From: Tim Allison <tallison@apache.org>
Date: Fri, 1 Apr 2016 00:57:56 +0000 (+0000)
Subject: POI 59257 upgrade Bouncy Castle to 1.54
X-Git-Tag: REL_3_15_BETA2~384
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=9900929cca98103d35886184df53005297ab302f;p=poi.git

POI 59257 upgrade Bouncy Castle to 1.54

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1737298 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/.classpath b/.classpath
index 5a7d21738b..e133168db4 100644
--- a/.classpath
+++ b/.classpath
@@ -26,8 +26,8 @@
 	<classpathentry kind="lib" path="ooxml-lib/ooxml-security-1.1.jar" sourcepath="ooxml-lib/ooxml-security-1.1-sources.jar"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
 	<classpathentry kind="lib" path="compile-lib/slf4j-api-1.7.12.jar"/>
-	<classpathentry kind="lib" path="compile-lib/bcpkix-jdk15on-1.53.jar"/>
-	<classpathentry kind="lib" path="compile-lib/bcprov-ext-jdk15on-1.53.jar"/>
+	<classpathentry kind="lib" path="compile-lib/bcpkix-jdk15on-1.54.jar"/>
+	<classpathentry kind="lib" path="compile-lib/bcprov-ext-jdk15on-1.54.jar"/>
 	<classpathentry kind="lib" path="compile-lib/xmlsec-2.0.6.jar"/>
 	<classpathentry kind="lib" path="lib/commons-codec-1.10.jar"/>
 	<classpathentry kind="lib" path="lib/commons-logging-1.2.jar"/>
diff --git a/build.xml b/build.xml
index a3e75f25e8..19f9c8b416 100644
--- a/build.xml
+++ b/build.xml
@@ -164,10 +164,10 @@ under the License.
     <!-- xml signature libs -->
     <property name="dsig.xmlsec.jar" location="${compile.lib}/xmlsec-2.0.6.jar"/>
     <property name="dsig.xmlsec.url" value="${repository.m2}/maven2/org/apache/santuario/xmlsec/2.0.6/xmlsec-2.0.6.jar"/>
-    <property name="dsig.bouncycastle-prov.jar" location="${compile.lib}/bcprov-ext-jdk15on-1.53.jar"/>
-    <property name="dsig.bouncycastle-prov.url" value="${repository.m2}/maven2/org/bouncycastle/bcprov-ext-jdk15on/1.53/bcprov-ext-jdk15on-1.53.jar"/>
-    <property name="dsig.bouncycastle-pkix.jar" location="${compile.lib}/bcpkix-jdk15on-1.53.jar"/>
-    <property name="dsig.bouncycastle-pkix.url" value="${repository.m2}/maven2/org/bouncycastle/bcpkix-jdk15on/1.53/bcpkix-jdk15on-1.53.jar"/>
+    <property name="dsig.bouncycastle-prov.jar" location="${compile.lib}/bcprov-ext-jdk15on-1.54.jar"/>
+    <property name="dsig.bouncycastle-prov.url" value="${repository.m2}/maven2/org/bouncycastle/bcprov-ext-jdk15on/1.54/bcprov-ext-jdk15on-1.54.jar"/>
+    <property name="dsig.bouncycastle-pkix.jar" location="${compile.lib}/bcpkix-jdk15on-1.54.jar"/>
+    <property name="dsig.bouncycastle-pkix.url" value="${repository.m2}/maven2/org/bouncycastle/bcpkix-jdk15on/1.54/bcpkix-jdk15on-1.54.jar"/>
     <property name="dsig.sl4j-api.jar" location="${compile.lib}/slf4j-api-1.7.12.jar"/>
     <property name="dsig.sl4j-api.url" value="${repository.m2}/maven2/org/slf4j/slf4j-api/1.7.12/slf4j-api-1.7.12.jar"/>
 
diff --git a/sonar/ooxml/pom.xml b/sonar/ooxml/pom.xml
index 25559380c1..5d4fcc36a2 100644
--- a/sonar/ooxml/pom.xml
+++ b/sonar/ooxml/pom.xml
@@ -125,12 +125,12 @@
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcpkix-jdk15on</artifactId>
-			<version>1.53</version>
+			<version>1.54</version>
 		</dependency>
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.53</version>
+			<version>1.54</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.santuario</groupId>
diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
index 10174d54d8..f9afb7869e 100644
--- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
+++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
@@ -24,29 +24,12 @@
 
 package org.apache.poi.poifs.crypt.dsig;
 
