/** * initialize the builder from a stream */ @Override public void initialize(EncryptionInfo info, LittleEndianInput dis) throws IOException { /* int hSize = */ dis.readInt(); StandardEncryptionHeader header = new StandardEncryptionHeader(dis); info.setHeader(header); info.setVerifier(new StandardEncryptionVerifier(dis, header)); if (info.getVersionMinor() == 2 && (info.getVersionMajor() == 3 || info.getVersionMajor() == 4)) { StandardDecryptor dec = new StandardDecryptor(); dec.setEncryptionInfo(info); info.setDecryptor(dec); } }
protected static SecretKey generateSecretKey(String password, EncryptionVerifier ver, int keySize) { HashAlgorithm hashAlgo = ver.getHashAlgorithm(); byte pwHash[] = hashPassword(password, hashAlgo, ver.getSalt(), ver.getSpinCount()); byte[] blockKey = new byte[4]; LittleEndian.putInt(blockKey, 0, 0); byte[] finalHash = CryptoFunctions.generateKey(pwHash, hashAlgo, blockKey, hashAlgo.hashSize); byte x1[] = fillAndXor(finalHash, (byte) 0x36); byte x2[] = fillAndXor(finalHash, (byte) 0x5c); byte[] x3 = new byte[x1.length + x2.length]; System.arraycopy(x1, 0, x3, 0, x1.length); System.arraycopy(x2, 0, x3, x1.length, x2.length); byte[] key = Arrays.copyOf(x3, keySize); return new SecretKeySpec(key, ver.getCipherAlgorithm().jceId); }
@Override public boolean verifyPassword(String password) { EncryptionVerifier ver = getEncryptionInfo().getVerifier(); SecretKey skey = generateSecretKey(password, ver, getKeySizeInBytes()); Cipher cipher = getCipher(skey); try { byte encryptedVerifier[] = ver.getEncryptedVerifier(); byte verifier[] = cipher.doFinal(encryptedVerifier); setVerifier(verifier); MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte[] calcVerifierHash = sha1.digest(verifier); byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash(); byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash); // see 2.3.4.9 Password Verification (Standard Encryption) // ... The number of bytes used by the encrypted Verifier hash MUST be 32 ... // TODO: check and trim/pad the hashes to 32 byte[] verifierHash = Arrays.copyOf(decryptedVerifierHash, calcVerifierHash.length); if (Arrays.equals(calcVerifierHash, verifierHash)) { setSecretKey(skey); return true; } else { return false; } } catch (GeneralSecurityException e) { throw new EncryptedDocumentException(e); } }
@Override @SuppressWarnings("resource") public InputStream getDataStream(DirectoryNode dir) throws IOException { DocumentInputStream dis = dir.createDocumentInputStream(DEFAULT_POIFS_ENTRY); _length = dis.readLong(); if(getSecretKey() == null) { verifyPassword(null); } // limit wrong calculated ole entries - (bug #57080) // standard encryption always uses aes encoding, so blockSize is always 16 // http://stackoverflow.com/questions/3283787/size-of-data-after-aes-encryption int blockSize = getEncryptionInfo().getHeader().getCipherAlgorithm().blockSize; long cipherLen = (_length/blockSize + 1) * blockSize; Cipher cipher = getCipher(getSecretKey()); InputStream boundedDis = new BoundedInputStream(dis, cipherLen); return new BoundedInputStream(new CipherInputStream(boundedDis, cipher), _length); }
private Cipher getCipher(SecretKey key) { EncryptionHeader em = getEncryptionInfo().getHeader(); ChainingMode cm = em.getChainingMode(); assert(cm == ChainingMode.ecb); return CryptoFunctions.getCipher(key, em.getCipherAlgorithm(), cm, null, Cipher.DECRYPT_MODE); }
SecretKey secretKey = generateSecretKey(password, ver, getKeySizeInBytes()); setSecretKey(secretKey); Cipher cipher = getCipher(secretKey, null);
