[github-90] change default DSIG algorithm to SHA256. Thanks to Jörn Franke. This...

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1822293 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/build.xml b/build.xml
index f50b9b95754880d994b76aa4b7c26f1f74d7ccd6..10462ee1e42f68b0ae76a2aefc31416be899a0ca 100644 (file)
--- a/build.xml
+++ b/build.xml
@@ -361,6 +361,7 @@ under the License.
 
     <path id="test.ooxml.classpath">
         <path refid="ooxml.classpath"/>
+        <path refid="ooxml.xmlsec.classpath"/>
         <path refid="test.jar.classpath"/>
         <pathelement location="${ooxml.output.dir}"/>
         <pathelement location="${ooxml.output.test.dir}"/>

diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
index 6784ef10aad0b5919ca871675d9322d3a74df09b..85df30b3fdc570406a0c07d591db07166e24291a 100644 (file)
--- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
+++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
@@ -74,7 +74,7 @@ public class SignatureConfig {
     private ThreadLocal<Provider> provider = new ThreadLocal<>();
     
     private List<SignatureFacet> signatureFacets = new ArrayList<>();
-    private HashAlgorithm digestAlgo = HashAlgorithm.sha1;
+    private HashAlgorithm digestAlgo = HashAlgorithm.sha256;
     private Date executionTime = new Date();
     private PrivateKey key;
     private List<X509Certificate> signingCertificateChain;
@@ -234,7 +234,7 @@ public class SignatureConfig {
     }
 
     /**
-     * @return the main digest algorithm, defaults to sha-1
+     * @return the main digest algorithm, defaults to sha256
      */
     public HashAlgorithm getDigestAlgo() {
         return digestAlgo;

diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java
new file mode 100644 (file)
index 0000000..4ded53b
--- /dev/null
+++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureConfig.java
@@ -0,0 +1,33 @@
+/* ====================================================================
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with
+   this work for additional information regarding copyright ownership.
+   The ASF licenses this file to You under the Apache License, Version 2.0
+   (the "License"); you may not use this file except in compliance with
+   the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+==================================================================== */
+package org.apache.poi.poifs.crypt.dsig;
+
+import org.apache.poi.poifs.crypt.HashAlgorithm;
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+
+public class TestSignatureConfig {
+    
+    @Test
+    public void testDigestAlgo() throws Exception {
+        SignatureConfig sc = new SignatureConfig();
+        assertEquals(HashAlgorithm.sha256, sc.getDigestAlgo());
+        sc.setDigestAlgo(HashAlgorithm.sha1);
+        assertEquals(HashAlgorithm.sha1, sc.getDigestAlgo());
+    }
+}