JSR 105 Final Draft API Changes since
Proposed Final Draft
At the end of each change is the internal revision/version that it appeared in.
General
- (Editorial) Added the DOM mechanism requirement to the KeyInfoFactory and XMLSignatureFactory javadocs.
This is already mentioned in the API overview, but it is helpful
to also list the information in these classes. (0.14)
- Added the requirement: "Implementations of this technology MAY
support J2SE 1.2 or later but MUST at a minimum support version 1.4 or
later of J2SE." (0.14)
javax.xml.crypto
- (Editorial) Clarified that some subclasses of URIReference may not have a
type attribute and the getType()
method should always return null. (0.14)
- Added 4 new methods to the XMLCryptoContext
class that were already implemented in the DOMValidateContext and DOMSignContext subclasses: getNamespacePrefix, putNamespacePrefix, getDefaultNamespacePrefix and setDefaultNamespacePrefix. (0.14)
- Clarified that
NodeSetData.iterator()
returns the nodes in
document order. (0.16)
javax.xml.crypto.dom
- Added a new DOMCryptoContext
class that implements XMLCryptoContext.
Changed DOMSignContext
and DOMValidateContext to
extend DOMCryptoContext.
Finally, removed the DOMIdMap
interface and moved its methods to the DOMCryptoContext class. (0.14)
- Added a new iterator()
method to the DOMCryptoContext
class that returns an Iterator
over the ID/Element mappings. (0.14)
- Removed the DOMNodeSetData
class and reworded the 4th DOM Mechanism requirement. The reason for this change is because
NodeIterator is part
of the DOM L2 Traversal API and is not included in J2SE, so we don't
want to force developers to drag in this API just for a single class.
The NodeSetData interface should be sufficient. (0.14)
- Clarifed that
DOMStructure
s are imported (cloned) into the
target document of an XMLSignature
only if the owner documents
are different. (0.15)
- Clarifed how a sequence of nodes should be specified as a
DOMStructure
. (0.15)
javax.xml.crypto.dsig
- Clarified that XMLSignatureFactory.getURIDereferencer()
never returns null. (0.14)
- Added constants for the SHA256, SHA512, and RIPEMD-160 algorithms
to the DigestMethod
interface. (0.14)
- Specified that the objects created by
XMLSignatureFactory
may
contain state and are not meant to be reusable. (0.15)
- Added a new
TransformService
class which is a service
provider interface for transform and canonicalization algorithms. Also added
DOM Mechanism Requirement #10. (0.15)
- Added new
transform
methods to the Transform
interface to execute transformations (needed by the
TransformService
class). Also added DOM Mechanism Requirement
#8. (0.15)
- Added an overloaded
newTransform
and
newCanonicalizationMethod
method to the
XMLSignatureFactory
class to allow parameters to be specified in
raw XML form. Also, added DOM Mechanism Requirement #9.(0.15)
- Added a new
TransformException
class for capturing
transform and c14n errors. (0.15)
- Added an overloaded
XMLSignatureFactory.unmarshalXMLSignature(XMLStructure)
method to allow XML Signatures to be unmarshalled (and not validated)
in a mechanism-independent way. Also added DOM Mechanism requirement
#11. (0.15)
- Added an overloaded
XMLSignatureFactory.newReference()
method that take a
pre-computed digest value. This supports the OASIS DSS use-case where
the client calculates the digest value. (0.16)
- Added an overloaded
XMLSignatureFactory.newReference()
method that take a
list of applied transforms and an intermediate transform value. This
supports the OASIS DSS use-case where the client applies a list of
transforms. (0.16)
- Removed the
TransformService.init(XMLStructure)
method
and renamed the unmarshalParams
method to init
.
(0.16)
javax.xml.crypto.dsig.dom
- Removed the
DOMValidateContext(Node)
constructor. The
addition of the
XMLSignatureFactory.unmarshalXMLSignature(XMLStructure)
method removed the need for this ctor. (0.15)
javax.xml.crypto.dsig.keyinfo
- Modified the KeyInfoFactory.newPGPData
methods to be more specific about the format of the PGP Key Material
Packet parameter and what constitutes an illegal value. (0.14)
- Specified the minimal set of RFC 2253 DN attribute type
keywords that must be recognized by the
KeyInfoFactory.newX509IssuerSerial
and
KeyInfoFactory.newX509Data
methods. (0.15)
- Specified that the objects created by
KeyInfoFactory
may
contain state and are not meant to be reusable. (0.15)
- Added a new
KeyInfoFactory.unmarshalKeyInfo
method to
allow users to unmarshal KeyInfo when it is not attached to an XML
Signature. This is very useful for example, to validate KeyInfo contained
in SAML assertions. Also, added DOM Mechanism requirement #7. (0.15)
- Added a new
KeyInfo.marshal
method to allow users to
marshal KeyInfo
objects back to XML. Also, added DOM Mechanism
requirement #12. (0.16)