Added MD4-option and some cleanups
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1574732 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
51863e5267
commit
3fe86eca24
@ -29,6 +29,7 @@ public enum HashAlgorithm {
|
||||
md5 ( "MD5", -1, "MD5", 16, "HmacMD5", false),
|
||||
// although sunjc2 supports md2, hmac-md2 is only supported by bouncycastle
|
||||
md2 ( "MD2", -1, "MD2", 16, "Hmac-MD2", true),
|
||||
md4 ( "MD4", -1, "MD4", 16, "Hmac-MD4", true),
|
||||
ripemd128("RipeMD128", -1, "RIPEMD-128", 16, "HMac-RipeMD128", true),
|
||||
ripemd160("RipeMD160", -1, "RIPEMD-160", 20, "HMac-RipeMD160", true),
|
||||
whirlpool("Whirlpool", -1, "WHIRLPOOL", 64, "HMac-Whirlpool", true),
|
||||
|
@ -22,7 +22,6 @@ import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Arrays;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
@ -61,7 +60,7 @@ public class StandardDecryptor extends Decryptor {
|
||||
byte encryptedVerifier[] = ver.getEncryptedVerifier();
|
||||
byte verifier[] = cipher.doFinal(encryptedVerifier);
|
||||
setVerifier(verifier);
|
||||
MessageDigest sha1 = MessageDigest.getInstance(ver.getHashAlgorithm().jceId);
|
||||
MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm());
|
||||
byte[] calcVerifierHash = sha1.digest(verifier);
|
||||
byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash();
|
||||
byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash);
|
||||
@ -108,12 +107,8 @@ public class StandardDecryptor extends Decryptor {
|
||||
buff[i] = (byte) (buff[i] ^ hash[i]);
|
||||
}
|
||||
|
||||
try {
|
||||
MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
|
||||
MessageDigest sha1 = CryptoFunctions.getMessageDigest(HashAlgorithm.sha1);
|
||||
return sha1.digest(buff);
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
throw new EncryptedDocumentException("hash algo not supported", e);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -85,7 +85,7 @@ public class StandardEncryptor extends Encryptor {
|
||||
|
||||
try {
|
||||
byte encryptedVerifier[] = cipher.doFinal(verifier);
|
||||
MessageDigest hashAlgo = MessageDigest.getInstance(ver.getHashAlgorithm().jceId);
|
||||
MessageDigest hashAlgo = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm());
|
||||
byte calcVerifierHash[] = hashAlgo.digest(verifier);
|
||||
|
||||
// 2.3.3 EncryptionVerifier ...
|
||||
|
@ -205,7 +205,10 @@ public class XWPFSettings extends POIXMLDocumentPart {
|
||||
providerType = STCryptProv.RSA_FULL;
|
||||
sid = 1;
|
||||
break;
|
||||
// md4 is not supported by JCE
|
||||
case md4:
|
||||
providerType = STCryptProv.RSA_FULL;
|
||||
sid = 2;
|
||||
break;
|
||||
case md5:
|
||||
providerType = STCryptProv.RSA_FULL;
|
||||
sid = 3;
|
||||
@ -274,6 +277,7 @@ public class XWPFSettings extends POIXMLDocumentPart {
|
||||
HashAlgorithm hashAlgo;
|
||||
switch (sid.intValue()) {
|
||||
case 1: hashAlgo = HashAlgorithm.md2; break;
|
||||
case 2: hashAlgo = HashAlgorithm.md4; break;
|
||||
case 3: hashAlgo = HashAlgorithm.md5; break;
|
||||
case 4: hashAlgo = HashAlgorithm.sha1; break;
|
||||
case 12: hashAlgo = HashAlgorithm.sha256; break;
|
||||
|
@ -16,6 +16,9 @@
|
||||
==================================================================== */
|
||||
package org.apache.poi.poifs.crypt;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
@ -23,17 +26,17 @@ import java.security.GeneralSecurityException;
|
||||
import java.util.zip.ZipEntry;
|
||||
import java.util.zip.ZipInputStream;
|
||||
|
||||
import junit.framework.TestCase;
|
||||
|
||||
import org.apache.poi.POIDataSamples;
|
||||
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
|
||||
import org.junit.Test;
|
||||
|
||||
/**
|
||||
* @author Maxim Valyanskiy
|
||||
* @author Gary King
|
||||
*/
|
||||
public class TestDecryptor extends TestCase {
|
||||
public void testPasswordVerification() throws IOException, GeneralSecurityException {
|
||||
public class TestDecryptor {
|
||||
@Test
|
||||
public void passwordVerification() throws IOException, GeneralSecurityException {
|
||||
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protect.xlsx"));
|
||||
|
||||
EncryptionInfo info = new EncryptionInfo(fs);
|
||||
@ -43,7 +46,8 @@ public class TestDecryptor extends TestCase {
|
||||
assertTrue(d.verifyPassword(Decryptor.DEFAULT_PASSWORD));
|
||||
}
|
||||
|
||||
public void testDecrypt() throws IOException, GeneralSecurityException {
|
||||
@Test
|
||||
public void decrypt() throws IOException, GeneralSecurityException {
|
||||
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protect.xlsx"));
|
||||
|
||||
EncryptionInfo info = new EncryptionInfo(fs);
|
||||
@ -55,7 +59,8 @@ public class TestDecryptor extends TestCase {
|
||||
zipOk(fs, d);
|
||||
}
|
||||
|
||||
public void testAgile() throws IOException, GeneralSecurityException {
|
||||
@Test
|
||||
public void agile() throws IOException, GeneralSecurityException {
|
||||
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protected_agile.docx"));
|
||||
|
||||
EncryptionInfo info = new EncryptionInfo(fs);
|
||||
@ -83,7 +88,9 @@ public class TestDecryptor extends TestCase {
|
||||
}
|
||||
}
|
||||
}
|
||||
public void testDataLength() throws Exception {
|
||||
|
||||
@Test
|
||||
public void dataLength() throws Exception {
|
||||
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.getPOIFSInstance().openResourceAsStream("protected_agile.docx"));
|
||||
|
||||
EncryptionInfo info = new EncryptionInfo(fs);
|
||||
|
Loading…
Reference in New Issue
Block a user