Summary: | Add encryption support | ||
---|---|---|---|
Product: | POI | Reporter: | Andreas Beeker <kiwiwings> |
Component: | POIFS | Assignee: | POI Developers List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | ||
Priority: | P3 | ||
Version: | 3.10-dev | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | All | ||
Bug Depends on: | |||
Bug Blocks: | 51623, 55544 | ||
Attachments: |
patch for encryption support - Part 1 - refactor crypt code
patch for encryption support - Part 2 - xmlbeans for descriptor patch for encryption support - Part 3 - standard encryption patch for encryption support - Part 4 - agile encryption patch for encryption support - Part 5 - docs and certificate encryption |
Description
Andreas Beeker
2013-11-26 22:48:00 UTC
Created attachment 31077 [details]
patch for encryption support - Part 1 - refactor crypt code
For a starter I've refactored the used crypto helper functions, which will be reused for encryption
Created attachment 31079 [details]
patch for encryption support - Part 2 - xmlbeans for descriptor
The 2nd part introduces the xml schemas for the encryption descriptor, which is used in agile encryption.
The new xmlbeans classes made it necessary to also change the build. Furthermore there's a fix for OOXMLLite which didn't work with one of the recently introduced Junit4 tests.
I've tried to keep the public decryption interface, i.e. EncryptionInfo/Decryptor, but
I've split up the standard and agile classes, so one can use standard without xmlbeans support, i.e. these classes stay in the main-poi jar, whereas the agile classes have been moved to the ooxml area, because of the new xmlbeans dependency. As agile encryption is used for the X**F formats, one has to have xmlbeans anyway in the dependencies.
Before you apply the patch to the svn repo, please move the corresponding test classes in the repo, to keep the history.
Created attachment 31100 [details]
patch for encryption support - Part 3 - standard encryption
ok, here comes part 3, which contains standard encryption support
currently only AES has been tested, but maybe you already want to give it a try ...
Also comments about the interface are welcomed
Created attachment 31116 [details] patch for encryption support - Part 4 - agile encryption part 4 brings support for agile encryption. I've tested most cipher/hash combinations with a ms word viewer, but couldn't validate the hashes ripemd* and whirlpool, because opposed to the full feature version, it doesn't support all encryptions. RC4 is currently also not supported, because I don't know how to handle a streaming cipher (i.e. IVs don't work the same way, as with block ciphers) and it's not recommended [1][2] The code still lacks some (a lot?) of comments, so this is something for part 5 to come and some usage infos wouldn't hurt too .... [1] http://msdn.microsoft.com/en-us/library/dd925810(v=office.12).aspx [2] http://blogs.msdn.com/b/david_leblanc/archive/2010/04/16/don-t-use-office-rc4-encryption-really-just-don-t-do-it.aspx (although this focus actually on "Office Binary Document RC4 Encryption" ...) Created attachment 31137 [details]
patch for encryption support - Part 5 - docs and certificate encryption
Part 5 brings a few javadocs / docu updates and an experimental certificate encryption support.
Currently I can't validate the certificate approach ... lets see what the msdn people come up with [1]
[1] social.msdn.microsoft.com/Forums/en-US/cc9092bb-0c82-4b5b-ae21-abf643bdb37c/agile-encryption-with-certificates
|