org.apache.poi.poifs.crypt.dsig.SignatureInfo Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of apache-poi-ooxml Show documentation
Show all versions of apache-poi-ooxml Show documentation
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
/* ====================================================================
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
/* ====================================================================
This product contains an ASLv2 licensed version of the OOXML signer
package from the eID Applet project
http://code.google.com/p/eid-applet/source/browse/trunk/README.txt
Copyright (C) 2008-2014 FedICT.
================================================================= */
package org.apache.poi.poifs.crypt.dsig;
import static org.apache.poi.ooxml.POIXMLTypeLoader.DEFAULT_XML_OPTIONS;
import static org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet.XML_DIGSIG_NS;
import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.Provider;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.stream.Stream;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Manifest;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.TransformException;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import org.apache.jcp.xml.dsig.internal.dom.DOMReference;
import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo;
import org.apache.jcp.xml.dsig.internal.dom.DOMSubTreeData;
import org.apache.poi.EncryptedDocumentException;
import org.apache.poi.ooxml.util.DocumentHelper;
import org.apache.poi.openxml4j.exceptions.InvalidFormatException;
import org.apache.poi.openxml4j.opc.OPCPackage;
import org.apache.poi.openxml4j.opc.PackagePart;
import org.apache.poi.openxml4j.opc.PackagePartName;
import org.apache.poi.openxml4j.opc.PackageRelationship;
import org.apache.poi.openxml4j.opc.PackageRelationshipCollection;
import org.apache.poi.openxml4j.opc.PackageRelationshipTypes;
import org.apache.poi.openxml4j.opc.PackagingURIHelper;
import org.apache.poi.openxml4j.opc.TargetMode;
import org.apache.poi.poifs.crypt.CryptoFunctions;
import org.apache.poi.poifs.crypt.HashAlgorithm;
import org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet;
import org.apache.poi.poifs.crypt.dsig.services.RelationshipTransformService;
import org.apache.poi.util.POILogFactory;
import org.apache.poi.util.POILogger;
import org.apache.xml.security.Init;
import org.apache.xml.security.utils.XMLUtils;
import org.apache.xmlbeans.XmlOptions;
import org.w3.x2000.x09.xmldsig.SignatureDocument;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.w3c.dom.events.EventListener;
import org.w3c.dom.events.EventTarget;
import org.w3c.dom.events.MutationEvent;
/**
* This class is the default entry point for XML signatures and can be used for
* validating an existing signed office document and signing a office document.
*
* Validating a signed office document
*
*
* OPCPackage pkg = OPCPackage.open(..., PackageAccess.READ);
* SignatureConfig sic = new SignatureConfig();
* sic.setOpcPackage(pkg);
* SignatureInfo si = new SignatureInfo();
* si.setSignatureConfig(sic);
* boolean isValid = si.validate();
* ...
*
*
* Signing an office document
*
*
* // loading the keystore - pkcs12 is used here, but of course jks & co are also valid
* // the keystore needs to contain a private key and it's certificate having a
* // 'digitalSignature' key usage
* char password[] = "test".toCharArray();
* File file = new File("test.pfx");
* KeyStore keystore = KeyStore.getInstance("PKCS12");
* FileInputStream fis = new FileInputStream(file);
* keystore.load(fis, password);
* fis.close();
*
* // extracting private key and certificate
* String alias = "xyz"; // alias of the keystore entry
* Key key = keystore.getKey(alias, password);
* X509Certificate x509 = (X509Certificate)keystore.getCertificate(alias);
*
* // filling the SignatureConfig entries (minimum fields, more options are available ...)
* SignatureConfig signatureConfig = new SignatureConfig();
* signatureConfig.setKey(keyPair.getPrivate());
* signatureConfig.setSigningCertificateChain(Collections.singletonList(x509));
* OPCPackage pkg = OPCPackage.open(..., PackageAccess.READ_WRITE);
* signatureConfig.setOpcPackage(pkg);
*
* // adding the signature document to the package
* SignatureInfo si = new SignatureInfo();
* si.setSignatureConfig(signatureConfig);
* si.confirmSignature();
* // optionally verify the generated signature
* boolean b = si.verifySignature();
* assert (b);
* // write the changes back to disc
* pkg.close();
*
*
* Implementation notes:
*
* Although there's a XML signature implementation in the Oracle JDKs 6 and higher,
* compatibility with IBM JDKs is also in focus (... but maybe not thoroughly tested ...).
* Therefore we are using the Apache Santuario libs (xmlsec) instead of the built-in classes,
* as the compatibility seems to be provided there.
*
* To use SignatureInfo and its sibling classes, you'll need to have the following libs
* in the classpath:
*
* - BouncyCastle bcpkix and bcprov (tested against 1.67)
* - Apache Santuario "xmlsec" (tested against 2.2.0)
* - and slf4j-api (tested against 1.7.30)
*
*/
public class SignatureInfo {
private static final POILogger LOG = POILogFactory.getLogger(SignatureInfo.class);
private SignatureConfig signatureConfig;
private OPCPackage opcPackage;
private Provider provider;
private XMLSignatureFactory signatureFactory;
private KeyInfoFactory keyInfoFactory;
private URIDereferencer uriDereferencer;
/**
* @return the signature config
*/
public SignatureConfig getSignatureConfig() {
return signatureConfig;
}
/**
* @param signatureConfig the signature config, needs to be set before a SignatureInfo object is used
*/
public void setSignatureConfig(SignatureConfig signatureConfig) {
this.signatureConfig = signatureConfig;
}
public void setOpcPackage(OPCPackage opcPackage) {
this.opcPackage = opcPackage;
}
public OPCPackage getOpcPackage() {
return opcPackage;
}
public URIDereferencer getUriDereferencer() {
return uriDereferencer;
}
public void setUriDereferencer(URIDereferencer uriDereferencer) {
this.uriDereferencer = uriDereferencer;
}
/**
* @return true, if first signature part is valid
*/
public boolean verifySignature() {
initXmlProvider();
// http://www.oracle.com/technetwork/articles/javase/dig-signature-api-140772.html
// only validate first part
Iterator iter = getSignatureParts().iterator();
return iter.hasNext() && iter.next().validate();
}
/**
* add the xml signature to the document
*
* @throws XMLSignatureException if the signature can't be calculated
* @throws MarshalException if the document can't be serialized
*/
public void confirmSignature() throws XMLSignatureException, MarshalException {
initXmlProvider();
final Document document = DocumentHelper.createDocument();
final DOMSignContext xmlSignContext = createXMLSignContext(document);
// operate
final DOMSignedInfo signedInfo = preSign(xmlSignContext);
// setup: key material, signature value
final String signatureValue = signDigest(xmlSignContext, signedInfo);
// operate: postSign
postSign(xmlSignContext, signatureValue);
}
/**
* Convenience method for creating the signature context
*
* @param document the document the signature is based on
*
* @return the initialized signature context
*/
public DOMSignContext createXMLSignContext(final Document document) {
initXmlProvider();
return new DOMSignContext(signatureConfig.getKey(), document);
}
/**
* Sign (encrypt) the digest with the private key.
* Currently only rsa is supported.
*
* @return the encrypted hash
*/
public String signDigest(final DOMSignContext xmlSignContext, final DOMSignedInfo signedInfo) {
initXmlProvider();
final PrivateKey key = signatureConfig.getKey();
final HashAlgorithm algo = signatureConfig.getDigestAlgo();
// taken from org.apache.xml.security.utils.Base64
final int BASE64DEFAULTLENGTH = 76;
if (algo.hashSize*4/3 > BASE64DEFAULTLENGTH && !XMLUtils.ignoreLineBreaks()) {
throw new EncryptedDocumentException("The hash size of the chosen hash algorithm ("+algo+" = "+algo.hashSize+" bytes), "+
"will motivate XmlSec to add linebreaks to the generated digest, which results in an invalid signature (... at least "+
"for Office) - please persuade it otherwise by adding '-Dorg.apache.xml.security.ignoreLineBreaks=true' to the JVM "+
"system properties.");
}
try (final DigestOutputStream dos = getDigestStream(algo, key)) {
dos.init();
final Document document = (Document)xmlSignContext.getParent();
final Element el = getDsigElement(document, "SignedInfo");
final DOMSubTreeData subTree = new DOMSubTreeData(el, true);
signedInfo.getCanonicalizationMethod().transform(subTree, xmlSignContext, dos);
return Base64.getEncoder().encodeToString(dos.sign());
} catch (GeneralSecurityException|IOException|TransformException e) {
throw new EncryptedDocumentException(e);
}
}
private static DigestOutputStream getDigestStream(final HashAlgorithm algo, final PrivateKey key) {
switch (algo) {
case md2: case md5: case sha1: case sha256: case sha384: case sha512:
return new SignatureOutputStream(algo, key);
default:
return new DigestOutputStream(algo, key);
}
}
/**
* @return a signature part for each signature document.
* the parts can be validated independently.
*/
public Iterable getSignatureParts() {
initXmlProvider();
return SignaturePartIterator::new;
}
private final class SignaturePartIterator implements Iterator {
Iterator sigOrigRels;
private Iterator sigRels;
private PackagePart sigPart;
private SignaturePartIterator() {
sigOrigRels = opcPackage.getRelationshipsByType(PackageRelationshipTypes.DIGITAL_SIGNATURE_ORIGIN).iterator();
}
@Override
public boolean hasNext() {
while (sigRels == null || !sigRels.hasNext()) {
if (!sigOrigRels.hasNext()) {
return false;
}
sigPart = opcPackage.getPart(sigOrigRels.next());
LOG.log(POILogger.DEBUG, "Digital Signature Origin part", sigPart);
try {
sigRels = sigPart.getRelationshipsByType(PackageRelationshipTypes.DIGITAL_SIGNATURE).iterator();
} catch (InvalidFormatException e) {
LOG.log(POILogger.WARN, "Reference to signature is invalid.", e);
}
}
return true;
}
@Override
public SignaturePart next() {
PackagePart sigRelPart = null;
do {
try {
if (!hasNext()) {
throw new NoSuchElementException();
}
sigRelPart = sigPart.getRelatedPart(sigRels.next());
LOG.log(POILogger.DEBUG, "XML Signature part", sigRelPart);
} catch (InvalidFormatException e) {
LOG.log(POILogger.WARN, "Reference to signature is invalid.", e);
}
} while (sigRelPart == null);
return new SignaturePart(sigRelPart, SignatureInfo.this);
}
@Override
public void remove() {
throw new UnsupportedOperationException();
}
}
/**
* Helper method for adding informations before the signing.
* Normally {@link #confirmSignature()} is sufficient to be used.
*/
@SuppressWarnings("unchecked")
public DOMSignedInfo preSign(final DOMSignContext xmlSignContext)
throws XMLSignatureException, MarshalException {
final Document document = (Document)xmlSignContext.getParent();
registerEventListener(document);
// Signature context construction.
if (uriDereferencer != null) {
xmlSignContext.setURIDereferencer(uriDereferencer);
}
signatureConfig.getNamespacePrefixes().forEach(xmlSignContext::putNamespacePrefix);
xmlSignContext.setDefaultNamespacePrefix("");
/*
* Add ds:References that come from signing client local files.
*/
List references = new ArrayList<>();
/*
* Invoke the signature facets.
*/
List objects = new ArrayList<>();
for (SignatureFacet signatureFacet : signatureConfig.getSignatureFacets()) {
LOG.log(POILogger.DEBUG, "invoking signature facet: ", signatureFacet.getClass().getSimpleName());
signatureFacet.preSign(this, document, references, objects);
}
/*
* ds:SignedInfo
*/
SignedInfo signedInfo;
try {
SignatureMethod signatureMethod = signatureFactory.newSignatureMethod
(signatureConfig.getSignatureMethodUri(), null);
CanonicalizationMethod canonicalizationMethod = signatureFactory
.newCanonicalizationMethod(signatureConfig.getCanonicalizationMethod(),
(C14NMethodParameterSpec) null);
signedInfo = signatureFactory.newSignedInfo(
canonicalizationMethod, signatureMethod, references);
} catch (GeneralSecurityException e) {
throw new XMLSignatureException(e);
}
/*
* JSR105 ds:Signature creation
*/
String signatureValueId = signatureConfig.getPackageSignatureId() + "-signature-value";
javax.xml.crypto.dsig.XMLSignature xmlSignature = signatureFactory
.newXMLSignature(signedInfo, null, objects, signatureConfig.getPackageSignatureId(),
signatureValueId);
/*
* ds:Signature Marshalling.
*/
xmlSignature.sign(xmlSignContext);
/*
* Completion of undigested ds:References in the ds:Manifests.
*/
for (XMLObject object : objects) {
LOG.log(POILogger.DEBUG, "object java type: ", object.getClass().getName());
List objectContentList = object.getContent();
for (XMLStructure objectContent : objectContentList) {
LOG.log(POILogger.DEBUG, "object content java type: ", objectContent.getClass().getName());
if (!(objectContent instanceof Manifest)) {
continue;
}
Manifest manifest = (Manifest) objectContent;
List manifestReferences = manifest.getReferences();
for (Reference manifestReference : manifestReferences) {
if (manifestReference.getDigestValue() != null) {
continue;
}
DOMReference manifestDOMReference = (DOMReference)manifestReference;
manifestDOMReference.digest(xmlSignContext);
}
}
}
/*
* Completion of undigested ds:References.
*/
List signedInfoReferences = signedInfo.getReferences();
for (Reference signedInfoReference : signedInfoReferences) {
DOMReference domReference = (DOMReference)signedInfoReference;
// ds:Reference with external digest value
if (domReference.getDigestValue() != null) {
continue;
}
domReference.digest(xmlSignContext);
}
return (DOMSignedInfo)signedInfo;
}
// it's necessary to explicitly set the mdssi namespace, but the sign() method has no
// normal way to interfere with, so we need to add the namespace under the hand ...
protected void registerEventListener(Document document) {
final SignatureMarshalListener sml = signatureConfig.getSignatureMarshalListener();
if (sml == null) {
return;
}
final EventListener[] el = { null };
final EventTarget eventTarget = (EventTarget)document;
final String eventType = "DOMSubtreeModified";
final boolean DONT_USE_CAPTURE = false;
el[0] = (e) -> {
if (e instanceof MutationEvent && e.getTarget() instanceof Document) {
eventTarget.removeEventListener(eventType, el[0], DONT_USE_CAPTURE);
sml.handleElement(this, document, eventTarget, el[0]);
eventTarget.addEventListener(eventType, el[0], DONT_USE_CAPTURE);
}
};
eventTarget.addEventListener(eventType, el[0], DONT_USE_CAPTURE);
}
/**
* Helper method for adding informations after the signing.
* Normally {@link #confirmSignature()} is sufficient to be used.
*/
public void postSign(final DOMSignContext xmlSignContext, final String signatureValue)
throws MarshalException {
LOG.log(POILogger.DEBUG, "postSign");
final Document document = (Document)xmlSignContext.getParent();
/*
* Check ds:Signature node.
*/
String signatureId = signatureConfig.getPackageSignatureId();
if (!signatureId.equals(document.getDocumentElement().getAttribute("Id"))) {
throw new RuntimeException("ds:Signature not found for @Id: " + signatureId);
}
/*
* Insert signature value into the ds:SignatureValue element
*/
final Element signatureNode = getDsigElement(document, "SignatureValue");
if (signatureNode == null) {
throw new RuntimeException("preSign has to be called before postSign");
}
signatureNode.setTextContent(signatureValue);
/*
* Allow signature facets to inject their own stuff.
*/
for (SignatureFacet signatureFacet : signatureConfig.getSignatureFacets()) {
signatureFacet.postSign(this, document);
}
writeDocument(document);
}
/**
* Write XML signature into the OPC package
*
* @param document the xml signature document
* @throws MarshalException if the document can't be serialized
*/
protected void writeDocument(Document document) throws MarshalException {
XmlOptions xo = new XmlOptions();
Map namespaceMap = new HashMap<>();
signatureConfig.getNamespacePrefixes().forEach((k,v) -> namespaceMap.put(v,k));
xo.setSaveSuggestedPrefixes(namespaceMap);
xo.setUseDefaultNamespace();
LOG.log(POILogger.DEBUG, "output signed Office OpenXML document");
/*
* Copy the original OOXML content to the signed OOXML package. During
* copying some files need to changed.
*/
try {
//
final DSigRelation originDesc = DSigRelation.ORIGIN_SIGS;
PackagePartName originPartName = PackagingURIHelper.createPartName(originDesc.getFileName(0));
PackagePart originPart = opcPackage.getPart(originPartName);
if (originPart == null) {
// touch empty marker file
originPart = opcPackage.createPart(originPartName, originDesc.getContentType());
opcPackage.addRelationship(originPartName, TargetMode.INTERNAL, originDesc.getRelation());
}
//
final DSigRelation sigDesc = DSigRelation.SIG;
int nextSigIdx = opcPackage.getUnusedPartIndex(sigDesc.getDefaultFileName());
if (!signatureConfig.isAllowMultipleSignatures()) {
PackageRelationshipCollection prc = originPart.getRelationshipsByType(sigDesc.getRelation());
for (int i=2; i
* the class pointed to by the system property "jsr105Provider"
* the Santuario xmlsec provider
* the JDK xmlsec provider
*
*
* For signing the classes are linked against the Santuario xmlsec, so this might
* only work for validation (not tested).
*
* @return the xml dsig provider
*/
public Provider findProvider() {
return
Stream.of(SignatureConfig.getProviderNames())
.map(this::getProvider)
.filter(Objects::nonNull).findFirst()
.orElseThrow(this::providerNotFound);
}
private Provider getProvider(String className) {
try {
return (Provider)Class.forName(className).getDeclaredConstructor().newInstance();
} catch (Exception e) {
LOG.log(POILogger.DEBUG, "XMLDsig-Provider '", className, "' can't be found - trying next.");
return null;
}
}
private RuntimeException providerNotFound() {
return new RuntimeException("JRE doesn't support default xml signature provider - set jsr105Provider system property!");
}
}
}