byte[] signatureValue;\r
try {\r
ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();\r
- digestInfoValueBuf.write(SHA1_DIGEST_INFO_PREFIX);\r
+ digestInfoValueBuf.write(getHashMagic(hashAlgo));\r
digestInfoValueBuf.write(digestInfo.digestValue);\r
byte[] digestInfoValue = digestInfoValueBuf.toByteArray();\r
signatureValue = cipher.doFinal(digestInfoValue);\r
}\r
}\r
\r
+ protected static byte[] getHashMagic(HashAlgorithm hashAlgo) {\r
+ switch (hashAlgo) {\r
+ case sha1: return SHA1_DIGEST_INFO_PREFIX;\r
+ // sha224: return SHA224_DIGEST_INFO_PREFIX;\r
+ case sha256: return SHA256_DIGEST_INFO_PREFIX;\r
+ case sha384: return SHA384_DIGEST_INFO_PREFIX;\r
+ case sha512: return SHA512_DIGEST_INFO_PREFIX;\r
+ case ripemd128: return RIPEMD128_DIGEST_INFO_PREFIX;\r
+ case ripemd160: return RIPEMD160_DIGEST_INFO_PREFIX;\r
+ // case ripemd256: return RIPEMD256_DIGEST_INFO_PREFIX;\r
+ default: throw new EncryptedDocumentException("Hash algorithm "+hashAlgo+" not supported for signing.");\r
+ }\r
+ }\r
+ \r
public static synchronized void initXmlProvider() {\r
if (isInitialized) return;\r
isInitialized = true;\r
\r
SignatureInfoV1Document sigV1 = SignatureInfoV1Document.Factory.newInstance();\r
CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1();\r
- ctSigV1.setManifestHashAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");\r
+ ctSigV1.setManifestHashAlgorithm(hashAlgo.xmlSignUri);\r
Node n = ctSigV1.getDomNode();\r
((Element)n).setAttributeNS(Constants.NamespaceSpecNS, "xmlns", "http://schemas.microsoft.com/office/2006/digsig");\r
\r
import org.apache.poi.POIDataSamples;\r
import org.apache.poi.openxml4j.opc.OPCPackage;\r
import org.apache.poi.openxml4j.opc.PackageAccess;\r
+import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;\r
import org.apache.poi.poifs.crypt.dsig.HorribleProxy;\r
import org.apache.poi.poifs.crypt.dsig.SignatureInfo;\r
-import org.apache.poi.poifs.crypt.dsig.HorribleProxies.KeyUsageIf;\r
import org.apache.poi.poifs.crypt.dsig.services.XmlSignatureService;\r
import org.apache.poi.poifs.crypt.dsig.spi.DigestInfo;\r
import org.apache.poi.util.IOUtils;\r
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);\r
SignatureInfo si = new SignatureInfo(pkg);\r
initKeyPair("Test", "CN=Test");\r
+ // hash > sha1 doesn't work in excel viewer ...\r
si.confirmSignature(keyPair.getPrivate(), x509, HashAlgorithm.sha1);\r
List<X509Certificate> signer = si.getSigners();\r
assertEquals(1, signer.size());\r