fixed bug #36640 (Signature verification ignores the inclusive namesp…

…aces parameter of a excl c14n ds:CanonicalizationMethod). git-svn-id: https://svn.apache.org/repos/asf/xml/security/trunk@351441 13f79535-47bb-0310-9956-ffa450edef68
apache · Sep 14, 2005 · 23958ec · 23958ec
1 parent a443aaf
commit 23958ec
Showing 1 changed file with 42 additions and 2 deletions.
diff --git a/src/org/apache/xml/security/signature/SignedInfo.java b/src/org/apache/xml/security/signature/SignedInfo.java
@@ -33,6 +33,7 @@
 import org.apache.xml.security.exceptions.XMLSecurityException;
 import org.apache.xml.security.utils.Constants;
 import org.apache.xml.security.utils.XMLUtils;
+import org.apache.xml.security.transforms.params.InclusiveNamespaces;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -266,8 +267,13 @@ public void signInOctectStream(OutputStream os)
    	if ((this._c14nizedBytes == null)) {
        Canonicalizer c14nizer =
           Canonicalizer.getInstance(this.getCanonicalizationMethodURI());
-       c14nizer.setWriter(os);       
-       c14nizer.canonicalizeSubtree(this._constructionElement);
+       c14nizer.setWriter(os);
+       String inclusiveNamespaces = this.getInclusiveNamespaces();
+
+       if(inclusiveNamespaces == null)
+        c14nizer.canonicalizeSubtree(this._constructionElement);
+       else
+        c14nizer.canonicalizeSubtree(this._constructionElement, inclusiveNamespaces);
     } else {
         try {
 			os.write(this._c14nizedBytes);
@@ -341,4 +347,38 @@ public SecretKey createSecretKey(byte[] secretKeyBytes)
    public String getBaseLocalName() {
       return Constants._TAG_SIGNEDINFO;
    }
+
+   public String getInclusiveNamespaces() {
+
+    Element el= XMLUtils.selectDsNode(this._constructionElement.getFirstChild(),
+     Constants._TAG_CANONICALIZATIONMETHOD,0);
+     if (el==null) {
+     	return null;
+     }
+
+     String c14nMethodURI = el.getAttributeNS(null, Constants._ATT_ALGORITHM);
+     if(!(c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#") ||
+			c14nMethodURI.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments"))) {
+                return null;
+            }
+
+     Element inclusiveElement = XMLUtils.selectNode(
+             el.getFirstChild(),InclusiveNamespaces.ExclusiveCanonicalizationNamespace,
+        InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES,0);
+
+     if(inclusiveElement != null)
+     {
+         try
+         {
+             String inclusiveNamespaces = new InclusiveNamespaces(inclusiveElement,
+                         InclusiveNamespaces.ExclusiveCanonicalizationNamespace).getInclusiveNamespaces();
+             return inclusiveNamespaces;
+         }
+         catch (XMLSecurityException e)
+         {
+             return null;
+         }
+     }
+     return null;
+    }
 }