Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8305972 Update XML Security for Java to 3.0.2
  3. JDK-8322473

Release Note: Update XML Security for Java to 3.0.2

    XMLWordPrintable

Details

    Backports

      Description

        The XML Signature implementation has been updated to Santuario 3.0.2. Support for the following EdDSA signatures has been added: `ED25519` and `ED448`. While these new algorithm URIs are not defined in `javax.xml.crypto.dsig.SignatureMethod` in the JDK Update releases, they may be represented as string literals in order to be functionally equivalent. The JDK supports EdDSA since [JDK 15](https://openjdk.org/jeps/339). Releases earlier than that may use 3rd party security providers. One other difference is that the JDK still supports the [`here()` function](https://www.w3.org/TR/xmldsig-core1/#function-here) by default. However, we recommend avoiding the use of the `here()` function in new signatures and replacing existing signatures that use the `here()` function. Future versions of the JDK will likely disable, and eventually remove, support for this function, as it cannot be supported using the standard Java XPath API. Users can now disable the `here()` function by setting the security property `jdk.xml.dsig.hereFunctionSupported` to "false".

        Attachments

          Issue Links

            Activity

              People

                coffeys Sean Coffey
                coffeys Sean Coffey
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: