JDK-8217878 : ENVELOPING XML signature no longer works
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 11,12,13
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2019-01-25
  • Updated: 2021-04-26
  • Resolved: 2019-03-05
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 8 Other
11.0.4Fixed 8u231Fixed openjdk8u272Fixed
Related Reports
Relates :  
Relates :  
Relates :  
Relates :  
Sub Tasks
JDK-8264194 :  
Description
ADDITIONAL SYSTEM INFORMATION :
I verified this in Ubuntu 18.04 64bits and in MacOS Mojave 10.14.2

A DESCRIPTION OF THE PROBLEM :
The following code contains a test case to do XML signing using the ENVELOPING type: https://github.com/marianogonzalez/jdk11-xml-crypto-enveloping-issue/blob/master/src/test/java/com/mg/sign/enveloping/EnvelopingTestCase.java

That code works perfectly well when run in JDK 1.8 and produces the following output:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
    <dsig:SignedInfo>
        <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
        <dsig:Reference URI="#data">
            <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
            <dsig:DigestValue>ihf/785BQpY0+MUQeP0IXrqcdENEap5sHpFw2NvBMv8=</dsig:DigestValue>
        </dsig:Reference>
    </dsig:SignedInfo>
    <dsig:SignatureValue>gE5lSOnbxukfAiTG+YvPevBLnz5QjYycRSRVA9CCaHXJYQmLxJ2uBFBsOqdL89/vnPgg4g4mgsd1
        F32KBi3AMvs169RDBs4gjNAxX5dq5DleqVmFvX6TzsiCLW3kAGF+g52GPFpcwz44zU+MDbQ7AmyO
        CzjR6GMKr7mAT+9LEzQ=
    </dsig:SignatureValue>
    <dsig:KeyInfo>
        <dsig:X509Data>
            <dsig:X509SubjectName>CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown</dsig:X509SubjectName>
            <dsig:X509Certificate>MIICTzCCAbigAwIBAgIEUBXCNzANBgkqhkiG9w0BAQUFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw
                DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD
                VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTEyMDcyOTIzMDczNVoXDTEyMTAyNzIz
                MDczNVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r
                bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93
                bjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAkXqhit5u2/nt4330RFAXfnxwj3ULk8v7WJzo
                a1+qyByijq9Btviiq2C594seo/ay4Sj7DyRecMRH+qS3q83Da54fOVCf/6uqAo82T4uVGZbMp6Vk
                KlQLtqyUGo5ZR4QzevnMgaVygg6dxa0HNJw+gHYaRuHrlFpXv3oaq73usjECAwEAATANBgkqhkiG
                9w0BAQUFAAOBgQBZmTNtqeZrD0noIizIBytXbiqiXXKgO9Y5JRNiEC2ZoAEzey9l5Oht+DCL6X2T
                W1q5aHLfk14IALY3RYDyCSkz5Jg+Sv7fj4hC3Fs3kdjBWY27a9d+W1kzo6h3adcwimW51/mFlDU0
                hXmRsLPZ/lGiPaUH5n4HEAwcJwQuO+uzMA==
            </dsig:X509Certificate>
        </dsig:X509Data>
    </dsig:KeyInfo>
    <dsig:Object Encoding="UTF-8" Id="data">
        <PurchaseOrder>
            <Item number="130046593231">
                <Description>Video Game</Description>
                <Price>10.29</Price>
            </Item>
            <Buyer id="8492340">
                <Name>My Name</Name>
                <Address>
                    <Street>One Network Drive</Street>
                    <Town>Burlington</Town>
                    <State>MA</State>
                    <Country>United States</Country>
                    <PostalCode>01803</PostalCode>
                </Address>
            </Buyer>
        </PurchaseOrder>
    </dsig:Object>
</dsig:Signature>

