You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by fa...@apache.org on 2018/01/26 13:30:32 UTC
svn commit: r1822293 - in /poi/trunk: build.xml
src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/
src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java
Author: fanningpj
Date: Fri Jan 26 13:30:32 2018
New Revision: 1822293
URL: http://svn.apache.org/viewvc?rev=1822293&view=rev
Log:
[github-90] change default DSIG algorithm to SHA256. Thanks to Jörn Franke. This closes #90
Added:
poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/
poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java
- copied, changed from r1822277, poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java
Modified:
poi/trunk/build.xml
poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
Modified: poi/trunk/build.xml
URL: http://svn.apache.org/viewvc/poi/trunk/build.xml?rev=1822293&r1=1822292&r2=1822293&view=diff
==============================================================================
--- poi/trunk/build.xml (original)
+++ poi/trunk/build.xml Fri Jan 26 13:30:32 2018
@@ -361,6 +361,7 @@ under the License.
<path id="test.ooxml.classpath">
<path refid="ooxml.classpath"/>
+ <path refid="ooxml.xmlsec.classpath"/>
<path refid="test.jar.classpath"/>
<pathelement location="${ooxml.output.dir}"/>
<pathelement location="${ooxml.output.test.dir}"/>
Modified: poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java?rev=1822293&r1=1822292&r2=1822293&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java Fri Jan 26 13:30:32 2018
@@ -74,7 +74,7 @@ public class SignatureConfig {
private ThreadLocal<Provider> provider = new ThreadLocal<>();
private List<SignatureFacet> signatureFacets = new ArrayList<>();
- private HashAlgorithm digestAlgo = HashAlgorithm.sha1;
+ private HashAlgorithm digestAlgo = HashAlgorithm.sha256;
private Date executionTime = new Date();
private PrivateKey key;
private List<X509Certificate> signingCertificateChain;
@@ -234,7 +234,7 @@ public class SignatureConfig {
}
/**
- * @return the main digest algorithm, defaults to sha-1
+ * @return the main digest algorithm, defaults to sha256
*/
public HashAlgorithm getDigestAlgo() {
return digestAlgo;
Copied: poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java (from r1822277, poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java)
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java?p2=poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java&p1=poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java&r1=1822277&r2=1822293&rev=1822293&view=diff
==============================================================================
--- poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java (original)
+++ poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java Fri Jan 26 13:30:32 2018
@@ -14,96 +14,20 @@
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
-package org.apache.poi.poifs.crypt;
+package org.apache.poi.poifs.crypt.dsig;
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertTrue;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import javax.crypto.Cipher;
-
-import org.apache.poi.POIDataSamples;
-import org.apache.poi.poifs.filesystem.POIFSFileSystem;
-import org.apache.poi.util.IOUtils;
-import org.junit.Assume;
-import org.junit.BeforeClass;
+import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized;
-import org.junit.runners.Parameterized.Parameter;
-import org.junit.runners.Parameterized.Parameters;
-
-@RunWith(Parameterized.class)
-public class TestAgileEncryptionParameters {
-
- static byte testData[];
-
- @Parameter(value = 0)
- public CipherAlgorithm ca;
- @Parameter(value = 1)
- public HashAlgorithm ha;
- @Parameter(value = 2)
- public ChainingMode cm;
- @Parameters(name="{0} {1} {2}")
- public static Collection<Object[]> data() {
- CipherAlgorithm caList[] = { CipherAlgorithm.aes128, CipherAlgorithm.aes192, CipherAlgorithm.aes256, CipherAlgorithm.rc2, CipherAlgorithm.des, CipherAlgorithm.des3 };
- HashAlgorithm haList[] = { HashAlgorithm.sha1, HashAlgorithm.sha256, HashAlgorithm.sha384, HashAlgorithm.sha512, HashAlgorithm.md5 };
- ChainingMode cmList[] = { ChainingMode.cbc, ChainingMode.cfb };
+import static org.junit.Assert.assertEquals;
- List<Object[]> data = new ArrayList<>();
- for (CipherAlgorithm ca : caList) {
- for (HashAlgorithm ha : haList) {
- for (ChainingMode cm : cmList) {
- data.add(new Object[]{ca,ha,cm});
- }
- }
- }
-
- return data;
- }
-
- @BeforeClass
- public static void initTestData() throws Exception {
- InputStream testFile = POIDataSamples.getDocumentInstance().openResourceAsStream("SampleDoc.docx");
- testData = IOUtils.toByteArray(testFile);
- testFile.close();
- }
+public class TestSignatureConfig {
@Test
- public void testAgileEncryptionModes() throws Exception {
- int maxKeyLen = Cipher.getMaxAllowedKeyLength(ca.jceId);
- Assume.assumeTrue("Please install JCE Unlimited Strength Jurisdiction Policy files", maxKeyLen >= ca.defaultKeySize);
-
- ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
- POIFSFileSystem fsEnc = new POIFSFileSystem();
- EncryptionInfo infoEnc = new EncryptionInfo(EncryptionMode.agile, ca, ha, -1, -1, cm);
- Encryptor enc = infoEnc.getEncryptor();
- enc.confirmPassword("foobaa");
- OutputStream os = enc.getDataStream(fsEnc);
- os.write(testData);
- os.close();
- bos.reset();
- fsEnc.writeFilesystem(bos);
- fsEnc.close();
-
- POIFSFileSystem fsDec = new POIFSFileSystem(new ByteArrayInputStream(bos.toByteArray()));
- EncryptionInfo infoDec = new EncryptionInfo(fsDec);
- Decryptor dec = infoDec.getDecryptor();
- boolean passed = dec.verifyPassword("foobaa");
- assertTrue(passed);
- InputStream is = dec.getDataStream(fsDec);
- byte actualData[] = IOUtils.toByteArray(is);
- is.close();
- fsDec.close();
- assertArrayEquals("Failed roundtrip - "+ca+"-"+ha+"-"+cm, testData, actualData);
+ public void testDigestAlgo() throws Exception {
+ SignatureConfig sc = new SignatureConfig();
+ assertEquals(HashAlgorithm.sha256, sc.getDigestAlgo());
+ sc.setDigestAlgo(HashAlgorithm.sha1);
+ assertEquals(HashAlgorithm.sha1, sc.getDigestAlgo());
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org