use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method office2007prettyPrintedRels.
@Test
public void office2007prettyPrintedRels() throws Exception {
OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
try {
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
boolean isValid = si.verifySignature();
assertTrue(isValid);
} finally {
pkg.close();
}
}
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method sign.
private void sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
initKeyPair(alias, signerDn);
SignatureConfig signatureConfig = new SignatureConfig();
signatureConfig.setKey(keyPair.getPrivate());
signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
signatureConfig.setExecutionTime(cal.getTime());
signatureConfig.setDigestAlgo(HashAlgorithm.sha1);
signatureConfig.setOpcPackage(pkgCopy);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(signatureConfig);
Document document = DocumentHelper.createDocument();
// operate
DigestInfo digestInfo = si.preSign(document, null);
// verify
assertNotNull(digestInfo);
LOG.log(POILogger.DEBUG, "digest algo: " + digestInfo.hashAlgo);
LOG.log(POILogger.DEBUG, "digest description: " + digestInfo.description);
assertEquals("Office OpenXML Document", digestInfo.description);
assertNotNull(digestInfo.hashAlgo);
assertNotNull(digestInfo.digestValue);
// setup: key material, signature value
byte[] signatureValue = si.signDigest(digestInfo.digestValue);
// operate: postSign
si.postSign(document, signatureValue);
// verify: signature
si.getSignatureConfig().setOpcPackage(pkgCopy);
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertEquals(signerCount, result.size());
}
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method testSignSpreadsheetWithSignatureInfo.
@Test
public void testSignSpreadsheetWithSignatureInfo() throws Exception {
initKeyPair("Test", "CN=Test");
String testFile = "hello-world-unsigned.xlsx";
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
sic.setKey(keyPair.getPrivate());
sic.setSigningCertificateChain(Collections.singletonList(x509));
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
// hash > sha1 doesn't work in excel viewer ...
si.confirmSignature();
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertEquals(1, result.size());
pkg.close();
}
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method getSigner.
@Test
public void getSigner() throws Exception {
String[] testFiles = { "hyperlink-example-signed.docx", "hello-world-signed.docx", "hello-world-signed.pptx", "hello-world-signed.xlsx", "hello-world-office-2010-technical-preview.docx", "ms-office-2010-signed.docx", "ms-office-2010-signed.pptx", "ms-office-2010-signed.xlsx", "Office2010-SP1-XAdES-X-L.docx", "signed.docx" };
for (String testFile : testFiles) {
OPCPackage pkg = OPCPackage.open(testdata.getFile(testFile), PackageAccess.READ);
try {
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertNotNull(result);
assertEquals("test-file: " + testFile, 1, result.size());
X509Certificate signer = result.get(0);
LOG.log(POILogger.DEBUG, "signer: " + signer.getSubjectX500Principal());
boolean b = si.verifySignature();
assertTrue("test-file: " + testFile, b);
pkg.revert();
} finally {
pkg.close();
}
}
}
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method testManipulation.
@Test
public void testManipulation() throws Exception {
// sign & validate
String testFile = "hello-world-unsigned.xlsx";
@SuppressWarnings("resource") OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
sign(pkg, "Test", "CN=Test", 1);
// manipulate
XSSFWorkbook wb = new XSSFWorkbook(pkg);
wb.setSheetName(0, "manipulated");
// ... I don't know, why commit is protected ...
POITestCase.callMethod(XSSFWorkbook.class, wb, Void.class, "commit", new Class[0], new Object[0]);
// todo: test a manipulation on a package part, which is not signed
// ... maybe in combination with #56164
// validate
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
boolean b = si.verifySignature();
assertFalse("signature should be broken", b);
wb.close();
}
Aggregations