Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8038184

XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String

    Details

    • Subcomponent:
    • Resolved In Build:
      b10
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Verified

      Backports

        Description

        FULL PRODUCT VERSION :
        java version "1.8.0"
        Java(TM) SE Runtime Environment (build 1.8.0-b132)
        Java HotSpot(TM) Client VM (build 25.0-b70, mixed mode)

        ADDITIONAL OS VERSION INFORMATION :
        Microsoft Windows [Version 6.2.9200]

        A DESCRIPTION OF THE PROBLEM :
        I'm trying to sign the "InfRps" tag on the following XML file:

        <?xml version="1.0" encoding="UTF-8"?>
        <EnviarLoteRpsEnvio xmlns="http://www.abrasf.org.br/nfse.xsd">
          <LoteRps Id="" versao="1.00">
            <NumeroLote>100</NumeroLote>
            <Cnpj>01339695000101</Cnpj>
            <InscricaoMunicipal>01323820024</InscricaoMunicipal>
            <QuantidadeRps>1</QuantidadeRps>
            <ListaRps>
              <Rps>
                <InfRps Id="1">
                  <IdentificacaoRps>
                    <Numero>500122</Numero>
                    <Serie>900</Serie>
                    <Tipo>1</Tipo>
                  </IdentificacaoRps>
                  <DataEmissao>2014-03-21T00:00:00.000-03:00</DataEmissao>
                  <NaturezaOperacao>1</NaturezaOperacao>
                  <OptanteSimplesNacional>2</OptanteSimplesNacional>
                  <IncentivadorCultural>2</IncentivadorCultural>
                  <Status>1</Status>
                  <Servico>
                    <Valores>
                      <ValorServicos>98.01</ValorServicos>
                      <ValorPis>0.00</ValorPis>
                      <ValorCofins>0.00</ValorCofins>
                      <ValorInss>0.00</ValorInss>
                      <ValorIr>0.00</ValorIr>
                      <IssRetido>2</IssRetido>
                      <ValorIss>0.00</ValorIss>
                      <Aliquota>0.00</Aliquota>
                    </Valores>
                    <ItemListaServico>1</ItemListaServico>
                    <CodigoCnae>6201500</CodigoCnae>
                    <Discriminacao>1 null - R$ 98,01</Discriminacao>
                    <CodigoMunicipio>3106200</CodigoMunicipio>
                  </Servico>
                  <Prestador>
                    <Cnpj>01339695000101</Cnpj>
                    <InscricaoMunicipal>01323820024</InscricaoMunicipal>
                  </Prestador>
                  <Tomador>
                    <IdentificacaoTomador>
                      <CpfCnpj>
                        <Cpf>01234567890</Cpf>
                      </CpfCnpj>
                    </IdentificacaoTomador>
                    <RazaoSocial>CLIENTE AVULSO</RazaoSocial>
                    <Endereco>
                      <Endereco>RUA CATETE</Endereco>
                      <Numero>999</Numero>
                      <Complemento>601/701</Complemento>
                      <Bairro>ALTO BARROCA</Bairro>
                      <CodigoMunicipio>3106200</CodigoMunicipio>
                      <Uf>MG</Uf>
                      <Cep>30431016</Cep>
                    </Endereco>
                  </Tomador>
                </InfRps>
              </Rps>
            </ListaRps>
          </LoteRps>
        </EnviarLoteRpsEnvio>


        And I'm getting the following error message:

        2014-03-21 09:27:17,747 ERROR [Tarefa NFe 34.034.264.168] ComandoAppletNFeQueueImpl.enviaComando(60) | Stack trace remoto referente a taskId 34034264168: com.ats.jnfe.exception.NfeConfigurationException: erros: [Erro ao realizar a assinatura. Favor, verificar se o certificado está configurado corretamente nas configurações.] alertas: []
        at com.ats.jnfe.service.comunicacao.impl.MscapiSecurityHandlerBean.handle(MscapiSecurityHandlerBean.java:88)
        at com.ats.jnfe.applet.security.ConfigurableSecurityHandlerBean.handle(ConfigurableSecurityHandlerBean.java:42)
        at br.com.jnfe.base.service.DOMNFeSignatureHandler.sign(DOMNFeSignatureHandler.java:57)
        at com.ats.jnfe.applet.client.impl.ClientComandoAppletNFeServiceImpl.newSignature(ClientComandoAppletNFeServiceImpl.java:130)
        at com.ats.jnfe.applet.client.impl.ClientComandoAppletNFeHandlerImpl.trataComando(ClientComandoAppletNFeHandlerImpl.java:63)
        at com.ats.jnfe.applet.client.impl.ComandoAppletNFeExecutorImpl$1.run(ComandoAppletNFeExecutorImpl.java:64)
        at java.lang.Thread.run(Unknown Source)
        Caused by: java.lang.IllegalArgumentException: Impossível construir assinatura,
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:207)
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:1)
        at br.com.jnfe.base.service.DOMNFeSignatureHandler$1.doInSecurityContext(DOMNFeSignatureHandler.java:59)
        at com.ats.jnfe.service.comunicacao.impl.MscapiSecurityHandlerBean.handle(MscapiSecurityHandlerBean.java:86)
        ... 6 more
        Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMReference.digest(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(Unknown Source)
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:195)
        ... 9 more
        Caused by: javax.xml.crypto.URIReferenceException: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at org.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(Unknown Source)
        ... 14 more
        Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at java.lang.String.charAt(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.XMLUtils.protectAgainstWrappingAttack(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment.engineResolveURI(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
        ... 15 more

        I'm still not sure whether there's an error on the XML or not, but the error message definitely doesn't point me towards any useful direction.


