moparisthebest/poi
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

- Updated to BC 1.51

Browse Source 
- Download BC/test-libs in build.xml

git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1618403 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2014-08-16 19:21:31 +00:00
parent ec7fde8fcb
commit 58b11677cb
7 changed files with 225 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
build.xml
View File

@ -145,10 +145,16 @@ under the License.
<property name="main.ant.url" value="${repository.m2}/maven2/org/apache/ant/ant/1.9.4/ant-1.9.4.jar"/> <property name="main.ant.url" value="${repository.m2}/maven2/org/apache/ant/ant/1.9.4/ant-1.9.4.jar"/>
<property name="main.antlauncher.jar" location="${main.lib}/ant-launcher-1.9.4.jar"/> <property name="main.antlauncher.jar" location="${main.lib}/ant-launcher-1.9.4.jar"/>
<property name="main.antlauncher.url" value="${repository.m2}/maven2/org/apache/ant/ant-launcher/1.9.4/ant-launcher-1.9.4.jar"/> <property name="main.antlauncher.url" value="${repository.m2}/maven2/org/apache/ant/ant-launcher/1.9.4/ant-launcher-1.9.4.jar"/>
<property name="main.mockito.jar" location="${main.lib}/mockito-core-1.9.5.jar"/>
<property name="main.mockito.url" value="${repository.m2}/maven2/org/mockito/mockito-core/1.9.5/mockito-core-1.9.5.jar"/> <!-- test libs -->
<property name="main.objenesis.jar" location="${main.lib}/com.springsource.org.objenesis-1.0.0.jar"/> <property name="test.bouncycastle-prov.jar" location="${main.lib}/bcprov-ext-jdk15on-1.51.jar"/>
<property name="main.objenesis.url" value="http://repository.springsource.com/ivy/bundles/external/org.objenesis/com.springsource.org.objenesis/1.0.0/com.springsource.org.objenesis-1.0.0.jar"/> <property name="test.bouncycastle-prov.url" value="${repository.m2}/maven2/org/bouncycastle/bcprov-ext-jdk15on/1.51/bcprov-ext-jdk15on-1.51.jar"/>
<property name="test.bouncycastle-pkix.jar" location="${main.lib}/bcpkix-jdk15on-151.jar"/>
<property name="test.bouncycastle-pkix.url" value="${repository.m2}/maven2/org/bouncycastle/bcpkix-jdk15on/1.51/bcpkix-jdk15on-151.jar"/>
<property name="test.mockito.jar" location="${main.lib}/mockito-core-1.9.5.jar"/>
<property name="test.mockito.url" value="${repository.m2}/maven2/org/mockito/mockito-core/1.9.5/mockito-core-1.9.5.jar"/>
<property name="test.objenesis.jar" location="${main.lib}/com.springsource.org.objenesis-1.0.0.jar"/>
<property name="test.objenesis.url" value="http://repository.springsource.com/ivy/bundles/external/org.objenesis/com.springsource.org.objenesis/1.0.0/com.springsource.org.objenesis-1.0.0.jar"/>
<!-- jars in the lib-ooxml directory, see the fetch-ooxml-jars target--> <!-- jars in the lib-ooxml directory, see the fetch-ooxml-jars target-->
<property name="ooxml.xmlbeans23.jar" location="${ooxml.lib}/xmlbeans-2.3.0.jar"/> <property name="ooxml.xmlbeans23.jar" location="${ooxml.lib}/xmlbeans-2.3.0.jar"/>
@ -261,6 +267,8 @@ under the License.
<pathelement location="${ooxml.output.dir}"/> <pathelement location="${ooxml.output.dir}"/>
<pathelement location="${ooxml.output.test.dir}"/> <pathelement location="${ooxml.output.test.dir}"/>
<pathelement location="${main.output.test.dir}"/> <pathelement location="${main.output.test.dir}"/>
<pathelement location="${test.mockito.jar}"/>
<pathelement location="${test.objenesis.jar}"/>
</path> </path>
<path id="ooxml-lite.classpath"> <path id="ooxml-lite.classpath">
@ -436,12 +444,16 @@ under the License.
<param name="destfile" value="${rat.jar}"/> <param name="destfile" value="${rat.jar}"/>
</antcall> </antcall>
<antcall target="downloadfile"> <antcall target="downloadfile">
<param name="sourcefile" value="${main.mockito.url}"/> <param name="sourcefile" value="${test.mockito.url}"/>
<param name="destfile" value="${main.mockito.jar}"/> <param name="destfile" value="${test.mockito.jar}"/>
</antcall> </antcall>
<antcall target="downloadfile"> <antcall target="downloadfile">
<param name="sourcefile" value="${main.objenesis.url}"/> <param name="sourcefile" value="${test.objenesis.url}"/>
<param name="destfile" value="${main.objenesis.jar}"/> <param name="destfile" value="${test.objenesis.jar}"/>
</antcall>
<antcall target="downloadfile">
<param name="sourcefile" value="${test.bouncycastle-prov.url}"/>
<param name="destfile" value="${test.bouncycastle-prov.jar}"/>
</antcall> </antcall>
</target> </target>
@ -692,6 +704,7 @@ under the License.
includeantruntime="false"> includeantruntime="false">
<classpath> <classpath>
<path refid="ooxml.classpath"/> <path refid="ooxml.classpath"/>
<path refid="test.ooxml.classpath"/>
<pathelement path="${ooxml.output.dir}"/> <pathelement path="${ooxml.output.dir}"/>
<pathelement path="${main.output.test.dir}"/> <pathelement path="${main.output.test.dir}"/>
</classpath> </classpath>

