Apache XML Security for Java 1.4.0 release notes

• JSR 105 implementation.
• Add XMLCipher.encryptData method that takes serialized data as parameter. See Issue 38668.
• NPE in ResolverDirectHTTP.engineCanResolve. See Issue 4078
• AxisSigner.java doesn't work out of the box. See Issue 40360.
• Impossible to add X509 subelements for signing. See Issue 40404.
• Base64 does not work in EBCDIC machines. See Issue 40215.
• Subtree canonicalization produce incorrect results in certain cases. See Issue 40032.
• Internal. Cannot sign-verify twice in the same thread with different XMLSignature instances. See Issue 40896.
• Internal. KeyResolverSpi derived classes require default constructor. See Issue 40796.
• Different behaviour with NodeSet and RootNode with InclusiveNamespaces. See Issue 37708.
• Signing throws an exception if custom resource resolver is registered. See Issue 37456.
• Canonicalizer gets exception in many namespaces. See Issue 38655.
• Transform TRANSFORM_XPATH2FILTER subtract filter does not work correctly. See Issue 38444.
• X509CertificateResolver does not work in multithread environment. See Issue 38605.
• XMLCipher-loadEncryptedKey() doesn't set the correct CarriedKeyName element. See Issue 39200.
• Findbugs reporting fixed. See Issue 39685.
• Major optimizations for signatures that use node-set transformations(xpath,xpath2,etc), 20-40% speed-up.
• Major optimizations for signatures that use xpath2 transformation.
• Major optimizations in inclusive c14n when using xml:* attributtes.
• Memory footprint reduction: Less object creation. Reuse of "expensive" objects between operations in the same thread.
• Minor Optimizations. Reuse the same Signature object if the key are identical.