You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@poi.apache.org by bu...@apache.org on 2019/08/31 13:33:24 UTC
[Bug 63712] New: upgrading xmlsec causes junit tests to fail
https://bz.apache.org/bugzilla/show_bug.cgi?id=63712
Bug ID: 63712
Summary: upgrading xmlsec causes junit tests to fail
Product: POI
Version: 4.0.x-dev
Hardware: PC
OS: All
Status: NEW
Severity: normal
Priority: P2
Component: POI Overall
Assignee: dev@poi.apache.org
Reporter: fanningpj@yahoo.com
Target Milestone: ---
XMLSEC 2.1.4 fixes a CVE issue.
https://santuario.apache.org/javareleasenotes.html
But upgrading causes issues. Similar issues discussed here:
https://stackoverflow.com/questions/17331187/xml-dig-sig-error-after-upgrade-to-java7u25
<testcase classname="org.apache.poi.poifs.crypt.TestSignatureInfo"
name="bug58630" time="1.826">
<error message="javax.xml.crypto.URIReferenceException:
org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot
resolve element with ID idSignedProperties"
type="javax.xml.crypto.dsig.XMLSignatureException">javax.xml.crypto.dsig.XMLSignatureException:
javax.xml.crypto.URIReferenceException:
org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot
resolve element with ID idSignedProperties
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:418)
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:352)
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:486)
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:371)
at
org.apache.poi.poifs.crypt.dsig.SignatureInfo.preSign(SignatureInfo.java:427)
at
org.apache.poi.poifs.crypt.dsig.SignatureInfo.confirmSignature(SignatureInfo.java:210)
at
org.apache.poi.poifs.crypt.TestSignatureInfo.bug58630(TestSignatureInfo.java:775)
Caused by: javax.xml.crypto.URIReferenceException:
org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot
resolve element with ID idSignedProperties
at
org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:117)
at
org.apache.poi.poifs.crypt.dsig.OOXMLURIDereferencer.dereference(OOXMLURIDereferencer.java:85)
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:414)
Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException:
Cannot resolve element with ID idSignedProperties
at
org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolveURI(ResolverFragment.java:78)
at
org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:278)
at
org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:110)
javax.xml.crypto.URIReferenceException:
org.apache.xml.security.utils.resolver.ResourceResolverException: Cannot
resolve element with ID idSignedProperties
at
org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:117)
at
org.apache.poi.poifs.crypt.dsig.OOXMLURIDereferencer.dereference(OOXMLURIDereferencer.java:85)
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:414)
at
org.apache.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:352)
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:486)
at
org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:371)
at
org.apache.poi.poifs.crypt.dsig.SignatureInfo.preSign(SignatureInfo.java:427)
at
org.apache.poi.poifs.crypt.dsig.SignatureInfo.confirmSignature(SignatureInfo.java:210)
at
org.apache.poi.poifs.crypt.TestSignatureInfo.bug58630(TestSignatureInfo.java:775)
Caused by: org.apache.xml.security.utils.resolver.ResourceResolverException:
Cannot resolve element with ID idSignedProperties
at
org.apache.xml.security.utils.resolver.implementations.ResolverFragment.engineResolveURI(ResolverFragment.java:78)
at
org.apache.xml.security.utils.resolver.ResourceResolver.resolve(ResourceResolver.java:278)
at
org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:110)
</error>
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org
[Bug 63712] upgrading xmlsec causes junit tests to fail
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63712
--- Comment #1 from PJ Fanning <fa...@yahoo.com> ---
The issue seems to happen with xmlsec 2.1.3 and 2.1.4.
I tried a few things with trying to set the xsd:ID type but it didn't help.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org
[Bug 63712] upgrading xmlsec causes junit tests to fail
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63712
Andreas Beeker <ki...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Andreas Beeker <ki...@apache.org> ---
Patched via r1875392 and updated to XMLSec 2.1.5
I've validated a signed workbook in Excel ... I hope that the other signing
options still work too ...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org
[Bug 63712] upgrading xmlsec causes junit tests to fail
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63712
--- Comment #2 from Andreas Beeker <ki...@apache.org> ---
Just a short follow-up:
The error happens with the following Santuario commit in xmlsec 2.1.3:
r1853805 | coheigea | 2019-02-18 16:10:04 +0100 (Mo, 18 Feb 2019) | 3 lines
Revert "[SANTUARIO-349] - Update JCP dsig code to simplify serialization"
This reverts commit 18b0fde1f8a5c7de811bc8ec3a886890d31276b9.
The symptom is that SignatureMarshalDefaultListener is only presented
DigestValues instead of Signature elements.
Investigating further ...
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@poi.apache.org
For additional commands, e-mail: dev-help@poi.apache.org