You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "jingwei jiao (Jira)" <ji...@apache.org> on 2022/04/24 02:24:00 UTC
[jira] [Created] (SANTUARIO-587) unmarshal cert support other provider
jingwei jiao created SANTUARIO-587:
--------------------------------------
Summary: unmarshal cert support other provider
Key: SANTUARIO-587
URL: https://issues.apache.org/jira/browse/SANTUARIO-587
Project: Santuario
Issue Type: Improvement
Components: Java
Affects Versions: Java 2.3.0
Reporter: jingwei jiao
Assignee: Colm O hEigeartaigh
key could use properties to change provider. we want cert also can do this.
cert unmarshal can find in those class:
* [org.apache.jcp.xml.dsig.internal.dom.DOMX509Data|https://github.com/apache/santuario-xml-security-java/blob/master/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java#L245]
* [org.apache.xml.security.keys.content.x509.XMLX509Certificate|https://github.com/apache/santuario-xml-security-java/blob/master/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java#L101]
we were build a patch for this, SUN JCE not support some custom oid, should use external provider(like. bouncycastle) to parser cert. and in products don't want to change provider order, so i make a loop for parser this;).
patch link: [link|https://github.com/Gsealy/xml-security-gm/commit/5b9a7238bdcd6aab3c752df7b5953a9e2df85cfd#diff-ffcb2f20fd0be80950041687b53afd2bdd1a2a1e918041637e01493135473e9c]
--
This message was sent by Atlassian Jira
(v8.20.7#820007)