ASF Bugzilla – Attachment 31061 Details for
Bug 53475
Support for more DOCX encryption versions
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
JCE-check added to tests and AgileDecryptor
bug53475-jcepolicy-check.diff (text/plain), 10.66 KB, created by
Andreas Beeker
on 2013-11-21 00:00:13 UTC
(
hide
)
Description:
JCE-check added to tests and AgileDecryptor
Filename:
MIME Type:
Creator:
Andreas Beeker
Created:
2013-11-21 00:00:13 UTC
Size:
10.66 KB
patch
obsolete
>Index: src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java >=================================================================== >--- src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java (revision 1541253) >+++ src/java/org/apache/poi/poifs/crypt/AgileDecryptor.java (working copy) >@@ -194,6 +194,7 @@ > > private Cipher getCipher(SecretKey key, byte[] vec) > throws GeneralSecurityException { >+ > String name = null; > String chain = null; > >@@ -209,6 +210,11 @@ > throw new EncryptedDocumentException("Unsupported algorithm"); > } > >+ // check for JCE policies files >+ if (Cipher.getMaxAllowedKeyLength(name) < _info.getHeader().getKeySize()) { >+ throw new EncryptedDocumentException("export restriction in place - please install JCE Unlimited Strength Jurisdiction Policy files"); >+ } >+ > switch (verifier.getCipherMode()) { > case EncryptionHeader.MODE_CBC: > chain = "CBC"; >@@ -219,7 +225,7 @@ > default: > throw new EncryptedDocumentException("Unsupported chain mode"); > } >- >+ > Cipher cipher = Cipher.getInstance(name + "/" + chain + "/NoPadding"); > IvParameterSpec iv = new IvParameterSpec(vec); > cipher.init(Cipher.DECRYPT_MODE, key, iv); >Index: src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java >=================================================================== >--- src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java (revision 1540295) >+++ src/ooxml/testcases/org/apache/poi/xwpf/AllXWPFTests.java (working copy) >@@ -17,9 +17,6 @@ > > package org.apache.poi.xwpf; > >-import junit.framework.Test; >-import junit.framework.TestSuite; >- > import org.apache.poi.xwpf.extractor.TestXWPFWordExtractor; > import org.apache.poi.xwpf.model.TestXWPFHeaderFooterPolicy; > import org.apache.poi.xwpf.usermodel.TestXWPFDocument; >@@ -31,30 +28,30 @@ > import org.apache.poi.xwpf.usermodel.TestXWPFRun; > import org.apache.poi.xwpf.usermodel.TestXWPFStyles; > import org.apache.poi.xwpf.usermodel.TestXWPFTable; >+import org.junit.runner.RunWith; >+import org.junit.runners.Suite; > > /** > * Collects all tests for <tt>org.apache.poi.xwpf</tt> and sub-packages. > * > * @author Josh Micich > */ >+@RunWith(Suite.class) >+@Suite.SuiteClasses({ >+ TestXWPFBugs.class, >+ TestXWPFDocument.class, >+ TestXWPFWordExtractor.class, >+ TestXWPFHeaderFooterPolicy.class, >+ TestXWPFHeader.class, >+ TestXWPFHeadings.class, >+ TestXWPFParagraph.class, >+ TestXWPFRun.class, >+ TestXWPFTable.class, >+ TestXWPFStyles.class, >+ TestXWPFPictureData.class, >+ TestXWPFNumbering.class, >+ TestAllExtendedProperties.class, >+ TestPackageCorePropertiesGetKeywords.class >+}) > public final class AllXWPFTests { >- >- public static Test suite() { >- TestSuite result = new TestSuite(AllXWPFTests.class.getName()); >- result.addTestSuite(TestXWPFBugs.class); >- result.addTestSuite(TestXWPFDocument.class); >- result.addTestSuite(TestXWPFWordExtractor.class); >- result.addTestSuite(TestXWPFHeaderFooterPolicy.class); >- result.addTestSuite(TestXWPFHeader.class); >- result.addTestSuite(TestXWPFHeadings.class); >- result.addTestSuite(TestXWPFParagraph.class); >- result.addTestSuite(TestXWPFRun.class); >- result.addTestSuite(TestXWPFTable.class); >- result.addTestSuite(TestXWPFStyles.class); >- result.addTestSuite(TestXWPFPictureData.class); >- result.addTestSuite(TestXWPFNumbering.class); >- result.addTestSuite(TestAllExtendedProperties.class); >- result.addTestSuite(TestPackageCorePropertiesGetKeywords.class); >- return result; >- } > } >Index: src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java >=================================================================== >--- src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java (revision 1541255) >+++ src/ooxml/testcases/org/apache/poi/xwpf/TestXWPFBugs.java (working copy) >@@ -1,12 +1,15 @@ > package org.apache.poi.xwpf; > >+import static org.junit.Assert.assertEquals; >+import static org.junit.Assert.assertNotNull; >+import static org.junit.Assert.assertTrue; >+ > import java.io.File; > import java.io.InputStream; > >-import junit.framework.TestCase; >+import javax.crypto.Cipher; > > import org.apache.poi.POIDataSamples; >-import org.apache.poi.hssf.record.crypto.Biff8EncryptionKey; > import org.apache.poi.openxml4j.opc.OPCPackage; > import org.apache.poi.poifs.crypt.Decryptor; > import org.apache.poi.poifs.crypt.EncryptionHeader; >@@ -14,75 +17,71 @@ > import org.apache.poi.poifs.filesystem.NPOIFSFileSystem; > import org.apache.poi.xwpf.extractor.XWPFWordExtractor; > import org.apache.poi.xwpf.usermodel.XWPFDocument; >+import org.junit.Assume; >+import org.junit.Test; > >-public class TestXWPFBugs extends TestCase { >+public class TestXWPFBugs { > /** > * A word document that's encrypted with non-standard > * Encryption options, and no cspname section. See bug 53475 > */ >+ @Test > public void test53475NoCSPName() throws Exception { >- try { >- Biff8EncryptionKey.setCurrentUserPassword("solrcell"); >- File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-solrcell.docx"); >- NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); >+ File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-solrcell.docx"); >+ NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); > >- // Check the encryption details >- EncryptionInfo info = new EncryptionInfo(filesystem); >- assertEquals(128, info.getHeader().getKeySize()); >- assertEquals(EncryptionHeader.ALGORITHM_AES_128, info.getHeader().getAlgorithm()); >- assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); >+ // Check the encryption details >+ EncryptionInfo info = new EncryptionInfo(filesystem); >+ assertEquals(128, info.getHeader().getKeySize()); >+ assertEquals(EncryptionHeader.ALGORITHM_AES_128, info.getHeader().getAlgorithm()); >+ assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); > >- // Check it can be decoded >- Decryptor d = Decryptor.getInstance(info); >- assertTrue("Unable to process: document is encrypted", d.verifyPassword("solrcell")); >+ // Check it can be decoded >+ Decryptor d = Decryptor.getInstance(info); >+ assertTrue("Unable to process: document is encrypted", d.verifyPassword("solrcell")); > >- // Check we can read the word document in that >- InputStream dataStream = d.getDataStream(filesystem); >- OPCPackage opc = OPCPackage.open(dataStream); >- XWPFDocument doc = new XWPFDocument(opc); >- XWPFWordExtractor ex = new XWPFWordExtractor(doc); >- String text = ex.getText(); >- assertNotNull(text); >- assertEquals("This is password protected Word document.", text.trim()); >- ex.close(); >- } finally { >- Biff8EncryptionKey.setCurrentUserPassword(null); >- } >+ // Check we can read the word document in that >+ InputStream dataStream = d.getDataStream(filesystem); >+ OPCPackage opc = OPCPackage.open(dataStream); >+ XWPFDocument doc = new XWPFDocument(opc); >+ XWPFWordExtractor ex = new XWPFWordExtractor(doc); >+ String text = ex.getText(); >+ assertNotNull(text); >+ assertEquals("This is password protected Word document.", text.trim()); >+ ex.close(); > } > > /** > * A word document with aes-256, i.e. aes is always 128 bit (= 128 bit block size), > * but the key can be 128/192/256 bits > */ >+ @Test > public void test53475_aes256() throws Exception { >- try { >- Biff8EncryptionKey.setCurrentUserPassword("pass"); >- File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-pass.docx"); >- NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); >+ int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); >+ Assume.assumeTrue("Please install JCE Unlimited Strength Jurisdiction Policy files for AES 256", maxKeyLen == 2147483647); >+ File file = POIDataSamples.getDocumentInstance().getFile("bug53475-password-is-pass.docx"); >+ NPOIFSFileSystem filesystem = new NPOIFSFileSystem(file, true); > >- // Check the encryption details >- EncryptionInfo info = new EncryptionInfo(filesystem); >- assertEquals(16, info.getHeader().getBlockSize()); >- assertEquals(256, info.getHeader().getKeySize()); >- assertEquals(EncryptionHeader.ALGORITHM_AES_256, info.getHeader().getAlgorithm()); >- assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); >+ // Check the encryption details >+ EncryptionInfo info = new EncryptionInfo(filesystem); >+ assertEquals(16, info.getHeader().getBlockSize()); >+ assertEquals(256, info.getHeader().getKeySize()); >+ assertEquals(EncryptionHeader.ALGORITHM_AES_256, info.getHeader().getAlgorithm()); >+ assertEquals(EncryptionHeader.HASH_SHA1, info.getHeader().getHashAlgorithm()); > >- // Check it can be decoded >- Decryptor d = Decryptor.getInstance(info); >- assertTrue("Unable to process: document is encrypted", d.verifyPassword("pass")); >+ // Check it can be decoded >+ Decryptor d = Decryptor.getInstance(info); >+ assertTrue("Unable to process: document is encrypted", d.verifyPassword("pass")); > >- // Check we can read the word document in that >- InputStream dataStream = d.getDataStream(filesystem); >- OPCPackage opc = OPCPackage.open(dataStream); >- XWPFDocument doc = new XWPFDocument(opc); >- XWPFWordExtractor ex = new XWPFWordExtractor(doc); >- String text = ex.getText(); >- assertNotNull(text); >- // I know ... a stupid typo, maybe next time ... >- assertEquals("The is a password protected document.", text.trim()); >- ex.close(); >- } finally { >- Biff8EncryptionKey.setCurrentUserPassword(null); >- } >+ // Check we can read the word document in that >+ InputStream dataStream = d.getDataStream(filesystem); >+ OPCPackage opc = OPCPackage.open(dataStream); >+ XWPFDocument doc = new XWPFDocument(opc); >+ XWPFWordExtractor ex = new XWPFWordExtractor(doc); >+ String text = ex.getText(); >+ assertNotNull(text); >+ // I know ... a stupid typo, maybe next time ... >+ assertEquals("The is a password protected document.", text.trim()); >+ ex.close(); > } > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 53475
:
29002
|
31004
|
31021
|
31029
| 31061 |
31073