JDK-8322474 : Release Note: Update XML Security for Java to 3.0.3
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version:
    8u411,8u411-perf,11.0.23-oracle,17.0.11-oracle,21.0.3-oracle 8u411,8u411-perf,11.0.23-oracle,17.0.11-oracle,21.0.3-oracle
  • Priority: P4
  • Status: Resolved
  • Resolution: Delivered
  • Submitted: 2023-12-19
  • Updated: 2024-03-14
  • Resolved: 2023-12-19
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 17 JDK 21 JDK 8
11.0.23-oracleResolved 17.0.11-oracleResolved 21.0.3-oracleResolved 8u411Resolved
Description
The XML Signature implementation has been updated to Santuario 3.0.3. Support for four new SHA-3 based RSA-MGF1 signature methods have been added: `SHA3_224_RSA_MGF1`, `SHA3_256_RSA_MGF1`, `SHA3_384_RSA_MGF1`, and `SHA3_512_RSA_MGF1`. While these new algorithm URIs are not defined in `javax.xml.crypto.dsig.SignatureMethod` in the JDK update releases, they may be represented as string literals in order to be functionally equivalent. SHA-3 hash algorithm support was delivered to JDK 9 via [JEP 287](https://openjdk.org/jeps/287). Releases earlier than that may use third party security providers.