On 04/29/2014 10:26 PM, Xuelei Fan wrote:
Minor comments.
algorithms/implementations/SignatureDSA.java
============================================
51 public static final String URI = XMLSignature.ALGO_ID_SIGNATURE_DSA;
With this update, this variable can be declared as private, I think.
Is it still necessary to define this variable? I think we may want to
use the uniform XMLSignature definition instead.
I will remove it. I was a little concerned there may be someone
depending on it (and didn't want to diverge from the Apache code), but
most likely not.
security/utils/JavaUtils.java
=============================
162 public static byte[] convertASN1toXMLDSIG ...
201 public static byte[] convertXMLDSIGtoASN1 ...
As the methods above only apply to DSA, and the class now is in utils
package, we might want to use a little bit more instinctive method name
to indicate the DSA algorithm, for example, convertDsaASN1toXMLDSIG.
Yes, sounds like a good suggestion.
Need more time to read the update in JavaUtils.java
Ok, thanks.
--Sean
Xuelei
On 4/30/2014 4:48 AM, Sean Mullan wrote:
Please review the following change which adds support for 2048-bit DSA
keys and the DSA-SHA256 algorithm to the XML Signature implementation:
webrev: http://cr.openjdk.java.net/~mullan/webrevs/8038349/webrev.00/
JDK 8 already includes the underlying support for both of these in the
Sun provider. For 2048 bit keys, the ASN.1 parsing code in the XML
Signature layer needed to be adapted to handle 2048 bit keys, and for
SHA-256 it was just a matter of registering the algorithm URI and
instantiating a Signature object with the SHA256WithDSA algorithm.
Thanks,
Sean