@Override @SuppressWarnings("resource") public InputStream getDataStream(DirectoryNode dir) throws IOException { DocumentInputStream dis = dir.createDocumentInputStream(DEFAULT_POIFS_ENTRY); _length = dis.readLong(); if(getSecretKey() == null) { verifyPassword(null); } // limit wrong calculated ole entries - (bug #57080) // standard encryption always uses aes encoding, so blockSize is always 16 // http://stackoverflow.com/questions/3283787/size-of-data-after-aes-encryption int blockSize = getEncryptionInfo().getHeader().getCipherAlgorithm().blockSize; long cipherLen = (_length/blockSize + 1) * blockSize; Cipher cipher = getCipher(getSecretKey()); InputStream boundedDis = new BoundedInputStream(dis, cipherLen); return new BoundedInputStream(new CipherInputStream(boundedDis, cipher), _length); }
private Cipher getCipher(SecretKey key) { EncryptionHeader em = getEncryptionInfo().getHeader(); ChainingMode cm = em.getChainingMode(); assert(cm == ChainingMode.ecb); return CryptoFunctions.getCipher(key, em.getCipherAlgorithm(), cm, null, Cipher.DECRYPT_MODE); }
SecretKey secretKey = generateSecretKey(password, ver, getKeySizeInBytes()); setSecretKey(secretKey); Cipher cipher = getCipher(secretKey, null);
@Override public boolean verifyPassword(String password) { EncryptionVerifier ver = getEncryptionInfo().getVerifier(); SecretKey skey = generateSecretKey(password, ver, getKeySizeInBytes()); Cipher cipher = getCipher(skey); try { byte encryptedVerifier[] = ver.getEncryptedVerifier(); byte verifier[] = cipher.doFinal(encryptedVerifier); setVerifier(verifier); MessageDigest sha1 = CryptoFunctions.getMessageDigest(ver.getHashAlgorithm()); byte[] calcVerifierHash = sha1.digest(verifier); byte encryptedVerifierHash[] = ver.getEncryptedVerifierHash(); byte decryptedVerifierHash[] = cipher.doFinal(encryptedVerifierHash); // see 2.3.4.9 Password Verification (Standard Encryption) // ... The number of bytes used by the encrypted Verifier hash MUST be 32 ... // TODO: check and trim/pad the hashes to 32 byte[] verifierHash = Arrays.copyOf(decryptedVerifierHash, calcVerifierHash.length); if (Arrays.equals(calcVerifierHash, verifierHash)) { setSecretKey(skey); return true; } else { return false; } } catch (GeneralSecurityException e) { throw new EncryptedDocumentException(e); } }
StandardDecryptor dec = new StandardDecryptor(); dec.setEncryptionInfo(info); info.setDecryptor(dec); StandardEncryptor enc = new StandardEncryptor();
protected static SecretKey generateSecretKey(String password, EncryptionVerifier ver, int keySize) { HashAlgorithm hashAlgo = ver.getHashAlgorithm(); byte pwHash[] = hashPassword(password, hashAlgo, ver.getSalt(), ver.getSpinCount()); byte[] blockKey = new byte[4]; LittleEndian.putInt(blockKey, 0, 0); byte[] finalHash = CryptoFunctions.generateKey(pwHash, hashAlgo, blockKey, hashAlgo.hashSize); byte x1[] = fillAndXor(finalHash, (byte) 0x36); byte x2[] = fillAndXor(finalHash, (byte) 0x5c); byte[] x3 = new byte[x1.length + x2.length]; System.arraycopy(x1, 0, x3, 0, x1.length); System.arraycopy(x2, 0, x3, x1.length, x2.length); byte[] key = Arrays.copyOf(x3, keySize); return new SecretKeySpec(key, ver.getCipherAlgorithm().jceId); }
/** * initialize the builder from a stream */ @Override public void initialize(EncryptionInfo info, LittleEndianInput dis) throws IOException { /* int hSize = */ dis.readInt(); StandardEncryptionHeader header = new StandardEncryptionHeader(dis); info.setHeader(header); info.setVerifier(new StandardEncryptionVerifier(dis, header)); if (info.getVersionMinor() == 2 && (info.getVersionMajor() == 3 || info.getVersionMajor() == 4)) { StandardDecryptor dec = new StandardDecryptor(); dec.setEncryptionInfo(info); info.setDecryptor(dec); } }
StandardDecryptor dec = new StandardDecryptor(); dec.setEncryptionInfo(info); info.setDecryptor(dec); StandardEncryptor enc = new StandardEncryptor();