Examples with SignatureConfig org.apache.poi.poifs.crypt.dsig.SignatureConfig used on opensource projects

Search in sources :

Example 6 with SignatureConfig

use of org.apache.poi.poifs.crypt.dsig.SignatureConfig in project poi by apache.

the class TestSignatureInfo method office2007prettyPrintedRels.

@Test
public void office2007prettyPrintedRels() throws Exception {
    OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
    try {
        SignatureConfig sic = new SignatureConfig();
        sic.setOpcPackage(pkg);
        SignatureInfo si = new SignatureInfo();
        si.setSignatureConfig(sic);
        boolean isValid = si.verifySignature();
        assertTrue(isValid);
    } finally {
        pkg.close();
    }
}
Also used : SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo) SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig) OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage) Test(org.junit.Test)

Example 7 with SignatureConfig

use of org.apache.poi.poifs.crypt.dsig.SignatureConfig in project poi by apache.

the class TestSignatureInfo method sign.

private void sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
    initKeyPair(alias, signerDn);
    SignatureConfig signatureConfig = new SignatureConfig();
    signatureConfig.setKey(keyPair.getPrivate());
    signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
    signatureConfig.setExecutionTime(cal.getTime());
    signatureConfig.setDigestAlgo(HashAlgorithm.sha1);
    signatureConfig.setOpcPackage(pkgCopy);
    SignatureInfo si = new SignatureInfo();
    si.setSignatureConfig(signatureConfig);
    Document document = DocumentHelper.createDocument();
    // operate
    DigestInfo digestInfo = si.preSign(document, null);
    // verify
    assertNotNull(digestInfo);
    LOG.log(POILogger.DEBUG, "digest algo: " + digestInfo.hashAlgo);
    LOG.log(POILogger.DEBUG, "digest description: " + digestInfo.description);
    assertEquals("Office OpenXML Document", digestInfo.description);
    assertNotNull(digestInfo.hashAlgo);
    assertNotNull(digestInfo.digestValue);
    // setup: key material, signature value
    byte[] signatureValue = si.signDigest(digestInfo.digestValue);
    // operate: postSign
    si.postSign(document, signatureValue);
    // verify: signature
    si.getSignatureConfig().setOpcPackage(pkgCopy);
    List<X509Certificate> result = new ArrayList<X509Certificate>();
    for (SignaturePart sp : si.getSignatureParts()) {
        if (sp.validate()) {
            result.add(sp.getSigner());
        }
    }
    assertEquals(signerCount, result.size());
}
Also used : SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo) DigestInfo(org.apache.poi.poifs.crypt.dsig.DigestInfo) SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig) ArrayList(java.util.ArrayList) Document(org.w3c.dom.Document) SignatureDocument(org.w3.x2000.x09.xmldsig.SignatureDocument) SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart) X509Certificate(java.security.cert.X509Certificate)

Example 8 with SignatureConfig

use of org.apache.poi.poifs.crypt.dsig.SignatureConfig in project poi by apache.

the class TestSignatureInfo method testSignSpreadsheetWithSignatureInfo.

@Test
public void testSignSpreadsheetWithSignatureInfo() throws Exception {
    initKeyPair("Test", "CN=Test");
    String testFile = "hello-world-unsigned.xlsx";
    OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
    SignatureConfig sic = new SignatureConfig();
    sic.setOpcPackage(pkg);
    sic.setKey(keyPair.getPrivate());
    sic.setSigningCertificateChain(Collections.singletonList(x509));
    SignatureInfo si = new SignatureInfo();
    si.setSignatureConfig(sic);
    // hash > sha1 doesn't work in excel viewer ...
    si.confirmSignature();
    List<X509Certificate> result = new ArrayList<X509Certificate>();
    for (SignaturePart sp : si.getSignatureParts()) {
        if (sp.validate()) {
            result.add(sp.getSigner());
        }
    }
    assertEquals(1, result.size());
    pkg.close();
}
Also used : SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo) SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig) ArrayList(java.util.ArrayList) SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart) OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Example 9 with SignatureConfig

use of org.apache.poi.poifs.crypt.dsig.SignatureConfig in project poi by apache.

the class TestSignatureInfo method getSigner.

