org.apache.poi.poifs.crypt.EncryptionInfo Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of poi Show documentation
Show all versions of poi Show documentation
Apache POI - Java API To Access Microsoft Format Files
/* ====================================================================
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.poifs.crypt;
import static org.apache.poi.poifs.crypt.EncryptionMode.agile;
import static org.apache.poi.poifs.crypt.EncryptionMode.binaryRC4;
import static org.apache.poi.poifs.crypt.EncryptionMode.cryptoAPI;
import static org.apache.poi.poifs.crypt.EncryptionMode.standard;
import java.io.IOException;
import org.apache.poi.EncryptedDocumentException;
import org.apache.poi.poifs.filesystem.DirectoryNode;
import org.apache.poi.poifs.filesystem.NPOIFSFileSystem;
import org.apache.poi.poifs.filesystem.OPOIFSFileSystem;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
import org.apache.poi.util.BitField;
import org.apache.poi.util.BitFieldFactory;
import org.apache.poi.util.LittleEndianInput;
/**
*/
public class EncryptionInfo {
private final int versionMajor;
private final int versionMinor;
private final int encryptionFlags;
private final EncryptionHeader header;
private final EncryptionVerifier verifier;
private final Decryptor decryptor;
private final Encryptor encryptor;
/**
* A flag that specifies whether CryptoAPI RC4 or ECMA-376 encryption
* ECMA-376 is used. It MUST be 1 unless flagExternal is 1. If flagExternal is 1, it MUST be 0.
*/
public static final BitField flagCryptoAPI = BitFieldFactory.getInstance(0x04);
/**
* A value that MUST be 0 if document properties are encrypted.
* The encryption of document properties is specified in section 2.3.5.4.
*/
public static final BitField flagDocProps = BitFieldFactory.getInstance(0x08);
/**
* A value that MUST be 1 if extensible encryption is used. If this value is 1,
* the value of every other field in this structure MUST be 0.
*/
public static final BitField flagExternal = BitFieldFactory.getInstance(0x10);
/**
* A value that MUST be 1 if the protected content is an ECMA-376 document
* ECMA-376. If the fAES bit is 1, the fCryptoAPI bit MUST also be 1.
*/
public static final BitField flagAES = BitFieldFactory.getInstance(0x20);
/**
* Opens for decryption
*/
public EncryptionInfo(POIFSFileSystem fs) throws IOException {
this(fs.getRoot());
}
/**
* Opens for decryption
*/
public EncryptionInfo(OPOIFSFileSystem fs) throws IOException {
this(fs.getRoot());
}
/**
* Opens for decryption
*/
public EncryptionInfo(NPOIFSFileSystem fs) throws IOException {
this(fs.getRoot());
}
/**
* Opens for decryption
*/
public EncryptionInfo(DirectoryNode dir) throws IOException {
this(dir.createDocumentInputStream("EncryptionInfo"), false);
}
public EncryptionInfo(LittleEndianInput dis, boolean isCryptoAPI) throws IOException {
final EncryptionMode encryptionMode;
versionMajor = dis.readShort();
versionMinor = dis.readShort();
if (!isCryptoAPI
&& versionMajor == binaryRC4.versionMajor
&& versionMinor == binaryRC4.versionMinor) {
encryptionMode = binaryRC4;
encryptionFlags = -1;
} else if (!isCryptoAPI
&& versionMajor == agile.versionMajor
&& versionMinor == agile.versionMinor){
encryptionMode = agile;
encryptionFlags = dis.readInt();
} else if (!isCryptoAPI
&& 2 <= versionMajor && versionMajor <= 4
&& versionMinor == standard.versionMinor) {
encryptionMode = standard;
encryptionFlags = dis.readInt();
} else if (isCryptoAPI
&& 2 <= versionMajor && versionMajor <= 4
&& versionMinor == cryptoAPI.versionMinor) {
encryptionMode = cryptoAPI;
encryptionFlags = dis.readInt();
} else {
encryptionFlags = dis.readInt();
throw new EncryptedDocumentException(
"Unknown encryption: version major: "+versionMajor+
" / version minor: "+versionMinor+
" / fCrypto: "+flagCryptoAPI.isSet(encryptionFlags)+
" / fExternal: "+flagExternal.isSet(encryptionFlags)+
" / fDocProps: "+flagDocProps.isSet(encryptionFlags)+
" / fAES: "+flagAES.isSet(encryptionFlags));
}
EncryptionInfoBuilder eib;
try {
eib = getBuilder(encryptionMode);
} catch (Exception e) {
throw new IOException(e);
}
eib.initialize(this, dis);
header = eib.getHeader();
verifier = eib.getVerifier();
decryptor = eib.getDecryptor();
encryptor = eib.getEncryptor();
}
/**
* Prepares for encryption, using the given Encryption Mode, and
* all other parameters as default.
* @see #EncryptionInfo(EncryptionMode, CipherAlgorithm, HashAlgorithm, int, int, ChainingMode)
*/
public EncryptionInfo(EncryptionMode encryptionMode) {
this(encryptionMode, null, null, -1, -1, null);
}
/**
* Constructs an EncryptionInfo from scratch
*
* @param encryptionMode see {@link EncryptionMode} for values, {@link EncryptionMode#cryptoAPI} is for
* internal use only, as it's record based
* @param cipherAlgorithm
* @param hashAlgorithm
* @param keyBits
* @param blockSize
* @param chainingMode
*
* @throws EncryptedDocumentException if the given parameters mismatch, e.g. only certain combinations
* of keyBits, blockSize are allowed for a given {@link CipherAlgorithm}
*/
public EncryptionInfo(
EncryptionMode encryptionMode
, CipherAlgorithm cipherAlgorithm
, HashAlgorithm hashAlgorithm
, int keyBits
, int blockSize
, ChainingMode chainingMode
) {
versionMajor = encryptionMode.versionMajor;
versionMinor = encryptionMode.versionMinor;
encryptionFlags = encryptionMode.encryptionFlags;
EncryptionInfoBuilder eib;
try {
eib = getBuilder(encryptionMode);
} catch (Exception e) {
throw new EncryptedDocumentException(e);
}
eib.initialize(this, cipherAlgorithm, hashAlgorithm, keyBits, blockSize, chainingMode);
header = eib.getHeader();
verifier = eib.getVerifier();
decryptor = eib.getDecryptor();
encryptor = eib.getEncryptor();
}
protected static EncryptionInfoBuilder getBuilder(EncryptionMode encryptionMode)
throws ClassNotFoundException, IllegalAccessException, InstantiationException {
ClassLoader cl = Thread.currentThread().getContextClassLoader();
EncryptionInfoBuilder eib;
eib = (EncryptionInfoBuilder)cl.loadClass(encryptionMode.builder).newInstance();
return eib;
}
public int getVersionMajor() {
return versionMajor;
}
public int getVersionMinor() {
return versionMinor;
}
public int getEncryptionFlags() {
return encryptionFlags;
}
public EncryptionHeader getHeader() {
return header;
}
public EncryptionVerifier getVerifier() {
return verifier;
}
public Decryptor getDecryptor() {
return decryptor;
}
public Encryptor getEncryptor() {
return encryptor;
}
}