git-svn-id: https://svn.apache.org/repos/asf/poi/branches/xml_signature@1627985 13f79535-47bb-0310-9956-ffa450edef68pull/11/head
@@ -17,11 +17,16 @@ | |||
package org.apache.poi.poifs.crypt.dsig; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.OO_DIGSIG_NS; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XADES_132_NS; | |||
import java.security.PrivateKey; | |||
import java.security.cert.X509Certificate; | |||
import java.util.ArrayList; | |||
import java.util.Date; | |||
import java.util.HashMap; | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.UUID; | |||
import javax.xml.crypto.URIDereferencer; | |||
@@ -73,7 +78,6 @@ public class SignatureConfig { | |||
*/ | |||
private SignaturePolicyService signaturePolicyService; | |||
private URIDereferencer uriDereferencer = new OOXMLURIDereferencer(); | |||
private String signatureNamespacePrefix; | |||
private String canonicalizationMethod = CanonicalizationMethod.INCLUSIVE; | |||
private boolean includeEntireCertificateChain = true; | |||
@@ -130,6 +134,12 @@ public class SignatureConfig { | |||
*/ | |||
EventListener signCreationListener = null; | |||
/** | |||
* Map of namespace uris to prefix | |||
* If a mapping is specified, the corresponding elements will be prefixed | |||
*/ | |||
Map<String,String> namespacePrefixes = new HashMap<String,String>(); | |||
protected void init(boolean onlyValidation) { | |||
if (uriDereferencer == null) { | |||
throw new EncryptedDocumentException("uriDereferencer is null"); | |||
@@ -140,6 +150,15 @@ public class SignatureConfig { | |||
if (uriDereferencer instanceof SignatureConfigurable) { | |||
((SignatureConfigurable)uriDereferencer).setSignatureConfig(this); | |||
} | |||
if (namespacePrefixes.isEmpty()) { | |||
/* | |||
* OOo doesn't like ds namespaces so per default prefixing is off. | |||
*/ | |||
// namespacePrefixes.put(XML_DIGSIG_NS, ""); | |||
namespacePrefixes.put(OO_DIGSIG_NS, "mdssi"); | |||
namespacePrefixes.put(XADES_132_NS, "xd"); | |||
} | |||
if (onlyValidation) return; | |||
if (signCreationListener == null) { | |||
@@ -149,7 +168,6 @@ public class SignatureConfig { | |||
if (signCreationListener instanceof SignatureConfigurable) { | |||
((SignatureConfigurable)signCreationListener).setSignatureConfig(this); | |||
} | |||
if (tspService != null) { | |||
tspService.setSignatureConfig(this); | |||
@@ -263,12 +281,6 @@ public class SignatureConfig { | |||
public void setSignatureDescription(String signatureDescription) { | |||
this.signatureDescription = signatureDescription; | |||
} | |||
public String getSignatureNamespacePrefix() { | |||
return signatureNamespacePrefix; | |||
} | |||
public void setSignatureNamespacePrefix(String signatureNamespacePrefix) { | |||
this.signatureNamespacePrefix = signatureNamespacePrefix; | |||
} | |||
public String getCanonicalizationMethod() { | |||
return canonicalizationMethod; | |||
} | |||
@@ -403,4 +415,10 @@ public class SignatureConfig { | |||
public void setSignCreationListener(EventListener signCreationListener) { | |||
this.signCreationListener = signCreationListener; | |||
} | |||
public Map<String, String> getNamespacePrefixes() { | |||
return namespacePrefixes; | |||
} | |||
public void setNamespacePrefixes(Map<String, String> namespacePrefixes) { | |||
this.namespacePrefixes = namespacePrefixes; | |||
} | |||
} |
@@ -24,6 +24,9 @@ | |||
package org.apache.poi.poifs.crypt.dsig; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.OO_DIGSIG_NS; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_NS; | |||
import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160; | |||
import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1; | |||
import static org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256; | |||
