47761 – xmlns:xml namespace improperly emitted during excl c14n

Bug 47761 - xmlns:xml namespace improperly emitted during excl c14n

Summary: xmlns:xml namespace improperly emitted during excl c14n

Status:	RESOLVED FIXED

Alias:	None

Product:	Security - Now in JIRA
Classification:	Unclassified
Component:	Signature (show other bugs)
Version:	Java 1.4.2
Hardware:	All All

Importance:	P2 normal
Target Milestone:	---
Assignee:	XML Security Developers Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-08-28 10:53 UTC by Scott Cantor
Modified:	2009-10-01 14:11 UTC (History)
CC List:	0 users

Attachments
Affected document, unsigned and signed, and a key pair used. (4.71 KB, application/x-compressed) 2009-08-28 10:53 UTC, Scott Cantor	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Scott Cantor 2009-08-28 10:53:25 UTC

Created attachment 24187 [details]
Affected document, unsigned and signed, and a key pair used.

It appears that the c14n algorithm is outputting xmlns:xml in certain
conditions even when set to the usual/presumed value, which is improper.

A kit to help reproduce is attached.

From exchanging email with Sean, I believe the trigger for this is probably the
poor choice (but not outright bug) of including the xml prefix in the inclusive
prefix parameter. If so, only exclusive would be broken, and only with this
trigger.

We agree that identifying the prefix there is a bad idea, but it's not illegal
and it doesn't change the algorithm, so it should get fixed here also.

Comment 1 sean.mullan 2009-10-01 14:11:30 UTC

Fixed in main trunk.