109
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxies.java
View File

@ -30,13 +30,21 @@ public interface HorribleProxies {
ASN1OctetStringIf readObject$ASNString() throws IOException; ASN1OctetStringIf readObject$ASNString() throws IOException;
DEROctetStringIf readObject$DERString() throws IOException; DEROctetStringIf readObject$DERString() throws IOException;
DERIntegerIf readObject$Integer() throws IOException; ASN1IntegerIf readObject$Integer() throws IOException;
ASN1SequenceIf readObject$Sequence() throws IOException; ASN1SequenceIf readObject$Sequence() throws IOException;
Object readObject$Object() throws IOException; Object readObject$Object() throws IOException;
} }
public interface ASN1IntegerIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.ASN1Integer";
BigInteger getPositiveValue();
}
public interface ASN1ObjectIdentifierIf extends ProxyIf { public interface ASN1ObjectIdentifierIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.ASN1ObjectIdentifier"; String delegateClass = "org.bouncycastle.asn1.ASN1ObjectIdentifier";
String getId();
} }
public interface ASN1OctetStringIf extends ProxyIf { public interface ASN1OctetStringIf extends ProxyIf {
@ -62,7 +70,7 @@ public interface HorribleProxies {
} }
public interface BasicOCSPRespIf extends ProxyIf { public interface BasicOCSPRespIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.BasicOCSPResp"; String delegateClass = "org.bouncycastle.cert.ocsp.BasicOCSPResp";
Date getProducedAt(); Date getProducedAt();
RespIDIf getResponderId(); RespIDIf getResponderId();
} }
@ -101,11 +109,6 @@ public interface HorribleProxies {
String delegateClass = "org.bouncycastle.asn1.DERIA5String"; String delegateClass = "org.bouncycastle.asn1.DERIA5String";
} }
public interface DERIntegerIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.DERInteger";
BigInteger getPositiveValue();
}
public interface DEROctetStringIf extends ProxyIf { public interface DEROctetStringIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.DEROctetString"; String delegateClass = "org.bouncycastle.asn1.DEROctetString";
byte[] getOctets(); byte[] getOctets();
@ -152,6 +155,15 @@ public interface HorribleProxies {
void marshal(Node node, String prefix, DOMCryptoContext context) throws MarshalException; void marshal(Node node, String prefix, DOMCryptoContext context) throws MarshalException;
} }
public interface ExtensionsIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.Extensions";
}
public interface ExtensionIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.Extension";
}
public interface GeneralNameIf extends ProxyIf { public interface GeneralNameIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.GeneralName"; String delegateClass = "org.bouncycastle.asn1.x509.GeneralName";
@ -168,13 +180,48 @@ public interface HorribleProxies {
void init(); void init();
} }
public interface JcaDigestCalculatorProviderBuilderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder";
JcaDigestCalculatorProviderBuilderIf setProvider(String provider);
DigestCalculatorProviderIf build();
}
public interface JcaContentSignerBuilderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.operator.jcajce.JcaContentSignerBuilder";
JcaContentSignerBuilderIf setProvider(String provider);
ContentSignerIf build(PrivateKey paramPrivateKey);
}
public interface ContentSignerIf extends ProxyIf {
String delegateClass = "org.bouncycastle.operator.ContentSigner";
}
public interface DigestCalculatorProviderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.operator.DigestCalculatorProvider";
DigestCalculatorIf get(AlgorithmIdentifierIf paramAlgorithmIdentifier);
}
public interface DigestCalculatorIf extends ProxyIf {
String delegateClass = "org.bouncycastle.operator.DigestCalculator";
}
public interface AlgorithmIdentifierIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.AlgorithmIdentifier";
}
public interface KeyUsageIf extends ProxyIf { public interface KeyUsageIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.KeyUsage"; String delegateClass = "org.bouncycastle.asn1.x509.KeyUsage";
int digitalSignature(); int digitalSignature();
} }
public interface OCSPObjectIdentifiersIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers";
ASN1ObjectIdentifierIf id_pkix_ocsp_nonce();
}
public interface OCSPRespIf extends ProxyIf { public interface OCSPRespIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.OCSPResp"; String delegateClass = "org.bouncycastle.cert.ocsp.OCSPResp";
BasicOCSPRespIf getResponseObject(); BasicOCSPRespIf getResponseObject();
byte[] getEncoded() throws IOException; byte[] getEncoded() throws IOException;
} }
@ -185,7 +232,7 @@ public interface HorribleProxies {
} }
public interface RespIDIf extends ProxyIf { public interface RespIDIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.RespID"; String delegateClass = "org.bouncycastle.cert.ocsp.RespID";
ResponderIDIf toASN1Object(); ResponderIDIf toASN1Object();
} }
@ -291,30 +338,39 @@ public interface HorribleProxies {
} }
public interface OCSPReqIf extends ProxyIf { public interface OCSPReqIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.OCSPReq"; String delegateClass = "org.bouncycastle.cert.ocsp.OCSPReq";
ReqIf[] getRequestList(); ReqIf[] getRequestList();
} }
public interface OCSPReqGeneratorIf extends ProxyIf { public interface OCSPReqBuilderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.OCSPReqGenerator"; String delegateClass = "org.bouncycastle.cert.ocsp.OCSPReqBuilder";
void addRequest(CertificateIDIf certId); OCSPReqBuilderIf addRequest(CertificateIDIf certId);
OCSPReqIf generate(); OCSPReqBuilderIf setRequestExtensions(ExtensionsIf paramExtensions);
OCSPReqIf build();
} }
public interface BasicOCSPRespGeneratorIf extends ProxyIf { public interface OCSPRespBuilderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.BasicOCSPRespGenerator"; String delegateClass = "org.bouncycastle.cert.ocsp.OCSPRespBuilder";
void addResponse(CertificateIDIf certificateID, CertificateStatusIf certificateStatus); OCSPRespIf build(int status, BasicOCSPRespIf basicOcspResp);
BasicOCSPRespIf generate(String signatureAlgorithm, PrivateKey ocspResponderPrivateKey, int SUCCESSFUL();
X509Certificate chain[], Date date, String provider); }
public interface BasicOCSPRespBuilderIf extends ProxyIf {
String delegateClass = "org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder";
BasicOCSPRespBuilderIf addResponse(CertificateIDIf certificateID, CertificateStatusIf certificateStatus);
BasicOCSPRespBuilderIf setResponseExtensions(ExtensionsIf paramExtensions);
BasicOCSPRespIf build(ContentSignerIf paramContentSigner, X509CertificateHolderIf[] paramArrayOfX509CertificateHolder, Date paramDate);
} }
public interface CertificateIDIf extends ProxyIf { public interface CertificateIDIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.CertificateID"; String delegateClass = "org.bouncycastle.cert.ocsp.CertificateID";
String HASH_SHA1(); AlgorithmIdentifierIf HASH_SHA1();
} }
public interface X509ExtensionsIf extends ProxyIf { public interface X509ExtensionsIf extends ProxyIf {
@ -348,13 +404,13 @@ public interface HorribleProxies {
} }
public interface ReqIf extends ProxyIf { public interface ReqIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.Req"; String delegateClass = "org.bouncycastle.cert.ocsp.Req";
CertificateIDIf getCertID(); CertificateIDIf getCertID();
} }
public interface CertificateStatusIf extends ProxyIf { public interface CertificateStatusIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.CertificateStatus"; String delegateClass = "org.bouncycastle.cert.ocsp.CertificateStatus";
CertificateStatusIf GOOD(); CertificateStatusIf GOOD();
} }
@ -366,11 +422,6 @@ public interface HorribleProxies {
public interface CRLReasonIf extends ProxyIf { public interface CRLReasonIf extends ProxyIf {
String delegateClass = "org.bouncycastle.asn1.x509.CRLReason"; String delegateClass = "org.bouncycastle.asn1.x509.CRLReason";
int unspecified(); int unspecified();
} int privilegeWithdrawn();
public interface OCSPRespGeneratorIf extends ProxyIf {
String delegateClass = "org.bouncycastle.ocsp.OCSPRespGenerator";
int SUCCESSFUL();
OCSPRespIf generate(int status, BasicOCSPRespIf basicOCSPResp);
} }
} }

16
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/HorribleProxy.java
View File

@ -30,6 +30,7 @@ public class HorribleProxy implements InvocationHandler {
this.delegateClass = delegateClass; this.delegateClass = delegateClass;
// delegateRef can be null, then we have to deal with deferred initialisation // delegateRef can be null, then we have to deal with deferred initialisation
this.delegateRef = delegateRef; this.delegateRef = delegateRef;
initDeferred = (delegateRef == null);
} }
/** /**
@ -211,7 +212,20 @@ public class HorribleProxy implements InvocationHandler {
types[i] = args[i].getClass(); types[i] = args[i].getClass();
} }
if (ProxyIf.class.isAssignableFrom(types[i])) { if (types[i].isArray()) {
// TODO: check for null arguments ...
if (ProxyIf.class.isAssignableFrom(types[i].getComponentType())) {
ProxyIf pifs[] = (ProxyIf[])args[i];
Class<?> dc = getDelegateClass((Class<? extends ProxyIf>)types[i].getComponentType());
int dcArrSize = (pifs==null ? 0 : pifs.length);
Object[] dcArr = (Object[])Array.newInstance(dc, dcArrSize);
for (int j=0;j<dcArrSize;j++) {
dcArr[j] = pifs[j].getDelegate();
}
args[i] = dcArr;
types[i] = dcArr.getClass();
}
} else if (ProxyIf.class.isAssignableFrom(types[i])) {
types[i] = getDelegateClass((Class<? extends ProxyIf>)types[i]); types[i] = getDelegateClass((Class<? extends ProxyIf>)types[i]);
if (args[i] != null) { if (args[i] != null) {
args[i] = ((ProxyIf)args[i]).getDelegate(); args[i] = ((ProxyIf)args[i]).getDelegate();

13
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
View File

@ -24,6 +24,8 @@
package org.apache.poi.poifs.crypt.dsig.facets; package org.apache.poi.poifs.crypt.dsig.facets;
import static org.apache.poi.poifs.crypt.dsig.HorribleProxy.newProxy;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.math.BigInteger; import java.math.BigInteger;
@ -49,15 +51,16 @@ import javax.xml.crypto.dsig.XMLSignatureFactory;
import org.apache.poi.poifs.crypt.HashAlgorithm; import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1IntegerIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1OctetStringIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1OctetStringIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CanonicalizerIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CanonicalizerIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERIntegerIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERTaggedObjectIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERTaggedObjectIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.InitIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.InitIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.RespIDIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.RespIDIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ResponderIDIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ResponderIDIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ExtensionsIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509NameIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509NameIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxy; import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
import org.apache.poi.poifs.crypt.dsig.SignatureInfo; import org.apache.poi.poifs.crypt.dsig.SignatureInfo;
@ -392,16 +395,18 @@ public class XAdESXLSignatureFacet implements SignatureFacet {
} }
private BigInteger getCrlNumber(X509CRL crl) { private BigInteger getCrlNumber(X509CRL crl) {
byte[] crlNumberExtensionValue = crl.getExtensionValue("2.5.29.20" /*CRLNumber*/); try {
X509ExtensionsIf x509ext = newProxy(X509ExtensionsIf.class);
byte[] crlNumberExtensionValue = crl.getExtensionValue(x509ext.CRLNumber().getId());
if (null == crlNumberExtensionValue) { if (null == crlNumberExtensionValue) {
return null; return null;
} }
try {
ASN1InputStreamIf asn1InputStream = HorribleProxy.newProxy(ASN1InputStreamIf.class, crlNumberExtensionValue); ASN1InputStreamIf asn1InputStream = HorribleProxy.newProxy(ASN1InputStreamIf.class, crlNumberExtensionValue);
ASN1OctetStringIf octetString = asn1InputStream.readObject$ASNString(); ASN1OctetStringIf octetString = asn1InputStream.readObject$ASNString();
byte[] octets = octetString.getOctets(); byte[] octets = octetString.getOctets();
asn1InputStream = HorribleProxy.newProxy(ASN1InputStreamIf.class, octets); asn1InputStream = HorribleProxy.newProxy(ASN1InputStreamIf.class, octets);
DERIntegerIf integer = asn1InputStream.readObject$Integer(); ASN1IntegerIf integer = asn1InputStream.readObject$Integer();
BigInteger crlNumber = integer.getPositiveValue(); BigInteger crlNumber = integer.getPositiveValue();
return crlNumber; return crlNumber;
} catch (Exception e) { } catch (Exception e) {

