diff --git a/src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java b/src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java index 031aff5a2..401049b0d 100644 --- a/src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java +++ b/src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java @@ -194,6 +194,7 @@ public class AgileDecryptor extends Decryptor { private Cipher getCipher(SecretKey key, byte[] vec) throws GeneralSecurityException { + String name = null; String chain = null; @@ -209,6 +210,11 @@ public class AgileDecryptor extends Decryptor { throw new EncryptedDocumentException("Unsupported algorithm"); } + // Ensure the JCE policies files allow for this sized key + if (Cipher.getMaxAllowedKeyLength(name) < _info.getHeader().getKeySize()) { + throw new EncryptedDocumentException("Export Restrictions in place - please install JCE Unlimited Strength Jurisdiction Policy files"); + } + switch (verifier.getCipherMode()) { case EncryptionHeader.MODE_CBC: chain = "CBC"; @@ -219,7 +225,7 @@ public class AgileDecryptor extends Decryptor { default: throw new EncryptedDocumentException("Unsupported chain mode"); } - + Cipher cipher = Cipher.getInstance(name + "/" + chain + "/NoPadding"); IvParameterSpec iv = new IvParameterSpec(vec); cipher.init(Cipher.DECRYPT_MODE, key, iv); diff --git a/src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java b/src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java index 12b768bba..20a4898e0 100644 --- a/src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java +++ b/src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java @@ -17,9 +17,6 @@ package org.apache.poi.xwpf; -import junit.framework.Test; -import junit.framework.TestSuite; - import org.apache.poi.xwpf.extractor.TestXWPFWordExtractor; import org.apache.poi.xwpf.model.TestXWPFHeaderFooterPolicy; import org.apache.poi.xwpf.usermodel.TestXWPFDocument; @@ -31,30 +28,28 @@ import org.apache.poi.xwpf.usermodel.TestXWPFPictureData; import org.apache.poi.xwpf.usermodel.TestXWPFRun; import org.apache.poi.xwpf.usermodel.TestXWPFStyles; import org.apache.poi.xwpf.usermodel.TestXWPFTable; +import org.junit.runner.RunWith; +import org.junit.runners.Suite; /** * Collects all tests for org.apache.poi.xwpf and sub-packages. - * - * @author Josh Micich */ +@RunWith(Suite.class) +@Suite.SuiteClasses({ + TestXWPFBugs.class, + TestXWPFDocument.class, + TestXWPFWordExtractor.class, + TestXWPFHeaderFooterPolicy.class, + TestXWPFHeader.class, + TestXWPFHeadings.class, + TestXWPFParagraph.class, + TestXWPFRun.class, + TestXWPFTable.class, + TestXWPFStyles.class, + TestXWPFPictureData.class, + TestXWPFNumbering.class, + TestAllExtendedProperties.class, + TestPackageCorePropertiesGetKeywords.class +}) public final class AllXWPFTests { - - public static Test suite() { - TestSuite result = new TestSuite(AllXWPFTests.class.getName()); - result.addTestSuite(TestXWPFBugs.class); - result.addTestSuite(TestXWPFDocument.class); - result.addTestSuite(TestXWPFWordExtractor.class); - result.addTestSuite(TestXWPFHeaderFooterPolicy.class); - result.addTestSuite(TestXWPFHeader.class); - result.addTestSuite(TestXWPFHeadings.class); - result.addTestSuite(TestXWPFParagraph.class); - result.addTestSuite(TestXWPFRun.class); - result.addTestSuite(TestXWPFTable.class); - result.addTestSuite(TestXWPFStyles.class); - result.addTestSuite(TestXWPFPictureData.class); - result.addTestSuite(TestXWPFNumbering.class); - result.addTestSuite(TestAllExtendedProperties.class); - result.addTestSuite(TestPackageCorePropertiesGetKeywords.class); - return result; - } -} +} \ No newline at end of file diff --git a/src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java b/src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java index ade755951..a0a97cd11 100644 --- a/src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java +++ b/src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java @@ -1,12 +1,15 @@ package org.apache.poi.xwpf; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + import java.io.File; import java.io.InputStream; -import junit.framework.TestCase; +import javax.crypto.Cipher; import org.apache.poi.POIDataSamples; -import org.apache.poi.hssf.record.crypto.Biff8EncryptionKey; import org.apache.poi.openxml4j.opc.OPCPackage; import org.apache.poi.poifs.crypt.Decryptor; import org.apache.poi.poifs.crypt.EncryptionHeader; @@ -14,75 +17,72 @@ import org.apache.poi.poifs.crypt.EncryptionInfo; import org.apache.poi.poifs.filesystem.NPOIFSFileSystem; import org.apache.poi.xwpf.extractor.XWPFWordExtractor; import org.apache.poi.xwpf.usermodel.XWPFDocument; +import org.junit.Assume; +import org.junit.Test; -public class TestXWPFBugs extends TestCase { +public class TestXWPFBugs { /** * A word document that's encrypted with non-standard * Encryption options, and no cspname section. See bug 53475 */ - public void test53475NoCSPName() throws Exception { - try { - Biff8EncryptionKey.setCurrentUserPassword("solrcell"); - File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-solrcell.docx"); - NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); + @Test + public void bug53475NoCSPName() throws Exception { + File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-solrcell.docx"); + NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); - // Check the encryption details - EncryptionInfo info = new EncryptionInfo(filesystem); - assertEquals(128, info.getHeader().getKeySize()); - assertEquals(EncryptionHeader.ALGORITHM_AES_128, info.getHeader().getAlgorithm()); - assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); + // Check the encryption details + EncryptionInfo info = new EncryptionInfo(filesystem); + assertEquals(128, info.getHeader().getKeySize()); + assertEquals(EncryptionHeader.ALGORITHM_AES_128, info.getHeader().getAlgorithm()); + assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); - // Check it can be decoded - Decryptor d = Decryptor.getInstance(info); - assertTrue("Unable to process: document is encrypted", d.verifyPassword("solrcell")); + // Check it can be decoded + Decryptor d = Decryptor.getInstance(info); + assertTrue("Unable to process: document is encrypted", d.verifyPassword("solrcell")); - // Check we can read the word document in that - InputStream dataStream = d.getDataStream(filesystem); - OPCPackage opc = OPCPackage.open(dataStream); - XWPFDocument doc = new XWPFDocument(opc); - XWPFWordExtractor ex = new XWPFWordExtractor(doc); - String text = ex.getText(); - assertNotNull(text); - assertEquals("This is password protected Word document.", text.trim()); - ex.close(); - } finally { - Biff8EncryptionKey.setCurrentUserPassword(null); - } + // Check we can read the word document in that + InputStream dataStream = d.getDataStream(filesystem); + OPCPackage opc = OPCPackage.open(dataStream); + XWPFDocument doc = new XWPFDocument(opc); + XWPFWordExtractor ex = new XWPFWordExtractor(doc); + String text = ex.getText(); + assertNotNull(text); + assertEquals("This is password protected Word document.", text.trim()); + ex.close(); } /** * A word document with aes-256, i.e. aes is always 128 bit (= 128 bit block size), * but the key can be 128/192/256 bits */ - public void test53475_aes256() throws Exception { - try { - Biff8EncryptionKey.setCurrentUserPassword("pass"); - File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-pass.docx"); - NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); + @Test + public void bug53475_aes256() throws Exception { + int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); + Assume.assumeTrue("Please install JCE Unlimited Strength Jurisdiction Policy files for AES 256", maxKeyLen == 2147483647); - // Check the encryption details - EncryptionInfo info = new EncryptionInfo(filesystem); - assertEquals(16, info.getHeader().getBlockSize()); - assertEquals(256, info.getHeader().getKeySize()); - assertEquals(EncryptionHeader.ALGORITHM_AES_256, info.getHeader().getAlgorithm()); - assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); + File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-pass.docx"); + NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); - // Check it can be decoded - Decryptor d = Decryptor.getInstance(info); - assertTrue("Unable to process: document is encrypted", d.verifyPassword("pass")); + // Check the encryption details + EncryptionInfo info = new EncryptionInfo(filesystem); + assertEquals(16, info.getHeader().getBlockSize()); + assertEquals(256, info.getHeader().getKeySize()); + assertEquals(EncryptionHeader.ALGORITHM_AES_256, info.getHeader().getAlgorithm()); + assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); - // Check we can read the word document in that - InputStream dataStream = d.getDataStream(filesystem); - OPCPackage opc = OPCPackage.open(dataStream); - XWPFDocument doc = new XWPFDocument(opc); - XWPFWordExtractor ex = new XWPFWordExtractor(doc); - String text = ex.getText(); - assertNotNull(text); - // I know ... a stupid typo, maybe next time ... - assertEquals("The is a password protected document.", text.trim()); - ex.close(); - } finally { - Biff8EncryptionKey.setCurrentUserPassword(null); - } + // Check it can be decoded + Decryptor d = Decryptor.getInstance(info); + assertTrue("Unable to process: document is encrypted", d.verifyPassword("pass")); + + // Check we can read the word document in that + InputStream dataStream = d.getDataStream(filesystem); + OPCPackage opc = OPCPackage.open(dataStream); + XWPFDocument doc = new XWPFDocument(opc); + XWPFWordExtractor ex = new XWPFWordExtractor(doc); + String text = ex.getText(); + assertNotNull(text); + // I know ... a stupid typo, maybe next time ... + assertEquals("The is a password protected document.", text.trim()); + ex.close(); } }