Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8320218

Update XML Security for Java to 3.0.3

    XMLWordPrintable

Details

    • CSR
    • Resolution: Approved
    • P3
    • 22
    • security-libs
    • None
    • source
    • minimal
    • New constants.
    • Java API
    • SE

    Description

      Summary

      Update the XML Signature implementation (in the java.xml.crypto module) in the JDK to version 3.0.3 of Apache Santuario with 4 new SHA-3 based XML signature methods.

      Problem

      Apache Santuario 3.0.3 introduced 4 new signature methods. We should support them and add their URIs as static final strings in the SignatureMethod class.

      Solution

      Import Apache Santuario 3.0.3 with the new algorithm URIs defined.

      Specification

      Add these fields into the javax.xml.crypto.dsig.SignatureMethod interface:

      /**
       * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1">
       * SHA3-224-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
       *
       * @since 22
       */
      String SHA3_224_RSA_MGF1 =
              "http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1";
      
      /**
       * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1">
       * SHA3-256-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
       *
       * @since 22
       */
      String SHA3_256_RSA_MGF1 =
              "http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1";
      
      /**
       * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1">
       * SHA3-384-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
       *
       * @since 22
       */
      String SHA3_384_RSA_MGF1 =
              "http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1";
      
      /**
       * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1">
       * SHA3-512-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
       *
       * @since 22
       */
      String SHA3_512_RSA_MGF1 =
              "http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1";

      Attachments

        Issue Links

          Activity

            People

              weijun Weijun Wang
              weijun Weijun Wang
              Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: