Author: kiwiwings
Date: Sat Sep 27 17:49:09 2014
New Revision: 1627985
URL: http://svn.apache.org/r1627985
Log:
configure namespaces via signatureconfig
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/EnvelopedSignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/KeyInfoSignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/SignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureConfig.java
Sat Sep 27 17:49:09 2014
@@ -17,11 +17,16 @@
package org.apache.poi.poifs.crypt.dsig;
+import static
org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.OO_DIGSIG_NS;
+import static
org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XADES_132_NS;
+
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import java.util.UUID;
import javax.xml.crypto.URIDereferencer;
@@ -73,7 +78,6 @@ public class SignatureConfig {
*/
private SignaturePolicyService signaturePolicyService;
private URIDereferencer uriDereferencer = new OOXMLURIDereferencer();
- private String signatureNamespacePrefix;
private String canonicalizationMethod = CanonicalizationMethod.INCLUSIVE;
private boolean includeEntireCertificateChain = true;
@@ -130,6 +134,12 @@ public class SignatureConfig {
*/
EventListener signCreationListener = null;
+ /**
+ * Map of namespace uris to prefix
+ * If a mapping is specified, the corresponding elements will be prefixed
+ */
+ Map<String,String> namespacePrefixes = new HashMap<String,String>();
+
protected void init(boolean onlyValidation) {
if (uriDereferencer == null) {
throw new EncryptedDocumentException("uriDereferencer is null");
@@ -140,6 +150,15 @@ public class SignatureConfig {
if (uriDereferencer instanceof SignatureConfigurable) {
((SignatureConfigurable)uriDereferencer).setSignatureConfig(this);
}
+ if (namespacePrefixes.isEmpty()) {
+ /*
+ * OOo doesn't like ds namespaces so per default prefixing is off.
+ */
+ // namespacePrefixes.put(XML_DIGSIG_NS, "");
+ namespacePrefixes.put(OO_DIGSIG_NS, "mdssi");
+ namespacePrefixes.put(XADES_132_NS, "xd");
+ }
+
if (onlyValidation) return;
if (signCreationListener == null) {
@@ -149,7 +168,6 @@ public class SignatureConfig {
if (signCreationListener instanceof SignatureConfigurable) {
((SignatureConfigurable)signCreationListener).setSignatureConfig(this);
}
-
if (tspService != null) {
tspService.setSignatureConfig(this);
@@ -263,12 +281,6 @@ public class SignatureConfig {
public void setSignatureDescription(String signatureDescription) {
this.signatureDescription = signatureDescription;
}
- public String getSignatureNamespacePrefix() {
- return signatureNamespacePrefix;
- }
- public void setSignatureNamespacePrefix(String signatureNamespacePrefix) {
- this.signatureNamespacePrefix = signatureNamespacePrefix;
- }
public String getCanonicalizationMethod() {
return canonicalizationMethod;
}
@@ -403,4 +415,10 @@ public class SignatureConfig {
public void setSignCreationListener(EventListener signCreationListener) {
this.signCreationListener = signCreationListener;
}
+ public Map<String, String> getNamespacePrefixes() {
+ return namespacePrefixes;
+ }
+ public void setNamespacePrefixes(Map<String, String> namespacePrefixes) {
+ this.namespacePrefixes = namespacePrefixes;
+ }
}
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/SignatureInfo.java
Sat Sep 27 17:49:09 2014
@@ -24,6 +24,9 @@
package org.apache.poi.poifs.crypt.dsig;
+import static
org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.OO_DIGSIG_NS;
+import static
org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS;
+import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_NS;
import static
org.apache.xml.security.signature.XMLSignature.ALGO_ID_MAC_HMAC_RIPEMD160;
import static
org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA1;
import static
org.apache.xml.security.signature.XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
@@ -80,7 +83,6 @@ import org.apache.jcp.xml.dsig.internal.
import org.apache.poi.EncryptedDocumentException;
import org.apache.poi.openxml4j.exceptions.InvalidFormatException;
import org.apache.poi.openxml4j.opc.OPCPackage;
-import org.apache.poi.openxml4j.opc.PackageNamespaces;
import org.apache.poi.openxml4j.opc.PackagePart;
import org.apache.poi.openxml4j.opc.PackagePartName;
import org.apache.poi.openxml4j.opc.PackageRelationship;
@@ -115,9 +117,6 @@ import org.xml.sax.SAXException;
public class SignatureInfo implements SignatureConfigurable {
- public static final String XmlNS = "http://www.w3.org/2000/xmlns/";;
- public static final String XmlDSigNS = XMLSignature.XMLNS;
-
// see https://www.ietf.org/rfc/rfc3110.txt
// RSA/SHA1 SIG Resource Records
public static final byte[] SHA1_DIGEST_INFO_PREFIX = new byte[]
@@ -222,13 +221,14 @@ public class SignatureInfo implements Si
if (packageId.equals(el.getAttribute("Id"))) {
target.get().removeEventListener("DOMSubtreeModified", this, false);
- el.setAttributeNS(XmlNS, "xmlns:mdssi",
PackageNamespaces.DIGITAL_SIGNATURE);
+ el.setAttributeNS(XML_NS, "xmlns:mdssi",
OO_DIGSIG_NS);
target.get().addEventListener("DOMSubtreeModified", this, false);
}
}
}
}
}
+
public void setSignatureConfig(SignatureConfig signatureConfig) {
this.signatureConfig = signatureConfig;
}
@@ -439,18 +439,11 @@ public class SignatureInfo implements Si
xmlSignContext.setURIDereferencer(uriDereferencer);
}
- xmlSignContext.putNamespacePrefix(
-
"http://schemas.openxmlformats.org/package/2006/digital-signature";,
- "mdssi");
-
- String sigNsPrefix = signatureConfig.getSignatureNamespacePrefix();
- if (sigNsPrefix != null) {
- /*
- * OOo doesn't like ds namespaces so per default prefixing is off.
- */
- xmlSignContext.putNamespacePrefix(XmlDSigNS, sigNsPrefix);
+ for (Map.Entry<String,String> me :
signatureConfig.getNamespacePrefixes().entrySet()) {
+ xmlSignContext.putNamespacePrefix(me.getKey(), me.getValue());
}
-
+
xmlSignContext.setDefaultNamespacePrefix(signatureConfig.getNamespacePrefixes().get(XML_DIGSIG_NS));
+
XMLSignatureFactory signatureFactory =
SignatureInfo.getSignatureFactory();
/*
@@ -500,8 +493,6 @@ public class SignatureInfo implements Si
/*
* ds:Signature Marshalling.
*/
-
xmlSignContext.setDefaultNamespacePrefix(signatureConfig.getSignatureNamespacePrefix());
- //
xmlSignContext.putNamespacePrefix(PackageNamespaces.DIGITAL_SIGNATURE, "mdssi");
xmlSignature.sign(xmlSignContext);
/*
@@ -550,8 +541,8 @@ public class SignatureInfo implements Si
* usage.
*/
- MessageDigest jcaMessageDigest =
CryptoFunctions.getMessageDigest(signatureConfig.getDigestAlgo());
- byte[] digestValue = jcaMessageDigest.digest(octets);
+ MessageDigest md =
CryptoFunctions.getMessageDigest(signatureConfig.getDigestAlgo());
+ byte[] digestValue = md.digest(octets);
String description = signatureConfig.getSignatureDescription();
@@ -577,7 +568,7 @@ public class SignatureInfo implements Si
/*
* Insert signature value into the ds:SignatureValue element
*/
- NodeList sigValNl = document.getElementsByTagNameNS(XmlDSigNS,
"SignatureValue");
+ NodeList sigValNl = document.getElementsByTagNameNS(XML_DIGSIG_NS,
"SignatureValue");
if (sigValNl.getLength() != 1) {
throw new RuntimeException("preSign has to be called before
postSign");
}
@@ -596,12 +587,9 @@ public class SignatureInfo implements Si
protected void writeDocument(Document document) throws IOException,
XmlException {
XmlOptions xo = new XmlOptions();
Map<String,String> namespaceMap = new HashMap<String,String>();
- for (SignatureFacet sf : signatureConfig.getSignatureFacets()) {
- Map<String,String> sfm = sf.getNamespacePrefixMapping();
- if (sfm != null) {
- namespaceMap.putAll(sfm);
- }
- }
+ for(Map.Entry<String,String> entry :
signatureConfig.getNamespacePrefixes().entrySet()){
+ namespaceMap.put(entry.getValue(), entry.getKey());
+ }
xo.setSaveSuggestedPrefixes(namespaceMap);
xo.setUseDefaultNamespace();
@@ -651,7 +639,7 @@ public class SignatureInfo implements Si
}
@SuppressWarnings("unchecked")
- public static <T> List<T> safe(List<T> other) {
+ private static <T> List<T> safe(List<T> other) {
return other == null ? Collections.EMPTY_LIST : other;
}
}
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/EnvelopedSignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/EnvelopedSignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/EnvelopedSignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/EnvelopedSignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -5,7 +5,6 @@ import java.security.NoSuchAlgorithmExce
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
-import java.util.Map;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
@@ -60,9 +59,4 @@ public class EnvelopedSignatureFacet imp
references.add(reference);
}
-
- @Override
- public Map<String,String> getNamespacePrefixMapping() {
- return null;
- }
}
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/KeyInfoSignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/KeyInfoSignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/KeyInfoSignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/KeyInfoSignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -24,17 +24,13 @@
package org.apache.poi.poifs.crypt.dsig.facets;
-import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS;
-
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dom.DOMCryptoContext;
@@ -79,7 +75,7 @@ public class KeyInfoSignatureFacet imple
throws MarshalException {
LOG.log(POILogger.DEBUG, "postSign");
- NodeList nl = document.getElementsByTagNameNS(XmlDSigNS, "Object");
+ NodeList nl = document.getElementsByTagNameNS(XML_DIGSIG_NS, "Object");
/*
* Make sure we insert right after the ds:SignatureValue element, just
@@ -144,14 +140,14 @@ public class KeyInfoSignatureFacet imple
Element n = document.getDocumentElement();
DOMSignContext domSignContext = new DOMSignContext(key, n,
nextSibling);
DOMCryptoContext domCryptoContext = domSignContext;
- domCryptoContext.putNamespacePrefix(XmlDSigNS, "xd");
+ domCryptoContext.putNamespacePrefix(XML_DIGSIG_NS, "xd");
DOMStructure domStructure = new DOMStructure(n);
// how to set nextSibling??? - marshal is ignoring nextSibling in
DOMSignContext
domKeyInfo.marshal(domStructure, domCryptoContext);
// move keyinfo into the right place
if (nextSibling != null) {
- NodeList kiNl = document.getElementsByTagNameNS(XmlDSigNS,
"KeyInfo");
+ NodeList kiNl = document.getElementsByTagNameNS(XML_DIGSIG_NS,
"KeyInfo");
if (kiNl.getLength() != 1) {
throw new RuntimeException("KeyInfo wasn't set");
}
@@ -168,11 +164,4 @@ public class KeyInfoSignatureFacet imple
) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
// empty
}
-
- public Map<String,String> getNamespacePrefixMapping() {
- Map<String,String> map = new HashMap<String,String>();
- // map.put("xd", XmlDSigNS);
- return map;
- }
-
}
\ No newline at end of file
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/OOXMLSignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -24,8 +24,6 @@
package org.apache.poi.poifs.crypt.dsig.facets;
-import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS;
-import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlNS;
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.setPrefix;
import java.io.IOException;
@@ -37,10 +35,8 @@ import java.security.cert.X509Certificat
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
-import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
@@ -60,7 +56,6 @@ import javax.xml.crypto.dsig.spec.Transf
import org.apache.poi.openxml4j.exceptions.InvalidFormatException;
import org.apache.poi.openxml4j.opc.ContentTypes;
import org.apache.poi.openxml4j.opc.OPCPackage;
-import org.apache.poi.openxml4j.opc.PackageNamespaces;
import org.apache.poi.openxml4j.opc.PackagePart;
import org.apache.poi.openxml4j.opc.PackagePartName;
import org.apache.poi.openxml4j.opc.PackageRelationship;
@@ -91,9 +86,6 @@ public class OOXMLSignatureFacet impleme
private static final POILogger LOG =
POILogFactory.getLogger(OOXMLSignatureFacet.class);
- public static final String OOXML_DIGSIG_NS =
"http://schemas.openxmlformats.org/package/2006/digital-signature";;
- public static final String OFFICE_DIGSIG_NS =
"http://schemas.microsoft.com/office/2006/digsig";;
-
private SignatureConfig signatureConfig;
public void setSignatureConfig(SignatureConfig signatureConfig) {
@@ -133,7 +125,7 @@ public class OOXMLSignatureFacet impleme
DigestMethod digestMethod =
signatureFactory.newDigestMethod(signatureConfig.getDigestAlgo().xmlSignUri,
null);
Reference reference = signatureFactory.newReference
- ("#" + objectId, digestMethod, null, XmlDSigNS+"Object", null);
+ ("#" + objectId, digestMethod, null, XML_DIGSIG_NS+"Object", null);
references.add(reference);
}
@@ -238,7 +230,7 @@ public class OOXMLSignatureFacet impleme
// TODO: find better method to have xmlbeans + export the prefix
Element n = (Element)document.importNode(ctTime.getDomNode(),true);
- setPrefix(n, PackageNamespaces.DIGITAL_SIGNATURE, "mdssi");
+ setPrefix(n, OO_DIGSIG_NS, "mdssi");
List<XMLStructure> signatureTimeContent = new
ArrayList<XMLStructure>();
signatureTimeContent.add(new DOMStructure(n));
@@ -264,7 +256,7 @@ public class OOXMLSignatureFacet impleme
CTSignatureInfoV1 ctSigV1 = sigV1.addNewSignatureInfoV1();
ctSigV1.setManifestHashAlgorithm(signatureConfig.getDigestAlgo().xmlSignUri);
Element n = (Element)document.importNode(ctSigV1.getDomNode(), true);
- n.setAttributeNS(XmlNS, "xmlns",
"http://schemas.microsoft.com/office/2006/digsig";);
+ n.setAttributeNS(XML_NS, "xmlns",
"http://schemas.microsoft.com/office/2006/digsig";);
List<XMLStructure> signatureInfoContent = new
ArrayList<XMLStructure>();
signatureInfoContent.add(new DOMStructure(n));
@@ -283,7 +275,7 @@ public class OOXMLSignatureFacet impleme
DigestMethod digestMethod =
signatureFactory.newDigestMethod(signatureConfig.getDigestAlgo().xmlSignUri,
null);
Reference reference = signatureFactory.newReference
- ("#" + objectId, digestMethod, null, XmlDSigNS+"Object", null);
+ ("#" + objectId, digestMethod, null, XML_DIGSIG_NS+"Object", null);
references.add(reference);
}
@@ -360,14 +352,6 @@ public class OOXMLSignatureFacet impleme
return false;
}
- public Map<String,String> getNamespacePrefixMapping() {
- Map<String,String> m = new HashMap<String,String>();
- m.put("mdssi", OOXML_DIGSIG_NS);
- m.put("xd", "http://uri.etsi.org/01903/v1.3.2#";);
- return m;
- }
-
-
/**
* Office 2010 list of signed types (extensions).
*/
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/Office2010SignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -28,7 +28,6 @@ import java.security.InvalidAlgorithmPar
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.List;
-import java.util.Map;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
@@ -71,7 +70,7 @@ public class Office2010SignatureFacet im
public void postSign(Document document, List<X509Certificate>
signingCertificateChain)
throws XmlException {
// check for XAdES-BES
- NodeList nl =
document.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#";,
"QualifyingProperties");
+ NodeList nl = document.getElementsByTagNameNS(XADES_132_NS,
"QualifyingProperties");
if (nl.getLength() != 1) {
throw new IllegalArgumentException("no XAdES-BES extension
present");
}
@@ -92,8 +91,4 @@ public class Office2010SignatureFacet im
Node n = document.importNode(qualProps.getDomNode().getFirstChild(),
true);
nl.item(0).getParentNode().replaceChild(n, nl.item(0));
}
-
- public Map<String,String> getNamespacePrefixMapping() {
- return null;
- }
}
\ No newline at end of file
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/SignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/SignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/SignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/SignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -30,13 +30,15 @@ import java.security.InvalidAlgorithmPar
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.List;
-import java.util.Map;
+import javax.xml.XMLConstants;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
+import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
+import org.apache.poi.openxml4j.opc.PackageNamespaces;
import org.apache.poi.poifs.crypt.dsig.SignatureConfig.SignatureConfigurable;
import org.apache.xmlbeans.XmlException;
import org.w3c.dom.Document;
@@ -49,6 +51,14 @@ import org.w3c.dom.Document;
*/
public interface SignatureFacet extends SignatureConfigurable {
+ String XML_NS = XMLConstants.XMLNS_ATTRIBUTE_NS_URI;
+ String XML_DIGSIG_NS = XMLSignature.XMLNS;
+ String OO_DIGSIG_NS = PackageNamespaces.DIGITAL_SIGNATURE;
+ String MS_DIGSIG_NS = "http://schemas.microsoft.com/office/2006/digsig";;
+ String XADES_132_NS = "http://uri.etsi.org/01903/v1.3.2#";;
+ String XADES_141_NS = "http://uri.etsi.org/01903/v1.4.1#";;
+
+
/**
* This method is being invoked by the XML signature service engine during
* pre-sign phase. Via this method a signature facet implementation can add
@@ -83,6 +93,4 @@ public interface SignatureFacet extends
Document document
, List<X509Certificate> signingCertificateChain
) throws MarshalException, XmlException;
-
- Map<String,String> getNamespacePrefixMapping();
}
\ No newline at end of file
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESSignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -24,7 +24,6 @@
package org.apache.poi.poifs.crypt.dsig.facets;
-import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlNS;
import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.setPrefix;
import java.security.InvalidAlgorithmParameterException;
@@ -213,8 +212,8 @@ public class XAdESSignatureFacet impleme
// add XAdES ds:Object
List<XMLStructure> xadesObjectContent = new ArrayList<XMLStructure>();
Element qualDocEl =
(Element)document.importNode(qualifyingProperties.getDomNode(), true);
- qualDocEl.setAttributeNS(XmlNS, "xmlns:xd",
"http://uri.etsi.org/01903/v1.3.2#";);
- setPrefix(qualDocEl, "http://uri.etsi.org/01903/v1.3.2#";, "xd");
+ qualDocEl.setAttributeNS(XML_NS, "xmlns:xd", XADES_132_NS);
+ setPrefix(qualDocEl, XADES_132_NS, "xd");
xadesObjectContent.add(new DOMStructure(qualDocEl));
XMLObject xadesObject =
signatureFactory.newXMLObject(xadesObjectContent, null, null, null);