When the exact same code is run with JDK11, it produces this invalid output instead:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<PurchaseOrder>
    <Item number="130046593231">
        <Description>Video Game</Description>
        <Price>10.29</Price>
    </Item>
    <Buyer id="8492340">
        <Name>My Name</Name>
        <Address>
            <Street>One Network Drive</Street>
            <Town>Burlington</Town>
            <State>MA</State>
            <Country>United States</Country>
            <PostalCode>01803</PostalCode>
        </Address>
    </Buyer>
</PurchaseOrder><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
    <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <dsig:Reference URI="#data">
        <dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
        <dsig:DigestValue>ihf/785BQpY0+MUQeP0IXrqcdENEap5sHpFw2NvBMv8=</dsig:DigestValue>
    </dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>gE5lSOnbxukfAiTG+YvPevBLnz5QjYycRSRVA9CCaHXJYQmLxJ2uBFBsOqdL89/vnPgg4g4mgsd1&#13;
    F32KBi3AMvs169RDBs4gjNAxX5dq5DleqVmFvX6TzsiCLW3kAGF+g52GPFpcwz44zU+MDbQ7AmyO&#13;
    CzjR6GMKr7mAT+9LEzQ=
</dsig:SignatureValue>
<dsig:KeyInfo>
    <dsig:X509Data>
        <dsig:X509SubjectName>CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown</dsig:X509SubjectName>
        <dsig:X509Certificate>MIICTzCCAbigAwIBAgIEUBXCNzANBgkqhkiG9w0BAQUFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw&#13;
            DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD&#13;
            VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTEyMDcyOTIzMDczNVoXDTEyMTAyNzIz&#13;
            MDczNVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r&#13;
            bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93&#13;
            bjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAkXqhit5u2/nt4330RFAXfnxwj3ULk8v7WJzo&#13;
            a1+qyByijq9Btviiq2C594seo/ay4Sj7DyRecMRH+qS3q83Da54fOVCf/6uqAo82T4uVGZbMp6Vk&#13;
            KlQLtqyUGo5ZR4QzevnMgaVygg6dxa0HNJw+gHYaRuHrlFpXv3oaq73usjECAwEAATANBgkqhkiG&#13;
            9w0BAQUFAAOBgQBZmTNtqeZrD0noIizIBytXbiqiXXKgO9Y5JRNiEC2ZoAEzey9l5Oht+DCL6X2T&#13;
            W1q5aHLfk14IALY3RYDyCSkz5Jg+Sv7fj4hC3Fs3kdjBWY27a9d+W1kzo6h3adcwimW51/mFlDU0&#13;
            hXmRsLPZ/lGiPaUH5n4HEAwcJwQuO+uzMA==
        </dsig:X509Certificate>
    </dsig:X509Data>
</dsig:KeyInfo>
<dsig:Object Encoding="UTF-8" Id="data">
    <PurchaseOrder>
        <Item number="130046593231">
            <Description>Video Game</Description>
            <Price>10.29</Price>
        </Item>
        <Buyer id="8492340">
            <Name>My Name</Name>
            <Address>
                <Street>One Network Drive</Street>
                <Town>Burlington</Town>
                <State>MA</State>
                <Country>United States</Country>
                <PostalCode>01803</PostalCode>
            </Address>
        </Buyer>
    </PurchaseOrder>
</dsig:Object>
</dsig:Signature>

As you can see, JDK8 replaces the document's root element with a Signature element that wraps the original content. That signature element becomes the document's only root element.

With JDK11, the Signature element is added to the document as a second root element, appended AFTER the original content. 

 

REGRESSION : Last worked in version 8u192

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Run this test case using JDK 11.02: https://github.com/marianogonzalez/jdk11-xml-crypto-enveloping-issue/blob/master/src/test/java/com/mg/sign/enveloping/EnvelopingTestCase.java


EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The same XML obtained using JDK 1.8
ACTUAL -
The broken XML attached in the description

---------- BEGIN SOURCE ----------
https://github.com/marianogonzalez/jdk11-xml-crypto-enveloping-issue/blob/master/src/test/java/com/mg/sign/enveloping/EnvelopingTestCase.java

---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
To take the output Document an manually remove the original root element

FREQUENCY : always



Comments
Fix Request (jdk8u) Requesting a jdk8u backport approval of this fix to fix a regression caused by JDK-8177334. The JDK 13 changeset does not apply cleanly to jdk8u-dev and requires adjustments. The adjusted webrev below passes jdk_tier1 and the jdk_security tests. 8u webrev: http://cr.openjdk.java.net/~ebaron/jdk8u/JDK-8217878/webrev.00/ 8u RFRs: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2020-August/012456.html
17-08-2020

Fix Request (11u) This is a fix for a serious regression introduced in JDK 11. It was pushed to 12u, 11.0.4-oracle. Patch applies cleanly to 11u, passes javax/xml tests. New test case is failing without the patch.
15-03-2019

Fix Request This is a fix for a serious regression introduced in JDK 11. The fix has already been pushed to JDK 13 and passed all Mach5 tiers. This also fixes another related regression (see JDK-8218629). The patch applies cleanly to JDK 12u.
06-03-2019

In JDK 11, we included an updated version of Apache Santuario - see JDK-8177334. This contained a newer XML marshalling implementation, which has caused a couple of serious regressions (this one and JDK-8218629). The marshalling implementation is different in subtle ways which makes it harder to fix these regressions. It also doesn't seem to offer any advantages other than some reduction in lines of code. So we have decided to back it out and restore the previous marshalling code, which had been very stable for many years. The Apache Santuario Project also has backed out the implementation - see https://issues.apache.org/jira/browse/SANTUARIO-501.
26-02-2019

I am still evaluating this issue, but one workaround is to pass a new Document instance to DOMSignContext instead of using the same Document instance that contains the XML data to be signed. For example, change this code: DOMSignContext signContext = new DOMSignContext(key, document); to: DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); factory.setNamespaceAware(true); DocumentBuilder builder = factory.newDocumentBuilder(); document = builder.newDocument(); DOMSignContext signContext = new DOMSignContext(key, document);
06-02-2019

