Re: Found several bugs in XML-Security 1.4.0 (Java)

Wed, 24 Jan 2007 07:14:23 -0800 

You can open a bug under bugzilla.

Lijun

On 1/24/07, Sean Mullan <[EMAIL PROTECTED]> wrote:


Thanks for reporting these. Do you mind opening a bug so we can track
this at: http://issues.apache.org/bugzilla/

--Sean

Lijun Liao wrote:
> Hello,
>
> I am using xml-security 1.4.0 (java) for my project. And I have found
> several bugs of this library (Perhaps bugs of the
> used third-party libraries):
>
> 1. In org.apache.xml.security.c14n.implementations.CanonicalizerBase and
> org.apache.xml.security.c14n.implementations.UtfHelpper (How about if
> the class name if changed to UtfHelper with ONE p?):
> The line if ((c & 0x80) ==0)  should be changed to if(c < 0x80), since
> the most UTF-chars have 0 at bit 8.
>
> 2. There are always two text nodes with the value '\n' in succession
> within <ds:SignedInfo> and <ds:X509IssuerSerial>. If we have signed some
> elements and wish to add another signature with xpath as the tranform,
> then we get the error that says no node can be found to a handle raised
> by xalan-J). After the debug I found the responding codes as in
following:
>
>
> 01  public SignedInfo(
> 02         Document doc, Element SignatureMethodElem, Element
> CanonicalizationMethodElem)
> 03             throws XMLSecurityException {
> 04
> 05     super(doc);
> 06
this._constructionElement.appendChild(CanonicalizationMethodElem);
> 07     XMLUtils.addReturnToElement(this._constructionElement);
> 08     //Check this?
> 09     this.c14nMethod=CanonicalizationMethodElem;
> 10     this._constructionElement.appendChild(c14nMethod);
> 11     XMLUtils.addReturnToElement (this._constructionElement);
>
>       this._signatureAlgorithm = new
> SignatureAlgorithm(SignatureMethodElem, null);
>
>       signatureMethod=this._signatureAlgorithm.getElement();
>       this._constructionElement.appendChild(signatureMethod);
>
>       XMLUtils.addReturnToElement(this._constructionElement);
>    }
>
> Line 06 and 10 add the same element twice, hence the line 06 has no
> effect. But the text-node with the value "\n" added at line 07 is
> remained there.
>
>
> 01 public XMLX509IssuerSerial(Document doc, String X509IssuerName,
>
> 02                             BigInteger X509SerialNumber) {
> 03    super(doc);
> 04
> 05      XMLUtils.addReturnToElement(this._constructionElement);
>
> 06      this.addTextElement(X509IssuerName,
Constants._TAG_X509ISSUERNAME);
> 07      XMLUtils.addReturnToElement(this._constructionElement);
> 08      this.addTextElement(X509SerialNumber.toString(),
Constants._TAG_X509SERIALNUMBER);
>
> 09   }
>
> Line 07 should be removed, since '\n' is added in line 06.
>
> Best regards,
>
> Lijun Liao





--
Lijun Liao

Reply via email to