Details
-
Sub-task
-
Resolution: Delivered
-
P4
-
8u231, 11.0.4-oracle
-
Verified
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8266450 | 8u231 | Clifford Wayne | P4 | Resolved | Delivered |
Description
An Apache Santuario library version upgrade, used by the javax.xml.crypto.* packages, introduces a behavioral change where a new Base64 encoder uses "\r\n" as end-of-line terminator. By default, XML signatures signed using API calls form the javax.xml.crypto.dsig package includes the escaped '\r' character, encoded as "
" or " ".
A new `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` system property may be set to a value of "true" if an application is unable to handle the encoded output data changes where "
" or " " get appended to new lines in encoding operations. The effect of this property is to not include the carriage return character in base64-encoded fields in XML signature generated by calls to the javax.xml.crypto.* packages.
Additional information can be found at https://issues.apache.org/jira/browse/SANTUARIO-482.
A new `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` system property may be set to a value of "true" if an application is unable to handle the encoded output data changes where "
" or " " get appended to new lines in encoding operations. The effect of this property is to not include the carriage return character in base64-encoded fields in XML signature generated by calls to the javax.xml.crypto.* packages.
Additional information can be found at https://issues.apache.org/jira/browse/SANTUARIO-482.
Attachments
Issue Links
- backported by
-
-
- Resolved
-