Example 6 with SignatureInfo
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method office2007prettyPrintedRels.
@Test
public void office2007prettyPrintedRels() throws Exception {
OPCPackage pkg = OPCPackage.open(testdata.getFile("office2007prettyPrintedRels.docx"), PackageAccess.READ);
try {
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
boolean isValid = si.verifySignature();
assertTrue(isValid);
} finally {
pkg.close();
}
}
Also used :
SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo)
SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig)
OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage)
Test(org.junit.Test)
Example 7 with SignatureInfo
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method sign.
private void sign(OPCPackage pkgCopy, String alias, String signerDn, int signerCount) throws Exception {
initKeyPair(alias, signerDn);
SignatureConfig signatureConfig = new SignatureConfig();
signatureConfig.setKey(keyPair.getPrivate());
signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
signatureConfig.setExecutionTime(cal.getTime());
signatureConfig.setDigestAlgo(HashAlgorithm.sha1);
signatureConfig.setOpcPackage(pkgCopy);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(signatureConfig);
Document document = DocumentHelper.createDocument();
// operate
DigestInfo digestInfo = si.preSign(document, null);
// verify
assertNotNull(digestInfo);
LOG.log(POILogger.DEBUG, "digest algo: " + digestInfo.hashAlgo);
LOG.log(POILogger.DEBUG, "digest description: " + digestInfo.description);
assertEquals("Office OpenXML Document", digestInfo.description);
assertNotNull(digestInfo.hashAlgo);
assertNotNull(digestInfo.digestValue);
// setup: key material, signature value
byte[] signatureValue = si.signDigest(digestInfo.digestValue);
// operate: postSign
si.postSign(document, signatureValue);
// verify: signature
si.getSignatureConfig().setOpcPackage(pkgCopy);
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertEquals(signerCount, result.size());
}
Also used :
SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo)
DigestInfo(org.apache.poi.poifs.crypt.dsig.DigestInfo)
SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig)
ArrayList(java.util.ArrayList)
Document(org.w3c.dom.Document)
SignatureDocument(org.w3.x2000.x09.xmldsig.SignatureDocument)
SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart)
X509Certificate(java.security.cert.X509Certificate)
Example 8 with SignatureInfo
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method testSignSpreadsheetWithSignatureInfo.
@Test
public void testSignSpreadsheetWithSignatureInfo() throws Exception {
initKeyPair("Test", "CN=Test");
String testFile = "hello-world-unsigned.xlsx";
OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
sic.setKey(keyPair.getPrivate());
sic.setSigningCertificateChain(Collections.singletonList(x509));
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
// hash > sha1 doesn't work in excel viewer ...
si.confirmSignature();
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertEquals(1, result.size());
pkg.close();
}
Also used :
SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo)
SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig)
ArrayList(java.util.ArrayList)
SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart)
OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.Test)
Example 9 with SignatureInfo
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method getSigner.
@Test
public void getSigner() throws Exception {
String[] testFiles = { "hyperlink-example-signed.docx", "hello-world-signed.docx", "hello-world-signed.pptx", "hello-world-signed.xlsx", "hello-world-office-2010-technical-preview.docx", "ms-office-2010-signed.docx", "ms-office-2010-signed.pptx", "ms-office-2010-signed.xlsx", "Office2010-SP1-XAdES-X-L.docx", "signed.docx" };
for (String testFile : testFiles) {
OPCPackage pkg = OPCPackage.open(testdata.getFile(testFile), PackageAccess.READ);
try {
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
List<X509Certificate> result = new ArrayList<X509Certificate>();
for (SignaturePart sp : si.getSignatureParts()) {
if (sp.validate()) {
result.add(sp.getSigner());
}
}
assertNotNull(result);
assertEquals("test-file: " + testFile, 1, result.size());
X509Certificate signer = result.get(0);
LOG.log(POILogger.DEBUG, "signer: " + signer.getSubjectX500Principal());
boolean b = si.verifySignature();
assertTrue("test-file: " + testFile, b);
pkg.revert();
} finally {
pkg.close();
}
}
}
Also used :
SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo)
SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig)
ArrayList(java.util.ArrayList)
SignaturePart(org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart)
OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage)
X509Certificate(java.security.cert.X509Certificate)
Test(org.junit.Test)
Example 10 with SignatureInfo
use of org.apache.poi.poifs.crypt.dsig.SignatureInfo in project poi by apache.
the class TestSignatureInfo method testManipulation.
@Test
public void testManipulation() throws Exception {
// sign & validate
String testFile = "hello-world-unsigned.xlsx";
@SuppressWarnings("resource") OPCPackage pkg = OPCPackage.open(copy(testdata.getFile(testFile)), PackageAccess.READ_WRITE);
sign(pkg, "Test", "CN=Test", 1);
// manipulate
XSSFWorkbook wb = new XSSFWorkbook(pkg);
wb.setSheetName(0, "manipulated");
// ... I don't know, why commit is protected ...
POITestCase.callMethod(XSSFWorkbook.class, wb, Void.class, "commit", new Class[0], new Object[0]);
// todo: test a manipulation on a package part, which is not signed
// ... maybe in combination with #56164
// validate
SignatureConfig sic = new SignatureConfig();
sic.setOpcPackage(pkg);
SignatureInfo si = new SignatureInfo();
si.setSignatureConfig(sic);
boolean b = si.verifySignature();
assertFalse("signature should be broken", b);
wb.close();
}
Also used :
SignatureInfo(org.apache.poi.poifs.crypt.dsig.SignatureInfo)
SignatureConfig(org.apache.poi.poifs.crypt.dsig.SignatureConfig)
XSSFWorkbook(org.apache.poi.xssf.usermodel.XSSFWorkbook)
SXSSFWorkbook(org.apache.poi.xssf.streaming.SXSSFWorkbook)
OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage)
Test(org.junit.Test)
Aggregations
SignatureConfig (org.apache.poi.poifs.crypt.dsig.SignatureConfig)11
SignatureInfo (org.apache.poi.poifs.crypt.dsig.SignatureInfo)11
OPCPackage (org.apache.poi.openxml4j.opc.OPCPackage)10
Test (org.junit.Test)10
X509Certificate (java.security.cert.X509Certificate)7
ArrayList (java.util.ArrayList)7
SignaturePart (org.apache.poi.poifs.crypt.dsig.SignatureInfo.SignaturePart)7
ByteArrayInputStream (java.io.ByteArrayInputStream)2
SXSSFWorkbook (org.apache.poi.xssf.streaming.SXSSFWorkbook)2
SignatureDocument (org.w3.x2000.x09.xmldsig.SignatureDocument)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
File (java.io.File)1
FileInputStream (java.io.FileInputStream)1
IOException (java.io.IOException)1
InputStream (java.io.InputStream)1
ConnectException (java.net.ConnectException)1
SocketTimeoutException (java.net.SocketTimeoutException)1
Key (java.security.Key)1
KeyPair (java.security.KeyPair)1
KeyStore (java.security.KeyStore)1
