Signature from User-specified URIDereferencers NodeSetData objects is wrong

Shubham Rajput shubhamnba2009 at gmail.com
Thu May 17 05:54:14 UTC 2018 

Hi all,
I am using the following URIreference to form the
signature: #xpointer(//*[@authenticate='true'])

The XML that I am targetting is having 3 element with attribute
'authenticate' set to 'true'. For those 3 element the signature is required
to be formed.

To achieve the above functionality I am using my own URIDereference class
and forming a nodelist comprising all the node elements containing the
elements with attribute 'authenticate' set to'true'.
I am returning back a iterator method after forming the arraylist from
nodelist.

But it seems the signature is forming only for the nodes name and not the
whole node.

 Here's my URIDreferencer method:

------------------------------------source-start---------------------------------------------------------

public MyURIDereferencer(Document doc1) {
this.doc = doc1;
}

public Data dereference(URIReference uriReference, XMLCryptoContext context)
throws URIReferenceException {
XPathFactory factory = XPathFactory.newInstance();
XPath xpath = factory.newXPath();
NodeList nodes = null;
try {
String x = uriReference.getURI();
x = x.replace("#xpointer(", "");
x = x.replace("%5B", "[");
x = x.replace("%5D", "]");
x = x.substring(0, x.length() - 1);
nodes = (NodeList) xpath.evaluate(x, this.doc,
XPathConstants.NODESET);
String nwe = nodeToString(nodes.item(0));
final List<Node> l = new ArrayList<Node>();

                 for (int i = 0; i < nodes.getLength(); i++)
             l.add(nodes.item(i));

                    return new NodeSetData() {

             public Iterator<Node> iterator() {

                 return l.listIterator();
             };
         };
} catch (XPathExpressionException e) {
System.err
.println("XPathExpression Exception when defrencing a URI."
+ e.getMessage());
return null;
}

---------------------------------------------source-end-----------------------------------------------------


Any lead why the signature is forming for the node element name only and
not for the whole node?

Thanks in advance

Regards,

Shubham Rajput
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20180517/28898ca9/attachment.htm>

More information about the security-dev mailing list