public void Bug57080()
{
// the test file Contains a wrong ole entry size, produced by extenxls
// the fix limits the available size and tries to read all entries
FileStream f = POIDataSamples.GetPOIFSInstance().GetFile("extenxls_pwd123.xlsx");
NPOIFSFileSystem fs = new NPOIFSFileSystem(f, true);
EncryptionInfo info = new EncryptionInfo(fs);
Decryptor d = Decryptor.GetInstance(info);
d.VerifyPassword("pwd123");
MemoryStream bos = new MemoryStream();
ZipInputStream zis = new ZipInputStream(d.GetDataStream(fs));
ZipEntry ze;
while ((ze = zis.GetNextEntry()) != null)
{
//bos.Reset();
bos.Seek(0, SeekOrigin.Begin);
bos.SetLength(0);
IOUtils.Copy(zis, bos);
Assert.AreEqual(ze.Size, bos.Length);
}
zis.Close();
fs.Close();
}
public void Test58616()
{
POIFSFileSystem pfs = new POIFSFileSystem(XSSFTestDataSamples.GetSampleFile("58616.xlsx").Create());
EncryptionInfo info = new EncryptionInfo(pfs);
Decryptor dec = Decryptor.GetInstance(info);
//dec.VerifyPassword(null);
dec.GetDataStream(pfs);
}
public void PasswordVerification()
{
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.GetPOIFSInstance().OpenResourceAsStream("protect.xlsx"));
EncryptionInfo info = new EncryptionInfo(fs);
Decryptor d = Decryptor.GetInstance(info);
Assert.IsTrue(d.VerifyPassword(Decryptor.DEFAULT_PASSWORD));
}
public void Decrypt()
{
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.GetPOIFSInstance().OpenResourceAsStream("protect.xlsx"));
EncryptionInfo info = new EncryptionInfo(fs);
Decryptor d = Decryptor.GetInstance(info);
d.VerifyPassword(Decryptor.DEFAULT_PASSWORD);
ZipOk(fs.Root, d);
}
public void Agile()
{
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.GetPOIFSInstance().OpenResourceAsStream("protected_agile.docx"));
EncryptionInfo info = new EncryptionInfo(fs);
Assert.IsTrue(info.VersionMajor == 4 && info.VersionMinor == 4);
Decryptor d = Decryptor.GetInstance(info);
Assert.IsTrue(d.VerifyPassword(Decryptor.DEFAULT_PASSWORD));
ZipOk(fs.Root, d);
}
public void EncryptPackageWithoutCoreProperties()
{
// Open our file without core properties
FileStream inp = POIDataSamples.GetOpenXML4JInstance().GetFile("OPCCompliance_NoCoreProperties.xlsx");
OPCPackage pkg = OPCPackage.Open(inp.Name);
// It doesn't have any core properties yet
Assert.AreEqual(0, pkg.GetPartsByContentType(ContentTypes.CORE_PROPERTIES_PART).Count);
Assert.IsNotNull(pkg.GetPackageProperties());
Assert.IsNotNull(pkg.GetPackageProperties().GetLanguageProperty());
//Assert.IsNull(pkg.GetPackageProperties().GetLanguageProperty().GetValue());
// Encrypt it
EncryptionInfo info = new EncryptionInfo(EncryptionMode.Agile);
NPOIFSFileSystem fs = new NPOIFSFileSystem();
Encryptor enc = info.Encryptor;
enc.ConfirmPassword("password");
OutputStream os = enc.GetDataStream(fs);
pkg.Save(os);
pkg.Revert();
// Save the resulting OLE2 document, and re-open it
MemoryStream baos = new MemoryStream();
fs.WriteFileSystem(baos);
MemoryStream bais = new MemoryStream(baos.ToArray());
NPOIFSFileSystem inpFS = new NPOIFSFileSystem(bais);
// Check we can decrypt it
info = new EncryptionInfo(inpFS);
Decryptor d = Decryptor.GetInstance(info);
Assert.AreEqual(true, d.VerifyPassword("password"));
OPCPackage inpPkg = OPCPackage.Open(d.GetDataStream(inpFS));
// Check it now has empty core properties
Assert.AreEqual(1, inpPkg.GetPartsByContentType(ContentTypes.CORE_PROPERTIES_PART).Count);
Assert.IsNotNull(inpPkg.GetPackageProperties());
Assert.IsNotNull(inpPkg.GetPackageProperties().GetLanguageProperty());
//Assert.IsNull(inpPkg.PackageProperties.LanguageProperty.Value);
}
public void DataLength()
{
POIFSFileSystem fs = new POIFSFileSystem(POIDataSamples.GetPOIFSInstance().OpenResourceAsStream("protected_agile.docx"));
EncryptionInfo info = new EncryptionInfo(fs);
Decryptor d = Decryptor.GetInstance(info);
d.VerifyPassword(Decryptor.DEFAULT_PASSWORD);
Stream is1 = d.GetDataStream(fs);
long len = d.GetLength();
Assert.AreEqual(12810, len);
byte[] buf = new byte[(int)len];
is1.Read(buf, 0, buf.Length);
ZipInputStream zin = new ZipInputStream(new MemoryStream(buf));
while (true)
{
ZipEntry entry = zin.GetNextEntry();
if (entry == null)
{
break;
}
while (zin.Available > 0)
{
zin.Skip(zin.Available);
}
}
}
public void AgileEncryption()
{
int maxKeyLen = Cipher.GetMaxAllowedKeyLength("AES");
Assume.That(maxKeyLen == 2147483647, "Please install JCE Unlimited Strength Jurisdiction Policy files for AES 256");
FileStream file = POIDataSamples.GetDocumentInstance().GetFile("bug53475-password-is-pass.docx");
String pass = "******";
NPOIFSFileSystem nfs = new NPOIFSFileSystem(file);
// Check the encryption details
EncryptionInfo infoExpected = new EncryptionInfo(nfs);
Decryptor decExpected = Decryptor.GetInstance(infoExpected);
bool passed = decExpected.VerifyPassword(pass);
Assert.IsTrue(passed, "Unable to Process: document is encrypted");
// extract the payload
Stream is1 = decExpected.GetDataStream(nfs);
byte[] payloadExpected = IOUtils.ToByteArray(is1);
is1.Close();
long decPackLenExpected = decExpected.GetLength();
Assert.AreEqual(decPackLenExpected, payloadExpected.Length);
is1 = nfs.Root.CreateDocumentInputStream(Decryptor.DEFAULT_POIFS_ENTRY);
///is1 = new BoundedInputStream(is1, is1.Available() - 16); // ignore pAdding block
///throw new NotImplementedException(BoundedInputStream);
byte[] encPackExpected = IOUtils.ToByteArray(is1);
is1.Close();
// listDir(nfs.Root, "orig", "");
nfs.Close();
// check that same verifier/salt lead to same hashes
byte[] verifierSaltExpected = infoExpected.Verifier.Salt;
byte[] verifierExpected = decExpected.GetVerifier();
byte[] keySalt = infoExpected.Header.KeySalt;
byte[] keySpec = decExpected.GetSecretKey().GetEncoded();
byte[] integritySalt = decExpected.GetIntegrityHmacKey();
// the hmacs of the file always differ, as we use PKCS5-pAdding to pad the bytes
// whereas office just uses random bytes
// byte integrityHash[] = d.IntegrityHmacValue;
POIFSFileSystem fs = new POIFSFileSystem();
EncryptionInfo infoActual = new EncryptionInfo(
EncryptionMode.Agile
, infoExpected.Verifier.CipherAlgorithm
, infoExpected.Verifier.HashAlgorithm
, infoExpected.Header.KeySize
, infoExpected.Header.BlockSize
, infoExpected.Verifier.ChainingMode
);
Encryptor e = Encryptor.GetInstance(infoActual);
e.ConfirmPassword(pass, keySpec, keySalt, verifierExpected, verifierSaltExpected, integritySalt);
Stream os = e.GetDataStream(fs);
IOUtils.Copy(new MemoryStream(payloadExpected), os);
os.Close();
MemoryStream bos = new MemoryStream();
fs.WriteFileSystem(bos);
nfs = new NPOIFSFileSystem(new MemoryStream(bos.ToArray()));
infoActual = new EncryptionInfo(nfs.Root);
Decryptor decActual = Decryptor.GetInstance(infoActual);
passed = decActual.VerifyPassword(pass);
Assert.IsTrue(passed, "Unable to Process: document is encrypted");
// extract the payload
is1 = decActual.GetDataStream(nfs);
byte[] payloadActual = IOUtils.ToByteArray(is1);
is1.Close();
long decPackLenActual = decActual.GetLength();
is1 = nfs.Root.CreateDocumentInputStream(Decryptor.DEFAULT_POIFS_ENTRY);