144
src/ooxml/testcases/org/apache/poi/poifs/crypt/PkiTestUtils.java
View File

@ -16,6 +16,8 @@
==================================================================== */ ==================================================================== */
package org.apache.poi.poifs.crypt; package org.apache.poi.poifs.crypt;
import static org.apache.poi.poifs.crypt.dsig.HorribleProxy.newProxy;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
@ -54,33 +56,41 @@ import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityInformationAccessIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityInformationAccessIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityKeyIdentifierIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.AuthorityKeyIdentifierIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicConstraintsIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicConstraintsIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespGeneratorIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespBuilderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.BasicOCSPRespIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CRLNumberIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CRLNumberIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CRLReasonIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CRLReasonIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CertificateIDIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CertificateIDIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CertificateStatusIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.CertificateStatusIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ContentSignerIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERIA5StringIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERIA5StringIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DEROctetStringIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERSequenceIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DERSequenceIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DigestCalculatorIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DistributionPointIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DistributionPointIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DistributionPointNameIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.DistributionPointNameIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ExtensionIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ExtensionsIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.GeneralNameIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.GeneralNameIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.GeneralNamesIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.GeneralNamesIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.JcaContentSignerBuilderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.JcaDigestCalculatorProviderBuilderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPReqGeneratorIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPObjectIdentifiersIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPReqBuilderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPReqIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPReqIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespGeneratorIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespBuilderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.OCSPRespIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ReqIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ReqIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.RevokedStatusIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.RevokedStatusIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.SubjectKeyIdentifierIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.SubjectKeyIdentifierIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.SubjectPublicKeyInfoIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.SubjectPublicKeyInfoIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509CertificateHolderIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ExtensionsIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ExtensionsIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ObjectIdentifiersIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509ObjectIdentifiersIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509PrincipalIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509PrincipalIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V2CRLGeneratorIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V2CRLGeneratorIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V3CertificateGeneratorIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.X509V3CertificateGeneratorIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
import org.w3c.dom.Document; import org.w3c.dom.Document;
import org.w3c.dom.Node; import org.w3c.dom.Node;
import org.xml.sax.InputSource; import org.xml.sax.InputSource;
@ -105,10 +115,10 @@ public class PkiTestUtils {
throws IOException, ClassNotFoundException, NoSuchMethodException, InstantiationException throws IOException, ClassNotFoundException, NoSuchMethodException, InstantiationException
, IllegalAccessException, InvocationTargetException, NoSuchFieldException { , IllegalAccessException, InvocationTargetException, NoSuchFieldException {
ByteArrayInputStream bais = new ByteArrayInputStream(publicKey.getEncoded()); ByteArrayInputStream bais = new ByteArrayInputStream(publicKey.getEncoded());
ASN1InputStreamIf asnObj = HorribleProxy.newProxy(ASN1InputStreamIf.class, bais); ASN1InputStreamIf asnObj = newProxy(ASN1InputStreamIf.class, bais);
SubjectPublicKeyInfoIf info = SubjectPublicKeyInfoIf info =
HorribleProxy.newProxy(SubjectPublicKeyInfoIf.class, asnObj.readObject$Sequence()); newProxy(SubjectPublicKeyInfoIf.class, asnObj.readObject$Sequence());
SubjectKeyIdentifierIf keyId = HorribleProxy.newProxy(SubjectKeyIdentifierIf.class, info); SubjectKeyIdentifierIf keyId = newProxy(SubjectKeyIdentifierIf.class, info);
return keyId; return keyId;
} }
@ -117,10 +127,10 @@ public class PkiTestUtils {
, IllegalAccessException, InvocationTargetException, NoSuchFieldException { , IllegalAccessException, InvocationTargetException, NoSuchFieldException {