@@ -80,7 +83,6 @@ import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo; | |||
import org.apache.poi.EncryptedDocumentException; | |||
import org.apache.poi.openxml4j.exceptions.InvalidFormatException; | |||
import org.apache.poi.openxml4j.opc.OPCPackage; | |||
import org.apache.poi.openxml4j.opc.PackageNamespaces; | |||
import org.apache.poi.openxml4j.opc.PackagePart; | |||
import org.apache.poi.openxml4j.opc.PackagePartName; | |||
import org.apache.poi.openxml4j.opc.PackageRelationship; | |||
@@ -115,9 +117,6 @@ import org.xml.sax.SAXException; | |||
public class SignatureInfo implements SignatureConfigurable { | |||
public static final String XmlNS = "http://www.w3.org/2000/xmlns/"; | |||
public static final String XmlDSigNS = XMLSignature.XMLNS; | |||
// see https://www.ietf.org/rfc/rfc3110.txt | |||
// RSA/SHA1 SIG Resource Records | |||
public static final byte[] SHA1_DIGEST_INFO_PREFIX = new byte[] | |||
@@ -222,13 +221,14 @@ public class SignatureInfo implements SignatureConfigurable { | |||
if (packageId.equals(el.getAttribute("Id"))) { | |||
target.get().removeEventListener("DOMSubtreeModified", this, false); | |||
el.setAttributeNS(XmlNS, "xmlns:mdssi", PackageNamespaces.DIGITAL_SIGNATURE); | |||
el.setAttributeNS(XML_NS, "xmlns:mdssi", OO_DIGSIG_NS); | |||
target.get().addEventListener("DOMSubtreeModified", this, false); | |||
} | |||
} | |||
} | |||
} | |||
} | |||
public void setSignatureConfig(SignatureConfig signatureConfig) { | |||
this.signatureConfig = signatureConfig; | |||
} | |||
@@ -439,18 +439,11 @@ public class SignatureInfo implements SignatureConfigurable { | |||
xmlSignContext.setURIDereferencer(uriDereferencer); | |||
} | |||
xmlSignContext.putNamespacePrefix( | |||
"http://schemas.openxmlformats.org/package/2006/digital-signature", | |||
"mdssi"); | |||
String sigNsPrefix = signatureConfig.getSignatureNamespacePrefix(); | |||
if (sigNsPrefix != null) { | |||
/* | |||
* OOo doesn't like ds namespaces so per default prefixing is off. | |||
*/ | |||
xmlSignContext.putNamespacePrefix(XmlDSigNS, sigNsPrefix); | |||
for (Map.Entry<String,String> me : signatureConfig.getNamespacePrefixes().entrySet()) { | |||
xmlSignContext.putNamespacePrefix(me.getKey(), me.getValue()); | |||
} | |||
xmlSignContext.setDefaultNamespacePrefix(signatureConfig.getNamespacePrefixes().get(XML_DIGSIG_NS)); | |||
XMLSignatureFactory signatureFactory = SignatureInfo.getSignatureFactory(); | |||
/* | |||
@@ -500,8 +493,6 @@ public class SignatureInfo implements SignatureConfigurable { | |||
/* | |||
* ds:Signature Marshalling. | |||
*/ | |||
xmlSignContext.setDefaultNamespacePrefix(signatureConfig.getSignatureNamespacePrefix()); | |||
// xmlSignContext.putNamespacePrefix(PackageNamespaces.DIGITAL_SIGNATURE, "mdssi"); | |||
xmlSignature.sign(xmlSignContext); | |||
/* | |||
@@ -550,8 +541,8 @@ public class SignatureInfo implements SignatureConfigurable { | |||
* usage. | |||
*/ | |||
MessageDigest jcaMessageDigest = CryptoFunctions.getMessageDigest(signatureConfig.getDigestAlgo()); | |||
byte[] digestValue = jcaMessageDigest.digest(octets); | |||
MessageDigest md = CryptoFunctions.getMessageDigest(signatureConfig.getDigestAlgo()); | |||
byte[] digestValue = md.digest(octets); | |||
String description = signatureConfig.getSignatureDescription(); | |||
@@ -577,7 +568,7 @@ public class SignatureInfo implements SignatureConfigurable { | |||
/* | |||
* Insert signature value into the ds:SignatureValue element | |||
*/ | |||
NodeList sigValNl = document.getElementsByTagNameNS(XmlDSigNS, "SignatureValue"); | |||
NodeList sigValNl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "SignatureValue"); | |||
if (sigValNl.getLength() != 1) { | |||
throw new RuntimeException("preSign has to be called before postSign"); | |||
} | |||
