moparisthebest/poi
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

#58630 - Signing failed after deletion of first sheet

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1715438 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2015-11-20 22:38:27 +00:00
parent 07dc2b9e08
commit 2bc397b665
3 changed files with 37 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
View File

@ -33,7 +33,6 @@ import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
import java.util.Set; import java.util.Set;
import java.util.TimeZone;
import javax.xml.XMLConstants; import javax.xml.XMLConstants;
import javax.xml.crypto.XMLStructure; import javax.xml.crypto.XMLStructure;
@ -113,6 +112,7 @@ public class OOXMLSignatureFacet extends SignatureFacet {
references.add(reference); references.add(reference);
} }
@SuppressWarnings("resource")
protected void addManifestReferences(List<Reference> manifestReferences) protected void addManifestReferences(List<Reference> manifestReferences)
throws XMLSignatureException { throws XMLSignatureException {
@ -149,7 +149,10 @@ public class OOXMLSignatureFacet extends SignatureFacet {
parameterSpec.addRelationshipReference(relationship.getId()); parameterSpec.addRelationshipReference(relationship.getId());
// TODO: find a better way ... // TODO: find a better way ...
String partName = baseUri + relationship.getTargetURI().toString(); String partName = relationship.getTargetURI().toString();
if (!partName.startsWith(baseUri)) {
partName = baseUri + partName;
}
try { try {
partName = new URI(partName).normalize().getPath().replace('\\', '/'); partName = new URI(partName).normalize().getPath().replace('\\', '/');
LOG.log(POILogger.DEBUG, "part name: " + partName); LOG.log(POILogger.DEBUG, "part name: " + partName);

32
src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
View File

@ -28,6 +28,8 @@ import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileOutputStream; import java.io.FileOutputStream;
@ -68,11 +70,13 @@ import org.apache.poi.poifs.crypt.dsig.services.RevocationData;
import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService; import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampService; import org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampServiceValidator; import org.apache.poi.poifs.crypt.dsig.services.TimeStampServiceValidator;
import org.apache.poi.ss.usermodel.WorkbookFactory;
import org.apache.poi.util.DocumentHelper; import org.apache.poi.util.DocumentHelper;
import org.apache.poi.util.IOUtils; import org.apache.poi.util.IOUtils;
import org.apache.poi.util.LocaleUtil; import org.apache.poi.util.LocaleUtil;
import org.apache.poi.util.POILogFactory; import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger; import org.apache.poi.util.POILogger;
import org.apache.poi.xssf.streaming.SXSSFWorkbook;
import org.apache.poi.xssf.usermodel.XSSFWorkbook; import org.apache.poi.xssf.usermodel.XSSFWorkbook;
import org.apache.xmlbeans.XmlObject; import org.apache.xmlbeans.XmlObject;
import org.bouncycastle.asn1.x509.KeyUsage; import org.bouncycastle.asn1.x509.KeyUsage;
@ -240,6 +244,7 @@ public class TestSignatureInfo {
public void testManipulation() throws Exception { public void testManipulation() throws Exception {
// sign & validate // sign & validate
String testFile = "hello-world-unsigned.xlsx"; String testFile = "hello-world-unsigned.xlsx";
@SuppressWarnings("resource")
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE); OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
sign(pkg, "Test", "CN=Test", 1); sign(pkg, "Test", "CN=Test", 1);
@ -379,6 +384,7 @@ public class TestSignatureInfo {
try { try {
si.confirmSignature(); si.confirmSignature();
} catch (RuntimeException e) { } catch (RuntimeException e) {
pkg.close();
// only allow a ConnectException because of timeout, we see this in Jenkins from time to time... // only allow a ConnectException because of timeout, we see this in Jenkins from time to time...
if(e.getCause() == null) { if(e.getCause() == null) {
throw e; throw e;
@ -547,6 +553,32 @@ public class TestSignatureInfo {
} }
} }
@Test
public void bug58630() throws Exception {
// test deletion of sheet 0 and signing
File tpl = copy(testdata.getFile("bug58630.xlsx"));
SXSSFWorkbook wb1 = new SXSSFWorkbook((XSSFWorkbook)WorkbookFactory.create(tpl), 10);
wb1.setCompressTempFiles(true);
wb1.removeSheetAt(0);
ByteArrayOutputStream os = new ByteArrayOutputStream();
wb1.write(os);
wb1.close();
OPCPackage pkg = OPCPackage.open(new ByteArrayInputStream(os.toByteArray()));
initKeyPair("Test", "CN=Test");
SignatureConfig signatureConfig = new SignatureConfig();
signatureConfig.setKey(keyPair.getPrivate());
signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
signatureConfig.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(signatureConfig);
si.confirmSignature();
assertTrue("invalid signature", si.verifySignature());
pkg.close();
}
private void sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception { private void sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
initKeyPair(alias, signerDn); initKeyPair(alias, signerDn);

BIN
test-data/xmldsign/bug58630.xlsx Normal file
View File

Binary file not shown.