Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8236645 JDK 8u231 introduces a regression with incompatible handling of XML messages
  3. JDK-8238185

Release Note: New Oracle specific JDK 8 Updates System Property to fallback to legacy Base64 Encoding format

    Details

      Backports

        Description

        Oracle JDK 8u231 upgraded the Apache Santuario libraries to v2.1.3. This upgrade introduced an issue where XML signature using Base64 encoding resulted in appending `&#xd` or `&#13` to the encoded output. This behavioural change was made in the Apache Santuario codebase to comply with RFC 2045. The Santuario team has adopted a position of keeping their libraries compliant with RFC 2045.

        Oracle JDK 8u221 using the legacy encoder returns encoded data in a format without `&#xd` or `&#13`.

        Therefore a new Oracle JDK 8 Updates only system property - `com.sun.org.apache.xml.internal.security.lineFeedOnly` is made available to fall back to legacy Base64 encoded format.

        Users can set this flag in one of two ways:

        1. -Dcom.sun.org.apache.xml.internal.security.lineFeedOnly=true
        2. System.setProperty("com.sun.org.apache.xml.internal.security.lineFeedOnly", "true")

        This new system property is disabled by default. It has no effect on default behaviour nor when `com.sun.org.apache.xml.internal.security.ignoreLineBreaks` property is set.

        Later JDK family versions will only support the recommended property: `com.sun.org.apache.xml.internal.security.ignoreLineBreaks`

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  kravikumar Kiran Sidhartha Ravikumar
                  Reporter:
                  kravikumar Kiran Sidhartha Ravikumar
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: