:pull/1206
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list