Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8236645 JDK 8u231 introduces a regression with incompatible handling of XML messages
  3. JDK-8238185

Release Note: Oracle Specific JDK Update of System Property to Fall Back to Legacy Base64 Encoding Format

    XMLWordPrintable

    Details

      Backports

        Description

        Oracle JDK 8u231 has upgraded the Apache Santuario libraries to v2.1.3. This upgrade introduced an issue in which XML signatures using Base64 encoding appended `&#xd` or `&#13` to the encoded output. This behavioral change was made in the Apache Santuario codebase to comply with RFC 2045. The Santuario team has adopted a position of keeping their libraries compliant with RFC 2045.

        Oracle JDK 8u221 using the legacy encoder returns encoded data in a format without `&#xd` or `&#13`.

        Therefore an Oracle specific JDK 8 Update of a new system property `com.sun.org.apache.xml.internal.security.lineFeedOnly` has been made available to fall back to legacy Base64 encoded format.

        Users can set this flag in one of two ways:

        1. `-Dcom.sun.org.apache.xml.internal.security.lineFeedOnly=true`
        2. `System.setProperty("com.sun.org.apache.xml.internal.security.lineFeedOnly", "true")`

        This new system property is disabled by default. It has no effect on default behavior or when the `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` property is set.

        Later JDK family versions will only support the recommended property: `com.sun.org.apache.xml.internal.security.ignoreLineBreaks`

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                kravikumar Kiran Sidhartha Ravikumar (Inactive)
                Reporter:
                kravikumar Kiran Sidhartha Ravikumar (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: