Search in sources :

Example 6 with EncryptedDocumentException

use of org.apache.poi.EncryptedDocumentException in project poi by apache.

the class SignatureConfig method init.

/**
     * Inits and checks the config object.
     * If not set previously, complex configuration properties also get 
     * created/initialized via this initialization call.
     *
     * @param onlyValidation if true, only a subset of the properties
     * is initialized, which are necessary for validation. If false,
     * also the other properties needed for signing are been taken care of
     */
protected void init(boolean onlyValidation) {
    if (opcPackage == null) {
        throw new EncryptedDocumentException("opcPackage is null");
    }
    if (uriDereferencer == null) {
        uriDereferencer = new OOXMLURIDereferencer();
    }
    if (uriDereferencer instanceof SignatureConfigurable) {
        ((SignatureConfigurable) uriDereferencer).setSignatureConfig(this);
    }
    if (namespacePrefixes.isEmpty()) {
        /*
             * OOo doesn't like ds namespaces so per default prefixing is off.
             */
        // namespacePrefixes.put(XML_DIGSIG_NS, "");
        namespacePrefixes.put(OO_DIGSIG_NS, "mdssi");
        namespacePrefixes.put(XADES_132_NS, "xd");
    }
    if (onlyValidation)
        return;
    if (signatureMarshalListener == null) {
        signatureMarshalListener = new SignatureMarshalListener();
    }
    if (signatureMarshalListener instanceof SignatureConfigurable) {
        ((SignatureConfigurable) signatureMarshalListener).setSignatureConfig(this);
    }
    if (tspService != null) {
        tspService.setSignatureConfig(this);
    }
    if (signatureFacets.isEmpty()) {
        addSignatureFacet(new OOXMLSignatureFacet());
        addSignatureFacet(new KeyInfoSignatureFacet());
        addSignatureFacet(new XAdESSignatureFacet());
        addSignatureFacet(new Office2010SignatureFacet());
    }
    for (SignatureFacet sf : signatureFacets) {
        sf.setSignatureConfig(this);
    }
}
Also used : EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) Office2010SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet) KeyInfoSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet) XAdESSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet) OOXMLSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet) SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet) KeyInfoSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.KeyInfoSignatureFacet) OOXMLSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.OOXMLSignatureFacet) Office2010SignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.Office2010SignatureFacet) XAdESSignatureFacet(org.apache.poi.poifs.crypt.dsig.facets.XAdESSignatureFacet)

Example 7 with EncryptedDocumentException

use of org.apache.poi.EncryptedDocumentException in project poi by apache.

the class SignatureInfo method signDigest.

/**
     * Sign (encrypt) the digest with the private key.
     * Currently only rsa is supported.
     *
     * @param digest the hashed input
     * @return the encrypted hash
     */
public byte[] signDigest(byte[] digest) {
    Cipher cipher = CryptoFunctions.getCipher(signatureConfig.getKey(), CipherAlgorithm.rsa, ChainingMode.ecb, null, Cipher.ENCRYPT_MODE, "PKCS1Padding");
    try {
        ByteArrayOutputStream digestInfoValueBuf = new ByteArrayOutputStream();
        digestInfoValueBuf.write(signatureConfig.getHashMagic());
        digestInfoValueBuf.write(digest);
        byte[] digestInfoValue = digestInfoValueBuf.toByteArray();
        byte[] signatureValue = cipher.doFinal(digestInfoValue);
        return signatureValue;
    } catch (Exception e) {
        throw new EncryptedDocumentException(e);
    }
}
Also used : EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) Cipher(javax.crypto.Cipher) ByteArrayOutputStream(java.io.ByteArrayOutputStream) XPathExpressionException(javax.xml.xpath.XPathExpressionException) GeneralSecurityException(java.security.GeneralSecurityException) InvalidFormatException(org.apache.poi.openxml4j.exceptions.InvalidFormatException) SAXException(org.xml.sax.SAXException) MarshalException(javax.xml.crypto.MarshalException) XMLSignatureException(javax.xml.crypto.dsig.XMLSignatureException) NoSuchElementException(java.util.NoSuchElementException) IOException(java.io.IOException) XmlException(org.apache.xmlbeans.XmlException) EncryptedDocumentException(org.apache.poi.EncryptedDocumentException)

Example 8 with EncryptedDocumentException

use of org.apache.poi.EncryptedDocumentException in project poi by apache.

the class InternalWorkbook method updateEncryptionRecord.

