Skip to Main Content

Java Security

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Signature Validation issue for different java version(ie 1.6 and 1.8)

JraneAug 16 2017 — edited Aug 16 2017

Signature Validation issue for different java version(ie 1.6 and 1.8)

Scenario

1) xml document signed by using java 1.6

2) This packet is sent to  the endpoint( this endpoint is hosted using Jboss Fuse (fuse-6.2.1.redhat-084) which uses java 1.8)

3)Due to Umarshalling(JAXB) Performed at this endpoint the signature packet structure gets Changed(Entire Signature Information gets appended to single line).

4)Validating this packet using signature.validate(valContext) [javax.xml.crypto.dsig.XMLSignature.validate]  fails despite of the proper certificate available .

Is there a way with which Structure remains intact or signature.validate(valContext) returns true despite of structural change(As only structure changes not the content of the packet)  

Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 13 2017
Added on Aug 16 2017
0 comments
92 views