ByteArrayInputStream bais = new ByteArrayInputStream(publicKey.getEncoded()); ByteArrayInputStream bais = new ByteArrayInputStream(publicKey.getEncoded());
ASN1InputStreamIf asnObj = HorribleProxy.newProxy(ASN1InputStreamIf.class, bais); ASN1InputStreamIf asnObj = newProxy(ASN1InputStreamIf.class, bais);
SubjectPublicKeyInfoIf info = SubjectPublicKeyInfoIf info =
HorribleProxy.newProxy(SubjectPublicKeyInfoIf.class, asnObj.readObject$Sequence()); newProxy(SubjectPublicKeyInfoIf.class, asnObj.readObject$Sequence());
AuthorityKeyIdentifierIf keyId = HorribleProxy.newProxy(AuthorityKeyIdentifierIf.class, info); AuthorityKeyIdentifierIf keyId = newProxy(AuthorityKeyIdentifierIf.class, info);
return keyId; return keyId;
} }
@ -135,16 +145,16 @@ public class PkiTestUtils {
, InstantiationException, NoSuchMethodException, ClassNotFoundException, NoSuchFieldException , InstantiationException, NoSuchMethodException, ClassNotFoundException, NoSuchFieldException
{ {
String signatureAlgorithm = "SHA1withRSA"; String signatureAlgorithm = "SHA1withRSA";
X509V3CertificateGeneratorIf certificateGenerator = HorribleProxy.newProxy(X509V3CertificateGeneratorIf.class); X509V3CertificateGeneratorIf certificateGenerator = newProxy(X509V3CertificateGeneratorIf.class);
certificateGenerator.reset(); certificateGenerator.reset();
certificateGenerator.setPublicKey(subjectPublicKey); certificateGenerator.setPublicKey(subjectPublicKey);
certificateGenerator.setSignatureAlgorithm(signatureAlgorithm); certificateGenerator.setSignatureAlgorithm(signatureAlgorithm);
certificateGenerator.setNotBefore(notBefore); certificateGenerator.setNotBefore(notBefore);
certificateGenerator.setNotAfter(notAfter); certificateGenerator.setNotAfter(notAfter);
X509PrincipalIf subjectDN = HorribleProxy.newProxy(X509PrincipalIf.class, subjectDn); X509PrincipalIf subjectDN = newProxy(X509PrincipalIf.class, subjectDn);
X509PrincipalIf issuerDN; X509PrincipalIf issuerDN;
if (null != issuerCertificate) { if (null != issuerCertificate) {
issuerDN = HorribleProxy.newProxy(X509PrincipalIf.class, issuerCertificate issuerDN = newProxy(X509PrincipalIf.class, issuerCertificate
.getSubjectX500Principal().toString()); .getSubjectX500Principal().toString());
} else { } else {
issuerDN = subjectDN; issuerDN = subjectDN;
@ -154,7 +164,7 @@ public class PkiTestUtils {
certificateGenerator.setSerialNumber(new BigInteger(128, certificateGenerator.setSerialNumber(new BigInteger(128,
new SecureRandom())); new SecureRandom()));
X509ExtensionsIf X509Extensions = HorribleProxy.newProxy(X509ExtensionsIf.class); X509ExtensionsIf X509Extensions = newProxy(X509ExtensionsIf.class);
certificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier(), certificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier(),
false, createSubjectKeyId(subjectPublicKey)); false, createSubjectKeyId(subjectPublicKey));
@ -168,36 +178,36 @@ public class PkiTestUtils {
BasicConstraintsIf bc; BasicConstraintsIf bc;
if (-1 == pathLength) { if (-1 == pathLength) {
bc = HorribleProxy.newProxy(BasicConstraintsIf.class, true); bc = newProxy(BasicConstraintsIf.class, true);
} else { } else {
bc = HorribleProxy.newProxy(BasicConstraintsIf.class, pathLength); bc = newProxy(BasicConstraintsIf.class, pathLength);
} }
certificateGenerator.addExtension(X509Extensions.BasicConstraints(), false, bc); certificateGenerator.addExtension(X509Extensions.BasicConstraints(), false, bc);
} }
if (null != crlUri) { if (null != crlUri) {
GeneralNameIf gn = HorribleProxy.newProxy(GeneralNameIf.class); GeneralNameIf gn = newProxy(GeneralNameIf.class);
int uri = gn.uniformResourceIdentifier(); int uri = gn.uniformResourceIdentifier();
DERIA5StringIf crlUriDer = HorribleProxy.newProxy(DERIA5StringIf.class, crlUri); DERIA5StringIf crlUriDer = newProxy(DERIA5StringIf.class, crlUri);
gn = HorribleProxy.newProxy(GeneralNameIf.class, uri, crlUriDer); gn = newProxy(GeneralNameIf.class, uri, crlUriDer);
DERSequenceIf gnDer = HorribleProxy.newProxy(DERSequenceIf.class, gn); DERSequenceIf gnDer = newProxy(DERSequenceIf.class, gn);
GeneralNamesIf gns = HorribleProxy.newProxy(GeneralNamesIf.class, gnDer); GeneralNamesIf gns = newProxy(GeneralNamesIf.class, gnDer);
DistributionPointNameIf dpn = HorribleProxy.newProxy(DistributionPointNameIf.class, 0, gns); DistributionPointNameIf dpn = newProxy(DistributionPointNameIf.class, 0, gns);
DistributionPointIf distp = HorribleProxy.newProxy(DistributionPointIf.class, dpn, null, null); DistributionPointIf distp = newProxy(DistributionPointIf.class, dpn, null, null);
DERSequenceIf distpDer = HorribleProxy.newProxy(DERSequenceIf.class, distp); DERSequenceIf distpDer = newProxy(DERSequenceIf.class, distp);
certificateGenerator.addExtension(X509Extensions.CRLDistributionPoints(), false, distpDer); certificateGenerator.addExtension(X509Extensions.CRLDistributionPoints(), false, distpDer);
} }
if (null != ocspUri) { if (null != ocspUri) {
GeneralNameIf ocspName = HorribleProxy.newProxy(GeneralNameIf.class); GeneralNameIf ocspName = newProxy(GeneralNameIf.class);
int uri = ocspName.uniformResourceIdentifier(); int uri = ocspName.uniformResourceIdentifier();
ocspName = HorribleProxy.newProxy(GeneralNameIf.class, uri, ocspUri); ocspName = newProxy(GeneralNameIf.class, uri, ocspUri);
X509ObjectIdentifiersIf X509ObjectIdentifiers = HorribleProxy.newProxy(X509ObjectIdentifiersIf.class); X509ObjectIdentifiersIf X509ObjectIdentifiers = newProxy(X509ObjectIdentifiersIf.class);
AuthorityInformationAccessIf authorityInformationAccess = AuthorityInformationAccessIf authorityInformationAccess =
HorribleProxy.newProxy(AuthorityInformationAccessIf.class newProxy(AuthorityInformationAccessIf.class
, X509ObjectIdentifiers.ocspAccessMethod(), ocspName); , X509ObjectIdentifiers.ocspAccessMethod(), ocspName);
certificateGenerator.addExtension( certificateGenerator.addExtension(
@ -259,15 +269,15 @@ public class PkiTestUtils {
CRLException, IllegalStateException, NoSuchAlgorithmException, CRLException, IllegalStateException, NoSuchAlgorithmException,
SignatureException, InvocationTargetException, IllegalAccessException, SignatureException, InvocationTargetException, IllegalAccessException,
