You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by ki...@apache.org on 2020/09/08 23:33:25 UTC
svn commit: r1881570 - in /poi/trunk/src/ooxml:
java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java
testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java
Author: kiwiwings
Date: Tue Sep 8 23:33:25 2020
New Revision: 1881570
URL: http://svn.apache.org/viewvc?rev=1881570&view=rev
Log:
ignore IBM certificate chain issue
Modified:
poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java
poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java
Modified: poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java?rev=1881570&r1=1881569&r2=1881570&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java Tue Sep 8 23:33:25 2020
@@ -18,9 +18,9 @@
/* ====================================================================
This product contains an ASLv2 licensed version of the OOXML signer
package from the eID Applet project
- http://code.google.com/p/eid-applet/source/browse/trunk/README.txt
+ http://code.google.com/p/eid-applet/source/browse/trunk/README.txt
Copyright (C) 2008-2014 FedICT.
- ================================================================= */
+ ================================================================= */
package org.apache.poi.poifs.crypt.dsig;
@@ -49,7 +49,7 @@ public class KeyInfoKeySelector extends
private static final POILogger LOG = POILogFactory.getLogger(KeyInfoKeySelector.class);
- private List<X509Certificate> certChain = new ArrayList<>();
+ private final List<X509Certificate> certChain = new ArrayList<>();
@SuppressWarnings("unchecked")
@Override
@@ -89,14 +89,14 @@ public class KeyInfoKeySelector extends
/**
* Gives back the X509 certificate used during the last signature
* verification operation.
- *
+ *
* @return the certificate which was used to sign the xml content
*/
public X509Certificate getSigner() {
// The first certificate is presumably the signer.
return certChain.isEmpty() ? null : certChain.get(0);
}
-
+
public List<X509Certificate> getCertChain() {
return certChain;
}
Modified: poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java?rev=1881570&r1=1881569&r2=1881570&view=diff
==============================================================================
--- poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java (original)
+++ poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java Tue Sep 8 23:33:25 2020
@@ -652,6 +652,8 @@ public class TestSignatureInfo {
@Test
public void testCertChain() throws Exception {
+ final boolean isIBM = System.getProperty("java.vendor").contains("IBM");
+
KeyStore keystore = KeyStore.getInstance("PKCS12");
String password = "test";
try (InputStream is = testdata.openResourceAsStream("chaintest.pfx")) {
@@ -688,7 +690,10 @@ public class TestSignatureInfo {
X509Certificate signer = sp.getSigner();
assertNotNull("signer undefined?!", signer);
List<X509Certificate> certChainRes = sp.getCertChain();
- assertEquals(3, certChainRes.size());
+
+ // IBM JDK is still buggy, even after fix for APAR IJ21985
+ int exp = isIBM ? 1 : 3;
+ assertEquals(exp, certChainRes.size());
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org