Bug ID: JDK-8238185 Release Note: Oracle Specific JDK Update of System Property to Fall Back to Legacy Base64 Encoding Format

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

JDK 7	JDK 8
7u321Resolved	8u241Resolved

Oracle JDK 8u231 has upgraded the Apache Santuario libraries to v2.1.3. This upgrade introduced an issue in which XML signatures using Base64 encoding appended `&#xd` or `&#13` to the encoded output. This behavioral change was made in the Apache Santuario codebase to comply with RFC 2045. The Santuario team has adopted a position of keeping their libraries compliant with RFC 2045.

Oracle JDK 8u221 using the legacy encoder returns encoded data in a format without `&#xd` or `&#13`. 

Therefore an Oracle specific JDK 8 Update of a new system property `com.sun.org.apache.xml.internal.security.lineFeedOnly` has been made available to fall back to legacy Base64 encoded format.

Users can set this flag in one of two ways:

1. `-Dcom.sun.org.apache.xml.internal.security.lineFeedOnly=true`
2. `System.setProperty("com.sun.org.apache.xml.internal.security.lineFeedOnly", "true")`

This new system property is disabled by default. It has no effect on default behavior or when the `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` property is set.

Later JDK family versions will only support the recommended property: `com.sun.org.apache.xml.internal.security.ignoreLineBreaks`