Before reporting an issue

• I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

saml

Describe the bug

When includeKeyInfoInSignature is set to false and sign is called with a null keyName, an IllegalArgumentException is thrown. When includeKeyInfoInSignature is set to false and sign is called with a non-null keyName, KeyInfo is included in the SAML as a stub:

<dsig:KeyInfo>
    <dsig:KeyName/>
</dsig:KeyInfo>

Version

26.5.3

Regression

• The issue is a regression

Expected behavior

Per section 4.5 of the standard, KeyInfo is an optional element. The expectation is that when includeKeyInfoInSignature is set to false, calls to sign will successfully result in a Signature that does not contain the KeyInfo element.

Actual behavior

When includeKeyInfoInSignature is set to false, KeyInfo is included in the Signature if keyName is non-null, and an exception is thrown if keyName is null.

How to Reproduce?

Set XMLSignatureUtil.setIncludeKeyInfoInSignature(false), then call XMLSignatureUtil.sign.

Anything else?

No response