You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by fa...@apache.org on 2018/01/26 13:30:32 UTC

svn commit: r1822293 - in /poi/trunk: build.xml src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/ src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java

Author: fanningpj
Date: Fri Jan 26 13:30:32 2018
New Revision: 1822293

URL: http://svn.apache.org/viewvc?rev=1822293&view=rev
Log:
[github-90] change default DSIG algorithm to SHA256. Thanks to Jörn Franke. This closes #90

Added:
    poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/
    poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java
      - copied, changed from r1822277, poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java
Modified:
    poi/trunk/build.xml
    poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java

Modified: poi/trunk/build.xml
URL: http://svn.apache.org/viewvc/poi/trunk/build.xml?rev=1822293&r1=1822292&r2=1822293&view=diff
==============================================================================
--- poi/trunk/build.xml (original)
+++ poi/trunk/build.xml Fri Jan 26 13:30:32 2018
@@ -361,6 +361,7 @@ under the License.
 
     <path id="test.ooxml.classpath">
         <path refid="ooxml.classpath"/>
+        <path refid="ooxml.xmlsec.classpath"/>
         <path refid="test.jar.classpath"/>
         <pathelement location="${ooxml.output.dir}"/>
         <pathelement location="${ooxml.output.test.dir}"/>

Modified: poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java?rev=1822293&r1=1822292&r2=1822293&view=diff
==============================================================================
--- poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java (original)
+++ poi/trunk/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java Fri Jan 26 13:30:32 2018
@@ -74,7 +74,7 @@ public class SignatureConfig {
     private ThreadLocal<Provider> provider = new ThreadLocal<>();
     
     private List<SignatureFacet> signatureFacets = new ArrayList<>();
-    private HashAlgorithm digestAlgo = HashAlgorithm.sha1;
+    private HashAlgorithm digestAlgo = HashAlgorithm.sha256;
     private Date executionTime = new Date();
     private PrivateKey key;
     private List<X509Certificate> signingCertificateChain;
@@ -234,7 +234,7 @@ public class SignatureConfig {
     }
 
     /**
-     * @return the main digest algorithm, defaults to sha-1
+     * @return the main digest algorithm, defaults to sha256
      */
     public HashAlgorithm getDigestAlgo() {
         return digestAlgo;

Copied: poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java (from r1822277, poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java)
URL: http://svn.apache.org/viewvc/poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java?p2=poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java&p1=poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java&r1=1822277&r2=1822293&rev=1822293&view=diff
==============================================================================
--- poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestAgileEncryptionParameters.java (original)
+++ poi/trunk/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java Fri Jan 26 13:30:32 2018
@@ -14,96 +14,20 @@
    See the License for the specific language governing permissions and
    limitations under the License.
 ==================================================================== */
-package org.apache.poi.poifs.crypt;
+package org.apache.poi.poifs.crypt.dsig;
 
-import static org.junit.Assert.assertArrayEquals;
-import static org.junit.Assert.assertTrue;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import javax.crypto.Cipher;
-
-import org.apache.poi.POIDataSamples;
-import org.apache.poi.poifs.filesystem.POIFSFileSystem;
-import org.apache.poi.util.IOUtils;
-import org.junit.Assume;
-import org.junit.BeforeClass;
+import org.apache.poi.poifs.crypt.HashAlgorithm;
 import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.Parameterized;
-import org.junit.runners.Parameterized.Parameter;
-import org.junit.runners.Parameterized.Parameters;
-
-@RunWith(Parameterized.class)
-public class TestAgileEncryptionParameters {
-
-    static byte testData[];
-    
-    @Parameter(value = 0)
-    public CipherAlgorithm ca;
-    @Parameter(value = 1)
-    public HashAlgorithm ha;
-    @Parameter(value = 2)
-    public ChainingMode cm;
 
-    @Parameters(name="{0} {1} {2}")
-    public static Collection<Object[]> data() {
-        CipherAlgorithm caList[] = { CipherAlgorithm.aes128, CipherAlgorithm.aes192, CipherAlgorithm.aes256, CipherAlgorithm.rc2, CipherAlgorithm.des, CipherAlgorithm.des3 };
-        HashAlgorithm haList[] = { HashAlgorithm.sha1, HashAlgorithm.sha256, HashAlgorithm.sha384, HashAlgorithm.sha512, HashAlgorithm.md5 };
-        ChainingMode cmList[] = { ChainingMode.cbc, ChainingMode.cfb };
+import static org.junit.Assert.assertEquals;
 
-        List<Object[]> data = new ArrayList<>();
-        for (CipherAlgorithm ca : caList) {
-            for (HashAlgorithm ha : haList) {
-                for (ChainingMode cm : cmList) {
-                    data.add(new Object[]{ca,ha,cm});
-                }
-            }
-        }
-        
-        return data;
-    }
-    
-    @BeforeClass
-    public static void initTestData() throws Exception {
-        InputStream testFile = POIDataSamples.getDocumentInstance().openResourceAsStream("SampleDoc.docx");
-        testData = IOUtils.toByteArray(testFile);
-        testFile.close();
-    }
+public class TestSignatureConfig {
     
     @Test
-    public void testAgileEncryptionModes() throws Exception {
-        int maxKeyLen = Cipher.getMaxAllowedKeyLength(ca.jceId);
-        Assume.assumeTrue("Please install JCE Unlimited Strength Jurisdiction Policy files", maxKeyLen >= ca.defaultKeySize);
-        
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        POIFSFileSystem fsEnc = new POIFSFileSystem();
-        EncryptionInfo infoEnc = new EncryptionInfo(EncryptionMode.agile, ca, ha, -1, -1, cm);
-        Encryptor enc = infoEnc.getEncryptor();
-        enc.confirmPassword("foobaa");
-        OutputStream os = enc.getDataStream(fsEnc);
-        os.write(testData);
-        os.close();
-        bos.reset();
-        fsEnc.writeFilesystem(bos);
-        fsEnc.close();
-        
-        POIFSFileSystem fsDec = new POIFSFileSystem(new ByteArrayInputStream(bos.toByteArray()));
-        EncryptionInfo infoDec = new EncryptionInfo(fsDec);
-        Decryptor dec = infoDec.getDecryptor();
-        boolean passed = dec.verifyPassword("foobaa");
-        assertTrue(passed);
-        InputStream is = dec.getDataStream(fsDec);
-        byte actualData[] = IOUtils.toByteArray(is);
-        is.close();
-        fsDec.close();
-        assertArrayEquals("Failed roundtrip - "+ca+"-"+ha+"-"+cm, testData, actualData);
+    public void testDigestAlgo() throws Exception {
+        SignatureConfig sc = new SignatureConfig();
+        assertEquals(HashAlgorithm.sha256, sc.getDigestAlgo());
+        sc.setDigestAlgo(HashAlgorithm.sha1);
+        assertEquals(HashAlgorithm.sha1, sc.getDigestAlgo());
     }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org