moparisthebest
/
poi
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Tests/fixes for hash > sha1 

git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1617180 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2014-08-10 23:34:13 +00:00
parent 7d445b6693
commit 6bbe12277f
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
View File

@ -133,7 +133,7 @@ public class SignatureInfo {
byte[] signatureValue;
try {
ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
digestInfoValueBuf.write(SHA1_DIGEST_INFO_PREFIX);
digestInfoValueBuf.write(getHashMagic(hashAlgo));
digestInfoValueBuf.write(digestInfo.digestValue);
byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
signatureValue = cipher.doFinal(digestInfoValue);
@ -259,6 +259,20 @@ public class SignatureInfo {
}
}
protected static byte[] getHashMagic(HashAlgorithm hashAlgo) {
switch (hashAlgo) {
case sha1: return SHA1_DIGEST_INFO_PREFIX;
// sha224: return SHA224_DIGEST_INFO_PREFIX;
case sha256: return SHA256_DIGEST_INFO_PREFIX;
case sha384: return SHA384_DIGEST_INFO_PREFIX;
case sha512: return SHA512_DIGEST_INFO_PREFIX;
case ripemd128: return RIPEMD128_DIGEST_INFO_PREFIX;
case ripemd160: return RIPEMD160_DIGEST_INFO_PREFIX;
// case ripemd256: return RIPEMD256_DIGEST_INFO_PREFIX;
default: throw new EncryptedDocumentException("Hash algorithm "+hashAlgo+" not supported for signing.");
}
}
public static synchronized void initXmlProvider() {
if (isInitialized) return;
isInitialized = true;

2
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
View File

@ -280,7 +280,7 @@ public class OOXMLSignatureFacet implements SignatureFacet {
SignatureInfoV1Document sigV1 = SignatureInfoV1Document.Factory.newInstance();
CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1();
ctSigV1.setManifestHashAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
ctSigV1.setManifestHashAlgorithm(hashAlgo.xmlSignUri);
Node n = ctSigV1.getDomNode();
((Element)n).setAttributeNS(Constants.NamespaceSpecNS, "xmlns", "http://schemas.microsoft.com/office/2006/digsig");

3
src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
View File

@ -52,9 +52,9 @@ import javax.crypto.Cipher;
import org.apache.poi.POIDataSamples;
import org.apache.poi.openxml4j.opc.OPCPackage;
import org.apache.poi.openxml4j.opc.PackageAccess;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;
import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
import org.apache.poi.poifs.crypt.dsig.SignatureInfo;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;
import org.apache.poi.poifs.crypt.dsig.services.XmlSignatureService;
import org.apache.poi.poifs.crypt.dsig.spi.DigestInfo;
import org.apache.poi.util.IOUtils;
@ -164,6 +164,7 @@ public class TestSignatureInfo {
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
SignatureInfo si = new SignatureInfo(pkg);
initKeyPair("Test", "CN=Test");
// hash > sha1 doesn't work in excel viewer ...
si.confirmSignature(keyPair.getPrivate(), x509, HashAlgorithm.sha1);
List<X509Certificate> signer = si.getSigners();
assertEquals(1, signer.size());