Class CryptoAPIDecryptor
- java.lang.Object
-
- org.apache.poi.poifs.crypt.Decryptor
-
- org.apache.poi.poifs.crypt.cryptoapi.CryptoAPIDecryptor
-
- All Implemented Interfaces:
GenericRecord
public class CryptoAPIDecryptor extends Decryptor
-
-
Field Summary
-
Fields inherited from class org.apache.poi.poifs.crypt.Decryptor
DEFAULT_PASSWORD, DEFAULT_POIFS_ENTRY, encryptionInfo
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
CryptoAPIDecryptor()
protected
CryptoAPIDecryptor(CryptoAPIDecryptor other)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description CryptoAPIDecryptor
copy()
protected static SecretKey
generateSecretKey(String password, EncryptionVerifier ver)
ChunkedCipherInputStream
getDataStream(InputStream stream, int size, int initialPos)
Wraps a stream for decryptionChunkedCipherInputStream
getDataStream(DirectoryNode dir)
Return a stream with decrypted data.long
getLength()
Returns the length of the encrypted data that can be safely read withDecryptor.getDataStream(org.apache.poi.poifs.filesystem.DirectoryNode)
.POIFSFileSystem
getSummaryEntries(DirectoryNode root, String encryptedStream)
Decrypt the Document-/SummaryInformation and other optionally streams.Cipher
initCipherForBlock(Cipher cipher, int block)
Initializes a cipher object for a given block index for encryptionprotected static Cipher
initCipherForBlock(Cipher cipher, int block, EncryptionInfo encryptionInfo, SecretKey skey, int encryptMode)
void
setChunkSize(int chunkSize)
Sets the chunk size of the data stream.boolean
verifyPassword(String password)
-
Methods inherited from class org.apache.poi.poifs.crypt.Decryptor
getBlockSizeInBytes, getDataStream, getEncryptionInfo, getGenericProperties, getInstance, getIntegrityHmacKey, getIntegrityHmacValue, getKeySizeInBytes, getSecretKey, getVerifier, setEncryptionInfo, setIntegrityHmacKey, setIntegrityHmacValue, setSecretKey, setVerifier
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.poi.common.usermodel.GenericRecord
getGenericChildren, getGenericRecordType
-
-
-
-
Constructor Detail
-
CryptoAPIDecryptor
protected CryptoAPIDecryptor()
-
CryptoAPIDecryptor
protected CryptoAPIDecryptor(CryptoAPIDecryptor other)
-
-
Method Detail
-
verifyPassword
public boolean verifyPassword(String password)
- Specified by:
verifyPassword
in classDecryptor
-
initCipherForBlock
public Cipher initCipherForBlock(Cipher cipher, int block) throws GeneralSecurityException
Description copied from class:Decryptor
Initializes a cipher object for a given block index for encryption- Overrides:
initCipherForBlock
in classDecryptor
- Parameters:
cipher
- may be null, otherwise the given instance is reset to the new block indexblock
- the block index, e.g. the persist/slide id (hslf)- Returns:
- a new cipher object, if cipher was null, otherwise the reinitialized cipher
- Throws:
GeneralSecurityException
- if the cipher can't be initialized
-
initCipherForBlock
protected static Cipher initCipherForBlock(Cipher cipher, int block, EncryptionInfo encryptionInfo, SecretKey skey, int encryptMode) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
generateSecretKey
protected static SecretKey generateSecretKey(String password, EncryptionVerifier ver)
-
getDataStream
public ChunkedCipherInputStream getDataStream(DirectoryNode dir) throws IOException, GeneralSecurityException
Description copied from class:Decryptor
Return a stream with decrypted data.Use
Decryptor.getLength()
to get the size of that data that can be safely read from the stream. Just reading to the end of the input stream is not sufficient because there are normally padding bytes that must be discarded- Specified by:
getDataStream
in classDecryptor
- Parameters:
dir
- the node to read from- Returns:
- decrypted stream
- Throws:
IOException
GeneralSecurityException
-
getDataStream
public ChunkedCipherInputStream getDataStream(InputStream stream, int size, int initialPos) throws IOException, GeneralSecurityException
Description copied from class:Decryptor
Wraps a stream for decryptionAs we are handling streams and don't know the total length beforehand, it's the callers duty to care for the length of the entries.
- Overrides:
getDataStream
in classDecryptor
- Parameters:
stream
- the stream to be wrappedinitialPos
- initial/current byte position within the stream- Returns:
- decrypted stream
- Throws:
IOException
GeneralSecurityException
-
getSummaryEntries
public POIFSFileSystem getSummaryEntries(DirectoryNode root, String encryptedStream) throws IOException, GeneralSecurityException
Decrypt the Document-/SummaryInformation and other optionally streams. Opposed to other crypto modes, cryptoapi is record based and can't be used to stream-decrypt a whole file.Summary entries are only encrypted within cryptoapi encrypted files. Binary RC4 encrypted files use non-encrypted/default property sets
- Parameters:
root
- root directory node of the OLE file containing the encrypted propertiesencryptedStream
- name of the encrypted stream - "encryption" for HSSF/HWPF, "encryptedStream" (or encryptedSummary?) for HSLF- Throws:
IOException
GeneralSecurityException
- See Also:
- 2.3.5.4 RC4 CryptoAPI Encrypted Summary Stream
-
getLength
public long getLength()
Description copied from class:Decryptor
Returns the length of the encrypted data that can be safely read withDecryptor.getDataStream(org.apache.poi.poifs.filesystem.DirectoryNode)
. Just reading to the end of the input stream is not sufficient because there are normally padding bytes that must be discardedThe length variable is initialized in
Decryptor.getDataStream(org.apache.poi.poifs.filesystem.DirectoryNode)
, an attempt to call getLength() prior to getDataStream() will result in IllegalStateException.- Specified by:
getLength
in classDecryptor
- Returns:
- the length of the stream returned by
getDataStream(DirectoryNode)
-
setChunkSize
public void setChunkSize(int chunkSize)
Description copied from class:Decryptor
Sets the chunk size of the data stream. Needs to be set before the data stream is requested. When not set, the implementation uses method specific default values- Overrides:
setChunkSize
in classDecryptor
- Parameters:
chunkSize
- the chunk size, i.e. the block size with the same encryption key
-
copy
public CryptoAPIDecryptor copy()
-
-