objects.add(xadesObject);
@@ -298,12 +297,6 @@ public class XAdESSignatureFacet impleme
this.dataObjectFormatMimeTypes.put(dsReferenceUri, mimetype);
}
- public Map<String,String> getNamespacePrefixMapping() {
- Map<String,String> map = new HashMap<String,String>();
- map.put("xd", "http://uri.etsi.org/01903/v1.3.2#";);
- return map;
- }
-
protected static void insertXChild(XmlObject root, XmlObject child) {
XmlCursor rootCursor = root.newCursor();
rootCursor.toEndToken();
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/facets/XAdESXLSignatureFacet.java
Sat Sep 27 17:49:09 2014
@@ -24,7 +24,6 @@
package org.apache.poi.poifs.crypt.dsig.facets;
-import static org.apache.poi.poifs.crypt.dsig.SignatureInfo.XmlDSigNS;
import static
org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet.insertXChild;
import java.io.ByteArrayInputStream;
@@ -42,7 +41,6 @@ import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.List;
-import java.util.Map;
import java.util.UUID;
import javax.xml.crypto.dsig.CanonicalizationMethod;
@@ -112,10 +110,6 @@ public class XAdESXLSignatureFacet imple
private static final POILogger LOG =
POILogFactory.getLogger(XAdESXLSignatureFacet.class);
- public static final String XADES_NAMESPACE =
"http://uri.etsi.org/01903/v1.3.2#";;
-
- public static final String XADES141_NAMESPACE =
"http://uri.etsi.org/01903/v1.4.1#";;
-
private SignatureConfig signatureConfig;
private String c14nAlgoId = CanonicalizationMethod.EXCLUSIVE;
@@ -157,7 +151,7 @@ public class XAdESXLSignatureFacet imple
QualifyingPropertiesType qualProps = null;
// check for XAdES-BES
- NodeList qualNl =
document.getElementsByTagNameNS("http://uri.etsi.org/01903/v1.3.2#";,
"QualifyingProperties");
+ NodeList qualNl = document.getElementsByTagNameNS(XADES_132_NS,
"QualifyingProperties");
if (qualNl.getLength() == 1) {
qualDoc =
QualifyingPropertiesDocument.Factory.parse(qualNl.item(0));
qualProps = qualDoc.getQualifyingProperties();
@@ -177,7 +171,7 @@ public class XAdESXLSignatureFacet imple
// create the XAdES-T time-stamp
- NodeList nlSigVal = document.getElementsByTagNameNS(XmlDSigNS,
"SignatureValue");
+ NodeList nlSigVal = document.getElementsByTagNameNS(XML_DIGSIG_NS,
"SignatureValue");
if (nlSigVal.getLength() != 1) {
throw new IllegalArgumentException("SignatureValue is not set.");
}
@@ -436,9 +430,4 @@ public class XAdESXLSignatureFacet imple
}
}
}
-
- public Map<String,String> getNamespacePrefixMapping() {
- return null;
- }
-
}
Modified:
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java
URL:
http://svn.apache.org/viewvc/poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java?rev=1627985&r1=1627984&r2=1627985&view=diff
==============================================================================
---
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java
(original)
+++
poi/branches/xml_signature/src/ooxml/java/org/apache/poi/poifs/crypt/dsig/services/RelationshipTransformService.java
Sat Sep 27 17:49:09 2014
@@ -24,6 +24,9 @@
package org.apache.poi.poifs.crypt.dsig.services;
+import static
org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS;
+import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_NS;
+
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -161,7 +164,7 @@ public class RelationshipTransformServic
LOG.log(POILogger.DEBUG, "marshallParams(parent,context)");
DOMStructure domParent = (DOMStructure) parent;
Element parentNode = (Element)domParent.getNode();
- // parentNode.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:mdssi",
DIGITAL_SIGNATURE);
+ // parentNode.setAttributeNS(XML_NS, "xmlns:mdssi", XML_DIGSIG_NS);
Document doc = parentNode.getOwnerDocument();
for (String sourceId : this.sourceIds) {
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
