From: Andreas Beeker Date: Thu, 25 Sep 2014 23:59:36 +0000 (+0000) Subject: clean ups X-Git-Tag: REL_3_11_BETA3~73^2~7 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c9688fae8969eaca6072aad425a5b65d52e7e285;p=poi.git clean ups git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1627682 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java index 6ebb784392..d4b5ecd1d3 100644 --- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java +++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java @@ -71,6 +71,9 @@ import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec; import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactoryConfigurationError; +import javax.xml.xpath.XPath; +import javax.xml.xpath.XPathConstants; +import javax.xml.xpath.XPathFactory; import org.apache.jcp.xml.dsig.internal.dom.DOMReference; import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo; @@ -175,7 +178,11 @@ public class SignatureInfo implements SignatureConfigurable { KeyInfoKeySelector keySelector = new KeyInfoKeySelector(); try { Document doc = DocumentHelper.readDocument(signaturePart.getInputStream()); - registerIds(doc); + XPath xpath = XPathFactory.newInstance().newXPath(); + NodeList nl = (NodeList)xpath.compile("//*[@Id]").evaluate(doc, XPathConstants.NODESET); + for (int i=0; i getSignatureParts() { + signatureConfig.init(true); return new Iterable() { public Iterator iterator() { return new Iterator() { @@ -378,10 +392,8 @@ public class SignatureInfo implements SignatureConfigurable { default: throw new EncryptedDocumentException("Hash algorithm "+signatureConfig.getDigestAlgo()+" not supported for signing."); } } - - - public static synchronized void initXmlProvider() { + protected static synchronized void initXmlProvider() { if (isInitialized) return; isInitialized = true; @@ -394,6 +406,10 @@ public class SignatureInfo implements SignatureConfigurable { } } + /** + * Helper method for adding informations before the signing. + * Normally {@link #confirmSignature()} is sufficient to be used. + */ @SuppressWarnings("unchecked") public DigestInfo preSign(Document document, List digestInfos) throws ParserConfigurationException, NoSuchAlgorithmException, @@ -401,7 +417,6 @@ public class SignatureInfo implements SignatureConfigurable { javax.xml.crypto.dsig.XMLSignatureException, TransformerFactoryConfigurationError, TransformerException, IOException, SAXException, NoSuchProviderException, XmlException, URISyntaxException { - SignatureInfo.initXmlProvider(); signatureConfig.init(false); // it's necessary to explicitly set the mdssi namespace, but the sign() method has no @@ -489,8 +504,6 @@ public class SignatureInfo implements SignatureConfigurable { // xmlSignContext.putNamespacePrefix(PackageNamespaces.DIGITAL_SIGNATURE, "mdssi"); xmlSignature.sign(xmlSignContext); - registerIds(document); - /* * Completion of undigested ds:References in the ds:Manifests. */ @@ -545,10 +558,13 @@ public class SignatureInfo implements SignatureConfigurable { return new DigestInfo(digestValue, signatureConfig.getDigestAlgo(), description); } + /** + * Helper method for adding informations after the signing. + * Normally {@link #confirmSignature()} is sufficient to be used. + */ public void postSign(Document document, byte[] signatureValue) throws IOException, MarshalException, ParserConfigurationException, XmlException { LOG.log(POILogger.DEBUG, "postSign"); - SignatureInfo.initXmlProvider(); /* * Check ds:Signature node. @@ -574,7 +590,6 @@ public class SignatureInfo implements SignatureConfigurable { signatureFacet.postSign(document, signatureConfig.getSigningCertificateChain()); } - registerIds(document); writeDocument(document); } @@ -635,28 +650,6 @@ public class SignatureInfo implements SignatureConfigurable { sigsPart.addRelationship(sigPartName, TargetMode.INTERNAL, PackageRelationshipTypes.DIGITAL_SIGNATURE); } - /** - * the resulting document needs to be tweaked before it can be digested - - * this applies to the verification and signing step - * - * @param doc - */ - private static void registerIds(Document doc) { - NodeList nl = doc.getElementsByTagNameNS(XmlDSigNS, "Object"); - registerIdAttribute(nl); - nl = doc.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#", "SignedProperties"); - registerIdAttribute(nl); - } - - public static void registerIdAttribute(NodeList nl) { - for (int i=0; i List safe(List other) { return other == null ? Collections.EMPTY_LIST : other; diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java index c4b1e8f8c0..a1c6acf75b 100644 --- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java +++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java @@ -52,7 +52,6 @@ import javax.xml.crypto.dsig.spec.TransformParameterSpec; import org.apache.poi.poifs.crypt.CryptoFunctions; import org.apache.poi.poifs.crypt.HashAlgorithm; import org.apache.poi.poifs.crypt.dsig.SignatureConfig; -import org.apache.poi.poifs.crypt.dsig.SignatureInfo; import org.apache.poi.poifs.crypt.dsig.services.SignaturePolicyService; import org.apache.poi.util.POILogFactory; import org.apache.poi.util.POILogger; @@ -214,7 +213,6 @@ public class XAdESSignatureFacet implements SignatureFacet { // add XAdES ds:Object List xadesObjectContent = new ArrayList(); Element qualDocEl = (Element)document.importNode(qualifyingProperties.getDomNode(), true); - SignatureInfo.registerIdAttribute(qualDocEl.getElementsByTagName("SignedProperties")); qualDocEl.setAttributeNS(XmlNS, "xmlns:xd", "http://uri.etsi.org/01903/v1.3.2#"); setPrefix(qualDocEl, "http://uri.etsi.org/01903/v1.3.2#", "xd"); xadesObjectContent.add(new DOMStructure(qualDocEl));