@@ -596,12 +587,9 @@ public class SignatureInfo implements SignatureConfigurable { | |||
protected void writeDocument(Document document) throws IOException, XmlException { | |||
XmlOptions xo = new XmlOptions(); | |||
Map<String,String> namespaceMap = new HashMap<String,String>(); | |||
for (SignatureFacet sf : signatureConfig.getSignatureFacets()) { | |||
Map<String,String> sfm = sf.getNamespacePrefixMapping(); | |||
if (sfm != null) { | |||
namespaceMap.putAll(sfm); | |||
} | |||
} | |||
for(Map.Entry<String,String> entry : signatureConfig.getNamespacePrefixes().entrySet()){ | |||
namespaceMap.put(entry.getValue(), entry.getKey()); | |||
} | |||
xo.setSaveSuggestedPrefixes(namespaceMap); | |||
xo.setUseDefaultNamespace(); | |||
@@ -651,7 +639,7 @@ public class SignatureInfo implements SignatureConfigurable { | |||
} | |||
@SuppressWarnings("unchecked") | |||
public static <T> List<T> safe(List<T> other) { | |||
private static <T> List<T> safe(List<T> other) { | |||
return other == null ? Collections.EMPTY_LIST : other; | |||
} | |||
} |
@@ -5,7 +5,6 @@ import java.security.NoSuchAlgorithmException; | |||
import java.security.cert.X509Certificate; | |||
import java.util.ArrayList; | |||
import java.util.List; | |||
import java.util.Map; | |||
import javax.xml.crypto.dsig.CanonicalizationMethod; | |||
import javax.xml.crypto.dsig.DigestMethod; | |||
@@ -60,9 +59,4 @@ public class EnvelopedSignatureFacet implements SignatureFacet { | |||
references.add(reference); | |||
} | |||
@Override | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
return null; | |||
} | |||
} |
@@ -24,17 +24,13 @@ | |||
package org.apache.poi.poifs.crypt.dsig.facets; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS; | |||
import java.security.InvalidAlgorithmParameterException; | |||
import java.security.Key; | |||
import java.security.KeyException; | |||
import java.security.NoSuchAlgorithmException; | |||
import java.security.cert.X509Certificate; | |||
import java.util.ArrayList; | |||
import java.util.HashMap; | |||
import java.util.List; | |||
import java.util.Map; | |||
import javax.xml.crypto.MarshalException; | |||
import javax.xml.crypto.dom.DOMCryptoContext; | |||
@@ -79,7 +75,7 @@ public class KeyInfoSignatureFacet implements SignatureFacet { | |||
throws MarshalException { | |||
LOG.log(POILogger.DEBUG, "postSign"); | |||
NodeList nl = document.getElementsByTagNameNS(XmlDSigNS, "Object"); | |||
NodeList nl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "Object"); | |||
/* | |||
* Make sure we insert right after the ds:SignatureValue element, just | |||
@@ -144,14 +140,14 @@ public class KeyInfoSignatureFacet implements SignatureFacet { | |||
Element n = document.getDocumentElement(); | |||
DOMSignContext domSignContext = new DOMSignContext(key, n, nextSibling); | |||
DOMCryptoContext domCryptoContext = domSignContext; | |||
domCryptoContext.putNamespacePrefix(XmlDSigNS, "xd"); | |||
domCryptoContext.putNamespacePrefix(XML_DIGSIG_NS, "xd"); | |||
DOMStructure domStructure = new DOMStructure(n); | |||
// how to set nextSibling??? - marshal is ignoring nextSibling in DOMSignContext | |||
domKeyInfo.marshal(domStructure, domCryptoContext); | |||
// move keyinfo into the right place | |||
if (nextSibling != null) { | |||
NodeList kiNl = document.getElementsByTagNameNS(XmlDSigNS, "KeyInfo"); | |||
NodeList kiNl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "KeyInfo"); | |||
if (kiNl.getLength() != 1) { | |||
throw new RuntimeException("KeyInfo wasn't set"); | |||
} | |||
@@ -168,11 +164,4 @@ public class KeyInfoSignatureFacet implements SignatureFacet { | |||
) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException { | |||
// empty | |||
} | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
Map<String,String> map = new HashMap<String,String>(); | |||