private void updateEncryptionRecord() {
    FilePassRecord fpr = (FilePassRecord) findFirstRecordBySid(FilePassRecord.sid);
    String password = Biff8EncryptionKey.getCurrentUserPassword();
    if (password == null) {
        if (fpr != null) {
            // need to remove password data
            records.remove(fpr);
        }
    } else {
        // create password record
        if (fpr == null) {
            fpr = new FilePassRecord(EncryptionMode.binaryRC4);
            records.add(1, fpr);
        }
        // check if the password has been changed
        EncryptionInfo ei = fpr.getEncryptionInfo();
        byte[] encVer = ei.getVerifier().getEncryptedVerifier();
        try {
            Decryptor dec = ei.getDecryptor();
            Encryptor enc = ei.getEncryptor();
            if (encVer == null || !dec.verifyPassword(password)) {
                enc.confirmPassword(password);
            } else {
                SecretKey sk = dec.getSecretKey();
                ei.getEncryptor().setSecretKey(sk);
            }
        } catch (GeneralSecurityException e) {
            throw new EncryptedDocumentException("can't validate/update encryption setting", e);
        }
    }
}
Also used : FilePassRecord(org.apache.poi.hssf.record.FilePassRecord) SecretKey(javax.crypto.SecretKey) Decryptor(org.apache.poi.poifs.crypt.Decryptor) EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) EncryptionInfo(org.apache.poi.poifs.crypt.EncryptionInfo) GeneralSecurityException(java.security.GeneralSecurityException) Encryptor(org.apache.poi.poifs.crypt.Encryptor) UnicodeString(org.apache.poi.hssf.record.common.UnicodeString)

Example 9 with EncryptedDocumentException

use of org.apache.poi.EncryptedDocumentException in project poi by apache.

the class CryptoFunctions method hashPassword.

/**
     * Generalized method for read and write protection hash generation.
     * The difference is, read protection uses the order iterator then hash in the hash loop, whereas write protection
     * uses first the last hash value and then the current iterator value
     *
     * @param password
     * @param hashAlgorithm
     * @param salt
     * @param spinCount
     * @param iteratorFirst if true, the iterator is hashed before the n-1 hash value,
     *        if false the n-1 hash value is applied first
     * @return the hashed password
     */
public static byte[] hashPassword(String password, HashAlgorithm hashAlgorithm, byte[] salt, int spinCount, boolean iteratorFirst) {
    // If no password was given, use the default
    if (password == null) {
        password = Decryptor.DEFAULT_PASSWORD;
    }
    MessageDigest hashAlg = getMessageDigest(hashAlgorithm);
    hashAlg.update(salt);
    byte[] hash = hashAlg.digest(StringUtil.getToUnicodeLE(password));
    byte[] iterator = new byte[LittleEndianConsts.INT_SIZE];
    byte[] first = (iteratorFirst ? iterator : hash);
    byte[] second = (iteratorFirst ? hash : iterator);
    try {
        for (int i = 0; i < spinCount; i++) {
            LittleEndian.putInt(iterator, 0, i);
            hashAlg.reset();
            hashAlg.update(first);
            hashAlg.update(second);
            // don't create hash buffer everytime new
            hashAlg.digest(hash, 0, hash.length);
        }
    } catch (DigestException e) {
        throw new EncryptedDocumentException("error in password hashing");
    }
    return hash;
}
Also used : EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) DigestException(java.security.DigestException) MessageDigest(java.security.MessageDigest)

Example 10 with EncryptedDocumentException

use of org.apache.poi.EncryptedDocumentException in project poi by apache.

the class CryptoFunctions method registerBouncyCastle.

@SuppressWarnings("unchecked")
public static void registerBouncyCastle() {
    if (Security.getProvider("BC") != null) {
        return;
    }
    try {
        ClassLoader cl = Thread.currentThread().getContextClassLoader();
        String bcProviderName = "org.bouncycastle.jce.provider.BouncyCastleProvider";
        Class<Provider> clazz = (Class<Provider>) cl.loadClass(bcProviderName);
        Security.addProvider(clazz.newInstance());
    } catch (Exception e) {
        throw new EncryptedDocumentException("Only the BouncyCastle provider supports your encryption settings - please add it to the classpath.", e);
    }
}
Also used : EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) GeneralSecurityException(java.security.GeneralSecurityException) EncryptedDocumentException(org.apache.poi.EncryptedDocumentException) DigestException(java.security.DigestException) Provider(java.security.Provider)

Aggregations

EncryptedDocumentException (org.apache.poi.EncryptedDocumentException)33 GeneralSecurityException (java.security.GeneralSecurityException)16 Cipher (javax.crypto.Cipher)10 SecretKey (javax.crypto.SecretKey)9 MessageDigest (java.security.MessageDigest)8 IOException (java.io.IOException)6 HashAlgorithm (org.apache.poi.poifs.crypt.HashAlgorithm)4 LittleEndianByteArrayOutputStream (org.apache.poi.util.LittleEndianByteArrayOutputStream)4 Test (org.junit.Test)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 FileNotFoundException (java.io.FileNotFoundException)2 DigestException (java.security.DigestException)2 ArrayList (java.util.ArrayList)2 Map (java.util.Map)2 NavigableMap (java.util.NavigableMap)2 NoSuchElementException (java.util.NoSuchElementException)2 TreeMap (java.util.TreeMap)2 SecretKeySpec (javax.crypto.spec.SecretKeySpec)2 PersistPtrHolder (org.apache.poi.hslf.record.PersistPtrHolder)2 PositionDependentRecord (org.apache.poi.hslf.record.PositionDependentRecord)2