VOOZH about

URL: https://www.ibm.com/support/pages/apar/IV71772

⇱ IV71772: REDUNDANT NAMESPACE ADDED IN C14N CANONICALIZATION

IV71772: REDUNDANT NAMESPACE ADDED IN C14N CANONICALIZATION

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: N/A
.
XML signed by Java before IV52954 fix cannot be verified by Java
after IV52954 fix when javax.xml.crypto.dsig.cacheReference was
enabled

Local fix

  • Disable javax.xml.crypto.dsig.cacheReference when verify the xml
signature.

Problem summary

  • The problem happens because redundant name space was added to
C14n canonicalized xml, which result in different digest.

Problem conclusion

  • A fix is made to IBMXMLCRYPTO providerThe associated Hursley RTC
Problem Report is 87610The associated Austin CMVC defect is
116463The associated Austin APAR is IV71008JVMs affected: Java
6.0, Java 626, Java 7.0, Java 727 and Java 8The fix was
delivered for Java 6.0 SR16FP4, Java 626 SR8FP4, Java 7.0 SR9,
Java 727 SR3 Java 8 SR1The affected jar is
"ibmxmlcrypto.jar".The build level of this jar for the affected
releases is "20150316"
.
This APAR will be fixed in the following Java Releases:
 7 SR9 (7.0.9.0)
 7 R1 SR3 (7.1.3.0)
 6 R1 SR8 FP4 (6.1.8.4)
 8 SR1 (8.0.1.0)
 6 SR16 FP4 (6.0.16.4)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
Service Refreshes and Fix Packs can be found at:
 https://www.ibm.com/developerworks/java/jdk/

Temporary fix



Comments


    



APAR Information




    

  • APAR number
    IV71772
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    260
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2015-04-01
    • 

  • Closed date
    2015-04-01
    • 

  • Last modified date
    2015-04-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 




    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels


    

  • R260 PSY
       UP
    • 

  • R270 PSY
       UP
    • 

  • R600 PSY
       UP
    • 







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"260","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 01 April 2015