// map.put("xd", XmlDSigNS); | |||
return map; | |||
} | |||
} |
@@ -24,8 +24,6 @@ | |||
package org.apache.poi.poifs.crypt.dsig.facets; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlNS; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.setPrefix; | |||
import java.io.IOException; | |||
@@ -37,10 +35,8 @@ import java.security.cert.X509Certificate; | |||
import java.text.DateFormat; | |||
import java.text.SimpleDateFormat; | |||
import java.util.ArrayList; | |||
import java.util.HashMap; | |||
import java.util.HashSet; | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.Set; | |||
import java.util.TimeZone; | |||
@@ -60,7 +56,6 @@ import javax.xml.crypto.dsig.spec.TransformParameterSpec; | |||
import org.apache.poi.openxml4j.exceptions.InvalidFormatException; | |||
import org.apache.poi.openxml4j.opc.ContentTypes; | |||
import org.apache.poi.openxml4j.opc.OPCPackage; | |||
import org.apache.poi.openxml4j.opc.PackageNamespaces; | |||
import org.apache.poi.openxml4j.opc.PackagePart; | |||
import org.apache.poi.openxml4j.opc.PackagePartName; | |||
import org.apache.poi.openxml4j.opc.PackageRelationship; | |||
@@ -91,9 +86,6 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
private static final POILogger LOG = POILogFactory.getLogger(OOXMLSignatureFacet.class); | |||
public static final String OOXML_DIGSIG_NS = "http://schemas.openxmlformats.org/package/2006/digital-signature"; | |||
public static final String OFFICE_DIGSIG_NS = "http://schemas.microsoft.com/office/2006/digsig"; | |||
private SignatureConfig signatureConfig; | |||
public void setSignatureConfig(SignatureConfig signatureConfig) { | |||
@@ -133,7 +125,7 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
DigestMethod digestMethod = signatureFactory.newDigestMethod(signatureConfig.getDigestAlgo().xmlSignUri, null); | |||
Reference reference = signatureFactory.newReference | |||
("#" + objectId, digestMethod, null, XmlDSigNS+"Object", null); | |||
("#" + objectId, digestMethod, null, XML_DIGSIG_NS+"Object", null); | |||
references.add(reference); | |||
} | |||
@@ -238,7 +230,7 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
// TODO: find better method to have xmlbeans + export the prefix | |||
Element n = (Element)document.importNode(ctTime.getDomNode(),true); | |||
setPrefix(n, PackageNamespaces.DIGITAL_SIGNATURE, "mdssi"); | |||
setPrefix(n, OO_DIGSIG_NS, "mdssi"); | |||
List<XMLStructure> signatureTimeContent = new ArrayList<XMLStructure>(); | |||
signatureTimeContent.add(new DOMStructure(n)); | |||
@@ -264,7 +256,7 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1(); | |||
ctSigV1.setManifestHashAlgorithm(signatureConfig.getDigestAlgo().xmlSignUri); | |||
Element n = (Element)document.importNode(ctSigV1.getDomNode(), true); | |||
n.setAttributeNS(XmlNS, "xmlns", "http://schemas.microsoft.com/office/2006/digsig"); | |||
n.setAttributeNS(XML_NS, "xmlns", "http://schemas.microsoft.com/office/2006/digsig"); | |||
List<XMLStructure> signatureInfoContent = new ArrayList<XMLStructure>(); | |||
signatureInfoContent.add(new DOMStructure(n)); | |||
@@ -283,7 +275,7 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
DigestMethod digestMethod = signatureFactory.newDigestMethod(signatureConfig.getDigestAlgo().xmlSignUri, null); | |||
Reference reference = signatureFactory.newReference | |||
("#" + objectId, digestMethod, null, XmlDSigNS+"Object", null); | |||
("#" + objectId, digestMethod, null, XML_DIGSIG_NS+"Object", null); | |||
references.add(reference); | |||
} | |||
@@ -360,14 +352,6 @@ public class OOXMLSignatureFacet implements SignatureFacet { | |||
return false; | |||
} | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
Map<String,String> m = new HashMap<String,String>(); | |||
m.put("mdssi", OOXML_DIGSIG_NS); | |||
