https://issues.apache.org/bugzilla/show_bug.cgi?id=45744
Summary: XPath transform and xml-stylesheet
Product: Security
Version: Java 1.4.1
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Signature
AssignedTo: security-dev@xml.apache.org
ReportedBy: [EMAIL PROTECTED]
Created an attachment (id=22525)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=22525)
upp_sign.xml is the signature and out.xml signed xml
There is a problem with verification of signatures having a ds:Reference to an
xml file with with <?xml-stylesheet?> with XPath transform. As you create the
same signature referencing a modified document by omitting <?xml-stylesheet?>
the signature verification succeeds.
I had to solve the problem and had come to conclusion that there is a bug in
org.apache.xml.security.signature.XMLSignatureInput. The source of the problem
is a line this._subNode=doc.getDocumentElement(); in void convertToNodes().
Assigning only root element removes xml-stylesheet. Changing the line to:
this._subNode=doc; seems to fix it.
Attached out.zip has two files that show the situation.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
