If an element has more than 23 attributes, an xml signature over that element will fail to validate. Instead an ArrayIndexOutOfBoundsException will be thrown. This is due to a bug in the underlying Apache canonicalization implementaion. It has been fixed in later releases of the Apache XMLSec libraries (1.4 and up), but JDK 6 is based on 1.3.1 and thus this bug should be fixed/backported. This was reported by a user who was trying to validate a signed ODT (Open Office) document. See the Java Forum for more information: http://forum.java.sun.com/thread.jspa?threadID=5271276
|