wsit
  1. wsit
  2. WSIT-1656

Exclusive XML Canonicalization changed in 2.2 comparing to 2.1

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 2.2
    • Fix Version/s: None
    • Component/s: security
    • Labels:
      None
    • Environment:

      Windows 7

      Description

      After upgrading to Metro 2.2, we noticed that the exclusive XML canonicalization (StAXEXC14nCanonicalizerImpl) produces different result comparing to Metro 2.1
      The difference in canonicalization causes different digest being produced. Below are example of canonicalization being produced in 2.1 and 2.2, notice that 2.2 contains extra xmlns="" attributes in the default namespace elements. We identified that the changes were made in SVN r6737, part of WSS1717 (WSIT-1546) fix.

      Metro 2.1:
      <S:Body xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="_5003">
      <ns9:GetAllForceModuleCompositeRequest xmlns:ns9="http://metadata.dod.mil/mdr/ns/NECC-AP/JFW/rr">
      <itemsPerPage>2000</itemsPerPage>
      <includeTotalCount>true</includeTotalCount>
      <planId>94TC5</planId>
      </ns9:GetAllForceModuleCompositeRequest>
      </S:Body>

      Metro 2.2:
      <S:Body xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="_5003">
      <ns9:GetAllForceModuleCompositeRequest xmlns:ns9="http://metadata.dod.mil/mdr/ns/NECC-AP/JFW/rr">
      <itemsPerPage xmlns="">2000</itemsPerPage>
      <includeTotalCount xmlns="">true</includeTotalCount>
      <planId xmlns="">94TC5</planId>
      </ns9:GetAllForceModuleCompositeRequest>
      </S:Body>

        Activity

        btse created issue -
        Martin Grebac made changes -
        Field Original Value New Value
        Assignee kumarjayanti [ kumarjayanti ] symonchang [ symonchang ]
        symonchang made changes -
        Tags regression

          People

          • Assignee:
            symonchang
            Reporter:
            btse
          • Votes:
            3 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated: