Hi Fedor, Sorry for the delay. Everything looks fine except that the version info in santuario.md should be updated. I've also updated XMLDSigRI.java to match the recent code change for JDK-8232357. A new webrev is now available at
http://cr.openjdk.java.net/~weijun/8231507/webrev.00/ If no one else has any more comment, I'll push this change myself. Thanks, Max > On Oct 10, 2019, at 10:48 PM, Fedor Burdun <[email protected]> wrote: > > Hi Weijun, > > I am glad to be helpful for community. > Thanks a lot for your notes. > > In addition to all mentioned above and due to (8151893: Add security property > to configure XML Signature secure validation mode) > it seems the checking of Policy.restrictRetrievalMethodLoops also should be > reverted? > Please correct me if I'm wrong and it should not. > > Andrew Brygin volunteered to be sponsor for this code change. > > New webrev: http://cr.openjdk.java.net/~fijiol/8231507/webrev.01/ > Tests: test/jdk/javax/xml/crypto/dsig/ > > Best regards, > Fedor > > > > > От: Weijun Wang <[email protected]> > Отправлено: 10 октября 2019 г. 13:08 > Кому: Fedor Burdun > Копия: [email protected] > Тема: Re: RFR: 8231507: Update Apache Santuario (XML Signature) to version > 2.1.4 > > Hi Fedor, > > First, thanks a lot for the contribution. Overall the code change looks fine, > but I have several comments: > > 1. The change in EncryptionConstants.java is not necessary. In this module we > only do the signature part, but not encryption. > > 2. For the same reason, 5 new methods in XMLUtils.java about encryption. > > 3. In DOMRetrievalMethod.java, please revert to the use of > "Policy.restrictNumTransforms(newTransforms.size())". The java.xml.crypto > module inside OpenJDK is a little different from Santuario here and it uses a > java.security property named "jdk.xml.dsig.secureValidationPolicy". > > 4. XMLDSigRI.java contains no actual change and can be kept unchanged. > > Have you found a committer to sponsor your code change? If not, I'll be happy > to do it. > > Thanks, > Max > > > > On Oct 8, 2019, at 12:35 AM, Fedor Burdun <[email protected]> wrote: > > > > Dear all, > > > > Would you please review the following change? > > Bug: https://bugs.openjdk.java.net/browse/JDK-8231507 > > Webrev: http://cr.openjdk.java.net/~fijiol/8231507/webrev.00/ > > > > This change upgrades Apache Santuario library to version 2.1.4 > > > > Best regards, > > Fedor
