Bug 47652 - [PATCH] Initial support for encrypted workbooks
Summary: [PATCH] Initial support for encrypted workbooks
Alias: None
Product: POI
Classification: Unclassified
Component: HSSF (show other bugs)
Version: 3.5-dev
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: POI Developers List
Depends on:
Reported: 2009-08-06 02:56 UTC by Maxim Valyanskiy
Modified: 2009-08-14 14:38 UTC (History)
0 users

patch (8.43 KB, patch)
2009-08-06 02:57 UTC, Maxim Valyanskiy
Details | Diff
src/java/org/apache/poi/hssf/record/RC4Header.java (4.01 KB, text/x-java)
2009-08-06 02:58 UTC, Maxim Valyanskiy
src/java/org/apache/poi/util/RC4InputStream.java (1.80 KB, text/x-java)
2009-08-06 02:58 UTC, Maxim Valyanskiy
src/testcases/org/apache/poi/hssf/data/password.xls (22.00 KB, application/vnd.ms-excel)
2009-08-06 02:59 UTC, Maxim Valyanskiy
Exception handling (1.03 KB, patch)
2009-08-13 03:56 UTC, Maxim Valyanskiy
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Maxim Valyanskiy 2009-08-06 02:56:38 UTC
Patch add support for RC4-encrypted workbooks (no CryptoAPI support and XOR-obfuscation). Also this add support for reading write-protected workbooks (that is encrypted with Excel built-in password)
Comment 1 Maxim Valyanskiy 2009-08-06 02:57:53 UTC
Created attachment 24105 [details]
Comment 2 Maxim Valyanskiy 2009-08-06 02:58:22 UTC
Created attachment 24106 [details]
Comment 3 Maxim Valyanskiy 2009-08-06 02:58:41 UTC
Created attachment 24107 [details]
Comment 4 Maxim Valyanskiy 2009-08-06 02:59:37 UTC
Created attachment 24108 [details]
Comment 5 Nick Burch 2009-08-06 03:45:32 UTC
Thanks for this patch. I've only had a quick glance, and it mostly seems ok, though I'm slightly concerned about the password being a global static, as that means that two different threads working on two different files will hit issues :( Hopefully someone else can suggest something for this though

As this uses the java crypto libraries, which'd be our first use of them, I'll file the appropriate notice as per http://www.apache.org/dev/crypto.html so we're cleared to commit this once any tweaks are done.
Comment 6 Josh Micich 2009-08-06 23:30:22 UTC
Fixed in svn r801890

I had independently worked a solution a few months back but hadn't got round to submitting it.  The changes I have submitted are mostly based on my own work, but I  also added some things from your patch that I had missed out:
  - a high level test case
  - better handling of first three ushort fields FILEPASS (BTW - where did you get that info?)

Some stuff that I had already done:
  - low level unit tests for password/key verification, and key block changes (the tested code is very hard to understand/maintain solely in the context of high level use cases). 
  - handle the user password with a ThreadLocal instead of a plain static field.  This should enable separate threads to decrypt independently.
  - management of which BIFF records get encrypted is managed down in Biff8RC4 (instead of RecordInputStream).  This will allow encrypting code (not done yet) to use the same logic easily.

Please take a look a the combined changes which are already in svn trunk, and let me know if it still meets your needs.
Comment 7 Maxim Valyanskiy 2009-08-07 01:09:21 UTC
Yes, your implementation works for me

I used "Office Document Cryptography Structure Specification, v20090708" and "Excel Binary File Format (.xls) Structure Specification, v20090708", http://msdn.microsoft.com/en-us/library/cc313071.aspx ([MS-OFFCRYPTO].pdf and [MS-XLS].pdf from complete zip file)
Comment 8 Maxim Valyanskiy 2009-08-13 03:56:16 UTC
Created attachment 24136 [details]
Exception handling

This patch simplifies diagnostics when valid password was not supplied
Comment 9 Josh Micich 2009-08-14 14:38:57 UTC
(In reply to comment #8)
> Created an attachment (id=24136) [details]
> Exception handling
> This patch simplifies diagnostics when valid password was not supplied

Applied in svn r804381

I also improved the error message a little bit to help distinguish between use of the default password versus supplying user password.

junits added