diff options
| author | Andreas Beeker <kiwiwings@apache.org> | 2020-09-08 23:33:25 +0000 |
|---|---|---|
| committer | Andreas Beeker <kiwiwings@apache.org> | 2020-09-08 23:33:25 +0000 |
| commit | cced1751114e089ed23e0932ffea6c1cdac12bb3 (patch) | |
| tree | ebdaf103f838c0796c4e1ed07d6217970fd2f2fb /src | |
| parent | a6014f6431c254d21fb4f840525a2f8e0c64e887 (diff) | |
| download | poi-cced1751114e089ed23e0932ffea6c1cdac12bb3.tar.gz poi-cced1751114e089ed23e0932ffea6c1cdac12bb3.zip | |
ignore IBM certificate chain issue
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1881570 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'src')
| -rw-r--r-- | src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java | 10 | ||||
| -rw-r--r-- | src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java | 7 |
2 files changed, 11 insertions, 6 deletions
diff --git a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java index f7729ecb27..04ac6fd57a 100644 --- a/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java +++ b/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/KeyInfoKeySelector.java @@ -18,9 +18,9 @@ /* ==================================================================== This product contains an ASLv2 licensed version of the OOXML signer package from the eID Applet project - http://code.google.com/p/eid-applet/source/browse/trunk/README.txt + http://code.google.com/p/eid-applet/source/browse/trunk/README.txt Copyright (C) 2008-2014 FedICT. - ================================================================= */ + ================================================================= */ package org.apache.poi.poifs.crypt.dsig; @@ -49,7 +49,7 @@ public class KeyInfoKeySelector extends KeySelector implements KeySelectorResult private static final POILogger LOG = POILogFactory.getLogger(KeyInfoKeySelector.class); - private List<X509Certificate> certChain = new ArrayList<>(); + private final List<X509Certificate> certChain = new ArrayList<>(); @SuppressWarnings("unchecked") @Override @@ -89,14 +89,14 @@ public class KeyInfoKeySelector extends KeySelector implements KeySelectorResult /** * Gives back the X509 certificate used during the last signature * verification operation. - * + * * @return the certificate which was used to sign the xml content */ public X509Certificate getSigner() { // The first certificate is presumably the signer. return certChain.isEmpty() ? null : certChain.get(0); } - + public List<X509Certificate> getCertChain() { return certChain; } diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java index 988024907a..012890264a 100644 --- a/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java +++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/dsig/TestSignatureInfo.java @@ -652,6 +652,8 @@ public class TestSignatureInfo { @Test public void testCertChain() throws Exception { + final boolean isIBM = System.getProperty("java.vendor").contains("IBM"); + KeyStore keystore = KeyStore.getInstance("PKCS12"); String password = "test"; try (InputStream is = testdata.openResourceAsStream("chaintest.pfx")) { @@ -688,7 +690,10 @@ public class TestSignatureInfo { X509Certificate signer = sp.getSigner(); assertNotNull("signer undefined?!", signer); List<X509Certificate> certChainRes = sp.getCertChain(); - assertEquals(3, certChainRes.size()); + + // IBM JDK is still buggy, even after fix for APAR IJ21985 + int exp = isIBM ? 1 : 3; + assertEquals(exp, certChainRes.size()); } } |