| Oracle® Application Server Release Notes 10g (10.1.4) for Microsoft Windows Part Number B28191-08 |
|
|
View PDF |
| Oracle® Application Server Release Notes 10g (10.1.4) for Microsoft Windows Part Number B28191-08 |
|
|
View PDF |
This chapter describes issues associated with Oracle Security Developer Tools. It includes the following topics:
This section describes general issue and workaround. It includes the following topic:
This bug relates to a parameter used to create a signature with Oracle Security Developer Tools.
An XML Signature can use either Inclusive or Exclusive Canonicalization to canonicalize the Reference or the SignedInfo:
In Inclusive Canonicalization, all the specified and inherited namespaces are written out.
In Exclusive Canonicalization, only namespaces that are actually used are written out.
The behavior of Exclusive Canonicalization can be modified by specifying the InclusiveNamespaces parameter, which is a list of namespaces that are exceptions, that is, namespaces which should be written out even if they are not used.
Because of this bug, the InclusiveNamespaces parameter is ignored when used for canonicalizing the SignedInfo (but considered when canonicalizing a reference). As a result, when you use the Oracle XML Security API of Oracle Security Developer Tools to create a signature that uses the InclusiveNamespaces parameter, the signature value will be computed incorrectly. Similarly, when you verify a signature that uses the InclusiveNamespace parameter, the verification will incorrectly return a false.
|
 Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