To reproduce the issue, run the attached test case: JDK 8u201 - Pass JDK 10.0.2 - Pass JDK 11 GA - Fail JDK 11.0.2 - Fail JDK 12-ea+26 - Fail JDK 13-ea + 4 - Fail Output on failed versions : Running com.mg.sign.enveloping.EnvelopingTestCase Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.613 sec <<< FAILURE! enveloping(com.mg.sign.enveloping.EnvelopingTestCase) Time elapsed: 0.348 sec <<< ERROR! org.w3c.dom.DOMException: HIERARCHY_REQUEST_ERR: An attempt was made to insert a node where it is not permitted. at java.xml/com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.insertBefore(CoreDocumentImpl.java:439) at java.xml/com.sun.org.apache.xerces.internal.dom.NodeImpl.appendChild(NodeImpl.java:237) at java.xml.crypto/org.jcp.xml.dsig.internal.dom.XmlWriterToTree.writeStartElement(XmlWriterToTree.java:104) at java.xml.crypto/org.jcp.xml.dsig.internal.dom.DOMXMLSignature.marshal(DOMXMLSignature.java:213) at java.xml.crypto/org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:325) at com.mg.sign.enveloping.EnvelopingTestCase.enveloping(EnvelopingTestCase.java:96) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:567) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:252) at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:141) at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:112) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:567) at org.apache.maven.surefire.util.ReflectionUtils.invokeMethodWithArray(ReflectionUtils.java:189) at org.apache.maven.surefire.booter.ProviderFactory$ProviderProxy.invoke(ProviderFactory.java:165) at org.apache.maven.surefire.booter.ProviderFactory.invokeProvider(ProviderFactory.java:85) at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:115) at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:75) Output on passing versions (JDK 10.0.2): ------------------------------------------------------- T E S T S ------------------------------------------------------- Running com.mg.sign.enveloping.EnvelopingTestCase <?xml version="1.0" encoding="UTF-8" standalone="no"?><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig :Reference URI="#data"><dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><dsig:DigestValue>ihf/785BQpY0+MUQeP0IXrqcdENEap5sHpFw2NvBMv8=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>gE5lSOnbxukfAiTG+YvPevBLnz5QjYycRSRVA9CCaHXJYQmLxJ2uBFBsOqdL89/vnPgg 4g4mgsd1 F32KBi3AMvs169RDBs4gjNAxX5dq5DleqVmFvX6TzsiCLW3kAGF+g52GPFpcwz44zU+MDbQ7AmyO CzjR6GMKr7mAT+9LEzQ=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509SubjectName>CN=Unknown,OU=Unknown,O=Unknown,L=Unknown,ST=Unknown,C=Unknown</dsig:X509SubjectName><dsig:X509Certificate>MIICTzCCAbigAwIBAgIEUBXCNzANBgkqhkiG9w0BAQUFADBsMRAwDgYDVQQGEwdVbmtub3duMRAw DgYDVQQIEwdVbmtub3duMRAwDgYDVQQHEwdVbmtub3duMRAwDgYDVQQKEwdVbmtub3duMRAwDgYD VQQLEwdVbmtub3duMRAwDgYDVQQDEwdVbmtub3duMB4XDTEyMDcyOTIzMDczNVoXDTEyMTAyNzIz MDczNVowbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5r bm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93 bjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAkXqhit5u2/nt4330RFAXfnxwj3ULk8v7WJzo a1+qyByijq9Btviiq2C594seo/ay4Sj7DyRecMRH+qS3q83Da54fOVCf/6uqAo82T4uVGZbMp6Vk KlQLtqyUGo5ZR4QzevnMgaVygg6dxa0HNJw+gHYaRuHrlFpXv3oaq73usjECAwEAATANBgkqhkiG 9w0BAQUFAAOBgQBZmTNtqeZrD0noIizIBytXbiqiXXKgO9Y5JRNiEC2ZoAEzey9l5Oht+DCL6X2T W1q5aHLfk14IALY3RYDyCSkz5Jg+Sv7fj4hC3Fs3kdjBWY27a9d+W1kzo6h3adcwimW51/mFlDU0 hXmRsLPZ/lGiPaUH5n4HEAwcJwQuO+uzMA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Encoding="UTF-8" Id="data"><PurchaseOrder> <Item number="130046593231"> <Description>Video Game</Description> <Price>10.29</Price> </Item> <Buyer id="8492340"> <Name>My Name</Name> <Address> <Street>One Network Drive</Street> <Town>Burlington</Town> <State>MA</State> <Country>United States</Country> <PostalCode>01803</PostalCode> </Address> </Buyer> </PurchaseOrder></dsig:Object></dsig:Signature> Tests run: 1, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 1.348 sec Results : Tests run: 1, Failures: 0, Errors: 0, Skipped: 0
28-01-2019