JSR 105 Final Draft API Changes since Proposed Final Draft

At the end of each change is the internal revision/version that it appeared in.

General

  1. (Editorial) Added the DOM mechanism requirement to the KeyInfoFactory and XMLSignatureFactory javadocs. This is already mentioned in the API overview, but it is helpful to also list the information in these classes. (0.14)

  2. Added the requirement: "Implementations of this technology MAY support J2SE 1.2 or later but MUST at a minimum support version 1.4 or later of J2SE." (0.14)

javax.xml.crypto

  1. (Editorial) Clarified that some subclasses of URIReference may not have a type attribute and the getType() method should always return null. (0.14)

  2. Added 4 new methods to the XMLCryptoContext class that were already implemented in the DOMValidateContext and DOMSignContext subclasses: getNamespacePrefix, putNamespacePrefix, getDefaultNamespacePrefix and setDefaultNamespacePrefix. (0.14)

  3. Clarified that NodeSetData.iterator() returns the nodes in document order. (0.16)

javax.xml.crypto.dom

  1. Added a new DOMCryptoContext class that implements XMLCryptoContext. Changed DOMSignContext and DOMValidateContext to extend DOMCryptoContext. Finally, removed the DOMIdMap interface and moved its methods to the DOMCryptoContext class. (0.14)

  2. Added a new iterator() method to the DOMCryptoContext class that returns an Iterator over the ID/Element mappings. (0.14)

  3. Removed the DOMNodeSetData class and reworded the 4th DOM Mechanism requirement. The reason for this change is because NodeIterator is part of the DOM L2 Traversal API and is not included in J2SE, so we don't want to force developers to drag in this API just for a single class. The NodeSetData interface should be sufficient. (0.14)

  4. Clarifed that DOMStructures are imported (cloned) into the target document of an XMLSignature only if the owner documents are different. (0.15)

  5. Clarifed how a sequence of nodes should be specified as a DOMStructure. (0.15)

javax.xml.crypto.dsig

  1. Clarified that XMLSignatureFactory.getURIDereferencer() never returns null. (0.14)

  2. Added constants for the SHA256, SHA512, and RIPEMD-160 algorithms to the DigestMethod interface. (0.14)

  3. Specified that the objects created by XMLSignatureFactory may contain state and are not meant to be reusable. (0.15)

  4. Added a new TransformService class which is a service provider interface for transform and canonicalization algorithms. Also added DOM Mechanism Requirement #10. (0.15)

  5. Added new transform methods to the Transform interface to execute transformations (needed by the TransformService class). Also added DOM Mechanism Requirement #8. (0.15)

  6. Added an overloaded newTransform and newCanonicalizationMethod method to the XMLSignatureFactory class to allow parameters to be specified in raw XML form. Also, added DOM Mechanism Requirement #9.(0.15)

  7. Added a new TransformException class for capturing transform and c14n errors. (0.15)

  8. Added an overloaded XMLSignatureFactory.unmarshalXMLSignature(XMLStructure) method to allow XML Signatures to be unmarshalled (and not validated) in a mechanism-independent way. Also added DOM Mechanism requirement #11. (0.15)
  9. Added an overloaded XMLSignatureFactory.newReference() method that take a pre-computed digest value. This supports the OASIS DSS use-case where the client calculates the digest value. (0.16)

  10. Added an overloaded XMLSignatureFactory.newReference() method that take a list of applied transforms and an intermediate transform value. This supports the OASIS DSS use-case where the client applies a list of transforms. (0.16)

  11. Removed the TransformService.init(XMLStructure) method and renamed the unmarshalParams method to init. (0.16)

javax.xml.crypto.dsig.dom

  1. Removed the DOMValidateContext(Node) constructor. The addition of the XMLSignatureFactory.unmarshalXMLSignature(XMLStructure) method removed the need for this ctor. (0.15)

javax.xml.crypto.dsig.keyinfo

  1. Modified the KeyInfoFactory.newPGPData methods to be more specific about the format of the PGP Key Material Packet parameter and what constitutes an illegal value. (0.14)

  2. Specified the minimal set of RFC 2253 DN attribute type keywords that must be recognized by the KeyInfoFactory.newX509IssuerSerial and KeyInfoFactory.newX509Data methods. (0.15)

  3. Specified that the objects created by KeyInfoFactory may contain state and are not meant to be reusable. (0.15)

  4. Added a new KeyInfoFactory.unmarshalKeyInfo method to allow users to unmarshal KeyInfo when it is not attached to an XML Signature. This is very useful for example, to validate KeyInfo contained in SAML assertions. Also, added DOM Mechanism requirement #7. (0.15)

  5. Added a new KeyInfo.marshal method to allow users to marshal KeyInfo objects back to XML. Also, added DOM Mechanism requirement #12. (0.16)