m.put("xd", "http://uri.etsi.org/01903/v1.3.2#"); | |||
return m; | |||
} | |||
/** | |||
* Office 2010 list of signed types (extensions). | |||
*/ |
@@ -28,7 +28,6 @@ import java.security.InvalidAlgorithmParameterException; | |||
import java.security.NoSuchAlgorithmException; | |||
import java.security.cert.X509Certificate; | |||
import java.util.List; | |||
import java.util.Map; | |||
import javax.xml.crypto.dsig.Reference; | |||
import javax.xml.crypto.dsig.XMLObject; | |||
@@ -71,7 +70,7 @@ public class Office2010SignatureFacet implements SignatureFacet { | |||
public void postSign(Document document, List<X509Certificate> signingCertificateChain) | |||
throws XmlException { | |||
// check for XAdES-BES | |||
NodeList nl = document.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#", "QualifyingProperties"); | |||
NodeList nl = document.getElementsByTagNameNS(XADES_132_NS, "QualifyingProperties"); | |||
if (nl.getLength() != 1) { | |||
throw new IllegalArgumentException("no XAdES-BES extension present"); | |||
} | |||
@@ -92,8 +91,4 @@ public class Office2010SignatureFacet implements SignatureFacet { | |||
Node n = document.importNode(qualProps.getDomNode().getFirstChild(), true); | |||
nl.item(0).getParentNode().replaceChild(n, nl.item(0)); | |||
} | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
return null; | |||
} | |||
} |
@@ -30,13 +30,15 @@ import java.security.InvalidAlgorithmParameterException; | |||
import java.security.NoSuchAlgorithmException; | |||
import java.security.cert.X509Certificate; | |||
import java.util.List; | |||
import java.util.Map; | |||
import javax.xml.XMLConstants; | |||
import javax.xml.crypto.MarshalException; | |||
import javax.xml.crypto.dsig.Reference; | |||
import javax.xml.crypto.dsig.XMLObject; | |||
import javax.xml.crypto.dsig.XMLSignature; | |||
import javax.xml.crypto.dsig.XMLSignatureFactory; | |||
import org.apache.poi.openxml4j.opc.PackageNamespaces; | |||
import org.apache.poi.poifs.crypt.dsig.SignatureConfig.SignatureConfigurable; | |||
import org.apache.xmlbeans.XmlException; | |||
import org.w3c.dom.Document; | |||
@@ -49,6 +51,14 @@ import org.w3c.dom.Document; | |||
*/ | |||
public interface SignatureFacet extends SignatureConfigurable { | |||
String XML_NS = XMLConstants.XMLNS_ATTRIBUTE_NS_URI; | |||
String XML_DIGSIG_NS = XMLSignature.XMLNS; | |||
String OO_DIGSIG_NS = PackageNamespaces.DIGITAL_SIGNATURE; | |||
String MS_DIGSIG_NS = "http://schemas.microsoft.com/office/2006/digsig"; | |||
String XADES_132_NS = "http://uri.etsi.org/01903/v1.3.2#"; | |||
String XADES_141_NS = "http://uri.etsi.org/01903/v1.4.1#"; | |||
/** | |||
* This method is being invoked by the XML signature service engine during | |||
* pre-sign phase. Via this method a signature facet implementation can add | |||
@@ -83,6 +93,4 @@ public interface SignatureFacet extends SignatureConfigurable { | |||
Document document | |||
, List<X509Certificate> signingCertificateChain | |||
) throws MarshalException, XmlException; | |||
Map<String,String> getNamespacePrefixMapping(); | |||
} |
@@ -24,7 +24,6 @@ | |||
package org.apache.poi.poifs.crypt.dsig.facets; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlNS; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.setPrefix; | |||
import java.security.InvalidAlgorithmParameterException; | |||
@@ -213,8 +212,8 @@ public class XAdESSignatureFacet implements SignatureFacet { | |||
// add XAdES ds:Object | |||
List<XMLStructure> xadesObjectContent = new ArrayList<XMLStructure>(); | |||
Element qualDocEl = (Element)document.importNode(qualifyingProperties.getDomNode(), true); | |||
qualDocEl.setAttributeNS(XmlNS, "xmlns:xd", "http://uri.etsi.org/01903/v1.3.2#"); | |||
setPrefix(qualDocEl, "http://uri.etsi.org/01903/v1.3.2#", "xd"); | |||
