moparisthebest
/
poi
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

replace xmlbeans.factory.parse with selectPath calls 

git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1618292 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2014-08-15 23:10:07 +00:00
parent 1b2f321ae9
commit ec7fde8fcb
4 changed files with 22 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java
View File

@ -24,8 +24,6 @@
package org.apache.poi.poifs.crypt.dsig.facets;
import static org.apache.poi.poifs.crypt.dsig.facets.XAdESXLSignatureFacet.XADES_NAMESPACE;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
@ -35,14 +33,11 @@ import java.util.Map;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.namespace.QName;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import org.etsi.uri.x01903.v13.QualifyingPropertiesType;
import org.etsi.uri.x01903.v13.UnsignedPropertiesType;
import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
import org.w3.x2000.x09.xmldsig.ObjectType;
import org.w3.x2000.x09.xmldsig.SignatureType;
/**
@ -67,18 +62,15 @@ public class Office2010SignatureFacet implements SignatureFacet {
public void postSign(SignatureType signatureElement, List<X509Certificate> signingCertificateChain) {
QualifyingPropertiesType qualProps = null;
try {
// check for XAdES-BES
for (ObjectType ot : signatureElement.getObjectList()) {
XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties"));
if (xo != null && xo.length > 0) {
qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode());
break;
}
}
} catch (XmlException e) {
throw new RuntimeException("signature decoding error", e);
}
// check for XAdES-BES
String qualPropXQuery =
"declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
+ "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
+ "$this/ds:Object/xades:QualifyingProperties";
XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
if (xoList.length == 1) {
qualProps = (QualifyingPropertiesType)xoList[0];
}
if (qualProps == null) {
throw new IllegalArgumentException("no XAdES-BES extension present");

22
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
View File

@ -46,7 +46,6 @@ import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.namespace.QName;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
@ -67,7 +66,6 @@ import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import org.etsi.uri.x01903.v13.CRLIdentifierType;
import org.etsi.uri.x01903.v13.CRLRefType;
@ -92,7 +90,6 @@ import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
import org.etsi.uri.x01903.v13.XAdESTimeStampType;
import org.etsi.uri.x01903.v14.ValidationDataType;
import org.w3.x2000.x09.xmldsig.CanonicalizationMethodType;
import org.w3.x2000.x09.xmldsig.ObjectType;
import org.w3.x2000.x09.xmldsig.SignatureType;
import org.w3.x2000.x09.xmldsig.SignatureValueType;
import org.w3c.dom.Node;
@ -189,18 +186,13 @@ public class XAdESXLSignatureFacet implements SignatureFacet {
LOG.log(POILogger.DEBUG, "XAdES-X-L post sign phase");
QualifyingPropertiesType qualProps = null;
try {
// check for XAdES-BES
for (ObjectType ot : signatureElement.getObjectList()) {
XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties"));
if (xo != null && xo.length > 0) {
qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode());
break;
}
}
} catch (XmlException e) {
throw new RuntimeException("signature decoding error", e);
String qualPropXQuery =
"declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
+ "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
+ "$this/ds:Object/xades:QualifyingProperties";
XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
if (xoList.length == 1) {
qualProps = (QualifyingPropertiesType)xoList[0];
}
if (qualProps == null) {

5
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java
View File

@ -55,6 +55,7 @@ import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import org.apache.xmlbeans.XmlOptions;
import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.CTRelationshipReference;
import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.RelationshipReferenceDocument;
import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationship;
import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationships;
@ -146,9 +147,7 @@ public class RelationshipTransformService extends TransformService {
LOG.log(POILogger.WARN, "no RelationshipReference/@SourceId parameters present");
}
for (XmlObject xo : xoList) {
RelationshipReferenceDocument refDoc =
RelationshipReferenceDocument.Factory.parse(xo.getDomNode());
String sourceId = refDoc.getRelationshipReference().getSourceId();
String sourceId = ((CTRelationshipReference)xo).getSourceId();
LOG.log(POILogger.DEBUG, "sourceId: ", sourceId);
this.sourceIds.add(sourceId);
}

15
src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
View File

@ -33,7 +33,6 @@ import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
@ -55,7 +54,6 @@ import java.util.Date;
import java.util.List;
import java.util.TimeZone;
import javax.crypto.Cipher;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
@ -300,6 +298,8 @@ public class TestSignatureInfo {
QualifyingPropertiesType qualProp = (QualifyingPropertiesType)xoList[0];
boolean qualPropXsdOk = qualProp.validate();
assertTrue(qualPropXsdOk);
pkg.close();
}
private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
@ -326,15 +326,8 @@ public class TestSignatureInfo {
assertNotNull(digestInfo.digestValue);
// setup: key material, signature value
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
digestInfoValueBuf.write(SignatureInfo.SHA1_DIGEST_INFO_PREFIX);
digestInfoValueBuf.write(digestInfo.digestValue);
byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
byte[] signatureValue = cipher.doFinal(digestInfoValue);
byte[] signatureValue = SignatureInfo.signDigest(keyPair.getPrivate(), HashAlgorithm.sha1, digestInfo.digestValue);
// operate: postSign
signatureService.postSign(signatureValue, Collections.singletonList(x509));