You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2021/01/19 10:09:00 UTC

[jira] [Resolved] (SANTUARIO-561) TransformC14N returns empty byte array when nothing is provided as an input

     [ https://issues.apache.org/jira/browse/SANTUARIO-561?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved SANTUARIO-561.
-------------------------------------------
    Resolution: Fixed

> TransformC14N returns empty byte array when nothing is provided as an input
> ---------------------------------------------------------------------------
>
>                 Key: SANTUARIO-561
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-561
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: Java 2.2.1
>            Reporter: Aleksandr Beliakov
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: Java 2.2.2
>
>
> {color:#172b4d}Hello,{color}
>  
> {color:#172b4d}Thank you for resolving the ticket SANTUARIO-551 . However, we have faced with a similar issue in another place.{color}
>  
> {color:#172b4d}When executing {color}+_TransformC14N_+ on an _XMLSignatureInput_ initialized from a pre-calculated digest, the output result returns an empty byte array, instead of a null result as it was in 2.1.6.
> As the result, the method {{org.apache.xml.security.signature.Reference.getReferencedBytes()}} unexpectedly returns an empty byte array on a digest document as well.
>  
> Therefore we are not able to differentiate a digest document with an empty document.
>  
> The problem seems to be coming from the changes made in TransformC14N (please also verify other transform implementations, the problem can be similar).
>  
> The unit test that succeeds on 2.1.6 and fails with 2.2.1:
> {code:java}
>    @Test
>    public void transformC14NWithDigestTest() throws Exception {
>       MessageDigest md = MessageDigest.getInstance("SHA-256");
>       byte[] digest = md.digest("Hello world!".getBytes());
>       XMLSignatureInput inputPrecomputed = new XMLSignatureInput(Base64.getEncoder().encodeToString(digest));
>       MockTransformC14N mockTransformC14N = new MockTransformC14N();
>       // for Santuario 2.2.1
>       XMLSignatureInput xmlSignatureOutput = mockTransformC14N.enginePerformTransform(inputPrecomputed, null, null, null, false);
>       // for Santuario 2.1.6
>       // XMLSignatureInput xmlSignatureOutput = mockTransformC14N.enginePerformTransform(inputPrecomputed);
>       assertNull(xmlSignatureOutput.getBytes());
>    }
>    public static class MockTransformC14N extends TransformC14N {
>       static {
>          org.apache.xml.security.Init.init();
>       }
>       // for Santuario 2.2.1
>       @Override
>       public XMLSignatureInput enginePerformTransform(XMLSignatureInput input, OutputStream os,
>                                           Element transformElement, String baseURI,
>                                           boolean secureValidation) throws CanonicalizationException {
>          return super.enginePerformTransform(input, os, transformElement, baseURI, secureValidation);
>       }
>       // for Santuario 2.1.6
> //    @Override
> //    protected XMLSignatureInput enginePerformTransform(XMLSignatureInput input)
> //          throws IOException, CanonicalizationException, InvalidCanonicalizerException, TransformationException, ParserConfigurationException, SAXException {
> //       return super.enginePerformTransform(input);
> //    }
>    }
> {code}
>  
> Thank you.
>  
> Best regards,
> Aleksandr.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)