diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-11-24 15:39:35 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-11-25 07:12:30 +0000 |
commit | 426495cb441e6a83cd0d1f74b0ddf656322815b5 (patch) | |
tree | 3c91fc2c3feb7c4826a67f94f09533a9d7396cc5 /xmlsecurity | |
parent | convert CSS1_FRMSIZE constants to o3tl::typed_flags (diff) | |
download | core-426495cb441e6a83cd0d1f74b0ddf656322815b5.tar.gz core-426495cb441e6a83cd0d1f74b0ddf656322815b5.zip |
CppunitTest_xmlsecurity_signing: add XAdES testcase
Assert the two user-visible changes: SHA-256 hashes and the digest of
the signing certificate.
Change-Id: I0f931ef06f9bfc4be4eaa02a7530d57a414430c1
Reviewed-on: https://gerrit.libreoffice.org/31172
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'xmlsecurity')
-rw-r--r-- | xmlsecurity/CppunitTest_xmlsecurity_signing.mk | 1 | ||||
-rw-r--r-- | xmlsecurity/qa/unit/signing/signing.cxx | 58 |
2 files changed, 58 insertions, 1 deletions
diff --git a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk index 24713cbe8e24..f7bbb0e83753 100644 --- a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk +++ b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk @@ -32,6 +32,7 @@ $(eval $(call gb_CppunitTest_use_libraries,xmlsecurity_signing, \ $(eval $(call gb_CppunitTest_use_externals,xmlsecurity_signing,\ boost_headers \ + libxml2 \ )) $(eval $(call gb_CppunitTest_set_include,xmlsecurity_signing,\ diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index 4e6c20efd730..5bcf0c26f441 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -15,6 +15,7 @@ #include <test/bootstrapfixture.hxx> #include <unotest/macros_test.hxx> +#include <test/xmltesttools.hxx> #include <com/sun/star/document/XStorageBasedDocument.hpp> #include <com/sun/star/embed/XStorage.hpp> @@ -52,7 +53,7 @@ const char* DATA_DIRECTORY = "/xmlsecurity/qa/unit/signing/data/"; } /// Testsuite for the document signing feature. -class SigningTest : public test::BootstrapFixture, public unotest::MacrosTest +class SigningTest : public test::BootstrapFixture, public unotest::MacrosTest, public XmlTestTools { uno::Reference<uno::XComponentContext> mxComponentContext; uno::Reference<lang::XComponent> mxComponent; @@ -61,6 +62,7 @@ public: SigningTest(); virtual void setUp() override; virtual void tearDown() override; + void registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx) override; void testDescription(); /// Test a typical ODF where all streams are signed. @@ -88,6 +90,7 @@ public: #endif void test96097Calc(); void test96097Doc(); + void testXAdES(); CPPUNIT_TEST_SUITE(SigningTest); CPPUNIT_TEST(testDescription); @@ -107,6 +110,7 @@ public: #endif CPPUNIT_TEST(test96097Calc); CPPUNIT_TEST(test96097Doc); + CPPUNIT_TEST(testXAdES); CPPUNIT_TEST_SUITE_END(); private: @@ -542,6 +546,58 @@ void SigningTest::test96097Doc() } } +void SigningTest::testXAdES() +{ + // Create an empty document, store it to a tempfile and load it as a storage. + createDoc(OUString()); + + utl::TempFile aTempFile; + aTempFile.EnableKillingFile(); + uno::Reference<frame::XStorable> xStorable(mxComponent, uno::UNO_QUERY); + utl::MediaDescriptor aMediaDescriptor; + aMediaDescriptor["FilterName"] <<= OUString("writer8"); + xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList()); + + DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content); + CPPUNIT_ASSERT(aManager.init()); + uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE); + CPPUNIT_ASSERT(xStorage.is()); + aManager.mxStore = xStorage; + aManager.maSignatureHelper.SetStorage(xStorage, "1.2"); + + // Create a signature. + uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager); + if (!xCertificate.is()) + return; + sal_Int32 nSecurityId; + aManager.add(xCertificate, /*rDescription=*/OUString(), nSecurityId, /*bAdESCompliant=*/true); + + // Write to storage. + aManager.read(/*bUseTempStream=*/true); + aManager.write(/*bXAdESCompliantIfODF=*/true); + uno::Reference<embed::XTransactedObject> xTransactedObject(xStorage, uno::UNO_QUERY); + xTransactedObject->commit(); + + // Parse the resulting XML. + uno::Reference<embed::XStorage> xMetaInf = xStorage->openStorageElement("META-INF", embed::ElementModes::READ); + uno::Reference<io::XInputStream> xInputStream(xMetaInf->openStreamElement("documentsignatures.xml", embed::ElementModes::READ), uno::UNO_QUERY); + std::shared_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true)); + xmlDocPtr pXmlDoc = parseXmlStream(pStream.get()); + + // Assert that the digest algorithm is SHA-256 in the bAdESCompliant case, not SHA-1. + assertXPath(pXmlDoc, "/odfds:document-signatures/dsig:Signature/dsig:SignedInfo/dsig:Reference[@URI='content.xml']/dsig:DigestMethod", "Algorithm", ALGO_XMLDSIGSHA256); + + // Assert that the digest of the signing certificate is included. + assertXPath(pXmlDoc, "//xd:CertDigest", 1); +} + +void SigningTest::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx) +{ + xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("odfds"), BAD_CAST("urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0")); + xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("dsig"), BAD_CAST("http://www.w3.org/2000/09/xmldsig#")); + xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("xd"), BAD_CAST("http://uri.etsi.org/01903/v1.3.2#")); +} + CPPUNIT_TEST_SUITE_REGISTRATION(SigningTest); CPPUNIT_PLUGIN_IMPLEMENT(); |