@Test
public void getSigner() throws Exception {
    String[] testFiles = { "hyperlink-example-signed.docx", "hello-world-signed.docx", "hello-world-signed.pptx", "hello-world-signed.xlsx", "hello-world-office-2010-technical-preview.docx", "ms-office-2010-signed.docx", "ms-office-2010-signed.pptx", "ms-office-2010-signed.xlsx", "Office2010-SP1-XAdES-X-L.docx", "signed.docx" };
    for (String testFile : testFiles) {
        OPCPackage pkg = OPCPackage.open(testdata.getFile(testFile), PackageAccess.READ);
        try {
            SignatureConfig sic = new SignatureConfig();
            sic.setOpcPackage(pkg);
            SignatureInfo si = new SignatureInfo();
            si.setSignatureConfig(sic);
            List<X509Certificate> result = new ArrayList<X509Certificate>();
            for (SignaturePart sp : si.getSignatureParts()) {
                if (sp.validate()) {
                    result.add(sp.getSigner());
                }
            }
            assertNotNull(result);
            assertEquals("test-file: " + testFile, 1, result.size());
            X509Certificate signer = result.get(0);
            LOG.log(POILogger.DEBUG, "signer: " + signer.getSubjectX500Principal());
            boolean b = si.verifySignature();
            assertTrue("test-file: " + testFile, b);
            pkg.revert();
        } finally {
            pkg.close();
        }
    }
}
Also used : SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo) SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig) ArrayList(java.util.ArrayList) SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart) OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Example 10 with SignatureConfig

use of org.apache.poi.poifs.crypt.dsig.SignatureConfig in project poi by apache.

the class TestSignatureInfo method testManipulation.

@Test
public void testManipulation() throws Exception {
    // sign & validate
    String testFile = "hello-world-unsigned.xlsx";
    @SuppressWarnings("resource") OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
    sign(pkg, "Test", "CN=Test", 1);
    // manipulate
    XSSFWorkbook wb = new XSSFWorkbook(pkg);
    wb.setSheetName(0, "manipulated");
    // ... I don't know, why commit is protected ...
    POITestCase.callMethod(XSSFWorkbook.class, wb, Void.class, "commit", new Class[0], new Object[0]);
    // todo: test a manipulation on a package part, which is not signed
    // ... maybe in combination with #56164 
    // validate
    SignatureConfig sic = new SignatureConfig();
    sic.setOpcPackage(pkg);
    SignatureInfo si = new SignatureInfo();
    si.setSignatureConfig(sic);
    boolean b = si.verifySignature();
    assertFalse("signature should be broken", b);
    wb.close();
}
Also used : SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo) SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig) XSSFWorkbook(org.apache.poi.xssf.usermodel.XSSFWorkbook) SXSSFWorkbook(org.apache.poi.xssf.streaming.SXSSFWorkbook) OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage) Test(org.junit.Test)

Aggregations

SignatureConfig (org.apache.poi.poifs.crypt.dsig.SignatureConfig)11 SignatureInfo (org.apache.poi.poifs.crypt.dsig.SignatureInfo)11 OPCPackage (org.apache.poi.openxml4j.opc.OPCPackage)10 Test (org.junit.Test)10 X509Certificate (java.security.cert.X509Certificate)7 ArrayList (java.util.ArrayList)7 SignaturePart (org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart)7 ByteArrayInputStream (java.io.ByteArrayInputStream)2 SXSSFWorkbook (org.apache.poi.xssf.streaming.SXSSFWorkbook)2 SignatureDocument (org.w3.x2000.x09.xmldsig.SignatureDocument)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 File (java.io.File)1 FileInputStream (java.io.FileInputStream)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 ConnectException (java.net.ConnectException)1 SocketTimeoutException (java.net.SocketTimeoutException)1 Key (java.security.Key)1 KeyPair (java.security.KeyPair)1 KeyStore (java.security.KeyStore)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial