diff --git a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/AbstractOOXMLSignatureService.java b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/AbstractOOXMLSignatureService.java index f76d69d6a..4b65024b3 100644 --- a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/AbstractOOXMLSignatureService.java +++ b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/AbstractOOXMLSignatureService.java @@ -1,4 +1,3 @@ - /* ==================================================================== Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -120,7 +119,7 @@ public abstract class AbstractOOXMLSignatureService extends AbstractXmlSignature /* * Add a ds:KeyInfo entry. */ - KeyInfoFactory keyInfoFactory = KeyInfoFactory.getInstance(); + KeyInfoFactory keyInfoFactory = CryptoFactoryFactory.getKeyInfoFactory(); List x509DataObjects = new LinkedList(); X509Certificate signingCertificate = signingCertificateChain.get(0); @@ -175,22 +174,18 @@ public abstract class AbstractOOXMLSignatureService extends AbstractXmlSignature try { outputSignedOfficeOpenXMLDocument(this.toByteArray()); } catch (Exception e) { - throw new IOException("generic error: " + e.getMessage(), e); + throw new IOException(e.getMessage()); } } } /** - * The output stream to which to write the signed Office OpenXML file. - * - * @return + * @return The output stream to which to write the signed Office OpenXML file. */ abstract protected OutputStream getSignedOfficeOpenXMLDocumentOutputStream(); /** - * Gives back the URL of the OOXML to be signed. - * - * @return + * @return the URL of the OOXML to be signed. */ abstract protected URL getOfficeOpenXMLDocumentURL(); diff --git a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/CryptoFactoryFactory.java b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/CryptoFactoryFactory.java new file mode 100755 index 000000000..a064b5c12 --- /dev/null +++ b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/CryptoFactoryFactory.java @@ -0,0 +1,44 @@ +/* ==================================================================== + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +==================================================================== */ + +package org.apache.poi.ooxml.signature.service.signer.ooxml; + +import java.security.Provider; + +import javax.xml.crypto.dsig.XMLSignatureFactory; +import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory; + +/** + * Creates {@link XMLSignatureFactory} and {@link KeyInfoFactory} instances + * as used by the ooxml signature service. + */ +final class CryptoFactoryFactory { + + private static final Provider _provider = new org.jcp.xml.dsig.internal.dom.XMLDSigRI(); + + private CryptoFactoryFactory() { + // no instances of this class + } + + public static XMLSignatureFactory getSignatureFactory() { + return XMLSignatureFactory.getInstance("DOM", _provider); + } + + public static KeyInfoFactory getKeyInfoFactory() { + return KeyInfoFactory.getInstance("DOM", _provider); + } +} diff --git a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLSignatureVerifier.java b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLSignatureVerifier.java index 885b7f04f..8de76b79b 100644 --- a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLSignatureVerifier.java +++ b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLSignatureVerifier.java @@ -1,4 +1,3 @@ - /* ==================================================================== Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -66,20 +65,16 @@ import org.xml.sax.SAXException; /** * Signature verifier util class for Office Open XML file format. */ -public class OOXMLSignatureVerifier { +public final class OOXMLSignatureVerifier { private static final Log LOG = LogFactory.getLog(OOXMLSignatureVerifier.class); private OOXMLSignatureVerifier() { - super(); + // no instances of this class; } /** - * Checks whether the file referred by the given URL is an OOXML document. - * - * @param url - * @return - * @throws IOException + * @return true if the file referred by the given URL is an OOXML document. */ public static boolean isOOXML(URL url) throws IOException { ZipInputStream zipInputStream = new ZipInputStream(url.openStream()); @@ -120,7 +115,7 @@ public class OOXMLSignatureVerifier { OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url); domValidateContext.setURIDereferencer(dereferencer); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = CryptoFactoryFactory.getSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); @@ -157,7 +152,7 @@ public class OOXMLSignatureVerifier { OOXMLURIDereferencer dereferencer = new OOXMLURIDereferencer(url); domValidateContext.setURIDereferencer(dereferencer); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = CryptoFactoryFactory.getSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); return xmlSignature.validate(domValidateContext); } diff --git a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLURIDereferencer.java b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLURIDereferencer.java index d00f010a8..8e3d49f4d 100644 --- a/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLURIDereferencer.java +++ b/src/ooxml/java/org/apache/poi/ooxml/signature/service/signer/ooxml/OOXMLURIDereferencer.java @@ -1,4 +1,3 @@ - /* ==================================================================== Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -61,7 +60,7 @@ public class OOXMLURIDereferencer implements URIDereferencer { throw new IllegalArgumentException("ooxmlUrl is null"); } this.ooxmlUrl = ooxmlUrl; - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = CryptoFactoryFactory.getSignatureFactory(); this.baseUriDereferencer = xmlSignatureFactory.getURIDereferencer(); } @@ -105,7 +104,7 @@ public class OOXMLURIDereferencer implements URIDereferencer { return part.getInputStream(); } } - LOG.info("No part found for URI: " + uri); + LOG.debug("No part found for URI: " + uri); return null; } } diff --git a/src/ooxml/testcases/org/apache/poi/ooxml/signature/service/signer/TestAbstractXmlSignatureService.java b/src/ooxml/testcases/org/apache/poi/ooxml/signature/service/signer/TestAbstractXmlSignatureService.java index c1e474f6e..538c96d0b 100644 --- a/src/ooxml/testcases/org/apache/poi/ooxml/signature/service/signer/TestAbstractXmlSignatureService.java +++ b/src/ooxml/testcases/org/apache/poi/ooxml/signature/service/signer/TestAbstractXmlSignatureService.java @@ -1,4 +1,3 @@ - /* ==================================================================== Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with @@ -78,7 +77,7 @@ import org.w3c.dom.NodeList; -public class TestAbstractXmlSignatureService extends TestCase { +public final class TestAbstractXmlSignatureService extends TestCase { private static final Log LOG = LogFactory.getLog(TestAbstractXmlSignatureService.class); @@ -158,6 +157,10 @@ public class TestAbstractXmlSignatureService extends TestCase { } } + private XMLSignatureFactory getXMLSignatureFactory() { + return XMLSignatureFactory.getInstance("DOM", new org.jcp.xml.dsig.internal.dom.XMLDSigRI()); + } + public void testSignEnvelopingDocument() throws Exception { // setup DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); @@ -201,7 +204,7 @@ public class TestAbstractXmlSignatureService extends TestCase { assertNotNull(digestValueNode); String digestValueTextContent = digestValueNode.getTextContent(); LOG.debug("digest value text content: " + digestValueTextContent); - assertFalse(digestValueTextContent.isEmpty()); + assertTrue(digestValueTextContent.length() > 0); /* * Sign the received XML signature digest value. @@ -232,7 +235,7 @@ public class TestAbstractXmlSignatureService extends TestCase { Node signatureNode = signatureNodeList.item(0); DOMValidateContext domValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(keyPair.getPublic()), signatureNode); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = getXMLSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); assertTrue(validity); @@ -299,7 +302,7 @@ public class TestAbstractXmlSignatureService extends TestCase { assertNotNull(digestValueNode); String digestValueTextContent = digestValueNode.getTextContent(); LOG.debug("digest value text content: " + digestValueTextContent); - assertFalse(digestValueTextContent.isEmpty()); + assertTrue(digestValueTextContent.length() > 0); /* * Sign the received XML signature digest value. @@ -331,7 +334,7 @@ public class TestAbstractXmlSignatureService extends TestCase { DOMValidateContext domValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(keyPair.getPublic()), signatureNode); domValidateContext.setURIDereferencer(uriDereferencer); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = getXMLSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); assertTrue(validity); @@ -381,7 +384,7 @@ public class TestAbstractXmlSignatureService extends TestCase { assertNotNull(digestValueNode); String digestValueTextContent = digestValueNode.getTextContent(); LOG.debug("digest value text content: " + digestValueTextContent); - assertFalse(digestValueTextContent.isEmpty()); + assertTrue(digestValueTextContent.length() > 0); /* * Sign the received XML signature digest value. @@ -414,7 +417,7 @@ public class TestAbstractXmlSignatureService extends TestCase { DOMValidateContext domValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(keyPair.getPublic()), signatureNode); URIDereferencer dereferencer = new URITest2Dereferencer(); domValidateContext.setURIDereferencer(dereferencer); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = getXMLSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); assertTrue(validity); @@ -461,7 +464,7 @@ public class TestAbstractXmlSignatureService extends TestCase { assertNotNull(digestValueNode); String digestValueTextContent = digestValueNode.getTextContent(); LOG.debug("digest value text content: " + digestValueTextContent); - assertFalse(digestValueTextContent.isEmpty()); + assertTrue(digestValueTextContent.length() > 0); /* * Sign the received XML signature digest value. @@ -494,7 +497,7 @@ public class TestAbstractXmlSignatureService extends TestCase { DOMValidateContext domValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(keyPair.getPublic()), signatureNode); URIDereferencer dereferencer = new URITest2Dereferencer(); domValidateContext.setURIDereferencer(dereferencer); - XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance(); + XMLSignatureFactory xmlSignatureFactory = getXMLSignatureFactory(); XMLSignature xmlSignature = xmlSignatureFactory.unmarshalXMLSignature(domValidateContext); boolean validity = xmlSignature.validate(domValidateContext); assertTrue(validity); @@ -555,6 +558,6 @@ public class TestAbstractXmlSignatureService extends TestCase { assertNotNull(digestValueNode); String digestValueTextContent = digestValueNode.getTextContent(); LOG.debug("digest value text content: " + digestValueTextContent); - assertFalse(digestValueTextContent.isEmpty()); + assertTrue(digestValueTextContent.length() > 0); } }