From: Andreas Beeker <kiwiwings@apache.org>
Date: Fri, 5 Dec 2014 20:20:23 +0000 (+0000)
Subject: XML signatures - ignore line breaks in Office 2007 .rels files
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=93dffcb366c327b6a7b6c5e6989d26449016cee3;p=poi.git

XML signatures - ignore line breaks in Office 2007 .rels files

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1643415 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/OOXMLURIDereferencer.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/OOXMLURIDereferencer.java
index dad12d2e8f..64eb53d6f8 100644
--- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/OOXMLURIDereferencer.java
+++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/OOXMLURIDereferencer.java
@@ -24,7 +24,10 @@
 
 package org.apache.poi.poifs.crypt.dsig;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.URI;
 import java.net.URISyntaxException;
 
@@ -81,12 +84,28 @@ public class OOXMLURIDereferencer implements URIDereferencer, SignatureConfigura
             LOG.log(POILogger.DEBUG, "cannot resolve, delegating to base DOM URI dereferencer", uri);
             return this.baseUriDereferencer.dereference(uriReference, context);
         }
-        
+
+        InputStream dataStream;
         try {
-            return new OctetStreamData(part.getInputStream(), uri.toString(), null);
+            dataStream = part.getInputStream();
+
+            // workaround for office 2007 pretty-printed .rels files
+            if (part.getPartName().toString().endsWith(".rels")) {
+                // although xmlsec has an option to ignore line breaks, currently this
+                // only affects .rels files, so we only modify these
+                // http://stackoverflow.com/questions/4728300
+                ByteArrayOutputStream bos = new ByteArrayOutputStream();
+                for (int ch; (ch = dataStream.read()) != -1; ) {
+                    if (ch == 10 || ch == 13) continue;
+                    bos.write(ch);
+                }
+                dataStream = new ByteArrayInputStream(bos.toByteArray());
+            }
         } catch (IOException e) {
             throw new URIReferenceException("I/O error: " + e.getMessage(), e);
         }
+        
+        return new OctetStreamData(dataStream, uri.toString(), null);
     }
 
     private PackagePart findPart(URI uri) {
diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
index 609a26d6b6..fe7a91bc02 100644
--- a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
+++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestSignatureInfo.java
@@ -23,7 +23,10 @@
    ================================================================= */ 
 package org.apache.poi.poifs.crypt;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
 
 import java.io.File;
 import java.io.FileInputStream;
@@ -108,6 +111,17 @@ public class TestSignatureInfo {
                 additionalJar == null || additionalJar.trim().length() == 0);
     }
     
+    @Test
+    public void office2007prettyPrintedRels() throws Exception {
+        OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
+        SignatureConfig sic = new SignatureConfig();
+        sic.setOpcPackage(pkg);
+        SignatureInfo si = new SignatureInfo();
+        si.setSignatureConfig(sic);
+        boolean isValid = si.verifySignature();
+        assertTrue(isValid);
+    }
+    
     @Test
     public void getSignerUnsigned() throws Exception {
         String testFiles[] = { 
@@ -222,7 +236,6 @@ public class TestSignatureInfo {
     public void testManipulation() throws Exception {
         // sign & validate
         String testFile = "hello-world-unsigned.xlsx";
-        @SuppressWarnings("resource")       // closed via XSSFWorkbook.close() below ?!
         OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
         sign(pkg, "Test", "CN=Test", 1);
         
@@ -523,14 +536,6 @@ public class TestSignatureInfo {
                 si.confirmSignature();
                 boolean b = si.verifySignature();
                 assertTrue("Signature not correctly calculated for " + ha, b);
-//            } catch (EncryptedDocumentException e) {
-//                // see http://apache-poi.1045710.n5.nabble.com/org-apache-poi-poifs-crypt-TestSignatureInfo-failing-on-trunk-on-Java-6-tp5717032.html
-//                Throwable cause = e.getCause();
-//                if (cause instanceof ArrayIndexOutOfBoundsException) {
-//                    LOG.log(POILogger.ERROR, "ignoring AIOOBE - hopefully a SHA2 bug ...", e);
-//                } else {
-//                    throw e;
-//                }
             } finally {
                 if (pkg != null) pkg.close();
             }
diff --git a/test-data/xmldsign/office2007prettyPrintedRels.docx b/test-data/xmldsign/office2007prettyPrintedRels.docx
new file mode 100644
index 0000000000..ce8b940944
Binary files /dev/null and b/test-data/xmldsign/office2007prettyPrintedRels.docx differ