InstantiationException, NoSuchMethodException, ClassNotFoundException, NoSuchFieldException { InstantiationException, NoSuchMethodException, ClassNotFoundException, NoSuchFieldException {
X509V2CRLGeneratorIf crlGenerator = HorribleProxy.newProxy(X509V2CRLGeneratorIf.class); X509V2CRLGeneratorIf crlGenerator = newProxy(X509V2CRLGeneratorIf.class);
crlGenerator.setIssuerDN(issuer.getSubjectX500Principal()); crlGenerator.setIssuerDN(issuer.getSubjectX500Principal());
Date now = new Date(); Date now = new Date();
crlGenerator.setThisUpdate(now); crlGenerator.setThisUpdate(now);
crlGenerator.setNextUpdate(new Date(now.getTime() + 100000)); crlGenerator.setNextUpdate(new Date(now.getTime() + 100000));
crlGenerator.setSignatureAlgorithm("SHA1withRSA"); crlGenerator.setSignatureAlgorithm("SHA1withRSA");
X509ExtensionsIf X509Extensions = HorribleProxy.newProxy(X509ExtensionsIf.class); X509ExtensionsIf X509Extensions = newProxy(X509ExtensionsIf.class);
CRLNumberIf crlNumber = HorribleProxy.newProxy(CRLNumberIf.class, new BigInteger("1234")); CRLNumberIf crlNumber = newProxy(CRLNumberIf.class, new BigInteger("1234"));
crlGenerator.addExtension(X509Extensions.CRLNumber(), false, crlNumber); crlGenerator.addExtension(X509Extensions.CRLNumber(), false, crlNumber);
X509CRL x509Crl = crlGenerator.generate(issuerPrivateKey); X509CRL x509Crl = crlGenerator.generate(issuerPrivateKey);
@ -277,19 +287,36 @@ public class PkiTestUtils {
public static OCSPRespIf createOcspResp(X509Certificate certificate, public static OCSPRespIf createOcspResp(X509Certificate certificate,
boolean revoked, X509Certificate issuerCertificate, boolean revoked, X509Certificate issuerCertificate,
X509Certificate ocspResponderCertificate, X509Certificate ocspResponderCertificate,
PrivateKey ocspResponderPrivateKey, String signatureAlgorithm) PrivateKey ocspResponderPrivateKey, String signatureAlgorithm,
long nonceTimeinMillis)
throws Exception { throws Exception {
// request CertificateIDIf certId = newProxy(CertificateIDIf.class);
OCSPReqGeneratorIf ocspReqGenerator = HorribleProxy.newProxy(OCSPReqGeneratorIf.class); DigestCalculatorIf digestCalc =
CertificateIDIf certId = HorribleProxy.newProxy(CertificateIDIf.class); newProxy(JcaDigestCalculatorProviderBuilderIf.class)
String hashSha1 = certId.HASH_SHA1(); .setProvider("BC").build().get(certId.HASH_SHA1());
certId = HorribleProxy.newProxy(CertificateIDIf.class, hashSha1, X509CertificateHolderIf issuerHolder = newProxy(X509CertificateHolderIf.class, issuerCertificate.getEncoded());
issuerCertificate, certificate.getSerialNumber()); certId = newProxy(CertificateIDIf.class, digestCalc, issuerHolder, certificate.getSerialNumber());
ocspReqGenerator.addRequest(certId);
OCSPReqIf ocspReq = ocspReqGenerator.generate();
BasicOCSPRespGeneratorIf basicOCSPRespGenerator = // request
HorribleProxy.newProxy(BasicOCSPRespGeneratorIf.class, ocspResponderCertificate.getPublicKey()); //create a nonce to avoid replay attack
BigInteger nonce = BigInteger.valueOf(nonceTimeinMillis);
OCSPObjectIdentifiersIf oidIf = newProxy(OCSPObjectIdentifiersIf.class);
DEROctetStringIf nonceDer = newProxy(DEROctetStringIf.class, nonce.toByteArray());
ExtensionIf ext = newProxy(ExtensionIf.class, oidIf.id_pkix_ocsp_nonce(), true, nonceDer);
ExtensionsIf exts = newProxy(ExtensionsIf.class, ext);
OCSPReqBuilderIf ocspReqBuilder = newProxy(OCSPReqBuilderIf.class);
ocspReqBuilder.addRequest(certId);
ocspReqBuilder.setRequestExtensions(exts);
OCSPReqIf ocspReq = ocspReqBuilder.build();
SubjectPublicKeyInfoIf keyInfo = newProxy(SubjectPublicKeyInfoIf.class
, certId.HASH_SHA1(), ocspResponderCertificate.getPublicKey().getEncoded());
BasicOCSPRespBuilderIf basicOCSPRespBuilder =
newProxy(BasicOCSPRespBuilderIf.class, keyInfo, digestCalc);
basicOCSPRespBuilder.setResponseExtensions(exts);
// request processing // request processing
ReqIf[] requestList = ocspReq.getRequestList(); ReqIf[] requestList = ocspReq.getRequestList();
@ -297,32 +324,33 @@ public class PkiTestUtils {
CertificateIDIf certificateID = ocspRequest.getCertID(); CertificateIDIf certificateID = ocspRequest.getCertID();
CertificateStatusIf certificateStatus; CertificateStatusIf certificateStatus;
if (revoked) { if (revoked) {
CRLReasonIf crlr = HorribleProxy.newProxy(CRLReasonIf.class); CRLReasonIf crlr = newProxy(CRLReasonIf.class);
RevokedStatusIf rs = HorribleProxy.newProxy(RevokedStatusIf.class, new Date(), crlr.unspecified()); RevokedStatusIf rs = newProxy(RevokedStatusIf.class, new Date(), crlr.privilegeWithdrawn());
certificateStatus = HorribleProxy.newProxy(CertificateStatusIf.class, rs.getDelegate()); certificateStatus = newProxy(CertificateStatusIf.class, rs.getDelegate());
} else { } else {
CertificateStatusIf cs = HorribleProxy.newProxy(CertificateStatusIf.class); CertificateStatusIf cs = newProxy(CertificateStatusIf.class);
certificateStatus = cs.GOOD(); certificateStatus = cs.GOOD();
} }
basicOCSPRespGenerator basicOCSPRespBuilder.addResponse(certificateID, certificateStatus);
.addResponse(certificateID, certificateStatus);
} }
// basic response generation // basic response generation
X509Certificate[] chain = null; X509CertificateHolderIf[] chain = null;
if (!ocspResponderCertificate.equals(issuerCertificate)) { if (!ocspResponderCertificate.equals(issuerCertificate)) {
chain = new X509Certificate[] { ocspResponderCertificate, // TODO: HorribleProxy can't convert array input params yet
issuerCertificate }; chain = new X509CertificateHolderIf[] {
newProxy(X509CertificateHolderIf.class, ocspResponderCertificate),
issuerHolder
};
} }
BasicOCSPRespIf basicOCSPResp = basicOCSPRespGenerator.generate( ContentSignerIf contentSigner = newProxy(JcaContentSignerBuilderIf.class, "SHA1withRSA")
signatureAlgorithm, ocspResponderPrivateKey, chain, new Date(), .setProvider("BC").build(ocspResponderPrivateKey);
"BC"); BasicOCSPRespIf basicOCSPResp = basicOCSPRespBuilder.build(contentSigner, chain, new Date(nonceTimeinMillis));
// response generation
OCSPRespGeneratorIf ocspRespGenerator = HorribleProxy.newProxy(OCSPRespGeneratorIf.class); OCSPRespBuilderIf ocspRespBuilder = newProxy(OCSPRespBuilderIf.class);
OCSPRespIf ocspResp = ocspRespGenerator.generate( OCSPRespIf ocspResp = ocspRespBuilder.build(ocspRespBuilder.SUCCESSFUL(), basicOCSPResp);
ocspRespGenerator.SUCCESSFUL(), basicOCSPResp);
return ocspResp; return ocspResp;
} }

