From 3fe86eca246f90adbcc1578ab1b2321817417bc5 Mon Sep 17 00:00:00 2001 From: Andreas Beeker Date: Thu, 6 Mar 2014 00:53:09 +0000 Subject: [PATCH] Added MD4-option and some cleanups git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1574732 13f79535-47bb-0310-9956-ffa450edef68 --- .../apache/poi/poifs/crypt/HashAlgorithm.java | 1 + .../crypt/standard/StandardDecryptor.java | 11 +++------- .../crypt/standard/StandardEncryptor.java | 2 +- .../poi/xwpf/usermodel/XWPFSettings.java | 6 +++++- .../apache/poi/poifs/crypt/TestDecryptor.java | 21 ++++++++++++------- 5 files changed, 24 insertions(+), 17 deletions(-) diff --git a/src/java/org/apache/poi/poifs/crypt/HashAlgorithm.java b/src/java/org/apache/poi/poifs/crypt/HashAlgorithm.java index cd62883ac..51217184b 100644 --- a/src/java/org/apache/poi/poifs/crypt/HashAlgorithm.java +++ b/src/java/org/apache/poi/poifs/crypt/HashAlgorithm.java @@ -29,6 +29,7 @@ public enum HashAlgorithm { md5 ( "MD5", -1, "MD5", 16, "HmacMD5", false), // although sunjc2 supports md2, hmac-md2 is only supported by bouncycastle md2 ( "MD2", -1, "MD2", 16, "Hmac-MD2", true), + md4 ( "MD4", -1, "MD4", 16, "Hmac-MD4", true), ripemd128("RipeMD128", -1, "RIPEMD-128", 16, "HMac-RipeMD128", true), ripemd160("RipeMD160", -1, "RIPEMD-160", 20, "HMac-RipeMD160", true), whirlpool("Whirlpool", -1, "WHIRLPOOL", 64, "HMac-Whirlpool", true), diff --git a/src/java/org/apache/poi/poifs/crypt/standard/StandardDecryptor.java b/src/java/org/apache/poi/poifs/crypt/standard/StandardDecryptor.java index 18729a1ff..a3bef188a 100644 --- a/src/java/org/apache/poi/poifs/crypt/standard/StandardDecryptor.java +++ b/src/java/org/apache/poi/poifs/crypt/standard/StandardDecryptor.java @@ -22,7 +22,6 @@ import java.io.IOException; import java.io.InputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; import java.util.Arrays; import javax.crypto.Cipher; @@ -61,7 +60,7 @@ public class StandardDecryptor extends Decryptor { byte encryptedVerifier[] = ver.getEncryptedVerifier(); byte verifier[] = cipher.doFinal(encryptedVerifier); setVerifier(verifier); - MessageDigest sha1 = MessageDigest.getInstance(ver.getHashAlgorithm().jceId); + MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte[] calcVerifierHash = sha1.digest(verifier); byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash(); byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash); @@ -108,12 +107,8 @@ public class StandardDecryptor extends Decryptor { buff[i] = (byte) (buff[i] ^ hash[i]); } - try { - MessageDigest sha1 = MessageDigest.getInstance("SHA-1"); - return sha1.digest(buff); - } catch (NoSuchAlgorithmException e) { - throw new EncryptedDocumentException("hash algo not supported", e); - } + MessageDigest sha1 = CryptoFunctions.getMessageDigest(HashAlgorithm.sha1); + return sha1.digest(buff); } /** diff --git a/src/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java b/src/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java index 236eac124..8a6ba176f 100644 --- a/src/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java +++ b/src/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java @@ -85,7 +85,7 @@ public class StandardEncryptor extends Encryptor { try { byte encryptedVerifier[] = cipher.doFinal(verifier); - MessageDigest hashAlgo = MessageDigest.getInstance(ver.getHashAlgorithm().jceId); + MessageDigest hashAlgo = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte calcVerifierHash[] = hashAlgo.digest(verifier); // 2.3.3 EncryptionVerifier ... diff --git a/src/ooxml/java/org/apache/poi/xwpf/usermodel/XWPFSettings.java b/src/ooxml/java/org/apache/poi/xwpf/usermodel/XWPFSettings.java index 1f521621b..dab349a27 100644 --- a/src/ooxml/java/org/apache/poi/xwpf/usermodel/XWPFSettings.java +++ b/src/ooxml/java/org/apache/poi/xwpf/usermodel/XWPFSettings.java @@ -205,7 +205,10 @@ public class XWPFSettings extends POIXMLDocumentPart { providerType = STCryptProv.RSA_FULL; sid = 1; break; - // md4 is not supported by JCE + case md4: + providerType = STCryptProv.RSA_FULL; + sid = 2; + break; case md5: providerType = STCryptProv.RSA_FULL; sid = 3; @@ -274,6 +277,7 @@ public class XWPFSettings extends POIXMLDocumentPart { HashAlgorithm hashAlgo; switch (sid.intValue()) { case 1: hashAlgo = HashAlgorithm.md2; break; + case 2: hashAlgo = HashAlgorithm.md4; break; case 3: hashAlgo = HashAlgorithm.md5; break; case 4: hashAlgo = HashAlgorithm.sha1; break; case 12: hashAlgo = HashAlgorithm.sha256; break; diff --git a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestDecryptor.java b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestDecryptor.java index 95a94c466..48bc7a15a 100644 --- a/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestDecryptor.java +++ b/src/ooxml/testcases/org/apache/poi/poifs/crypt/TestDecryptor.java @@ -16,6 +16,9 @@ ==================================================================== */ package org.apache.poi.poifs.crypt; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; + import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; @@ -23,17 +26,17 @@ import java.security.GeneralSecurityException; import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; -import junit.framework.TestCase; - import org.apache.poi.POIDataSamples; import org.apache.poi.poifs.filesystem.POIFSFileSystem; +import org.junit.Test; /** * @author Maxim Valyanskiy * @author Gary King */ -public class TestDecryptor extends TestCase { - public void testPasswordVerification() throws IOException, GeneralSecurityException { +public class TestDecryptor { + @Test + public void passwordVerification() throws IOException, GeneralSecurityException { POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protect.xlsx")); EncryptionInfo info = new EncryptionInfo(fs); @@ -43,7 +46,8 @@ public class TestDecryptor extends TestCase { assertTrue(d.verifyPassword(Decryptor.DEFAULT_PASSWORD)); } - public void testDecrypt() throws IOException, GeneralSecurityException { + @Test + public void decrypt() throws IOException, GeneralSecurityException { POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protect.xlsx")); EncryptionInfo info = new EncryptionInfo(fs); @@ -55,7 +59,8 @@ public class TestDecryptor extends TestCase { zipOk(fs, d); } - public void testAgile() throws IOException, GeneralSecurityException { + @Test + public void agile() throws IOException, GeneralSecurityException { POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protected_agile.docx")); EncryptionInfo info = new EncryptionInfo(fs); @@ -83,7 +88,9 @@ public class TestDecryptor extends TestCase { } } } - public void testDataLength() throws Exception { + + @Test + public void dataLength() throws Exception { POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protected_agile.docx")); EncryptionInfo info = new EncryptionInfo(fs);