replace xmlbeans.factory.parse with selectPath calls

git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1618292 13f79535-47bb-0310-9956-ffa450edef68

src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java

@@ -24,8 +24,6 @@
 
 package org.apache.poi.poifs.crypt.dsig.facets;
 
-import static org.apache.poi.poifs.crypt.dsig.facets.XAdESXLSignatureFacet.XADES_NAMESPACE;
-
 import java.security.InvalidAlgorithmParameterException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.X509Certificate;
@@ -35,14 +33,11 @@ import java.util.Map;
 import javax.xml.crypto.dsig.Reference;
 import javax.xml.crypto.dsig.XMLObject;
 import javax.xml.crypto.dsig.XMLSignatureFactory;
-import javax.xml.namespace.QName;
 
-import org.apache.xmlbeans.XmlException;
 import org.apache.xmlbeans.XmlObject;
 import org.etsi.uri.x01903.v13.QualifyingPropertiesType;
 import org.etsi.uri.x01903.v13.UnsignedPropertiesType;
 import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
-import org.w3.x2000.x09.xmldsig.ObjectType;
 import org.w3.x2000.x09.xmldsig.SignatureType;
 
 /**
@@ -67,17 +62,14 @@ public class Office2010SignatureFacet implements SignatureFacet {
     public void postSign(SignatureType signatureElement, List<X509Certificate> signingCertificateChain) {
         QualifyingPropertiesType qualProps = null;
         
-        try {
         // check for XAdES-BES
-            for (ObjectType ot : signatureElement.getObjectList()) {
+        String qualPropXQuery =
-                XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties"));
+                "declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
-                if (xo != null && xo.length > 0) {
+              + "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
-                    qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode());
+              + "$this/ds:Object/xades:QualifyingProperties";
-                    break;
+        XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
-                }
+        if (xoList.length == 1) {
-            }
+            qualProps = (QualifyingPropertiesType)xoList[0];
-        } catch (XmlException e) {
-            throw new RuntimeException("signature decoding error", e);
         }
         
         if (qualProps == null) {

src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java

@@ -46,7 +46,6 @@ import javax.xml.crypto.dsig.CanonicalizationMethod;
 import javax.xml.crypto.dsig.Reference;
 import javax.xml.crypto.dsig.XMLObject;
 import javax.xml.crypto.dsig.XMLSignatureFactory;
-import javax.xml.namespace.QName;
 
 import org.apache.poi.poifs.crypt.HashAlgorithm;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
@@ -67,7 +66,6 @@ import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
 import org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
 import org.apache.poi.util.POILogFactory;
 import org.apache.poi.util.POILogger;
-import org.apache.xmlbeans.XmlException;
 import org.apache.xmlbeans.XmlObject;
 import org.etsi.uri.x01903.v13.CRLIdentifierType;
 import org.etsi.uri.x01903.v13.CRLRefType;
@@ -92,7 +90,6 @@ import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
 import org.etsi.uri.x01903.v13.XAdESTimeStampType;
 import org.etsi.uri.x01903.v14.ValidationDataType;
 import org.w3.x2000.x09.xmldsig.CanonicalizationMethodType;
-import org.w3.x2000.x09.xmldsig.ObjectType;
 import org.w3.x2000.x09.xmldsig.SignatureType;
 import org.w3.x2000.x09.xmldsig.SignatureValueType;
 import org.w3c.dom.Node;
@@ -189,18 +186,13 @@ public class XAdESXLSignatureFacet implements SignatureFacet {
         LOG.log(POILogger.DEBUG, "XAdES-X-L post sign phase");
 
         QualifyingPropertiesType qualProps = null;
-        
+        String qualPropXQuery =
-        try {
+                "declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
-            // check for XAdES-BES
+              + "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
-            for (ObjectType ot : signatureElement.getObjectList()) {
+              + "$this/ds:Object/xades:QualifyingProperties";
-                XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties"));
+        XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
-                if (xo != null && xo.length > 0) {
+        if (xoList.length == 1) {
-                    qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode());
+            qualProps = (QualifyingPropertiesType)xoList[0];
-                    break;
-                }
-            }
-        } catch (XmlException e) {
-            throw new RuntimeException("signature decoding error", e);
         }
         
         if (qualProps == null) {

src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java

@@ -55,6 +55,7 @@ import org.apache.xmlbeans.XmlCursor;
 import org.apache.xmlbeans.XmlException;
 import org.apache.xmlbeans.XmlObject;
 import org.apache.xmlbeans.XmlOptions;
+import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.CTRelationshipReference;
 import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.RelationshipReferenceDocument;
 import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationship;
 import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationships;
@@ -146,9 +147,7 @@ public class RelationshipTransformService extends TransformService {
                 LOG.log(POILogger.WARN, "no RelationshipReference/@SourceId parameters present");
             }
             for (XmlObject xo : xoList) {
-                RelationshipReferenceDocument refDoc =
+                String sourceId = ((CTRelationshipReference)xo).getSourceId();
-                    RelationshipReferenceDocument.Factory.parse(xo.getDomNode());
-                String sourceId = refDoc.getRelationshipReference().getSourceId();
                 LOG.log(POILogger.DEBUG, "sourceId: ", sourceId);
                 this.sourceIds.add(sourceId);
             }

src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java

@@ -33,7 +33,6 @@ import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
-import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
@@ -55,7 +54,6 @@ import java.util.Date;
 import java.util.List;
 import java.util.TimeZone;
 
-import javax.crypto.Cipher;
 import javax.xml.crypto.KeySelector;
 import javax.xml.crypto.dsig.XMLSignature;
 import javax.xml.crypto.dsig.XMLSignatureFactory;
@@ -300,6 +298,8 @@ public class TestSignatureInfo {
         QualifyingPropertiesType qualProp = (QualifyingPropertiesType)xoList[0];
         boolean qualPropXsdOk = qualProp.validate();
         assertTrue(qualPropXsdOk);
+        
+        pkg.close();
     }
     
     private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
@@ -326,14 +326,7 @@ public class TestSignatureInfo {
         assertNotNull(digestInfo.digestValue);
 
         // setup: key material, signature value
-
+        byte[] signatureValue = SignatureInfo.signDigest(keyPair.getPrivate(), HashAlgorithm.sha1, digestInfo.digestValue);
-        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
-        ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
-        digestInfoValueBuf.write(SignatureInfo.SHA1_DIGEST_INFO_PREFIX);
-        digestInfoValueBuf.write(digestInfo.digestValue);
-        byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
-        byte[] signatureValue = cipher.doFinal(digestInfoValue);
         
         // operate: postSign
         signatureService.postSign(signatureValue, Collections.singletonList(x509));