Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8223682

[xmldsig] Add KeyValue::EC_TYPE

XMLWordPrintable

    • Icon: CSR CSR
    • Resolution: Approved
    • Icon: P3 P3
    • 13
    • security-libs
    • None
    • minimal
    • No risk. Just a new string constant.
    • Java API
    • SE

      Summary

      Add a new EC_TYPE constant to the javax.xml.crypto.dsig.keyinfo.KeyValue interface.

          final static String EC_TYPE =
            "http://www.w3.org/2009/xmldsig11#ECKeyValue";

      Problem

      The EC key value is supported in Santuario 2.1.3, we should add a new constant for it.

      Solution

      See Specification. Besides adding the next string constant, the XML schema for the new type is also added (like we did for RSA and DSA). The text is copied from 4.5.2 and 4.5.2.3 of https://www.w3.org/TR/xmldsig-core/.

      Specification

      diff --git a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
--- a/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
+++ b/src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/keyinfo/KeyValue.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -47,6 +47,8 @@
  *      <choice>
  *        <element ref="ds:DSAKeyValue"/>
  *        <element ref="ds:RSAKeyValue"/>
+ *        <!-- <element ref="dsig11:ECKeyValue"/> -->
+ *        <!-- ECC keys (XMLDsig 1.1) will use the any element -->
  *        <any namespace="##other" processContents="lax"/>
  *      </choice>
  *    </complexType>
@@ -75,6 +77,25 @@
  *        <element name="Exponent" type="ds:CryptoBinary"/>
  *      </sequence>
  *    </complexType>
+ *
+ *    <complexType name="ECKeyValueType">
+ *      <sequence>
+ *        <choice>
+ *          <element name="ECParameters" type="dsig11:ECParametersType" />
+ *          <element name="NamedCurve" type="dsig11:NamedCurveType" />
+ *        </choice>
+ *        <element name="PublicKey" type="dsig11:ECPointType" />
+ *      </sequence>
+ *      <attribute name="Id" type="ID" use="optional" />
+ *    </complexType>
+ *
+ *    <complexType name="NamedCurveType">
+ *      <attribute name="URI" type="anyURI" use="required" />
+ *    </complexType>
+ *
+ *    <simpleType name="ECPointType">
+ *      <restriction base="ds:CryptoBinary" />
+ *    </simpleType>
  * </pre>
  * A <code>KeyValue</code> instance may be created by invoking the
  * {@link KeyInfoFactory#newKeyValue newKeyValue} method of the
@@ -124,6 +148,16 @@
+     /**
+     * URI identifying the EC KeyValue KeyInfo type:
+     * http://www.w3.org/2009/xmldsig11#ECKeyValue. This can be specified as
+     * the value of the <code>type</code> parameter of the
+     * {@link RetrievalMethod} class to describe a remote
+     * <code>ECKeyValue</code> structure.
+     *
+     * @since 13
+     */
+    final static String EC_TYPE =
+        "http://www.w3.org/2009/xmldsig11#ECKeyValue";

            weijun Weijun Wang
            weijun Weijun Wang
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: