There are few more similar occurrences that I found (patch attached)
that should be fixed.
Vishal
Vishal Mahajan wrote:
Any signature verification was failing for me, and I have a different
DOM implementation in my environment, so probably you are right. It
was such a basic error that it had to be something like this. In any
case, I think we should keep string comparison safe.
Vishal
Raul Benito wrote:
Hi Vishal,
The namespaces strings are intern, at least in xerces.
Can you post the code that is failing?
On 10/2/06, Vishal Mahajan <[EMAIL PROTECTED]> wrote:
This problem was not allowing successful creation of signature space
elements. Fix attached.
Vishal
Index: ElementProxy.java
===================================================================
--- ElementProxy.java (revision 451991)
+++ ElementProxy.java (working copy)
@@ -281,7 +281,7 @@
String localnameIS = this._constructionElement.getLocalName();
String namespaceIS =
this._constructionElement.getNamespaceURI();
- if ((namespaceSHOULDBE!=namespaceIS) ||
+ if (!namespaceSHOULDBE.equals(namespaceIS) ||
!localnameSHOULDBE.equals(localnameIS) ) {
Object exArgs[] = { namespaceIS +":"+ localnameIS,
namespaceSHOULDBE +":"+ localnameSHOULDBE};
Index: src/org/apache/xml/security/utils/XMLUtils.java
===================================================================
--- src/org/apache/xml/security/utils/XMLUtils.java (revision 451991)
+++ src/org/apache/xml/security/utils/XMLUtils.java (working copy)
@@ -272,7 +272,7 @@
String localName) {
if ((element == null) ||
- Constants.SignatureSpecNS!=element.getNamespaceURI() ){
+ !Constants.SignatureSpecNS.equals(element.getNamespaceURI()) ){
return false;
}
@@ -295,7 +295,7 @@
String localName) {
if ((element == null) ||
- EncryptionConstants.EncryptionSpecNS!=element.getNamespaceURI()
+
!EncryptionConstants.EncryptionSpecNS.equals(element.getNamespaceURI())
){
return false;
}
@@ -482,7 +482,7 @@
for (int i = 0; i < attributesLength; i++) {
Attr currentAttr = (Attr) attributes.item(i);
- if (namespaceNs!=currentAttr.getNamespaceURI())
+ if (!namespaceNs.equals(currentAttr.getNamespaceURI()))
continue;
if (childElement.hasAttributeNS(namespaceNs,
currentAttr.getLocalName())) {
@@ -524,7 +524,7 @@
public static Element selectDsNode(Node sibling, String nodeName, int
number) {
while (sibling!=null) {
if (nodeName.equals(sibling.getLocalName())
- &&
Constants.SignatureSpecNS==sibling.getNamespaceURI()) {
+ &&
Constants.SignatureSpecNS.equals(sibling.getNamespaceURI())) {
if (number==0){
return (Element)sibling;
}
@@ -545,7 +545,7 @@
public static Element selectXencNode(Node sibling, String nodeName, int
number) {
while (sibling!=null) {
if (nodeName.equals(sibling.getLocalName())
- &&
EncryptionConstants.EncryptionSpecNS==sibling.getNamespaceURI()) {
+ &&
EncryptionConstants.EncryptionSpecNS.equals(sibling.getNamespaceURI())) {
if (number==0){
return (Element)sibling;
}
@@ -604,7 +604,8 @@
public static Element selectNode(Node sibling, String uri,String nodeName,
int number) {
while (sibling!=null) {
if (nodeName.equals(sibling.getLocalName())
- && uri==sibling.getNamespaceURI()) {
+ && uri != null
+ && uri.equals(sibling.getNamespaceURI())) {
if (number==0){
return (Element)sibling;
}
@@ -636,7 +637,8 @@
//List list=new ArrayList();
while (sibling!=null) {
if (nodeName.equals(sibling.getLocalName())
- && uri==sibling.getNamespaceURI()) {
+ && uri != null
+ && uri.equals(sibling.getNamespaceURI())) {
a[curr++]=(Element)sibling;
if (size<=curr) {
int cursize= size<<2;
Index: src/org/apache/xml/security/utils/ElementProxy.java
===================================================================
--- src/org/apache/xml/security/utils/ElementProxy.java (revision 451991)
+++ src/org/apache/xml/security/utils/ElementProxy.java (working copy)
@@ -281,7 +281,7 @@
String localnameIS = this._constructionElement.getLocalName();
String namespaceIS = this._constructionElement.getNamespaceURI();
- if ((namespaceSHOULDBE!=namespaceIS) ||
+ if (!namespaceSHOULDBE.equals(namespaceIS) ||
!localnameSHOULDBE.equals(localnameIS) ) {
Object exArgs[] = { namespaceIS +":"+ localnameIS,
namespaceSHOULDBE +":"+ localnameSHOULDBE};
@@ -462,8 +462,10 @@
Node sibling=this._constructionElement.getFirstChild();
while (sibling!=null) {
if (localname.equals(sibling.getLocalName())
- &&
- namespace==sibling.getNamespaceURI() )
{
+ &&
+ namespace != null
+ &&
+
