Example 6 with EncryptedDocumentException
use of org.apache.poi.EncryptedDocumentException in project poi by apache.
the class SignatureConfig method init.
/**
* Inits and checks the config object.
* If not set previously, complex configuration properties also get
* created/initialized via this initialization call.
*
* @param onlyValidation if true, only a subset of the properties
* is initialized, which are necessary for validation. If false,
* also the other properties needed for signing are been taken care of
*/
protected void init(boolean onlyValidation) {
if (opcPackage == null) {
throw new EncryptedDocumentException("opcPackage is null");
}
if (uriDereferencer == null) {
uriDereferencer = new OOXMLURIDereferencer();
}
if (uriDereferencer instanceof SignatureConfigurable) {
((SignatureConfigurable) uriDereferencer).setSignatureConfig(this);
}
if (namespacePrefixes.isEmpty()) {
/*
* OOo doesn't like ds namespaces so per default prefixing is off.
*/
// namespacePrefixes.put(XML_DIGSIG_NS, "");
namespacePrefixes.put(OO_DIGSIG_NS, "mdssi");
namespacePrefixes.put(XADES_132_NS, "xd");
}
if (onlyValidation)
return;
if (signatureMarshalListener == null) {
signatureMarshalListener = new SignatureMarshalListener();
}
if (signatureMarshalListener instanceof SignatureConfigurable) {
((SignatureConfigurable) signatureMarshalListener).setSignatureConfig(this);
}
if (tspService != null) {
tspService.setSignatureConfig(this);
}
if (signatureFacets.isEmpty()) {
addSignatureFacet(new OOXMLSignatureFacet());
addSignatureFacet(new KeyInfoSignatureFacet());
addSignatureFacet(new XAdESSignatureFacet());
addSignatureFacet(new Office2010SignatureFacet());
}
for (SignatureFacet sf : signatureFacets) {
sf.setSignatureConfig(this);
}
}
Also used :
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
Office2010SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet)
KeyInfoSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet)
XAdESSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet)
OOXMLSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet)
SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet)
KeyInfoSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet)
OOXMLSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet)
Office2010SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet)
XAdESSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet)
Example 7 with EncryptedDocumentException
use of org.apache.poi.EncryptedDocumentException in project poi by apache.
the class SignatureInfo method signDigest.
/**
* Sign (encrypt) the digest with the private key.
* Currently only rsa is supported.
*
* @param digest the hashed input
* @return the encrypted hash
*/
public byte[] signDigest(byte[] digest) {
Cipher cipher = CryptoFunctions.getCipher(signatureConfig.getKey(), CipherAlgorithm.rsa, ChainingMode.ecb, null, Cipher.ENCRYPT_MODE, "PKCS1Padding");
try {
ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
digestInfoValueBuf.write(signatureConfig.getHashMagic());
digestInfoValueBuf.write(digest);
byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
byte[] signatureValue = cipher.doFinal(digestInfoValue);
return signatureValue;
} catch (Exception e) {
throw new EncryptedDocumentException(e);
}
}
Also used :
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
Cipher(javax.crypto.Cipher)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
XPathExpressionException(javax.xml.xpath.XPathExpressionException)
GeneralSecurityException(java.security.GeneralSecurityException)
InvalidFormatException(org.apache.poi.openxml4j.exceptions.InvalidFormatException)
SAXException(org.xml.sax.SAXException)
MarshalException(javax.xml.crypto.MarshalException)
XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException)
NoSuchElementException(java.util.NoSuchElementException)
IOException(java.io.IOException)
XmlException(org.apache.xmlbeans.XmlException)
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
Example 8 with EncryptedDocumentException
use of org.apache.poi.EncryptedDocumentException in project poi by apache.
the class InternalWorkbook method updateEncryptionRecord.
