XML signatures - ignore line breaks in Office 2007 .rels files

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1643415 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2014-12-05 20:20:23 +00:00
parent 680feb50ee
commit 93dffcb366
3 changed files with 36 additions and 12 deletions

View File

@ -24,7 +24,10 @@
package org.apache.poi.poifs.crypt.dsig; package org.apache.poi.poifs.crypt.dsig;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
@ -81,12 +84,28 @@ public class OOXMLURIDereferencer implements URIDereferencer, SignatureConfigura
LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri); LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri);
return this.baseUriDereferencer.dereference(uriReference, context); return this.baseUriDereferencer.dereference(uriReference, context);
} }
InputStream dataStream;
try { try {
return new OctetStreamData(part.getInputStream(), uri.toString(), null); dataStream = part.getInputStream();
// workaround for office 2007 pretty-printed .rels files
if (part.getPartName().toString().endsWith(".rels")) {
// although xmlsec has an option to ignore line breaks, currently this
// only affects .rels files, so we only modify these
// http://stackoverflow.com/questions/4728300
ByteArrayOutputStream bos = new ByteArrayOutputStream();
for (int ch; (ch = dataStream.read()) != -1; ) {
if (ch == 10 || ch == 13) continue;
bos.write(ch);
}
dataStream = new ByteArrayInputStream(bos.toByteArray());
}
} catch (IOException e) { } catch (IOException e) {
throw new URIReferenceException("I/O error: " + e.getMessage(), e); throw new URIReferenceException("I/O error: " + e.getMessage(), e);
} }
return new OctetStreamData(dataStream, uri.toString(), null);
} }
private PackagePart findPart(URI uri) { private PackagePart findPart(URI uri) {

View File

@ -23,7 +23,10 @@
================================================================= */ ================================================================= */
package org.apache.poi.poifs.crypt; package org.apache.poi.poifs.crypt;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
@ -108,6 +111,17 @@ public class TestSignatureInfo {
additionalJar == null || additionalJar.trim().length() == 0); additionalJar == null || additionalJar.trim().length() == 0);
} }
@Test
public void office2007prettyPrintedRels() throws Exception {
OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
boolean isValid = si.verifySignature();
assertTrue(isValid);
}
@Test @Test
public void getSignerUnsigned() throws Exception { public void getSignerUnsigned() throws Exception {
String testFiles[] = { String testFiles[] = {
@ -222,7 +236,6 @@ public class TestSignatureInfo {
public void testManipulation() throws Exception { public void testManipulation() throws Exception {
// sign & validate // sign & validate
String testFile = "hello-world-unsigned.xlsx"; String testFile = "hello-world-unsigned.xlsx";
@SuppressWarnings("resource") // closed via XSSFWorkbook.close() below ?!
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE); OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
sign(pkg, "Test", "CN=Test", 1); sign(pkg, "Test", "CN=Test", 1);
@ -523,14 +536,6 @@ public class TestSignatureInfo {
si.confirmSignature(); si.confirmSignature();
boolean b = si.verifySignature(); boolean b = si.verifySignature();
assertTrue("Signature not correctly calculated for " + ha, b); assertTrue("Signature not correctly calculated for " + ha, b);
// } catch (EncryptedDocumentException e) {
// // see http://apache-poi.1045710.n5.nabble.com/org-apache-poi-poifs-crypt-TestSignatureInfo-failing-on-trunk-on-Java-6-tp5717032.html
// Throwable cause = e.getCause();
// if (cause instanceof ArrayIndexOutOfBoundsException) {
// LOG.log(POILogger.ERROR, "ignoring AIOOBE - hopefully a SHA2 bug ...", e);
// } else {
// throw e;
// }
} finally { } finally {
if (pkg != null) pkg.close(); if (pkg != null) pkg.close();
} }

Binary file not shown.