xuanthu2002 opened a new issue, #930:
URL: https://github.com/apache/poi/issues/930
Hello POI team,
I’m using Apache POI OOXML version **5.4.1** to sign a DOCX document with
XAdES-T. Although the signature is recognised by Microsoft Word (Word shows it
as a valid XAdES-T signature), when I inspect the timestamp information in Word
the **timestamp details are missing**
Here are the key details:
- POI version: 5.4.1
- JVM / OS: Java 8, Windows 10, MS Word 2019
- Signing code: I build the `sig1.xml` part, embed it into OPCPackage under
`/_xmlsignatures/sig1.xml`, relationship root→signature correct.
- In `sig1.xml`, I see
`<xd:SignatureTimeStamp><xd:EncapsulatedTimeStamp>…</xd:EncapsulatedTimeStamp></xd:SignatureTimeStamp>`.
- In Word: Signature status shows “valid signature”, but when I choose “See
the additional siging information...”, I see **No timestamp information
available** and **No timestamp authority information available**.
Here my code:
```java
public static byte[] signWithTSA(final byte[] dataToSign) throws
IOException, InvalidFormatException, MarshalException, XMLSignatureException,
RuntimeException, TransformException, NoSuchAlgorithmException,
InvalidKeyException {
SignatureConfig signatureConfig = new SignatureConfig();
signatureConfig.setDigestAlgo(HashAlgorithm.sha256);
signatureConfig.setKey(PKCS12Utils.getPrivateKey());
List<X509Certificate> certChain = new ArrayList<>();
for (Certificate cert : PKCS12Utils.getCertificateChain()) {
certChain.add((X509Certificate) cert);
}
signatureConfig.setSigningCertificateChain(certChain);
signatureConfig.setExecutionTime(new Date());
signatureConfig.setIncludeEntireCertificateChain(true);
signatureConfig.setCanonicalizationMethod(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signatureConfig.setXadesCanonicalizationMethod(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
// XAdES-T
signatureConfig.setTspUrl(Constants.TSA_SERVER);
signatureConfig.setTspRequestPolicy(null);
signatureConfig.setTspOldProtocol(false);
signatureConfig.setTspDigestAlgo(HashAlgorithm.sha256);
signatureConfig.setXadesRole("Owner");
signatureConfig.setSignatureDescription("Test ký dấu thời gian");
signatureConfig.setCommitmentType("Ký dấu thời gian");
signatureConfig.setSignatureFacets(Arrays.asList(
new OOXMLSignatureFacet(),
new KeyInfoSignatureFacet(),
new XAdESSignatureFacet(),
new XAdESXLSignatureFacet()
));
try (OPCPackage pack = OPCPackage.open(new
ByteArrayInputStream(dataToSign))) {
SignatureInfo signatureInfo = new SignatureInfo();
signatureInfo.setOpcPackage(pack);
signatureInfo.setSignatureConfig(signatureConfig);
signatureInfo.confirmSignature();
ByteArrayOutputStream out = new ByteArrayOutputStream();
pack.save(out);
return out.toByteArray();
}
}
```
Any suggestions or sample code fragments for making the timestamp details
visible in Word?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
