You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by bu...@apache.org on 2009/04/06 21:31:07 UTC
DO NOT REPLY [Bug 46975] New: Use of same prefix in two different
namespace declarations in a document breaks c14n
https://issues.apache.org/bugzilla/show_bug.cgi?id=46975
Summary: Use of same prefix in two different namespace
declarations in a document breaks c14n
Product: Security
Version: Java 1.4.2
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Canonicalization
AssignedTo: security-dev@xml.apache.org
ReportedBy: cantor.2@osu.edu
We have a sample involving a SAML 1.1 assertion that's internally including a
SAML 2.0 element inside one of the components, and the SAML library happens to
be using the prefix "saml" for both of the namespaces involved. The prefix is
also included in the inclusive prefix list, but I don't know if that's a
trigger for the bug yet.
In any case, what happens is that the c14n output to the digester is omitting
the second, nested namespace declaration because the prefix is already declared
up above, not noticing that the namespace itself has changed.
We're observing both an older Java version (1.4.1) and the latest C++ xmlsec
code rejecting this signature, so I suspect it's a regression and was working
correctly before, but need more time to prove that.
The relevant case looks like this:
<Foo xmlns:bar="https://bar.com">
<Foo2 xmlns:bar="https://bar2.com"/>
</Foo>
What we're seeing is bar omitted from the Foo2 element. I don't know if a
sample that small will trip it, but the full example that does is attached.
Search for NameID and you'll see the second declaration of xmlns:saml
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 46975] Use of same prefix in two different
namespace declarations in a document breaks c14n
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46975
Scott Cantor <ca...@osu.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #3 from Scott Cantor <ca...@osu.edu> 2009-04-07 11:37:48 PST ---
Marking invalid. Further investigation identified a bug in the calling code,
not in xmlsec.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 46975] Use of same prefix in two different
namespace declarations in a document breaks c14n
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46975
--- Comment #2 from Scott Cantor <ca...@osu.edu> 2009-04-06 12:50:03 PST ---
Created an attachment (id=23448)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=23448)
Log output from xmlsec showing input to digester, with missing namespace.
I believe the implementations rejecting the signature are probably (correctly)
redeclaring the namespace down below, while at least 1.4.2 omits it.
Once I obtain the C++ digest input, I'll attach that for comparison.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 46975] Use of same prefix in two different
namespace declarations in a document breaks c14n
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46975
--- Comment #1 from Scott Cantor <ca...@osu.edu> 2009-04-06 12:31:50 PST ---
Created an attachment (id=23447)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=23447)
Signed SAML 1 assertion with SAML 2 NameID in AttributeValue
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 46975] Use of same prefix in two different
namespace declarations in a document breaks c14n
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=46975
Scott Cantor <ca...@osu.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.