|Summary:||[PATCH] Initial support for reading AES-encrypted/write-protected OOXML files|
|Product:||POI||Reporter:||Maxim Valyanskiy <max.valjanski>|
|Component:||POIFS||Assignee:||POI Developers List <dev>|
Description Maxim Valyanskiy 2010-05-19 04:49:15 UTC
I modified POI for support of reading AES encrypted OOXML documents using build-in JRE cryptography. Is it ok to commit it? Patch and test data is attached.
Comment 2 Maxim Valyanskiy 2010-05-19 04:50:53 UTC
Created attachment 25454 [details] protect.xlsx test data
Comment 3 Nick Burch 2010-05-25 12:11:28 UTC
As long as it fits in nicely with the current MD4 protected document stuff (which might be HSSF only, iirc), I don't see why this can't go in Code looks fine, but please could you ensure the apache license header gets added before committing for the new files? Encryption wise, we already have the export notice in place, so we're fine for that. Oh, and shouldn't that test file be protect.xls and not .xlsx? Otherwise, do please commit :)
Comment 4 Maxim Valyanskiy 2010-05-25 12:20:42 UTC
Ok, I'm going to add headers and commit tomorrow. File is really xlsx (zip) stream in encrypted OLE-container
Comment 5 Nick Burch 2010-05-25 12:27:43 UTC
An xlsx file stored as encrypted contents in an OLE2 file, now that's a nasty way to do it :/ At least it explains why your .xslx file was readable by poifs... Commit away!