You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by "Marc Giger (JIRA)" <ji...@apache.org> on 2015/11/15 17:21:11 UTC
[jira] [Commented] (SANTUARIO-424) Multiple Signatures cause a NPE
on verification in the streaming code
[ https://issues.apache.org/jira/browse/SANTUARIO-424?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15005960#comment-15005960 ]
Marc Giger commented on SANTUARIO-424:
--------------------------------------
Hi Colm,
It is probably doable but will break streaming completely because then we have
to buffer the whole document. At the moment we just buffer until the signature is found.
My proposal is to simply fix the NPE and throw an proper exception if a further signature is encountered. Ok?
Note that multiple signatures should still be possible when chaining the XML(Sec) StreamReaders.
Marc
> Multiple Signatures cause a NPE on verification in the streaming code
> ---------------------------------------------------------------------
>
> Key: SANTUARIO-424
> URL: https://issues.apache.org/jira/browse/SANTUARIO-424
> Project: Santuario
> Issue Type: Bug
> Reporter: Colm O hEigeartaigh
> Assignee: Marc Giger
>
> Multiple Signatures cause a NPE on verification with the streaming code. The XMLSecurityInputProcessor is only really designed to process a single Signature (i.e. the internalBufferProcessor gets removed on processing a single signature). Not sure how feasible it is to support multiple signatures here.
> Ignored Test case added as part of this commit: http://svn.apache.org/viewvc?view=revision&revision=1693244
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)