qualDocEl.setAttributeNS(XML_NS, "xmlns:xd", XADES_132_NS); | |||
setPrefix(qualDocEl, XADES_132_NS, "xd"); | |||
xadesObjectContent.add(new DOMStructure(qualDocEl)); | |||
XMLObject xadesObject = signatureFactory.newXMLObject(xadesObjectContent, null, null, null); | |||
objects.add(xadesObject); | |||
@@ -298,12 +297,6 @@ public class XAdESSignatureFacet implements SignatureFacet { | |||
this.dataObjectFormatMimeTypes.put(dsReferenceUri, mimetype); | |||
} | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
Map<String,String> map = new HashMap<String,String>(); | |||
map.put("xd", "http://uri.etsi.org/01903/v1.3.2#"); | |||
return map; | |||
} | |||
protected static void insertXChild(XmlObject root, XmlObject child) { | |||
XmlCursor rootCursor = root.newCursor(); | |||
rootCursor.toEndToken(); |
@@ -24,7 +24,6 @@ | |||
package org.apache.poi.poifs.crypt.dsig.facets; | |||
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet.insertXChild; | |||
import java.io.ByteArrayInputStream; | |||
@@ -42,7 +41,6 @@ import java.util.ArrayList; | |||
import java.util.Calendar; | |||
import java.util.Collections; | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.UUID; | |||
import javax.xml.crypto.dsig.CanonicalizationMethod; | |||
@@ -112,10 +110,6 @@ public class XAdESXLSignatureFacet implements SignatureFacet { | |||
private static final POILogger LOG = POILogFactory.getLogger(XAdESXLSignatureFacet.class); | |||
public static final String XADES_NAMESPACE = "http://uri.etsi.org/01903/v1.3.2#"; | |||
public static final String XADES141_NAMESPACE = "http://uri.etsi.org/01903/v1.4.1#"; | |||
private SignatureConfig signatureConfig; | |||
private String c14nAlgoId = CanonicalizationMethod.EXCLUSIVE; | |||
@@ -157,7 +151,7 @@ public class XAdESXLSignatureFacet implements SignatureFacet { | |||
QualifyingPropertiesType qualProps = null; | |||
// check for XAdES-BES | |||
NodeList qualNl = document.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#", "QualifyingProperties"); | |||
NodeList qualNl = document.getElementsByTagNameNS(XADES_132_NS, "QualifyingProperties"); | |||
if (qualNl.getLength() == 1) { | |||
qualDoc = QualifyingPropertiesDocument.Factory.parse(qualNl.item(0)); | |||
qualProps = qualDoc.getQualifyingProperties(); | |||
@@ -177,7 +171,7 @@ public class XAdESXLSignatureFacet implements SignatureFacet { | |||
// create the XAdES-T time-stamp | |||
NodeList nlSigVal = document.getElementsByTagNameNS(XmlDSigNS, "SignatureValue"); | |||
NodeList nlSigVal = document.getElementsByTagNameNS(XML_DIGSIG_NS, "SignatureValue"); | |||
if (nlSigVal.getLength() != 1) { | |||
throw new IllegalArgumentException("SignatureValue is not set."); | |||
} | |||
@@ -436,9 +430,4 @@ public class XAdESXLSignatureFacet implements SignatureFacet { | |||
} | |||
} | |||
} | |||
public Map<String,String> getNamespacePrefixMapping() { | |||
return null; | |||
} | |||
} |
@@ -24,6 +24,9 @@ | |||
package org.apache.poi.poifs.crypt.dsig.services; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS; | |||
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_NS; | |||
import java.io.ByteArrayInputStream; | |||
import java.io.ByteArrayOutputStream; | |||
import java.io.IOException; | |||
@@ -161,7 +164,7 @@ public class RelationshipTransformService extends TransformService { | |||
LOG.log(POILogger.DEBUG, "marshallParams(parent,context)"); | |||
DOMStructure domParent = (DOMStructure) parent; | |||
Element parentNode = (Element)domParent.getNode(); | |||
// parentNode.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:mdssi", DIGITAL_SIGNATURE); | |||
// parentNode.setAttributeNS(XML_NS, "xmlns:mdssi", XML_DIGSIG_NS); | |||
Document doc = parentNode.getOwnerDocument(); | |||
for (String sourceId : this.sourceIds) { |