Signature from User-specified URIDereferencers NodeSetData objects is wrong

Sean Mullan sean.mullan at oracle.com
Fri May 18 14:28:15 UTC 2018


On 5/17/18 1:54 AM, Shubham Rajput wrote:
> 
> Any lead why the signature is forming for the node element name only and 
> not for the whole node?

I can't remember for sure now, but it probably has something to do with 
the way you are returning the nodes from your URIDereferencer.

You are probably better off defining an XPathFilter2Transform with an 
XPathFilter2ParameterSpec [1] for your signature and letting that do the 
filtering for you automatically.

HTH,
Sean

[1] 
https://docs.oracle.com/javase/10/docs/api/javax/xml/crypto/dsig/spec/XPathFilter2ParameterSpec.html


More information about the security-dev mailing list