replace xmlbeans.factory.parse with selectPath calls

git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1618292 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Andreas Beeker 2014-08-15 23:10:07 +00:00
parent ed2a75890f
commit bf87859a20
4 changed files with 22 additions and 46 deletions

View File

@ -24,8 +24,6 @@
package org.apache.poi.poifs.crypt.dsig.facets; package org.apache.poi.poifs.crypt.dsig.facets;
import static org.apache.poi.poifs.crypt.dsig.facets.XAdESXLSignatureFacet.XADES_NAMESPACE;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
@ -35,14 +33,11 @@ import java.util.Map;
import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject; import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.namespace.QName;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject; import org.apache.xmlbeans.XmlObject;
import org.etsi.uri.x01903.v13.QualifyingPropertiesType; import org.etsi.uri.x01903.v13.QualifyingPropertiesType;
import org.etsi.uri.x01903.v13.UnsignedPropertiesType; import org.etsi.uri.x01903.v13.UnsignedPropertiesType;
import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType; import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
import org.w3.x2000.x09.xmldsig.ObjectType;
import org.w3.x2000.x09.xmldsig.SignatureType; import org.w3.x2000.x09.xmldsig.SignatureType;
/** /**
@ -67,18 +62,15 @@ public class Office2010SignatureFacet implements SignatureFacet {
public void postSign(SignatureType signatureElement, List<X509Certificate> signingCertificateChain) { public void postSign(SignatureType signatureElement, List<X509Certificate> signingCertificateChain) {
QualifyingPropertiesType qualProps = null; QualifyingPropertiesType qualProps = null;
try { // check for XAdES-BES
// check for XAdES-BES String qualPropXQuery =
for (ObjectType ot : signatureElement.getObjectList()) { "declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties")); + "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
if (xo != null && xo.length > 0) { + "$this/ds:Object/xades:QualifyingProperties";
qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode()); XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
break; if (xoList.length == 1) {
} qualProps = (QualifyingPropertiesType)xoList[0];
} }
} catch (XmlException e) {
throw new RuntimeException("signature decoding error", e);
}
if (qualProps == null) { if (qualProps == null) {
throw new IllegalArgumentException("no XAdES-BES extension present"); throw new IllegalArgumentException("no XAdES-BES extension present");

View File

@ -46,7 +46,6 @@ import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Reference; import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject; import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.namespace.QName;
import org.apache.poi.poifs.crypt.HashAlgorithm; import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf; import org.apache.poi.poifs.crypt.dsig.HorribleProxies.ASN1InputStreamIf;
@ -67,7 +66,6 @@ import org.apache.poi.poifs.crypt.dsig.services.RevocationDataService;
import org.apache.poi.poifs.crypt.dsig.services.TimeStampService; import org.apache.poi.poifs.crypt.dsig.services.TimeStampService;
import org.apache.poi.util.POILogFactory; import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger; import org.apache.poi.util.POILogger;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject; import org.apache.xmlbeans.XmlObject;
import org.etsi.uri.x01903.v13.CRLIdentifierType; import org.etsi.uri.x01903.v13.CRLIdentifierType;
import org.etsi.uri.x01903.v13.CRLRefType; import org.etsi.uri.x01903.v13.CRLRefType;
@ -92,7 +90,6 @@ import org.etsi.uri.x01903.v13.UnsignedSignaturePropertiesType;
import org.etsi.uri.x01903.v13.XAdESTimeStampType; import org.etsi.uri.x01903.v13.XAdESTimeStampType;
import org.etsi.uri.x01903.v14.ValidationDataType; import org.etsi.uri.x01903.v14.ValidationDataType;
import org.w3.x2000.x09.xmldsig.CanonicalizationMethodType; import org.w3.x2000.x09.xmldsig.CanonicalizationMethodType;
import org.w3.x2000.x09.xmldsig.ObjectType;
import org.w3.x2000.x09.xmldsig.SignatureType; import org.w3.x2000.x09.xmldsig.SignatureType;
import org.w3.x2000.x09.xmldsig.SignatureValueType; import org.w3.x2000.x09.xmldsig.SignatureValueType;
import org.w3c.dom.Node; import org.w3c.dom.Node;
@ -189,18 +186,13 @@ public class XAdESXLSignatureFacet implements SignatureFacet {
LOG.log(POILogger.DEBUG, "XAdES-X-L post sign phase"); LOG.log(POILogger.DEBUG, "XAdES-X-L post sign phase");
QualifyingPropertiesType qualProps = null; QualifyingPropertiesType qualProps = null;
String qualPropXQuery =
try { "declare namespace xades='http://uri.etsi.org/01903/v1.3.2#'; "
// check for XAdES-BES + "declare namespace ds='http://www.w3.org/2000/09/xmldsig#'; "
for (ObjectType ot : signatureElement.getObjectList()) { + "$this/ds:Object/xades:QualifyingProperties";
XmlObject xo[] = ot.selectChildren(new QName(XADES_NAMESPACE, "QualifyingProperties")); XmlObject xoList[] = signatureElement.selectPath(qualPropXQuery);
if (xo != null && xo.length > 0) { if (xoList.length == 1) {
qualProps = QualifyingPropertiesType.Factory.parse(xo[0].getDomNode()); qualProps = (QualifyingPropertiesType)xoList[0];
break;
}
}
} catch (XmlException e) {
throw new RuntimeException("signature decoding error", e);
} }
if (qualProps == null) { if (qualProps == null) {

