-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to verify big xml file with StAX (OutOfMemory exception) #11
Comments
Probably better to raise this over at Apache Santuario. Is the signed document very highly nested? |
Ok, I will. Signed document is not highly nested. Below is a sample of the document. Signed part is the element Object with Id="msg" which contains xml with root "Element" which contains alot of sub elements. <?xml version="1.0" encoding="utf-8"?>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#msg">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>...</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>...</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>...</X509SubjectName>
<X509Certificate>...</X509Certificate>
</X509Data>
</KeyInfo>
<Object Id="msg">
<Element>
<LotsOfChildren>
</LotsOfChildren>
</Element>
</Object>
</Signature> |
Issue created over at Apache Santuario |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi!
With StAX version of signature verification I get OutOfMemory exception. I'm using xmlsec-2.0.8.jar. Exception is thrown at line "inboundXMLSec.processInMessage(xmlStreamReader);" (file: SignatureUtils, method verifyUsingStAX).
XML file size is ~900 MB.
The text was updated successfully, but these errors were encountered: