JDK-8011547 : Update XML Signature implementation to Apache Santuario 1.5.4
  • Type: Enhancement
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 8
  • Priority: P3
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2013-04-04
  • Updated: 2021-06-23
  • Resolved: 2013-07-05
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 Other
7u321Fixed 8 b100Fixed openjdk7uFixed
Related Reports
Duplicate :  
JDK-8008715 - Noisy warnings when compiling org.jcp.xml.dsig.internal.dom
Relates :  
JDK-8046044 - Fix raw and unchecked lint warnings in XML Signature Impl
Relates :  
JDK-8149029 - Secure validation of XML based digital signature always enabled when checking wrapping attacks
Relates :  
JDK-6815392 - Add tests for XML Signature 1.1
Relates :  
JDK-8017173 - XMLCipher with RSA_OAEP Key Transport algorithm can't be instantiated
Relates :  
JDK-8077321 - XMLSignatureInput cannot process a file larger than 1GB
Relates :  
JDK-8022120 - JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails
Description
Update the XML Signature implementation to Apache Santuario 1.5.4 to keep in synch with the implementation it is based on. See: http://santuario.apache.org/javaindex.html
Comments
All related XML Signature tests have passed.
14-08-2013
Christophe ran the XML Signature SQE tests on my JPRT build with the fix and it passed without any failures.
27-06-2013
Bringing in Apache Santuario 1.5.4 release will also resolve this issue (on JDK 8)
21-05-2013