Fix bug #49378 - correct 1.6ism

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@951048 13f79535-47bb-0310-9956-ffa450edef68

src/documentation/content/xdocs/status.xml

@@ -34,6 +34,7 @@
 
     <changes>
         <release version="3.7-SNAPSHOT" date="2010-??-??">
+           <action dev="POI-DEVELOPERS" type="fix">49378 - correct 1.6ism</action>
            <action dev="POI-DEVELOPERS" type="add">Parse the HSMF headers chunk if present, and use it to find Dates in text extraction if needed</action>
            <action dev="POI-DEVELOPERS" type="fix">48494 - detect and support time formats like HH:MM;HH:MM</action>
            <action dev="POI-DEVELOPERS" type="fix">48494 - have ExcelExtractor make use of HSSFDataFormatter, so that numbers and dates come out closer to how Excel would render them</action>

src/java/org/apache/poi/poifs/crypt/Decryptor.java

@@ -16,22 +16,22 @@
 ==================================================================== */
 package org.apache.poi.poifs.crypt;
 
-import org.apache.poi.poifs.filesystem.DocumentInputStream;
+import java.io.IOException;
-import org.apache.poi.poifs.filesystem.POIFSFileSystem;
+import java.io.InputStream;
-import org.apache.poi.util.LittleEndian;
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 
 import javax.crypto.Cipher;
 import javax.crypto.CipherInputStream;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
-import java.io.IOException;
+
-import java.io.InputStream;
+import org.apache.poi.poifs.filesystem.DocumentInputStream;
-import java.io.UnsupportedEncodingException;
+import org.apache.poi.poifs.filesystem.POIFSFileSystem;
-import java.nio.charset.Charset;
+import org.apache.poi.util.LittleEndian;
-import java.security.GeneralSecurityException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.util.Arrays;
 
 /**
  *  @author Maxim Valyanskiy
@@ -104,7 +104,7 @@ public class Decryptor {
         System.arraycopy(x1, 0, x3, 0, x1.length);
         System.arraycopy(x2, 0, x3, x1.length, x2.length);
 
-        return Arrays.copyOf(x3, requiredKeyLength);
+        return truncateOrPad(x3, requiredKeyLength);
     }
 
     public boolean verifyPassword(String password) throws GeneralSecurityException {
@@ -117,10 +117,26 @@ public class Decryptor {
         MessageDigest sha1 = MessageDigest.getInstance("SHA-1");
         byte[] calcVerifierHash = sha1.digest(verifier);
 
-        byte[] verifierHash = Arrays.copyOf(cipher.doFinal(info.getVerifier().getVerifierHash()), calcVerifierHash.length);
+        byte[] verifierHash = truncateOrPad(cipher.doFinal(info.getVerifier().getVerifierHash()), calcVerifierHash.length);
 
         return Arrays.equals(calcVerifierHash, verifierHash);
     }
+    
+    /**
+     * Returns a byte array of the requested length,
+     *  truncated or zero padded as needed.
+     * Behaves like Arrays.copyOf in Java 1.6
+     */
+    private byte[] truncateOrPad(byte[] source, int length) {
+       byte[] result = new byte[length];
+       System.arraycopy(source, 0, result, 0, Math.min(length, source.length));
+       if(length > source.length) {
+          for(int i=source.length; i<length; i++) {
+             result[i] = 0;
+          }
+       }
+       return result;
+    }
 
     private Cipher getCipher() throws GeneralSecurityException {
         byte[] key = generateKey(0);