You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by co...@apache.org on 2011/04/27 12:16:30 UTC
svn commit: r1097064 - in /santuario/xml-security-java/branches/1.4.x-fixes:
./ src/org/apache/xml/security/c14n/implementations/
src_unitTests/org/apache/xml/security/test/
src_unitTests/org/apache/xml/security/test/c14n/implementations/
Author: coheigea
Date: Wed Apr 27 10:16:29 2011
New Revision: 1097064
URL: http://svn.apache.org/viewvc?rev=1097064&view=rev
Log:
[SANTUARIO-191] - xml:id attributes are not correctly handled when using c14n11
Added:
santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Santuario191Test.java
Modified:
santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt
santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/ModuleTest.java
Modified: santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt?rev=1097064&r1=1097063&r2=1097064&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/CHANGELOG.txt Wed Apr 27 10:16:29 2011
@@ -1,5 +1,6 @@
Changelog for "Apache xml-security" <http://santuario.apache.org/>
New in v1.4.5-SNAPSHOT
+ Fixed SANTUARIO-291: xml:id attributes are not correctly handled when using c14n11.
Fixed SANTUARIO-266: c14n11 produces different signatures using version 1.4.3 and 1.4.4.
Fixed SANTUARIO-253: org.apache.xml.security.utils.resolver.ResourceResolver is not thread safe.
Fixed SANTUARIO-263: Canonicalizer can't handle dynamical created DOM correctly. Thanks to Martin Koegler.
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java?rev=1097064&r1=1097063&r2=1097064&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src/org/apache/xml/security/c14n/implementations/Canonicalizer11.java Wed Apr 27 10:16:29 2011
@@ -422,7 +422,7 @@ public abstract class Canonicalizer11 ex
Attr N = (Attr) attrs.item(i);
if (!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) {
// Not a namespace definition, ignore.
- if (XML_LANG_URI.equals(N.getNamespaceURI())) {
+ if (!"id".equals(N.getLocalName()) && XML_LANG_URI.equals(N.getNamespaceURI())) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
Modified: santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/ModuleTest.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/ModuleTest.java?rev=1097064&r1=1097063&r2=1097064&view=diff
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/ModuleTest.java (original)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/ModuleTest.java Wed Apr 27 10:16:29 2011
@@ -49,6 +49,7 @@ public class ModuleTest extends TestCase
suite.addTest(org.apache.xml.security.test.c14n.implementations.Canonicalizer20010315ExclusiveTest.suite());
suite.addTest(org.apache.xml.security.test.c14n.implementations.ExclusiveC14NInterop.suite());
suite.addTest(org.apache.xml.security.test.c14n.implementations.Bug45961Test.suite());
+ suite.addTest(org.apache.xml.security.test.c14n.implementations.Santuario191Test.suite());
suite.addTest(org.apache.xml.security.test.external.org.apache.xalan.XPathAPI.XalanBug1425Test.suite());
suite.addTest(org.apache.xml.security.test.external.org.apache.xalan.XPathAPI.AttributeAncestorOrSelfTest.suite());
suite.addTest(org.apache.xml.security.test.signature.AllTests.suite());
Added: santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Santuario191Test.java
URL: http://svn.apache.org/viewvc/santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Santuario191Test.java?rev=1097064&view=auto
==============================================================================
--- santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Santuario191Test.java (added)
+++ santuario/xml-security-java/branches/1.4.x-fixes/src_unitTests/org/apache/xml/security/test/c14n/implementations/Santuario191Test.java Wed Apr 27 10:16:29 2011
@@ -0,0 +1,94 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.test.c14n.implementations;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.NodeList;
+
+import org.apache.xml.security.c14n.implementations.Canonicalizer11;
+import org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments;
+
+/**
+ * This is a test for Santuario-191:
+ *
+ * https://issues.apache.org/jira/browse/SANTUARIO-191
+ *
+ * An xml:Id attribute is appearing in a child element, contrary to the C14n11 spec.
+ */
+public class Santuario191Test extends TestCase {
+
+ private static final String INPUT_DATA =
+ "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+ + "<test xml:id=\"testid1\">"
+ + "<data>"
+ + " <user1>Alice</user1>"
+ + " <user2>Bob</user2>"
+ + "</data>"
+ + "</test>";
+ private static final String EXPECTED_RESULT =
+ "<data>"
+ + " <user1>Alice</user1>"
+ + " <user2>Bob</user2>"
+ + "</data>";
+
+ private DocumentBuilder db;
+
+ static {
+ org.apache.xml.security.Init.init();
+ }
+
+ public static Test suite() {
+ return new TestSuite(Santuario191Test.class);
+ }
+
+ public void testSantuario191() throws Exception {
+ //
+ // Parse the Data
+ //
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ dbf.setNamespaceAware(true);
+ db = dbf.newDocumentBuilder();
+ Document doc = db.parse(new ByteArrayInputStream(INPUT_DATA.getBytes("UTF8")));
+
+ //
+ // Canonicalize the data
+ //
+ NodeList dataNodes = doc.getElementsByTagName("data");
+ Canonicalizer11 c14ner = new Canonicalizer11_OmitComments();
+ byte[] result = c14ner.engineCanonicalizeSubTree(dataNodes.item(0));
+
+ //
+ // Test against expected result
+ //
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ out.write(result);
+ assertTrue(EXPECTED_RESULT.equals(out.toString("UTF8")));
+ }
+
+}