svn commit: r1617180 - in /poi/branches/xml_signature/src/ooxml: java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java

[ki...@apache.org]

Author: kiwiwings
Date: Sun Aug 10 23:34:13 2014
New Revision: 1617180

URL: http://svn.apache.org/r1617180
Log:
Tests/fixes for hash > sha1

Modified:
    poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
    poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
    poi/branches/xml_signature/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java

Modified: poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
URL: http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java?rev=1617180&r1=1617179&r2=1617180&view=diff
==============================================================================
--- poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java (original)
+++ poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java Sun Aug 10 23:34:13 2014
@@ -133,7 +133,7 @@ public class SignatureInfo {
         byte[] signatureValue;
         try {
             ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
-            digestInfoValueBuf.write(SHA1_DIGEST_INFO_PREFIX);
+            digestInfoValueBuf.write(getHashMagic(hashAlgo));
             digestInfoValueBuf.write(digestInfo.digestValue);
             byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
             signatureValue = cipher.doFinal(digestInfoValue);
@@ -259,6 +259,20 @@ public class SignatureInfo {
         }
     }
     
+    protected static byte[] getHashMagic(HashAlgorithm hashAlgo) {
+        switch (hashAlgo) {
+        case sha1: return SHA1_DIGEST_INFO_PREFIX;
+        // sha224: return SHA224_DIGEST_INFO_PREFIX;
+        case sha256: return SHA256_DIGEST_INFO_PREFIX;
+        case sha384: return SHA384_DIGEST_INFO_PREFIX;
+        case sha512: return SHA512_DIGEST_INFO_PREFIX;
+        case ripemd128: return RIPEMD128_DIGEST_INFO_PREFIX;
+        case ripemd160: return RIPEMD160_DIGEST_INFO_PREFIX;
+        // case ripemd256: return RIPEMD256_DIGEST_INFO_PREFIX;
+        default: throw new EncryptedDocumentException("Hash algorithm "+hashAlgo+" not supported for signing.");
+        }
+    }
+    
     public static synchronized void initXmlProvider() {
         if (isInitialized) return;
         isInitialized = true;

Modified: poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
URL: http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java?rev=1617180&r1=1617179&r2=1617180&view=diff
==============================================================================
--- poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java (original)
+++ poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java Sun Aug 10 23:34:13 2014
@@ -280,7 +280,7 @@ public class OOXMLSignatureFacet impleme
 
         SignatureInfoV1Document sigV1 = SignatureInfoV1Document.Factory.newInstance();
         CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1();
-        ctSigV1.setManifestHashAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
+        ctSigV1.setManifestHashAlgorithm(hashAlgo.xmlSignUri);
         Node n = ctSigV1.getDomNode();
         ((Element)n).setAttributeNS(Constants.NamespaceSpecNS, "xmlns", "http://schemas.microsoft.com/office/2006/digsig");
         

Modified: poi/branches/xml_signature/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
URL: http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java?rev=1617180&r1=1617179&r2=1617180&view=diff
==============================================================================
--- poi/branches/xml_signature/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java (original)
+++ poi/branches/xml_signature/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java Sun Aug 10 23:34:13 2014
@@ -52,9 +52,9 @@ import javax.crypto.Cipher;
 import org.apache.poi.POIDataSamples;
 import org.apache.poi.openxml4j.opc.OPCPackage;
 import org.apache.poi.openxml4j.opc.PackageAccess;
+import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;
 import org.apache.poi.poifs.crypt.dsig.HorribleProxy;
 import org.apache.poi.poifs.crypt.dsig.SignatureInfo;
-import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;
 import org.apache.poi.poifs.crypt.dsig.services.XmlSignatureService;
 import org.apache.poi.poifs.crypt.dsig.spi.DigestInfo;
 import org.apache.poi.util.IOUtils;
@@ -164,6 +164,7 @@ public class TestSignatureInfo {
         OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
         SignatureInfo si = new SignatureInfo(pkg);
         initKeyPair("Test", "CN=Test");
+        // hash > sha1 doesn't work in excel viewer ...
         si.confirmSignature(keyPair.getPrivate(), x509, HashAlgorithm.sha1);
         List<X509Certificate> signer = si.getSigners();
         assertEquals(1, signer.size());



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org