JDK-6598154 : api/javax_xml/crypto/dsig/XMLSignature/index.html#methods[Signature2011] fails since JDK 7 b16
- Type: Bug
- Component: security-libs
- Sub-Component: javax.xml.crypto
- Affected Version: 7
- Priority: P2
- Status: Closed
- Resolution: Fixed
- OS: generic
- CPU: generic
- Submitted: 2007-08-28
- Updated: 2012-10-23
- Resolved: 2009-11-18
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | Other |
|---|---|---|
6u4Fixed  |
7 b21Fixed |
OpenJDK6Fixed |
Description
JCK 6b b04
FAIL: JDK 7 b16 PASS JDK 7 b15; JDK6u4 b02
JCK test api/javax_xml/crypto/dsig/XMLSignature/index.html#methods[Signature2011] fails since JDK 7 b16. The problem is an internal implementation of XMLSignature violates statement from documentation:
"Throws:
ClassCastException - if the type of validateContext is not compatible with this XMLSignature
NullPointerException - if validateContext is null "
and throws NPE even if validateContext is not null.
Steps to reproduce:
compile and run the following example:
import java.io.PrintWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Collections;
import java.util.List;
import java.util.Vector;
import javax.xml.crypto.*;
import javax.xml.crypto.dsig.*;
import javax.xml.crypto.dsig.keyinfo.*;
import javax.xml.crypto.dsig.spec.*;
public class Crypto2 {
public class MyXMLContext implements XMLValidateContext, XMLSignContext {
MyXMLContext() {
}
public String getBaseURI() {
return null;
}
public void setBaseURI(String baseURI) {
}
public KeySelector getKeySelector() {
return null;
}
public void setKeySelector(KeySelector ks) {
}
public URIDereferencer getURIDereferencer() {
return null;
}
public void setURIDereferencer(URIDereferencer dereferencer) {
}
public Object get(Object key) {
return null;
}
public Object getProperty(String name) {
return null;
}
public Object put(Object key, Object value) {
return null;
}
public Object setProperty(String name, Object value) {
return null;
}
public String getDefaultNamespacePrefix() {
return null;
}
public void setDefaultNamespacePrefix(String defaultPrefix) {
}
public String putNamespacePrefix(String namespaceURI,
String prefix) {
return null;
}
public String getNamespacePrefix(String namespaceURI,
String defaultPrefix) {
return "";
}
}
protected XMLSignatureFactory getCurrentXMLFactory()
{
try {
return XMLSignatureFactory.getInstance();
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
return null;
}
}
protected XMLSignature getXMLSignature() {
try {
XMLSignatureFactory xmlSignatureFactory = getCurrentXMLFactory();
DigestMethod dm = xmlSignatureFactory.newDigestMethod(DigestMethod.SHA1, (DigestMethodParameterSpec) null);
Reference ref1 = xmlSignatureFactory.newReference("", dm);
CanonicalizationMethod cm = xmlSignatureFactory.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE,(C14NMethodParameterSpec) null);
SignatureMethod sm = xmlSignatureFactory.newSignatureMethod(SignatureMethod.DSA_SHA1, (SignatureMethodParameterSpec) null);
SignedInfo si = xmlSignatureFactory.newSignedInfo(cm, sm, Collections.singletonList(ref1));
KeyInfoFactory keyFactory = xmlSignatureFactory.getKeyInfoFactory();
KeyInfo keyInfo = keyFactory.newKeyInfo (Collections.singletonList(keyFactory.newKeyName("mykey")), "myinfo");
return xmlSignatureFactory.newXMLSignature(si, keyInfo);
} catch (Exception e) {
System.out.println("Unexpected " + e);
}
System.exit(1);
return null;
}
/* standalone interface */
public static void main(String argv[]) {
Crypto2 test = new Crypto2();
test.Signature2011();
}
/**
* Assertion testing
* for public boolean validate(XMLValidateContext validateContext) throws XMLSignatureException,
* ClassCastException will be thrown if the type of validateContext is not compatible with this XMLSignature.
*/
public void Signature2011() {
XMLSignature xmlSig = getXMLSignature();
if (xmlSig != null) {
try {
xmlSig.validate(new MyXMLContext());
System.out.println("ClassCastException was not thrown ");
} catch (ClassCastException e) {
e.printStackTrace();
} catch (XMLSignatureException e) {
e.printStackTrace();
}
}
}
}
for different versions of JDK it will return different output:
for build 16:
C:\tests\crypto2>Z:\Links\stt\jdk_promotions\JDK7.0\b16\binaries\windows-i586\jdk1.7.0\bin\java.exe -cp . Crypto2
Exception in thread "main" java.lang.NullPointerException
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:516)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:248)
at Crypto2.Signature2011(Crypto2.java:126)
at Crypto2.main(Crypto2.java:113)
for build 15:
C:\tests\crypto2>Z:\Links\stt\jdk_promotions\JDK7.0\b15\binaries\windows-i586\jdk1.7.0\bin\java.exe -cp . Crypto2
java.lang.ClassCastException: Crypto2$MyXMLContext cannot be cast to javax.xml.crypto.dom.DOMCryptoContext
at org.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(DOMURIDereferencer.java:71)
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:366)
at org.jcp.xml.dsig.internal.dom.DOMReference.validate(DOMReference.java:333)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:252)
at Crypto2.Signature2011(Crypto2.java:126)
at Crypto2.main(Crypto2.java:113)
Comments
|