        ERROR MESSAGES/STACK TRACES THAT OCCUR :
        2014-03-21 09:27:17,747 ERROR [Tarefa NFe 34.034.264.168] ComandoAppletNFeQueueImpl.enviaComando(60) | Stack trace remoto referente a taskId 34034264168: com.ats.jnfe.exception.NfeConfigurationException: erros: [Erro ao realizar a assinatura. Favor, verificar se o certificado está configurado corretamente nas configurações.] alertas: []
        at com.ats.jnfe.service.comunicacao.impl.MscapiSecurityHandlerBean.handle(MscapiSecurityHandlerBean.java:88)
        at com.ats.jnfe.applet.security.ConfigurableSecurityHandlerBean.handle(ConfigurableSecurityHandlerBean.java:42)
        at br.com.jnfe.base.service.DOMNFeSignatureHandler.sign(DOMNFeSignatureHandler.java:57)
        at com.ats.jnfe.applet.client.impl.ClientComandoAppletNFeServiceImpl.newSignature(ClientComandoAppletNFeServiceImpl.java:130)
        at com.ats.jnfe.applet.client.impl.ClientComandoAppletNFeHandlerImpl.trataComando(ClientComandoAppletNFeHandlerImpl.java:63)
        at com.ats.jnfe.applet.client.impl.ComandoAppletNFeExecutorImpl$1.run(ComandoAppletNFeExecutorImpl.java:64)
        at java.lang.Thread.run(Unknown Source)
        Caused by: java.lang.IllegalArgumentException: Impossível construir assinatura,
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:207)
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:1)
        at br.com.jnfe.base.service.DOMNFeSignatureHandler$1.doInSecurityContext(DOMNFeSignatureHandler.java:59)
        at com.ats.jnfe.service.comunicacao.impl.MscapiSecurityHandlerBean.handle(MscapiSecurityHandlerBean.java:86)
        ... 6 more
        Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMReference.digest(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(Unknown Source)
        at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(Unknown Source)
        at br.com.jnfe.base.service.DOMNFeSignatureBuilder.build(DOMNFeSignatureBuilder.java:195)
        ... 9 more
        Caused by: javax.xml.crypto.URIReferenceException: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at org.jcp.xml.dsig.internal.dom.DOMURIDereferencer.dereference(Unknown Source)
        ... 14 more
        Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 0
        at java.lang.String.charAt(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.XMLUtils.protectAgainstWrappingAttack(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.implementations.ResolverFragment.engineResolveURI(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
        at com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
        ... 15 more

        REPRODUCIBILITY :
        This bug can be reproduced always.

          Activity

          webbuggrp Webbug Group created issue -
          coffeys Sean Coffey made changes -
          Field Original Value New Value
          Project Java Incidents [ 10301 ] JDK [ 10100 ]
          Key JI-9011259 JDK-8038184
          Workflow JBS Incident Workflow [ 4721155 ] JBS Workflow [ 4721268 ]
          Affects Version/s 8 [ 11815 ]
          Affects Version/s 8 [ 15409 ]
          Component/s security-libs [ 10306 ]
          Component/s security-libs [ 10712 ]
          coffeys Sean Coffey made changes -
          Subcomponent java.security [ 561 ] java.security [ 195 ]
          coffeys Sean Coffey made changes -
          Subcomponent java.security [ 195 ] javax.xml.crypto [ 666 ]
          mullan Sean Mullan made changes -
          Assignee Sean Mullan [ mullan ]
          mullan Sean Mullan made changes -
          Status New [ 10000 ] Open [ 1 ]
          mullan Sean Mullan made changes -
          Fix Version/s tbd_major [ 11972 ]
          webbuggrp Webbug Group made changes -
          Labels webbugs webbug webbugs
          webbuggrp Webbug Group made changes -
          Labels webbug webbugs webbug
          mullan Sean Mullan made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          Understanding Cause Known [ 10000 ]
          mullan Sean Mullan made changes -
          Fix Version/s 9 [ 14949 ]
          Fix Version/s tbd_major [ 11972 ]
          mullan Sean Mullan made changes -
          OS windows_8 [ 17083 ] generic [ 17010 ]
          mullan Sean Mullan made changes -
          CPU x86 [ 17004 ] generic [ 17008 ]
          mullan Sean Mullan made changes -
          Summary URIReferenceException: StringIndexOutOfBoundsException: String index out of rang XMLSignature throws StringIndexOutOfBoundsException if ID attribute value is empty String
          hgupdate HG Updates made changes -
          Understanding Cause Known [ 10000 ]
          hgupdate HG Updates made changes -
          Status In Progress [ 3 ] Resolved [ 5 ]
          Resolved In Build team [ 17324 ]
          Resolution Fixed [ 1 ]
          hgupdate HG Updates made changes -
          Resolved In Build team [ 17324 ] master [ 18256 ]
          hgupdate HG Updates made changes -
          Resolved In Build master [ 18256 ] b10 [ 17338 ]
          hgupdate HG Updates made changes -
          Link This issue backported by JDK-8145034 [ JDK-8145034 ]
          hgupdate HG Updates made changes -
          Link This issue backported by JDK-8149285 [ JDK-8149285 ]
          hgupdate HG Updates made changes -
          Link This issue backported by JDK-8155430 [ JDK-8155430 ]
          sqetools SQE Tools made changes -
          Status Resolved [ 5 ] Closed [ 6 ]
          Verification Verified [ 17000 ]
          sqetools SQE Tools made changes -
          Labels webbug autoverify webbug
          hgupdate HG Updates made changes -
          Link This issue backported by JDK-8175438 [ JDK-8175438 ]

            People

            • Assignee:
              mullan Sean Mullan
              Reporter:
              webbuggrp Webbug Group
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: