Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8345822

Update XML Security for Java to 3.0.5

XMLWordPrintable

    • behavioral
    • minimal
    • New algorithms.
    • Other
    • Implementation

      Summary

      Update the XML Signature implementation (in the java.xml.crypto module) in the JDK to version 3.0.5 of Apache Santuario with 4 new SHA-3 based Elliptic Curve XML signature methods.

      Problem

      Apache Santuario 3.0.5 introduced 4 new Elliptic Curve signature methods. We should support them without adding their URIs as static final strings in the SignatureMethod class.

      Solution

      Import Apache Santuario 3.0.5.

      Please note that unlike in JDK 25, JDK update releases won't define the new signature methods in the javax.xml.crypto.dsig.SignatureMethod class. User can directly use the names of these signature methods since they are just string literals:

      • "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-224" for ECDSA_SHA3_224
      • "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-256" for ECDSA_SHA3_256
      • "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-384" for ECDSA_SHA3_384
      • "http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-512" for ECDSA_SHA3_512

      For example, instead of calling

      XMLSignatureFactory.getInstance("DOM").newSignatureMethod(SignatureMethod.ECDSA_SHA3_256);

      Users can just call

      XMLSignatureFactory.getInstance("DOM").newSignatureMethod("http://www.w3.org/2021/04/xmldsig-more#ecdsa-sha3-256");

      Specification

      No specification change.

            weijun Weijun Wang
            youlguo Youliang Guo
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: