Bug 55544 - org.apache.poi.EncryptedDocumentException: Unsupported hash algorithm when trying to decrypt Excel 2013
Summary: org.apache.poi.EncryptedDocumentException: Unsupported hash algorithm when tr...
Alias: None
Product: POI
Classification: Unclassified
Component: POIFS (show other bugs)
Version: 3.9-FINAL
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: POI Developers List
Depends on: 55818
  Show dependency tree
Reported: 2013-09-10 18:31 UTC by bknippen
Modified: 2014-02-01 20:34 UTC (History)
1 user (show)

example workbook for reproducing probelm (14.00 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)
2013-09-11 14:00 UTC, bknippen
another test case (password "welcome1") (107.00 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)
2013-12-04 17:37 UTC, Jeff Grossman

Note You need to log in before you can comment on or make changes to this bug.
Description bknippen 2013-09-10 18:31:30 UTC
Trying to create an EncryptionInfo from an encrypted Excel 2013 file results in an org.apache.poi.EncryptedDocumentException exception. The hashAlgorithm in the EncryptionHeader of the document is "SHA512" and EncryptionHeader has this:

        String hashAlg = keyData.getNamedItem("hashAlgorithm").getNodeValue();
        int hashSize = Integer.parseInt(keyData.getNamedItem("hashSize")

        if ("SHA1".equals(hashAlg) && hashSize == 20)
            hashAlgorithm = HASH_SHA1;
            throw new EncryptedDocumentException("Unsupported hash algorithm");
Would be good to have support for Excel 2013 documents
Comment 1 Nick Burch 2013-09-10 20:26:45 UTC
Could you please upload a small sample file that shows the problem?
Comment 2 bknippen 2013-09-11 14:00:18 UTC
Created attachment 30816 [details]
example workbook for reproducing probelm

password for EncryptedBook.xlsx is: "this is a test"
Comment 3 Nick Burch 2013-09-11 22:24:40 UTC
As of r1522074 it's hopefully supported. I've added a simple unit test that shows we can now process the header, please re-open the bug if anything further down the line fails with it!
Comment 4 Jeff Grossman 2013-12-04 17:37:13 UTC
Created attachment 31092 [details]
another test case (password "welcome1")

Generated by a third-party server process.
The EncryptionInfo says, among other things:
     keyBits="256" hashSize="64" hashAlgorithm="SHA512"
Comment 5 Jeff Grossman 2013-12-04 17:41:59 UTC
I have uploaded a new test case, per Andreas' request.  Problem posting in the archive at:

Also, per Andreas' request, I have verified that we are using the correct JCE version.
Comment 6 Andreas Beeker 2014-02-01 20:34:01 UTC
As per #55818 this has been fixed too, so I'm closing this for now.

> Jeff wrote on 21.12.2013 04:34:
> Short answer:  The code works.
> Long answer:  The code wasn't working, no matter what JCE files we tried, no matter what JVM we tried.  Then, I wondered whether our test file -- the one with all the birthdays, not the one I had made for you -- was the problem.  I acquired eight more of them and... sure enough they all open just fine.
> Commit the branch, mark the bug, I'm happy.
> Jeff