Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8223682

[xmldsig] Add KeyValue::EC_TYPE

    XMLWordPrintable

Details

    • CSR
    • Status: Closed
    • P3
    • Resolution: Approved
    • 13
    • security-libs
    • None
    • minimal
    • No risk. Just a new string constant.
    • Java API
    • SE

    Description

      Summary

      Add a new EC_TYPE constant to the javax.xml.crypto.dsig.keyinfo.KeyValue interface.

          final static String EC_TYPE =
            "http://www.w3.org/2009/xmldsig11#ECKeyValue";

      Problem

      The EC key value is supported in Santuario 2.1.3, we should add a new constant for it.

      Solution

      See Specification. Besides adding the next string constant, the XML schema for the new type is also added (like we did for RSA and DSA). The text is copied from 4.5.2 and 4.5.2.3 of https://www.w3.org/TR/xmldsig-core/.

      Specification

      diff --git a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,6 +47,8 @@
  *      <choice>
  *        <element ref="ds:DSAKeyValue"/>
  *        <element ref="ds:RSAKeyValue"/>
+ *        <!-- <element ref="dsig11:ECKeyValue"/> -->
+ *        <!-- ECC keys (XMLDsig 1.1) will use the any element -->
  *        <any namespace="##other" processContents="lax"/>
  *      </choice>
  *    </complexType>
@@ -75,6 +77,25 @@
  *        <element name="Exponent" type="ds:CryptoBinary"/>
  *      </sequence>
  *    </complexType>
+ *
+ *    <complexType name="ECKeyValueType">
+ *      <sequence>
+ *        <choice>
+ *          <element name="ECParameters" type="dsig11:ECParametersType" />
+ *          <element name="NamedCurve" type="dsig11:NamedCurveType" />
+ *        </choice>
+ *        <element name="PublicKey" type="dsig11:ECPointType" />
+ *      </sequence>
+ *      <attribute name="Id" type="ID" use="optional" />
+ *    </complexType>
+ *
+ *    <complexType name="NamedCurveType">
+ *      <attribute name="URI" type="anyURI" use="required" />
+ *    </complexType>
+ *
+ *    <simpleType name="ECPointType">
+ *      <restriction base="ds:CryptoBinary" />
+ *    </simpleType>
  * </pre>
  * A <code>KeyValue</code> instance may be created by invoking the
  * {@link KeyInfoFactory#newKeyValue newKeyValue} method of the
@@ -124,6 +148,16 @@
+     /**
+     * URI identifying the EC KeyValue KeyInfo type:
+     * http://www.w3.org/2009/xmldsig11#ECKeyValue. This can be specified as
+     * the value of the <code>type</code> parameter of the
+     * {@link RetrievalMethod} class to describe a remote
+     * <code>ECKeyValue</code> structure.
+     *
+     * @since 13
+     */
+    final static String EC_TYPE =
+        "http://www.w3.org/2009/xmldsig11#ECKeyValue";

      Attachments

        Issue Links

          csr of

          Enhancement - null JDK-8223053 [xmldsig] Add KeyValue::EC_TYPE

          • P3 - Major loss of function.
          • Resolved

          Activity

            People

              weijun Weijun Wang
              weijun Weijun Wang
              Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: