You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by bu...@apache.org on 2008/03/17 14:36:48 UTC
DO NOT REPLY [Bug 44617] New: Regression when processing XPath
transform
https://issues.apache.org/bugzilla/show_bug.cgi?id=44617
Summary: Regression when processing XPath transform
Product: Security
Version: Java 1.4.1
Platform: All
OS/Version: All
Status: NEW
Severity: regression
Priority: P2
Component: Signature
AssignedTo: security-dev@xml.apache.org
ReportedBy: sean.mullan@sun.com
org.apache.xml.security.exceptions.XMLSecurityRuntimeException: Current Node:
[#text:
YWBCmDfU8JQVl3odJ358jqjZn5YCRkBN8D//t+Kd2YIVJvwCMO8uv9B1+t1sJkMjgF5R4fJbVRj4
bXW54pSR3n1nKeUSz27HavigQs7oK+UAIDrNPHkW/5ybOtYzOJftHak0IGDTehFiYOVGPNTiuzG3
WKui1eRbw/V4N0n89AE=], type: 3
Original Exception was java.lang.RuntimeException: Could not resolve the node
to a handle
at
org.apache.xml.security.transforms.implementations.TransformXPath$XPathNodeFilter.isNodeInclude(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.isVisible(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeXPathNodeSet(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeXPathNodeSetInternal(Unknown
Source)
at
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalize(Unknown
Source)
at
org.apache.xml.security.transforms.implementations.TransformC14NWithComments.enginePerformTransform(Unknown
Source)
at
org.apache.xml.security.transforms.Transform.performTransform(Unknown Source)
at
org.apache.xml.security.transforms.Transforms.performTransforms(Unknown Source)
at
org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Unknown
Source)
at
org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
Source)
at org.apache.xml.security.signature.Reference.calculateDigest(Unknown
Source)
at org.apache.xml.security.signature.Reference.verify(Unknown Source)
at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
Source)
at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 44617] Regression when processing XPath transform
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44617
--- Comment #2 from sean.mullan@sun.com 2008-03-24 13:08:52 PST ---
An additional, similar problem was discovered by Frank and the problem was in
ElementProxy.addBase64Text. I have also fixed this and the fix will be
available in 1.4.2 beta 2.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 44617] Regression when processing XPath transform
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=44617
sean.mullan@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #1 from sean.mullan@sun.com 2008-03-17 06:57:43 PST ---
Fixed in Head. A new regression test case has been added (thanks to Frank
Cornelis).
The problem was caused by the fix for 42061 (Method to disable
XMLUtils.addReturnToElement). In that fix, the DOM tree was modified to add
return characters after the XPath transform had been processed when generating
the signature. When the XPath transform was processed when validating the
signature, an XMLSecurityRuntime exception was thrown because the XPath
implementation had cached references to the nodes the first time it was
processed and now they no longer resolved to the same objects.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.