JDK-8307507 : Update XML Security for Java to 3.0.2
  • Type: CSR
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Priority: P3
  • Status: Closed
  • Resolution: Approved
  • Fix Versions: 21
  • Submitted: 2023-05-04
  • Updated: 2023-11-27
  • Resolved: 2023-05-19
Related Reports
CSR :  
JDK-8305972 - Update XML Security for Java to 3.0.2
Relates :  
JDK-8320594 - Update XML Security for Java to 3.0.2
Description
Summary
-------

Update the XML Signature implementation (in the `java.xml.crypto` module) in the JDK to version 3.0.2 of Apache Santuario.

Problem
-------

The latest Apache Santuario release 3.0.2 contains the following change:

1. Adds support for EdDSA. Two new standard `SignatureMethod` URIs are added for specifying EdDSA algorithms in XML signatures. 

2. Removes direct dependencies on Xalan. This dependency was necessary to support the `here()` XPath function defined at https://www.w3.org/TR/xmldsig-core1/#function-here.

Solution
--------

Import Apache Santuario 3.0.2 with the new algorithm URIs defined.

Santuario has discontinued the support of the `here()` function, as it required a dependency on Xalan internal APIs and cannot be supported using the standard Java XPath API. However, in this update, we will introduce a security property for the sake of backward compatibility, which allows users to decide if they want to maintain support for the function. If this property is set as "true" (which is the default value), the function will be supported, continuing the behavior of previous JDK releases. Otherwise, if set to "false", the function will not be supported, mirroring the latest approach of Santuario. A future JDK release is likely to change the default value to "false" when the compatibility risk is determined to be very low.

Note: this CSR is for JDK 21 only. If a backport is required, the new algorithm URIs cannot be backported. The new security property can be backported.


Specification
-------------

### New signature algorithms support

Add two algorithm URIs for the EdDSA signature algorithm using the Ed25510 and Ed448 curves. The URIs are defined in [Section 2.3.12 of RFC 9231](https://datatracker.ietf.org/doc/html/rfc9231#section-2.3.12). We also use this opportunity to add a new paragraph to the class description referencing the standards that define these URIs.

A similar paragraph is added to the `DigestMethod` class although there are no new method URIs defined in it.

    package javax.xml.crypto.dsig;
    
    /*
     * ....
     * <p>
     * The signature method algorithm URIs defined in this class are specified
     * in the <a href="https://www.w3.org/TR/xmldsig-core/">
     * W3C Recommendation for XML-Signature Syntax and Processing</a>
     * and <a href="https://www.rfc-editor.org/info/rfc9231">
     * RFC 9231: Additional XML Security Uniform Resource Identifiers (URIs)</a>
     * ....
     */
    public interface SignatureMethod extends XMLStructure, AlgorithmMethod {
        ....
        /**
         * The <a href="http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519">
         * ED25519</a> signature method algorithm URI.
         *
         * @since 21
         */
        String ED25519 = "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed25519";
    
        /**
         * The <a href="http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448">
         * ED448</a> signature method algorithm URI.
         *
         * @since 21
         */
        String ED448 = "http://www.w3.org/2021/04/xmldsig-more#eddsa-ed448";
    }

    /*
     * ....
     * <p>
     * The digest method algorithm URIs defined in this class are specified
     * in the <a href="https://www.w3.org/TR/xmldsig-core/">
     * W3C Recommendation for XML-Signature Syntax and Processing</a>
     * and <a href="https://www.rfc-editor.org/info/rfc9231">
     * RFC 9231: Additional XML Security Uniform Resource Identifiers (URIs)</a>
     * ....
     */
    public interface DigestMethod extends XMLStructure, AlgorithmMethod

### `here()` function support

A security property "jdk.xml.dsig.hereFunctionSupported" is introduced. The following paragraph is added to `conf/security/java.security`:

    #
    # Support for the here() function
    #
    # This security property determines whether the here() XPath function is
    # supported in XML Signature generation and verification.
    #
    # If this property is set to false, the here() function is not supported.
    # Generating an XML Signature that uses the here() function will throw an
    # XMLSignatureException. Validating an existing XML Signature that uses the
    # here() function will also throw an XMLSignatureException.
    #
    # The default value for this property is true.
    #
    # Note: This property is currently used by the JDK Reference implementation.
    # It is not guaranteed to be examined and used by other implementations.
    #
    #jdk.xml.dsig.hereFunctionSupported=true
Comments
Hi [~weijun], thanks for the additional context and background; moving to Approved.
19-05-2023
Hi [~darcy], there is a history here in the upstream repo that decides not to throw an unchecked exception in this case. In fact, before 2021 it did throw an unchecked exception, but it was removed and silently ignored in [this code change](https://github.com/apache/santuario-xml-security-java/commit/2d84fac8326440ff79cd7cdad41b678e646e17d0). It’s only when this `here()` issue appeared and we realized “silently ignoring” is not a good solution. Therefore it is [fixed again in the upstream repo](https://github.com/apache/santuario-xml-security-java/commit/675c01599cb2e0bd72d7edb5a2aff8e1b967e7c3) that throws a checked exception. The new behavior in OpenJDK simply adopts this change. We do not want to diverge from the upstream repo. Plus, if an unchecked exception is thrown, the specification needs to be updated. Santuario updates are usually backported to all old JDK releases, and it will be very difficult to update the spec in those releases as well.
19-05-2023
Moving back to Provisional pending resolution of the following question: would it be better for the here() method to throw an UnsupportedOperationException when it is not supported? Or is the checked XMLSignatureException exception meant to captue a wide range of possible conditions?
19-05-2023
Hi [~darcy], CSR updated again. This time we introduce a security property to control the behavior. By default the here() function is still supported, but user can disable it to mirror the Santuario behavior. A release note is also added.
18-05-2023
Moving to Approved.
15-05-2023
Acknowledged, [~weijun]; thanks for summarizing the differences.
15-05-2023
Hi, [~darcy]. I've made some changes to the CSR. Previously, xalan dependency was removed and the XPath here() function was no longer supported. After some more discussion, we decide to revert this change to minimize compatibility risk. The only change now is EdDSA support. I'll withdraw the CSR and re-submit it.
15-05-2023
Moving to Provisional.
09-05-2023