DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=44206>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=44206 Summary: KeyInfo does not contain a disg ns declaration when EncryptedKey is martialed Product: Security Version: Java 1.4.1 Platform: Other OS/Version: other Status: NEW Severity: regression Priority: P2 Component: Encryption AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] Like it's done for ds:Signature elements, even for ds:KeyInfo elements "xmlns:ds" namespace declaration should be added explicitly since ds:KeyInfo elements can also be contained inside non-dsig elements like xenc:EncryptedKey. If this is not done, one could land up with an invalid XML after the xenc:EncryptedKey is martialed. Here's a suggested patch: ---------------------------------------------------------- --- KeyInfo.java.bak 2008-01-09 16:44:51.949750000 +0530 +++ KeyInfo.java 2008-01-10 11:10:33.090375000 +0530 @@ -107,6 +107,18 @@ super(doc); + String xmlnsDsPrefix = getDefaultPrefixBindings(Constants.SignatureSpecNS); + if (xmlnsDsPrefix == null || xmlnsDsPrefix.length() == 0) + { + this._constructionElement.setAttributeNS + (Constants.NamespaceSpecNS, "xmlns", Constants.SignatureSpecNS); + } + else + { + this._constructionElement.setAttributeNS + (Constants.NamespaceSpecNS, xmlnsDsPrefix, Constants.SignatureSpecNS); + } + XMLUtils.addReturnToElement(this._constructionElement); } ---------------------------------------------------------- -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
