Summary
-------
Enable the XML Signature secure validation mode by default. This will improve out of the box security by restricting signatures that contain potentially unsafe content.
Problem
-------
The XML Signature secure validation mode is enabled by setting the property `org.jcp.xml.dsig.secureValidation` to `Boolean.TRUE` with the `javax.xml.crypto.XMLCryptoContext.setProperty()` method, or by running the code with a security manager.
Use of a security manager is increasingly rare. This option should be enabled by default regardless of whether a security manager is enabled so that all applications can be protected by default.
Solution
--------
Change `javax.xml.crypto.dsig.dom.DOMValidateContext` to set the property `org.jcp.xml.dsig.secureValidation` to `Boolean.TRUE` by default.
Specification
-------------
Add the following to the class summary of `javax.xml.crypto.dsig.dom.DOMValidateContext`:
* @implNote
* By default, the JDK implementation enables a secure validation mode by
* setting the <code>org.jcp.xml.dsig.secureValidation</code> property to
* <code>Boolean.TRUE</code> (see the {@link #setProperty setProperty}
* method). When enabled, validation of XML signatures are subject to
* stricter checking of algorithms and other constraints as specified by the
* <code>jdk.xml.dsig.secureValidationPolicy</code> security property.
Change the text for the `jdk.xml.dsig.secureValidationPolicy` in the `java.security` file as follows:
```
#
- # The policy for the XML Signature secure validation mode. The mode is
- # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
- # true with the javax.xml.crypto.XMLCryptoContext.setProperty() method,
- # or by running the code with a SecurityManager.
+ # The policy for the XML Signature secure validation mode. Validation of
+ # XML Signatures that violate any of these constraints will fail. The
+ # mode is enforced by default. The mode can be disabled by setting the
+ # property "org.jcp.xml.dsig.secureValidation" to Boolean.FALSE with the
+ # javax.xml.crypto.XMLCryptoContext.setProperty() method.
#
```