-import static org.apache.poi.POIXMLTypeLoader.DEFAULT_XML_OPTIONS;
-import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.GeneralSecurityException;
-import java.security.MessageDigest;
-import java.security.Provider;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.NoSuchElementException;
-
-import javax.crypto.Cipher;
-import javax.xml.crypto.MarshalException;
-import javax.xml.crypto.URIDereferencer;
+import static org.apache.poi.POIXMLTypeLoader.DEFAULT_XML_OPTIONS;
+import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS;
+
+import javax.crypto.Cipher;
+import javax.xml.crypto.MarshalException;
+import javax.xml.crypto.URIDereferencer;
 import javax.xml.crypto.XMLStructure;
 import javax.xml.crypto.dsig.CanonicalizationMethod;
 import javax.xml.crypto.dsig.Manifest;
@@ -62,12 +45,28 @@ import javax.xml.crypto.dsig.XMLValidateContext;
 import javax.xml.crypto.dsig.dom.DOMSignContext;
 import javax.xml.crypto.dsig.dom.DOMValidateContext;
 import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
-import javax.xml.xpath.XPath;
-import javax.xml.xpath.XPathConstants;
-import javax.xml.xpath.XPathFactory;
-
-import org.apache.jcp.xml.dsig.internal.dom.DOMReference;
-import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo;
+import javax.xml.xpath.XPath;
+import javax.xml.xpath.XPathConstants;
+import javax.xml.xpath.XPathFactory;
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.Provider;
+import java.security.Security;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.NoSuchElementException;
+
+import org.apache.jcp.xml.dsig.internal.dom.DOMReference;
+import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo;
 import org.apache.poi.EncryptedDocumentException;
 import org.apache.poi.openxml4j.exceptions.InvalidFormatException;
 import org.apache.poi.openxml4j.opc.ContentTypes;
@@ -159,13 +158,13 @@ import org.w3c.dom.events.EventTarget;
  * Therefore we are using the Apache Santuario libs (xmlsec) instead of the built-in classes,
  * as the compatibility seems to be provided there.</p>
  * 
- * <p>To use SignatureInfo and its sibling classes, you'll need to have the following libs
- * in the classpath:</p>
- * <ul>
- * <li>BouncyCastle bcpkix and bcprov (tested against 1.53)</li>
- * <li>Apache Santuario "xmlsec" (tested against 2.0.5)</li>
- * <li>and slf4j-api (tested against 1.7.12)</li>
- * </ul>
+ * <p>To use SignatureInfo and its sibling classes, you'll need to have the following libs
+ * in the classpath:</p>
+ * <ul>
+ * <li>BouncyCastle bcpkix and bcprov (tested against 1.54)</li>
+ * <li>Apache Santuario "xmlsec" (tested against 2.0.5)</li>
+ * <li>and slf4j-api (tested against 1.7.12)</li>
+ * </ul>
  */
 public class SignatureInfo implements SignatureConfigurable {
 
diff --git a/test-data/openxml4j/at.pzp.www_uploads_media_PP_Scheinecker-jdk6error.pptx b/test-data/openxml4j/at.pzp.www_uploads_media_PP_Scheinecker-jdk6error.pptx
index 7f9ff0c6f6..dc76a0170f 100644
Binary files a/test-data/openxml4j/at.pzp.www_uploads_media_PP_Scheinecker-jdk6error.pptx and b/test-data/openxml4j/at.pzp.www_uploads_media_PP_Scheinecker-jdk6error.pptx differ