namespace.equals(sibling.getNamespaceURI()) ) {
number++;
}
sibling=sibling.getNextSibling();
Index: src/org/apache/xml/security/c14n/helper/AttrCompare.java
===================================================================
--- src/org/apache/xml/security/c14n/helper/AttrCompare.java (revision
451991)
+++ src/org/apache/xml/security/c14n/helper/AttrCompare.java (working copy)
@@ -72,8 +72,8 @@
String namespaceURI0 = attr0.getNamespaceURI();
String namespaceURI1 = attr1.getNamespaceURI();
- boolean isNamespaceAttr0 = XMLNS==namespaceURI0;
- boolean isNamespaceAttr1 = XMLNS==namespaceURI1;
+ boolean isNamespaceAttr0 = XMLNS.equals(namespaceURI0);
+ boolean isNamespaceAttr1 = XMLNS.equals(namespaceURI1);
if (isNamespaceAttr0) {
if (isNamespaceAttr1) {
Index:
src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315Excl.java
===================================================================
---
src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315Excl.java
(revision 451991)
+++
src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315Excl.java
(working copy)
@@ -147,7 +147,7 @@
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
- if (XMLNS_URI!=N.getNamespaceURI()) {
+ if (!XMLNS_URI.equals(N.getNamespaceURI())) {
//Not a namespace definition.
//The Element is output element, add his
prefix(if used) to visibyUtilized
String prefix = N.getPrefix();
@@ -242,7 +242,7 @@
Attr N = (Attr) attrs.item(i);
- if (XMLNS_URI!=N.getNamespaceURI()) {
+ if (!XMLNS_URI.equals(N.getNamespaceURI())) {
if ( !isVisible(N) ) {
//The node is not in the nodeset(if
there is a nodeset)
continue;
Index: src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java
===================================================================
--- src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java
(revision 451991)
+++ src/org/apache/xml/security/c14n/implementations/CanonicalizerBase.java
(working copy)
@@ -564,7 +564,7 @@
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
- if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
+ if
(!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) {
//Not a namespace definition, ignore.
continue;
}
Index:
src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java
===================================================================
--- src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java
(revision 451991)
+++ src/org/apache/xml/security/c14n/implementations/Canonicalizer20010315.java
(working copy)
@@ -245,7 +245,7 @@
if (XMLNS_URI!=NUri) {
//A non namespace definition node.
- if (XML_LANG_URI==NUri) {
+ if (XML_LANG_URI.equals(NUri)) {
xmlattrStack.addXmlnsAttr(N);
} else if (isRealVisible){
//The node is visible add the attribute to the list of
output attributes.
@@ -367,9 +367,9 @@
int attrsLength = attrs.getLength();
for (int i = 0; i < attrsLength; i++) {
Attr N = (Attr) attrs.item(i);
- if (Constants.NamespaceSpecNS!=N.getNamespaceURI()) {
+ if (!Constants.NamespaceSpecNS.equals(N.getNamespaceURI())) {
//Not a namespace definition, ignore.
- if (XML_LANG_URI==N.getNamespaceURI()) {
+ if (XML_LANG_URI.equals(N.getNamespaceURI())) {
xmlattrStack.addXmlnsAttr(N);
}
continue;
Index: src/org/apache/xml/security/encryption/XMLCipher.java
===================================================================
--- src/org/apache/xml/security/encryption/XMLCipher.java (revision
451991)
+++ src/org/apache/xml/security/encryption/XMLCipher.java (working copy)
@@ -356,7 +356,7 @@
logger.error("Transformation unexpectedly null...");
if(null == provider)
logger.error("Provider unexpectedly null..");
- if("" == provider)
+ if("".equals(provider))
logger.error("Provider's value unexpectedly not specified...");
if(!isValidEncryptionAlgorithm(transformation))
logger.warn("Algorithm non-standard, expected one of " +
ENC_ALGORITHMS);
@@ -490,7 +490,7 @@
logger.debug("Getting XMLCipher, provider but no transformation");
if(null == provider)
logger.error("Provider unexpectedly null..");
- if("" == provider)
+ if("".equals(provider))
logger.error("Provider's value unexpectedly not specified...");
XMLCipher instance = new XMLCipher();
@@ -983,7 +983,7 @@
String serializedOctets = null;
if (serializedData == null) {
- if (type == EncryptionConstants.TYPE_CONTENT) {
+ if (EncryptionConstants.TYPE_CONTENT.equals(type)) {
NodeList children = element.getChildNodes();
if (null != children) {
serializedOctets = _serializer.serialize(children);
