You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2022/09/12 15:23:06 UTC
[santuario-xml-security-java] branch 2.3.x-fixes updated: Fix for https://bugs.openjdk.org/browse/JDK-8287246.
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 2.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/santuario-xml-security-java.git
The following commit(s) were added to refs/heads/2.3.x-fixes by this push:
new 2e2469dd Fix for https://bugs.openjdk.org/browse/JDK-8287246.
2e2469dd is described below
commit 2e2469dd98c5390ffe24180303bfb3e37609dec1
Author: Sean Mullan <se...@oracle.com>
AuthorDate: Wed Jun 15 10:03:11 2022 -0400
Fix for https://bugs.openjdk.org/browse/JDK-8287246.
---
.../jcp/xml/dsig/internal/dom/DOMKeyValue.java | 46 ++++++++--------------
1 file changed, 17 insertions(+), 29 deletions(-)
diff --git a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
index 2f44f445..f53b3c0f 100644
--- a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
+++ b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMKeyValue.java
@@ -296,35 +296,23 @@ public abstract class DOMKeyValue<K extends PublicKey> extends DOMStructure impl
("unable to create DSA KeyFactory: " + e.getMessage());
}
}
- Element curElem = DOMUtils.getFirstChildElement(kvtElem);
- if (curElem == null) {
- throw new MarshalException("KeyValue must contain at least one type");
- }
- // check for P and Q
- BigInteger p = null;
- BigInteger q = null;
- if ("P".equals(curElem.getLocalName()) && XMLSignature.XMLNS.equals(curElem.getNamespaceURI())) {
- p = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem, "Q", XMLSignature.XMLNS);
- q = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem);
- }
- BigInteger g = null;
- if (curElem != null
- && "G".equals(curElem.getLocalName()) && XMLSignature.XMLNS.equals(curElem.getNamespaceURI())) {
- g = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem, "Y", XMLSignature.XMLNS);
- }
- BigInteger y = null;
- if (curElem != null) {
- y = decode(curElem);
- curElem = DOMUtils.getNextSiblingElement(curElem);
- }
- //if (curElem != null && "J".equals(curElem.getLocalName())) {
- //j = new DOMCryptoBinary(curElem.getFirstChild());
- // curElem = DOMUtils.getNextSiblingElement(curElem);
- //}
- //@@@ do we care about j, pgenCounter or seed?
+ // P, Q, and G are optional according to the XML Signature
+ // Recommendation as they might be known from application context,
+ // but this implementation does not provide a mechanism or API for
+ // an application to supply the missing parameters, so they are
+ // required to be specified.
+ Element curElem =
+ DOMUtils.getFirstChildElement(kvtElem, "P", XMLSignature.XMLNS);
+ BigInteger p = decode(curElem);
+ curElem =
+ DOMUtils.getNextSiblingElement(curElem, "Q", XMLSignature.XMLNS);
+ BigInteger q = decode(curElem);
+ curElem =
+ DOMUtils.getNextSiblingElement(curElem, "G", XMLSignature.XMLNS);
+ BigInteger g = decode(curElem);
+ curElem =
+ DOMUtils.getNextSiblingElement(curElem, "Y", XMLSignature.XMLNS);
+ BigInteger y = decode(curElem);
DSAPublicKeySpec spec = new DSAPublicKeySpec(y, p, q, g);
return (DSAPublicKey) generatePublicKey(dsakf, spec);
}