///is1 = new BoundedInputStream(is1, is1.Available() - 16); // ignore pAdding block
///throw new NotImplementedException(BoundedInputStream);
byte[] encPackActual = IOUtils.ToByteArray(is1);
is1.Close();
// listDir(nfs.Root, "copy", "");
nfs.Close();
AgileEncryptionHeader aehExpected = (AgileEncryptionHeader)infoExpected.Header;
AgileEncryptionHeader aehActual = (AgileEncryptionHeader)infoActual.Header;
CollectionAssert.AreEqual(aehExpected.GetEncryptedHmacKey(), aehActual.GetEncryptedHmacKey());
Assert.AreEqual(decPackLenExpected, decPackLenActual);
CollectionAssert.AreEqual(payloadExpected, payloadActual);
CollectionAssert.AreEqual(encPackExpected, encPackActual);
}
public void StandardEncryption()
{
FileStream file = POIDataSamples.GetDocumentInstance().GetFile("bug53475-password-is-solrcell.docx");
String pass = "******";
NPOIFSFileSystem nfs = new NPOIFSFileSystem(file);
// Check the encryption details
EncryptionInfo infoExpected = new EncryptionInfo(nfs);
Decryptor d = Decryptor.GetInstance(infoExpected);
bool passed = d.VerifyPassword(pass);
Assert.IsTrue(passed, "Unable to Process: document is encrypted");
// extract the payload
MemoryStream bos = new MemoryStream();
Stream is1 = d.GetDataStream(nfs);
IOUtils.Copy(is1, bos);
is1.Close();
nfs.Close();
byte[] payloadExpected = bos.ToArray();
// check that same verifier/salt lead to same hashes
byte[] verifierSaltExpected = infoExpected.Verifier.Salt;
byte[] verifierExpected = d.GetVerifier();
byte[] keySpec = d.GetSecretKey().GetEncoded();
byte[] keySalt = infoExpected.Header.KeySalt;
EncryptionInfo infoActual = new EncryptionInfo(
EncryptionMode.Standard
, infoExpected.Verifier.CipherAlgorithm
, infoExpected.Verifier.HashAlgorithm
, infoExpected.Header.KeySize
, infoExpected.Header.BlockSize
, infoExpected.Verifier.ChainingMode
);
Encryptor e = Encryptor.GetInstance(infoActual);
e.ConfirmPassword(pass, keySpec, keySalt, verifierExpected, verifierSaltExpected, null);
CollectionAssert.AreEqual(infoExpected.Verifier.EncryptedVerifier, infoActual.Verifier.EncryptedVerifier);
CollectionAssert.AreEqual(infoExpected.Verifier.EncryptedVerifierHash, infoActual.Verifier.EncryptedVerifierHash);
// now we use a newly generated salt/verifier and check
// if the file content is still the same
infoActual = new EncryptionInfo(
EncryptionMode.Standard
, infoExpected.Verifier.CipherAlgorithm
, infoExpected.Verifier.HashAlgorithm
, infoExpected.Header.KeySize
, infoExpected.Header.BlockSize
, infoExpected.Verifier.ChainingMode
);
e = Encryptor.GetInstance(infoActual);
e.ConfirmPassword(pass);
POIFSFileSystem fs = new POIFSFileSystem();
Stream os = e.GetDataStream(fs);
IOUtils.Copy(new MemoryStream(payloadExpected), os);
os.Close();
bos.Seek(0, SeekOrigin.Begin); //bos.Reset();
fs.WriteFileSystem(bos);
ByteArrayInputStream bis = new ByteArrayInputStream(bos.ToArray());
// FileOutputStream fos = new FileOutputStream("encrypted.docx");
// IOUtils.Copy(bis, fos);
// fos.Close();
// bis.Reset();
nfs = new NPOIFSFileSystem(bis);
infoExpected = new EncryptionInfo(nfs);
d = Decryptor.GetInstance(infoExpected);
passed = d.VerifyPassword(pass);
Assert.IsTrue(passed, "Unable to Process: document is encrypted");
bos.Seek(0, SeekOrigin.Begin); //bos.Reset();
is1 = d.GetDataStream(nfs);
IOUtils.Copy(is1, bos);
is1.Close();
nfs.Close();
byte[] payloadActual = bos.ToArray();
CollectionAssert.AreEqual(payloadExpected, payloadActual);
//assertArrayEquals(payloadExpected, payloadActual);
}