You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@santuario.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/08/28 13:52:01 UTC

[jira] [Closed] (SANTUARIO-462) getNodesetBeforeFirstCanonicalization() in Reference.java is missing C14N11 canonicalization algorithms

     [ https://issues.apache.org/jira/browse/SANTUARIO-462?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed SANTUARIO-462.
-----------------------------------------

> getNodesetBeforeFirstCanonicalization() in Reference.java is missing C14N11 canonicalization algorithms
> -------------------------------------------------------------------------------------------------------
>
>                 Key: SANTUARIO-462
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-462
>             Project: Santuario
>          Issue Type: Bug
>          Components: Java
>            Reporter: Emmanuelle Vargas-Gonzalez
>            Assignee: Colm O hEigeartaigh
>            Priority: Trivial
>              Labels: easyfix
>             Fix For: Java 2.1.0, Java 2.0.9
>
>         Attachments: Reference.patch
>
>
> In org.apache.xml.security.signature.Reference, the getNodesetBeforeFirstCanonicalization() should return as mentioned, the nodeset before applying the first canonicalization. The problem is that the intended behavior of this method is not satisfied if I have a reference that contains a C14N11 transform and will apply this canonicalization. This problem is present on earlier versions as well. I am not sure whether this is intended or not, but currently the aforementioned method misses:
> Transforms.TRANSFORM_C14N11_OMIT_COMMENTS
> Transforms.TRANSFORM_C14N11_WITH_COMMENTS
> For example,
> </ds:Reference>
> <ds:Reference URI="#xmldsig-SOMETHING-IMPORTANT">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"/>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
> <ds:DigestValue>BASE64 DIGEST</ds:DigestValue>
> </ds:Reference>
> See attached Reference.patch file
> Thanks,
> Emmanuelle



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)