You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "jingwei jiao (Jira)" <ji...@apache.org> on 2022/04/24 02:24:00 UTC

[jira] [Created] (SANTUARIO-587) unmarshal cert support other provider

jingwei jiao created SANTUARIO-587:
--------------------------------------

             Summary: unmarshal cert support other provider 
                 Key: SANTUARIO-587
                 URL: https://issues.apache.org/jira/browse/SANTUARIO-587
             Project: Santuario
          Issue Type: Improvement
          Components: Java
    Affects Versions: Java 2.3.0
            Reporter: jingwei jiao
            Assignee: Colm O hEigeartaigh


key could use properties to change provider. we want cert also can do this.

cert unmarshal can find in those class: 
 * [org.apache.jcp.xml.dsig.internal.dom.DOMX509Data|https://github.com/apache/santuario-xml-security-java/blob/master/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMX509Data.java#L245]
 * [org.apache.xml.security.keys.content.x509.XMLX509Certificate|https://github.com/apache/santuario-xml-security-java/blob/master/src/main/java/org/apache/xml/security/keys/content/x509/XMLX509Certificate.java#L101]

we were build a patch for this, SUN JCE not support some custom oid, should use external provider(like. bouncycastle) to parser cert. and in products don't want to change provider order, so i make a loop for parser this;).

patch link: [link|https://github.com/Gsealy/xml-security-gm/commit/5b9a7238bdcd6aab3c752df7b5953a9e2df85cfd#diff-ffcb2f20fd0be80950041687b53afd2bdd1a2a1e918041637e01493135473e9c]

 



--
This message was sent by Atlassian Jira
(v8.20.7#820007)