[Libreoffice-commits] core.git: xmlsecurity/CppunitTest_xmlsecurity_signing.mk xmlsecurity/qa
Miklos Vajna
vmiklos at collabora.co.uk
Fri Nov 25 07:12:53 UTC 2016
xmlsecurity/CppunitTest_xmlsecurity_signing.mk | 1
xmlsecurity/qa/unit/signing/signing.cxx | 58 ++++++++++++++++++++++++-
2 files changed, 58 insertions(+), 1 deletion(-)
New commits:
commit 426495cb441e6a83cd0d1f74b0ddf656322815b5
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Thu Nov 24 15:39:35 2016 +0100
CppunitTest_xmlsecurity_signing: add XAdES testcase
Assert the two user-visible changes: SHA-256 hashes and the digest of
the signing certificate.
Change-Id: I0f931ef06f9bfc4be4eaa02a7530d57a414430c1
Reviewed-on: https://gerrit.libreoffice.org/31172
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
Tested-by: Jenkins <ci at libreoffice.org>
diff --git a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
index 24713cb..f7bbb0e 100644
--- a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
+++ b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
@@ -32,6 +32,7 @@ $(eval $(call gb_CppunitTest_use_libraries,xmlsecurity_signing, \
$(eval $(call gb_CppunitTest_use_externals,xmlsecurity_signing,\
boost_headers \
+ libxml2 \
))
$(eval $(call gb_CppunitTest_set_include,xmlsecurity_signing,\
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 4e6c20e..5bcf0c2 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -15,6 +15,7 @@
#include <test/bootstrapfixture.hxx>
#include <unotest/macros_test.hxx>
+#include <test/xmltesttools.hxx>
#include <com/sun/star/document/XStorageBasedDocument.hpp>
#include <com/sun/star/embed/XStorage.hpp>
@@ -52,7 +53,7 @@ const char* DATA_DIRECTORY = "/xmlsecurity/qa/unit/signing/data/";
}
/// Testsuite for the document signing feature.
-class SigningTest : public test::BootstrapFixture, public unotest::MacrosTest
+class SigningTest : public test::BootstrapFixture, public unotest::MacrosTest, public XmlTestTools
{
uno::Reference<uno::XComponentContext> mxComponentContext;
uno::Reference<lang::XComponent> mxComponent;
@@ -61,6 +62,7 @@ public:
SigningTest();
virtual void setUp() override;
virtual void tearDown() override;
+ void registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx) override;
void testDescription();
/// Test a typical ODF where all streams are signed.
@@ -88,6 +90,7 @@ public:
#endif
void test96097Calc();
void test96097Doc();
+ void testXAdES();
CPPUNIT_TEST_SUITE(SigningTest);
CPPUNIT_TEST(testDescription);
@@ -107,6 +110,7 @@ public:
#endif
CPPUNIT_TEST(test96097Calc);
CPPUNIT_TEST(test96097Doc);
+ CPPUNIT_TEST(testXAdES);
CPPUNIT_TEST_SUITE_END();
private:
@@ -542,6 +546,58 @@ void SigningTest::test96097Doc()
}
}
+void SigningTest::testXAdES()
+{
+ // Create an empty document, store it to a tempfile and load it as a storage.
+ createDoc(OUString());
+
+ utl::TempFile aTempFile;
+ aTempFile.EnableKillingFile();
+ uno::Reference<frame::XStorable> xStorable(mxComponent, uno::UNO_QUERY);
+ utl::MediaDescriptor aMediaDescriptor;
+ aMediaDescriptor["FilterName"] <<= OUString("writer8");
+ xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
+
+ DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
+ CPPUNIT_ASSERT(aManager.init());
+ uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
+ CPPUNIT_ASSERT(xStorage.is());
+ aManager.mxStore = xStorage;
+ aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+
+ // Create a signature.
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
+ if (!xCertificate.is())
+ return;
+ sal_Int32 nSecurityId;
+ aManager.add(xCertificate, /*rDescription=*/OUString(), nSecurityId, /*bAdESCompliant=*/true);
+
+ // Write to storage.
+ aManager.read(/*bUseTempStream=*/true);
+ aManager.write(/*bXAdESCompliantIfODF=*/true);
+ uno::Reference<embed::XTransactedObject> xTransactedObject(xStorage, uno::UNO_QUERY);
+ xTransactedObject->commit();
+
+ // Parse the resulting XML.
+ uno::Reference<embed::XStorage> xMetaInf = xStorage->openStorageElement("META-INF", embed::ElementModes::READ);
+ uno::Reference<io::XInputStream> xInputStream(xMetaInf->openStreamElement("documentsignatures.xml", embed::ElementModes::READ), uno::UNO_QUERY);
+ std::shared_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+ xmlDocPtr pXmlDoc = parseXmlStream(pStream.get());
+
+ // Assert that the digest algorithm is SHA-256 in the bAdESCompliant case, not SHA-1.
+ assertXPath(pXmlDoc, "/odfds:document-signatures/dsig:Signature/dsig:SignedInfo/dsig:Reference[@URI='content.xml']/dsig:DigestMethod", "Algorithm", ALGO_XMLDSIGSHA256);
+
+ // Assert that the digest of the signing certificate is included.
+ assertXPath(pXmlDoc, "//xd:CertDigest", 1);
+}
+
+void SigningTest::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx)
+{
+ xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("odfds"), BAD_CAST("urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"));
+ xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("dsig"), BAD_CAST("http://www.w3.org/2000/09/xmldsig#"));
+ xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("xd"), BAD_CAST("http://uri.etsi.org/01903/v1.3.2#"));
+}
+
CPPUNIT_TEST_SUITE_REGISTRATION(SigningTest);
CPPUNIT_PLUGIN_IMPLEMENT();
More information about the Libreoffice-commits
mailing list