|
I have a problem with the exclusive canonicalizer
without comments class in the xml security 1.2 source code. I have the following document : <roap:riHello
xmlns:roap="urn:oma:bac:dldrm:roap-1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
sessionId="292241414" status="Success"> <selectedVersion>1.0</selectedVersion> <riID> <keyIdentifier xsi:type="roap:X509SPKIHash"> <hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash> </keyIdentifier> </riID> <riNonce>316532319</riNonce> <serverInfo></serverInfo> <extensions> <extension xsi:type="roap:CertificateCaching"></extension> </extensions> </roap:riHello> If I canonicalize the previous document using the
exclusive without comment algo the document I get is the following: <roap:riHello
xmlns:roap="urn:oma:bac:dldrm:roap-1.0"
sessionId="1144777697" status="Success"> <selectedVersion>1.0</selectedVersion> <riID> <keyIdentifier
xsi:type="roap:X509SPKIHash"> <hash>sk+4JImZCG+IV4/c+Pw9FeAbhuc=</hash> </keyIdentifier> </riID> <riNonce>1061456201</riNonce> <serverInfo></serverInfo> <extensions> <extension
xsi:type="roap:CertificateCaching"></extension> </extensions> </roap:riHello> As you can see the xmlns:xsi is removed from the roap:riHello
element, but not added to the keyIdentifier and the extension element. So If I input the result document in a DOM parser it
just said not bound exception "xsi is not bound". Well at this point I try to understood the problem and
I check the source code of xml sec 1.2. I found something very strange: In the parsing of the doc in the canonicalizerSubTree
method there is a call to the method handlesAttributes that handles the attributes of the
current node of the doc parsing. In debugging the method I found that when the parser
comes to <keyIdentifier xsi:type="roap:X509SPKIHash"> for instance then the Attr object in the handlesAttributes
method is of class AttrImpl and not AttrNSImpl so the call to the Attr.getPrefix() always return
null if Attr is instance of AttrImpl ! Whereas there is actually a prefix that is
xsi !!!! So the attribute namespace is not seen as visiblyUtilized
!!! Do you know why I have a AttrImpl object instance
instead of a AttrNSImp that should handle the namespace prefix correctly? Do you think it is a bug in the dom parser or in the
xml sec source code or is it something I don't understand or something wrong with my document ? Thank you in advance for any answers. Cédric |
- Re: Exclusive canonicalization problem Cédric POTHIN
- Re: Exclusive canonicalization problem Raul Benito
- RE: Exclusive canonicalization problem Cédric POTHIN
- Re: Exclusive canonicalization problem Raul Benito
- RE: Exclusive canonicalization problem Cédric POTHIN