20
src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
View File

@ -92,6 +92,7 @@ public class TestSignatureInfo {
private static final POILogger LOG = POILogFactory.getLogger(TestSignatureInfo.class); private static final POILogger LOG = POILogFactory.getLogger(TestSignatureInfo.class);
private static final POIDataSamples testdata = POIDataSamples.getXmlDSignInstance(); private static final POIDataSamples testdata = POIDataSamples.getXmlDSignInstance();
private static Calendar cal;
private KeyPair keyPair = null; private KeyPair keyPair = null;
private X509Certificate x509 = null; private X509Certificate x509 = null;
@ -99,11 +100,18 @@ public class TestSignatureInfo {
@BeforeClass @BeforeClass
public static void initBouncy() throws MalformedURLException { public static void initBouncy() throws MalformedURLException {
File bcJar = testdata.getFile("bcprov-ext-jdk15on-1.49.jar"); File bcProvJar = new File("lib/bcprov-ext-jdk15on-1.51.jar");
File bcPkixJar = new File("lib/bcpkix-jdk15on-151.jar");
ClassLoader cl = Thread.currentThread().getContextClassLoader(); ClassLoader cl = Thread.currentThread().getContextClassLoader();
URLClassLoader ucl = new URLClassLoader(new URL[]{bcJar.toURI().toURL()}, cl); URLClassLoader ucl = new URLClassLoader(new URL[]{bcProvJar.toURI().toURL(),bcPkixJar.toURI().toURL()}, cl);
Thread.currentThread().setContextClassLoader(ucl); Thread.currentThread().setContextClassLoader(ucl);
CryptoFunctions.registerBouncyCastle(); CryptoFunctions.registerBouncyCastle();
/*** TODO : set cal to now ... only set to fixed date for debugging ... */
cal = Calendar.getInstance();
cal.clear();
cal.setTimeZone(TimeZone.getTimeZone("UTC"));
cal.set(2014, 7, 6, 21, 42, 12);
} }
@Test @Test
@ -231,7 +239,7 @@ public class TestSignatureInfo {
final X509CRL crl = PkiTestUtils.generateCrl(x509, keyPair.getPrivate()); final X509CRL crl = PkiTestUtils.generateCrl(x509, keyPair.getPrivate());
revocationData.addCRL(crl); revocationData.addCRL(crl);
OCSPRespIf ocspResp = PkiTestUtils.createOcspResp(x509, false, OCSPRespIf ocspResp = PkiTestUtils.createOcspResp(x509, false,
x509, x509, keyPair.getPrivate(), "SHA1withRSA"); x509, x509, keyPair.getPrivate(), "SHA1withRSA", cal.getTimeInMillis());
revocationData.addOCSP(ocspResp.getEncoded()); revocationData.addOCSP(ocspResp.getEncoded());
when(mockTimeStampService.timeStamp(any(byte[].class), any(RevocationData.class))) when(mockTimeStampService.timeStamp(any(byte[].class), any(RevocationData.class)))
@ -303,12 +311,6 @@ public class TestSignatureInfo {
} }
private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception { private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
/*** TODO : set cal to now ... only set to fixed date for debugging ... */
Calendar cal = Calendar.getInstance();
cal.clear();
cal.setTimeZone(TimeZone.getTimeZone("UTC"));
cal.set(2014, 7, 6, 21, 42, 12);
XmlSignatureService signatureService = new XmlSignatureService(HashAlgorithm.sha1, pkgCopy); XmlSignatureService signatureService = new XmlSignatureService(HashAlgorithm.sha1, pkgCopy);
signatureService.initFacets(cal.getTime()); signatureService.initFacets(cal.getTime());
initKeyPair(alias, signerDn); initKeyPair(alias, signerDn);

BIN
test-data/xmldsign/bcprov-ext-jdk15on-1.49.jar
View File

Binary file not shown.