XML signatures - ignore line breaks in Office 2007 .rels files
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1643415 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
680feb50ee
commit
93dffcb366
@ -24,7 +24,10 @@
|
|||||||
|
|
||||||
package org.apache.poi.poifs.crypt.dsig;
|
package org.apache.poi.poifs.crypt.dsig;
|
||||||
|
|
||||||
|
import java.io.ByteArrayInputStream;
|
||||||
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.io.InputStream;
|
||||||
import java.net.URI;
|
import java.net.URI;
|
||||||
import java.net.URISyntaxException;
|
import java.net.URISyntaxException;
|
||||||
|
|
||||||
@ -81,12 +84,28 @@ public class OOXMLURIDereferencer implements URIDereferencer, SignatureConfigura
|
|||||||
LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri);
|
LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri);
|
||||||
return this.baseUriDereferencer.dereference(uriReference, context);
|
return this.baseUriDereferencer.dereference(uriReference, context);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
InputStream dataStream;
|
||||||
try {
|
try {
|
||||||
return new OctetStreamData(part.getInputStream(), uri.toString(), null);
|
dataStream = part.getInputStream();
|
||||||
|
|
||||||
|
// workaround for office 2007 pretty-printed .rels files
|
||||||
|
if (part.getPartName().toString().endsWith(".rels")) {
|
||||||
|
// although xmlsec has an option to ignore line breaks, currently this
|
||||||
|
// only affects .rels files, so we only modify these
|
||||||
|
// http://stackoverflow.com/questions/4728300
|
||||||
|
ByteArrayOutputStream bos = new ByteArrayOutputStream();
|
||||||
|
for (int ch; (ch = dataStream.read()) != -1; ) {
|
||||||
|
if (ch == 10 || ch == 13) continue;
|
||||||
|
bos.write(ch);
|
||||||
|
}
|
||||||
|
dataStream = new ByteArrayInputStream(bos.toByteArray());
|
||||||
|
}
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
throw new URIReferenceException("I/O error: " + e.getMessage(), e);
|
throw new URIReferenceException("I/O error: " + e.getMessage(), e);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return new OctetStreamData(dataStream, uri.toString(), null);
|
||||||
}
|
}
|
||||||
|
|
||||||
private PackagePart findPart(URI uri) {
|
private PackagePart findPart(URI uri) {
|
||||||
|
@ -23,7 +23,10 @@
|
|||||||
================================================================= */
|
================================================================= */
|
||||||
package org.apache.poi.poifs.crypt;
|
package org.apache.poi.poifs.crypt;
|
||||||
|
|
||||||
import static org.junit.Assert.*;
|
import static org.junit.Assert.assertEquals;
|
||||||
|
import static org.junit.Assert.assertFalse;
|
||||||
|
import static org.junit.Assert.assertNotNull;
|
||||||
|
import static org.junit.Assert.assertTrue;
|
||||||
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.FileInputStream;
|
import java.io.FileInputStream;
|
||||||
@ -108,6 +111,17 @@ public class TestSignatureInfo {
|
|||||||
additionalJar == null || additionalJar.trim().length() == 0);
|
additionalJar == null || additionalJar.trim().length() == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void office2007prettyPrintedRels() throws Exception {
|
||||||
|
OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
|
||||||
|
SignatureConfig sic = new SignatureConfig();
|
||||||
|
sic.setOpcPackage(pkg);
|
||||||
|
SignatureInfo si = new SignatureInfo();
|
||||||
|
si.setSignatureConfig(sic);
|
||||||
|
boolean isValid = si.verifySignature();
|
||||||
|
assertTrue(isValid);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getSignerUnsigned() throws Exception {
|
public void getSignerUnsigned() throws Exception {
|
||||||
String testFiles[] = {
|
String testFiles[] = {
|
||||||
@ -222,7 +236,6 @@ public class TestSignatureInfo {
|
|||||||
public void testManipulation() throws Exception {
|
public void testManipulation() throws Exception {
|
||||||
// sign & validate
|
// sign & validate
|
||||||
String testFile = "hello-world-unsigned.xlsx";
|
String testFile = "hello-world-unsigned.xlsx";
|
||||||
@SuppressWarnings("resource") // closed via XSSFWorkbook.close() below ?!
|
|
||||||
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
|
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
|
||||||
sign(pkg, "Test", "CN=Test", 1);
|
sign(pkg, "Test", "CN=Test", 1);
|
||||||
|
|
||||||
@ -523,14 +536,6 @@ public class TestSignatureInfo {
|
|||||||
si.confirmSignature();
|
si.confirmSignature();
|
||||||
boolean b = si.verifySignature();
|
boolean b = si.verifySignature();
|
||||||
assertTrue("Signature not correctly calculated for " + ha, b);
|
assertTrue("Signature not correctly calculated for " + ha, b);
|
||||||
// } catch (EncryptedDocumentException e) {
|
|
||||||
// // see http://apache-poi.1045710.n5.nabble.com/org-apache-poi-poifs-crypt-TestSignatureInfo-failing-on-trunk-on-Java-6-tp5717032.html
|
|
||||||
// Throwable cause = e.getCause();
|
|
||||||
// if (cause instanceof ArrayIndexOutOfBoundsException) {
|
|
||||||
// LOG.log(POILogger.ERROR, "ignoring AIOOBE - hopefully a SHA2 bug ...", e);
|
|
||||||
// } else {
|
|
||||||
// throw e;
|
|
||||||
// }
|
|
||||||
} finally {
|
} finally {
|
||||||
if (pkg != null) pkg.close();
|
if (pkg != null) pkg.close();
|
||||||
}
|
}
|
||||||
|
BIN
test-data/xmldsign/office2007prettyPrintedRels.docx
Normal file
BIN
test-data/xmldsign/office2007prettyPrintedRels.docx
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user