RFR: 8255255: Update Apache Santuario (XML Signature) to version 2.2.1 [v8]
Sean Mullan
mullan at openjdk.java.net
Fri Mar 12 16:45:21 UTC 2021
On Thu, 11 Mar 2021 00:06:50 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> This is a multi-commits PR that upgrades xmldsig to be equivalent to Santuario 2.2.0.
>>
>> The first step is an auto-import. The JDK implementation is removed first and Santuario code are imported. Some unrelated files (Ex: encryption) are removed, and package names are renamed to be internal. There are also some bulk changes on company name, comment style, and white spaces.
>>
>> Next steps are patches applied by JDK. Some are old patches before the last import. Some are new.
>>
>> Several tests need to be updated because of internal method signature changes.
>
> Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains 15 additional commits since the last revision:
>
> - Merge branch 'master' into 8255255
> - reapply 8259535: ECDSA SignatureValue do not always have the specified length
> - No more newInstance calls
> - Reapply 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
> - Fix test failures
> - Supporting named RSASSA-PSS without parameters
> - Reapply 8008744: Rework part of fix for JDK-6741606
> - Reapply 8151893: Add security property to configure XML Signature secure validation mode
>
> Reapply 8140353: Improve signature checking
> - Reapply Reapply 8042967: Add variant of DSA Signature algorithms that do not ASN.1 encode the signature bytes
> - Reapply 8038913: Bolster XML support (Init.java part)
> - ... and 5 more: https://git.openjdk.java.net/jdk/compare/337c62e0...60496847
src/java.xml.crypto/share/classes/org/jcp/xml/dsig/internal/dom/Utils.java line 70:
> 68: * @return the Set of Nodes
> 69: */
> 70: static Set<Node> toNodeSet(Iterator<?> i) {
Why does `Iterator<Node>` cause a warning?
-------------
PR: https://git.openjdk.java.net/jdk/pull/1206
More information about the security-dev
mailing list