/**
* Constructs an EncryptionInfo from scratch
*
* @param encryptionMode see {@link EncryptionMode} for values, {@link EncryptionMode#cryptoAPI} is for
* internal use only, as it's record based
* @param cipherAlgorithm
* @param hashAlgorithm
* @param keyBits
* @param blockSize
* @param chainingMode
*
* @throws EncryptedDocumentException if the given parameters mismatch, e.g. only certain combinations
* of keyBits, blockSize are allowed for a given {@link CipherAlgorithm}
*/
public EncryptionInfo(
EncryptionMode encryptionMode
, CipherAlgorithm cipherAlgorithm
, HashAlgorithm hashAlgorithm
, int keyBits
, int blockSize
, ChainingMode chainingMode
)
{
_versionMajor = encryptionMode.VersionMajor;
_versionMinor = encryptionMode.VersionMinor;
_encryptionFlags = encryptionMode.EncryptionFlags;
IEncryptionInfoBuilder eib;
try
{
eib = GetBuilder(encryptionMode);
}
catch (Exception e)
{
throw new EncryptedDocumentException(e);
}
eib.Initialize(this, cipherAlgorithm, hashAlgorithm, keyBits, blockSize, chainingMode);
_header = eib.GetHeader();
_verifier = eib.GetVerifier();
_decryptor = eib.GetDecryptor();
_encryptor = eib.GetEncryptor();
}
private ZipEntrySource fileToSource(FileInfo tmpFile, CipherAlgorithm cipherAlgorithm, byte[] keyBytes, byte[] ivBytes)
{
SecretKeySpec skeySpec = new SecretKeySpec(keyBytes, cipherAlgorithm.jceId);
Cipher ciDec = CryptoFunctions.GetCipher(skeySpec, cipherAlgorithm, ChainingMode.cbc, ivBytes, Cipher.DECRYPT_MODE, "PKCS5PAdding");
ZipFile zf = new ZipFile(tmpFile.FullName);
return(new AesZipFileZipEntrySource(zf, ciDec));
}
/**
* Initialize a new cipher object with the given cipher properties
* If the given algorithm is not implemented in the JCE, it will try to load it from the bouncy castle
* provider.
*
* @param key the secrect key
* @param cipherAlgorithm the cipher algorithm
* @param chain the chaining mode
* @param vec the Initialization vector (IV), can be null
* @param cipherMode Cipher.DECRYPT_MODE or Cipher.ENCRYPT_MODE
* @param pAdding
* @return the requested cipher
* @throws GeneralSecurityException
* @throws EncryptedDocumentException if the Initialization failed or if an algorithm was specified,
* which depends on a missing bouncy castle provider
*/
public static Cipher GetCipher(IKey key, CipherAlgorithm cipherAlgorithm, ChainingMode chain, byte[] vec, int cipherMode, String pAdding)
{
int keySizeInBytes = key.GetEncoded().Length;
if (pAdding == null)
{
pAdding = "NoPAdding";
}
try {
// Ensure the JCE policies files allow for this sized key
if (Cipher.GetMaxAllowedKeyLength(cipherAlgorithm.jceId) < keySizeInBytes * 8)
{
throw new EncryptedDocumentException("Export Restrictions in place - please install JCE Unlimited Strength Jurisdiction Policy files");
}
Cipher cipher;
if (cipherAlgorithm == CipherAlgorithm.rc4)
{
cipher = Cipher.GetInstance(cipherAlgorithm.jceId);
}
else if (cipherAlgorithm.needsBouncyCastle)
{
registerBouncyCastle();
cipher = Cipher.GetInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + pAdding, "BC");
}
else
{
cipher = Cipher.GetInstance(cipherAlgorithm.jceId + "/" + chain.jceId + "/" + pAdding);
}
if (vec == null)
{
cipher.Init(cipherMode, key);
}
else
{
AlgorithmParameterSpec aps;
if (cipherAlgorithm == CipherAlgorithm.rc2)
{
aps = new RC2ParameterSpec(key.GetEncoded().Length * 8, vec);
}
else
{
aps = new IvParameterSpec(vec);
}
cipher.Init(cipherMode, key, aps);
}
return(cipher);
} catch (Exception e) {
throw new EncryptedDocumentException(e);
}
}
/**
* @deprecated use {@link #EncryptionInfo(EncryptionMode, CipherAlgorithm, HashAlgorithm, int, int, ChainingMode)}
*/
public EncryptionInfo(
DirectoryNode dir
, EncryptionMode encryptionMode
, CipherAlgorithm cipherAlgorithm
, HashAlgorithm hashAlgorithm
, int keyBits
, int blockSize
, ChainingMode chainingMode
)
: this(encryptionMode, cipherAlgorithm, hashAlgorithm, keyBits, blockSize, chainingMode)
{
;
}
/**
* @deprecated use {@link #EncryptionInfo(EncryptionMode, CipherAlgorithm, HashAlgorithm, int, int, ChainingMode)}
*/
public EncryptionInfo(
NPOIFSFileSystem fs
, EncryptionMode encryptionMode
, CipherAlgorithm cipherAlgorithm
, HashAlgorithm hashAlgorithm
, int keyBits
, int blockSize
, ChainingMode chainingMode
)
: this(encryptionMode, cipherAlgorithm, hashAlgorithm, keyBits, blockSize, chainingMode)
{
;
}
private void CopyToFile(InputStream is1, FileInfo tmpFile, CipherAlgorithm cipherAlgorithm, byte[] keyBytes, byte[] ivBytes)
{
SecretKeySpec skeySpec = new SecretKeySpec(keyBytes, cipherAlgorithm.jceId);
Cipher ciEnc = CryptoFunctions.GetCipher(skeySpec, cipherAlgorithm, ChainingMode.cbc, ivBytes, Cipher.ENCRYPT_MODE, "PKCS5PAdding");
ZipInputStream zis = new ZipInputStream(is1);
//FileOutputStream fos = new FileOutputStream(tmpFile);
//ZipOutputStream zos = new ZipOutputStream(fos);
//ZipEntry ze;
//while ((ze = zis.NextEntry) != null)
//{
// // the cipher output stream pads the data, therefore we can't reuse the ZipEntry with Set sizes
// // as those will be validated upon close()
// ZipEntry zeNew = new ZipEntry(ze.Name);
// zeNew.Comment = (/*setter*/ze.Comment);
// zeNew.Extra = (/*setter*/ze.Extra);
// zeNew.Time = (/*setter*/ze.Time);
// // zeNew.Method=(/*setter*/ze.Method);
// zos.PutNextEntry(zeNew);
// FilterOutputStream fos2 = new FilterOutputStream(zos)
// {
// // don't close underlying ZipOutputStream
// public void close() { }
//};
//CipherOutputStream cos = new CipherOutputStream(fos2, ciEnc);
// IOUtils.Copy(zis, cos);
// cos.Close();
// fos2.Close();
// zos.CloseEntry();
// zis.CloseEntry();
//}
//zos.Close();
//fos.Close();
//zis.Close();
throw new NotImplementedException();
}
public static Cipher GetCipher(ISecretKey key, CipherAlgorithm cipherAlgorithm, ChainingMode chain, byte[] vec, int cipherMode)
{
return(GetCipher(key, cipherAlgorithm, chain, vec, cipherMode, null));
}
