Examples with RelationshipTransformParameterSpec - org.apache.poi.poifs.crypt.dsig.services.RelationshipTransformService.RelationshipTransformParameterSpec

Example 1 with RelationshipTransformParameterSpec

use of org.apache.poi.poifs.crypt.dsig.services.RelationshipTransformService.RelationshipTransformParameterSpec in project poi by apache.

the class OOXMLSignatureFacet method addManifestReferences.

@SuppressWarnings("resource")
protected void addManifestReferences(List<Reference> manifestReferences) throws XMLSignatureException {
    OPCPackage ooxml = signatureConfig.getOpcPackage();
    List<PackagePart> relsEntryNames = ooxml.getPartsByContentType(ContentTypes.RELATIONSHIPS_PART);
    Set<String> digestedPartNames = new HashSet<String>();
    for (PackagePart pp : relsEntryNames) {
        String baseUri = pp.getPartName().getName().replaceFirst("(.*)/_rels/.*", "$1");
        PackageRelationshipCollection prc;
        try {
            prc = new PackageRelationshipCollection(ooxml);
            prc.parseRelationshipsPart(pp);
        } catch (InvalidFormatException e) {
            throw new XMLSignatureException("Invalid relationship descriptor: " + pp.getPartName().getName(), e);
        }
        RelationshipTransformParameterSpec parameterSpec = new RelationshipTransformParameterSpec();
        for (PackageRelationship relationship : prc) {
            String relationshipType = relationship.getRelationshipType();
            /*
                 * ECMA-376 Part 2 - 3rd edition
                 * 13.2.4.16 Manifest Element
                 * "The producer shall not create a Manifest element that references any data outside of the package."
                 */
            if (TargetMode.EXTERNAL == relationship.getTargetMode()) {
                continue;
            }
            if (!isSignedRelationship(relationshipType))
                continue;
            parameterSpec.addRelationshipReference(relationship.getId());
            // TODO: find a better way ...
            String partName = relationship.getTargetURI().toString();
            if (!partName.startsWith(baseUri)) {
                partName = baseUri + partName;
            }
            try {
                partName = new URI(partName).normalize().getPath().replace('\\', '/');
                LOG.log(POILogger.DEBUG, "part name: " + partName);
            } catch (URISyntaxException e) {
                throw new XMLSignatureException(e);
            }
            String contentType;
            try {
                PackagePartName relName = PackagingURIHelper.createPartName(partName);
                PackagePart pp2 = ooxml.getPart(relName);
                contentType = pp2.getContentType();
            } catch (InvalidFormatException e) {
                throw new XMLSignatureException(e);
            }
            if (relationshipType.endsWith("customXml") && !(contentType.equals("inkml+xml") || contentType.equals("text/xml"))) {
                LOG.log(POILogger.DEBUG, "skipping customXml with content type: " + contentType);
                continue;
            }
            if (!digestedPartNames.contains(partName)) {
                // We only digest a part once.
                String uri = partName + "?ContentType=" + contentType;
                Reference reference = newReference(uri, null, null, null, null);
                manifestReferences.add(reference);
                digestedPartNames.add(partName);
            }
        }
        if (parameterSpec.hasSourceIds()) {
            List<Transform> transforms = new ArrayList<Transform>();
            transforms.add(newTransform(RelationshipTransformService.TRANSFORM_URI, parameterSpec));
            transforms.add(newTransform(CanonicalizationMethod.INCLUSIVE));
            String uri = pp.getPartName().getName() + "?ContentType=application/vnd.openxmlformats-package.relationships+xml";
            Reference reference = newReference(uri, transforms, null, null, null);
            manifestReferences.add(reference);
        }
    }
}

Also used : PackagePartName(org.apache.poi.openxml4j.opc.PackagePartName) PackageRelationshipCollection(org.apache.poi.openxml4j.opc.PackageRelationshipCollection) Reference(javax.xml.crypto.dsig.Reference) ArrayList(java.util.ArrayList) URISyntaxException(java.net.URISyntaxException) PackagePart(org.apache.poi.openxml4j.opc.PackagePart) InvalidFormatException(org.apache.poi.openxml4j.exceptions.InvalidFormatException) URI(java.net.URI) PackageRelationship(org.apache.poi.openxml4j.opc.PackageRelationship) RelationshipTransformParameterSpec(org.apache.poi.poifs.crypt.dsig.services.RelationshipTransformService.RelationshipTransformParameterSpec) Transform(javax.xml.crypto.dsig.Transform) OPCPackage(org.apache.poi.openxml4j.opc.OPCPackage) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException) HashSet(java.util.HashSet)

Aggregations

URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1 Reference (javax.xml.crypto.dsig.Reference)1 Transform (javax.xml.crypto.dsig.Transform)1 XMLSignatureException (javax.xml.crypto.dsig.XMLSignatureException)1 InvalidFormatException (org.apache.poi.openxml4j.exceptions.InvalidFormatException)1 OPCPackage (org.apache.poi.openxml4j.opc.OPCPackage)1 PackagePart (org.apache.poi.openxml4j.opc.PackagePart)1 PackagePartName (org.apache.poi.openxml4j.opc.PackagePartName)1 PackageRelationship (org.apache.poi.openxml4j.opc.PackageRelationship)1 PackageRelationshipCollection (org.apache.poi.openxml4j.opc.PackageRelationshipCollection)1 RelationshipTransformParameterSpec (org.apache.poi.poifs.crypt.dsig.services.RelationshipTransformService.RelationshipTransformParameterSpec)1