JDK-8264194 : Release Note: com.sun.org.apache.xml.internal.security.ignoreLineBreaks System Property
  • Type: Sub-task
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 8u231,11.0.4-oracle
  • Priority: P4
  • Status: Closed
  • Resolution: Delivered
  • Submitted: 2021-03-25
  • Updated: 2022-02-22
  • Resolved: 2021-12-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 8
11.0.4-oracleResolved 8u231Resolved
Description
An Apache Santuario library version upgrade, used by the javax.xml.crypto.* packages, introduces a behavioral change where a new Base64 encoder uses "\r\n" as end-of-line terminator. By default, XML signatures signed using API calls form the javax.xml.crypto.dsig package includes the escaped '\r' character, encoded as "
" or  "
".  

A new `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` system property may be set to a value of "true" if an application is unable to handle the encoded output data changes where "
" or "
" get appended to new lines in encoding operations. The effect of this property is to not include the carriage return character in base64-encoded fields in XML signature generated by calls to the javax.xml.crypto.* packages.

Additional information can be found at https://issues.apache.org/jira/browse/SANTUARIO-482.