Bug ID: JDK-8320218 Update XML Security for Java to 3.0.3

Type: CSR
Component: security-libs
Sub-Component: javax.xml.crypto

Priority: P3
Status: Draft
Resolution: Unresolved
Fix Versions: 22

Submitted: 2023-11-16
Updated: 2023-11-16

Summary
-------

Add 4 SHA-3 based new XML signature method URIs.

Problem
-------

Apache Santuario 3.0.3 introduced 4 new signature methods. We should add these as static final strings in the `SignatureMethod` class.

Solution
--------

Add the new signature method URIs.

Specification
-------------

Add these fields into `javax.xml.crypto.dsig.SignatureMethod`:

    /**
     * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1">
     * SHA3-224-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
     *
     * @since 22
     */
    String SHA3_224_RSA_MGF1 =
            "http://www.w3.org/2007/05/xmldsig-more#sha3-224-rsa-MGF1";

    /**
     * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1">
     * SHA3-256-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
     *
     * @since 22
     */
    String SHA3_256_RSA_MGF1 =
            "http://www.w3.org/2007/05/xmldsig-more#sha3-256-rsa-MGF1";

    /**
     * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1">
     * SHA3-384-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
     *
     * @since 22
     */
    String SHA3_384_RSA_MGF1 =
            "http://www.w3.org/2007/05/xmldsig-more#sha3-384-rsa-MGF1";

    /**
     * The <a href="http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1">
     * SHA3-512-RSA-MGF1</a> (PKCS #1) signature method algorithm URI.
     *
     * @since 22
     */
    String SHA3_512_RSA_MGF1 =
            "http://www.w3.org/2007/05/xmldsig-more#sha3-512-rsa-MGF1";

Note: The implementation change can be backported to earlier releases except for these new constants. Users will need to use the literal strings if they need to use these signature method in earlier JDK releases.

16-11-2023