From bbe653345bbb5dad2ed2356df6f817dd7de26528 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 23 Jun 2017 11:58:29 +0200
Subject: fix another possible XXE, SSRF problem. INFO: DocTypes are disabled
 by default for all XML content that should be signed with mocca!!!
 Consequently, XML and XAdES signatures for XML documents that contains a
 DocType declaration is not possible any more. If DocType declarations are
 absolutely necessary than this feature can be skipped by set the Java
 System-Property "-Degiz.mocca.xades.xml.allow.doctype=true"

---
 .../gv/egiz/bku/slcommands/impl/SignatureInfo_Base64_4.xml  | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/impl/SignatureInfo_Base64_4.xml

(limited to 'bkucommon/src/test/resources/at/gv/egiz/bku')

diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/impl/SignatureInfo_Base64_4.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/impl/SignatureInfo_Base64_4.xml
new file mode 100644
index 00000000..d7950f1e
--- /dev/null
+++ b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/impl/SignatureInfo_Base64_4.xml
@@ -0,0 +1,13 @@
+<sl:CreateXMLSignatureRequest xmlns:sl="http://www.buergerkarte.at/namespaces/securitylayer/1.2#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+  <sl:SignatureInfo>
+    <sl:SignatureEnvironment>
+      <sl:Base64Content>PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjwhRE9DVFlQRSByIFsNCiAgICA8IUVMRU1FTlQgciBBTlkgPg0KICAgIDwhRU5USVRZICUgc3AgU1lTVEVNICJodHRwOi8vdXBkYXRlLmVnaXouZ3YuYXQvdGVzdC5kdGQiPg0KICAgICVzcDsNCiAgICAlcGFyYW0xOw0KICAgICVleGZpbDsNCl0+DQo8WE1MRG9jdW1lbnQ+DQogICAgPFBhcmFncmFwaD5JY2ggYmluIGRlciBlcnN0ZSBBYnNhdHogaW4gZGllc2VtIERva3VtZW50LjwvUGFyYWdyYXBoPg0KICAgIDxQYXJhZ3JhcGggUGFyYUlkPSJQYXJhMiI+VW5kIGljaCBiaW4gZGVyIHp3ZWl0ZSBBYnNhdHogaW4gZGllc2VtIERva3VtZW50Lg0KICAgIEljaCBoYWJlIHdlaXRlcnMgZWluIGVpZ2VuZW5zIElELUF0dHJpYnV0IGJla29tbWVuLjwvUGFyYWdyYXBoPg0KPC9YTUxEb2N1bWVudD4=</sl:Base64Content>
+    </sl:SignatureEnvironment>
+    <sl:SignatureLocation xmlns:doc="urn:document" Index="1">/XMLDocument</sl:SignatureLocation>
+    <sl:Supplement>
+      <sl:Content Reference="urn:Document.dtd">
+        <sl:LocRefContent>testlocal:Document.dtd</sl:LocRefContent>
+      </sl:Content>
+    </sl:Supplement>
+  </sl:SignatureInfo>
+</sl:CreateXMLSignatureRequest>
\ No newline at end of file
-- 
cgit v1.2.3