View File

@ -55,6 +55,7 @@ import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlException; import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject; import org.apache.xmlbeans.XmlObject;
import org.apache.xmlbeans.XmlOptions; import org.apache.xmlbeans.XmlOptions;
import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.CTRelationshipReference;
import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.RelationshipReferenceDocument; import org.openxmlformats.schemas.xpackage.x2006.digitalSignature.RelationshipReferenceDocument;
import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationship; import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationship;
import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationships; import org.openxmlformats.schemas.xpackage.x2006.relationships.CTRelationships;
@ -146,9 +147,7 @@ public class RelationshipTransformService extends TransformService {
LOG.log(POILogger.WARN, "no RelationshipReference/@SourceId parameters present"); LOG.log(POILogger.WARN, "no RelationshipReference/@SourceId parameters present");
} }
for (XmlObject xo : xoList) { for (XmlObject xo : xoList) {
RelationshipReferenceDocument refDoc = String sourceId = ((CTRelationshipReference)xo).getSourceId();
RelationshipReferenceDocument.Factory.parse(xo.getDomNode());
String sourceId = refDoc.getRelationshipReference().getSourceId();
LOG.log(POILogger.DEBUG, "sourceId: ", sourceId); LOG.log(POILogger.DEBUG, "sourceId: ", sourceId);
this.sourceIds.add(sourceId); this.sourceIds.add(sourceId);
} }

View File

@ -33,7 +33,6 @@ import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
import java.io.ByteArrayOutputStream;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileOutputStream; import java.io.FileOutputStream;
@ -55,7 +54,6 @@ import java.util.Date;
import java.util.List; import java.util.List;
import java.util.TimeZone; import java.util.TimeZone;
import javax.crypto.Cipher;
import javax.xml.crypto.KeySelector; import javax.xml.crypto.KeySelector;
import javax.xml.crypto.dsig.XMLSignature; import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory; import javax.xml.crypto.dsig.XMLSignatureFactory;
@ -300,6 +298,8 @@ public class TestSignatureInfo {
QualifyingPropertiesType qualProp = (QualifyingPropertiesType)xoList[0]; QualifyingPropertiesType qualProp = (QualifyingPropertiesType)xoList[0];
boolean qualPropXsdOk = qualProp.validate(); boolean qualPropXsdOk = qualProp.validate();
assertTrue(qualPropXsdOk); assertTrue(qualPropXsdOk);
pkg.close();
} }
private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception { private OPCPackage sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
@ -326,15 +326,8 @@ public class TestSignatureInfo {
assertNotNull(digestInfo.digestValue); assertNotNull(digestInfo.digestValue);
// setup: key material, signature value // setup: key material, signature value
byte[] signatureValue = SignatureInfo.signDigest(keyPair.getPrivate(), HashAlgorithm.sha1, digestInfo.digestValue);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPrivate());
ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
digestInfoValueBuf.write(SignatureInfo.SHA1_DIGEST_INFO_PREFIX);
digestInfoValueBuf.write(digestInfo.digestValue);
byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
byte[] signatureValue = cipher.doFinal(digestInfoValue);
// operate: postSign // operate: postSign
signatureService.postSign(signatureValue, Collections.singletonList(x509)); signatureService.postSign(signatureValue, Collections.singletonList(x509));