private void updateEncryptionRecord() {
FilePassRecord fpr = (FilePassRecord) findFirstRecordBySid(FilePassRecord.sid);
String password = Biff8EncryptionKey.getCurrentUserPassword();
if (password == null) {
if (fpr != null) {
// need to remove password data
records.remove(fpr);
}
} else {
// create password record
if (fpr == null) {
fpr = new FilePassRecord(EncryptionMode.binaryRC4);
records.add(1, fpr);
}
// check if the password has been changed
EncryptionInfo ei = fpr.getEncryptionInfo();
byte[] encVer = ei.getVerifier().getEncryptedVerifier();
try {
Decryptor dec = ei.getDecryptor();
Encryptor enc = ei.getEncryptor();
if (encVer == null || !dec.verifyPassword(password)) {
enc.confirmPassword(password);
} else {
SecretKey sk = dec.getSecretKey();
ei.getEncryptor().setSecretKey(sk);
}
} catch (GeneralSecurityException e) {
throw new EncryptedDocumentException("can't validate/update encryption setting", e);
}
}
}
Also used :
FilePassRecord(org.apache.poi.hssf.record.FilePassRecord)
SecretKey(javax.crypto.SecretKey)
Decryptor(org.apache.poi.poifs.crypt.Decryptor)
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
EncryptionInfo(org.apache.poi.poifs.crypt.EncryptionInfo)
GeneralSecurityException(java.security.GeneralSecurityException)
Encryptor(org.apache.poi.poifs.crypt.Encryptor)
UnicodeString(org.apache.poi.hssf.record.common.UnicodeString)
Example 9 with EncryptedDocumentException
use of org.apache.poi.EncryptedDocumentException in project poi by apache.
the class CryptoFunctions method hashPassword.
/**
* Generalized method for read and write protection hash generation.
* The difference is, read protection uses the order iterator then hash in the hash loop, whereas write protection
* uses first the last hash value and then the current iterator value
*
* @param password
* @param hashAlgorithm
* @param salt
* @param spinCount
* @param iteratorFirst if true, the iterator is hashed before the n-1 hash value,
* if false the n-1 hash value is applied first
* @return the hashed password
*/
public static byte[] hashPassword(String password, HashAlgorithm hashAlgorithm, byte[] salt, int spinCount, boolean iteratorFirst) {
// If no password was given, use the default
if (password == null) {
password = Decryptor.DEFAULT_PASSWORD;
}
MessageDigest hashAlg = getMessageDigest(hashAlgorithm);
hashAlg.update(salt);
byte[] hash = hashAlg.digest(StringUtil.getToUnicodeLE(password));
byte[] iterator = new byte[LittleEndianConsts.INT_SIZE];
byte[] first = (iteratorFirst ? iterator : hash);
byte[] second = (iteratorFirst ? hash : iterator);
try {
for (int i = 0; i < spinCount; i++) {
LittleEndian.putInt(iterator, 0, i);
hashAlg.reset();
hashAlg.update(first);
hashAlg.update(second);
// don't create hash buffer everytime new
hashAlg.digest(hash, 0, hash.length);
}
} catch (DigestException e) {
throw new EncryptedDocumentException("error in password hashing");
}
return hash;
}
Also used :
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
DigestException(java.security.DigestException)
MessageDigest(java.security.MessageDigest)
Example 10 with EncryptedDocumentException
use of org.apache.poi.EncryptedDocumentException in project poi by apache.
the class CryptoFunctions method registerBouncyCastle.
@SuppressWarnings("unchecked")
public static void registerBouncyCastle() {
if (Security.getProvider("BC") != null) {
return;
}
try {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
String bcProviderName = "org.bouncycastle.jce.provider.BouncyCastleProvider";
Class<Provider> clazz = (Class<Provider>) cl.loadClass(bcProviderName);
Security.addProvider(clazz.newInstance());
} catch (Exception e) {
throw new EncryptedDocumentException("Only the BouncyCastle provider supports your encryption settings - please add it to the classpath.", e);
}
}
Also used :
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
GeneralSecurityException(java.security.GeneralSecurityException)
EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)
DigestException(java.security.DigestException)
Provider(java.security.Provider)
Aggregations
EncryptedDocumentException (org.apache.poi.EncryptedDocumentException)33
GeneralSecurityException (java.security.GeneralSecurityException)16
Cipher (javax.crypto.Cipher)10
SecretKey (javax.crypto.SecretKey)9
MessageDigest (java.security.MessageDigest)8
IOException (java.io.IOException)6
HashAlgorithm (org.apache.poi.poifs.crypt.HashAlgorithm)4
LittleEndianByteArrayOutputStream (org.apache.poi.util.LittleEndianByteArrayOutputStream)4
Test (org.junit.Test)3
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
FileNotFoundException (java.io.FileNotFoundException)2
DigestException (java.security.DigestException)2
ArrayList (java.util.ArrayList)2
Map (java.util.Map)2
NavigableMap (java.util.NavigableMap)2
NoSuchElementException (java.util.NoSuchElementException)2
TreeMap (java.util.TreeMap)2
SecretKeySpec (javax.crypto.spec.SecretKeySpec)2
PersistPtrHolder (org.apache.poi.hslf.record.PersistPtrHolder)2
PositionDependentRecord (org.apache.poi.hslf.record.PositionDependentRecord)2
