Java Code Examples for org.apache.poi.poifs.crypt.Decryptor#verifyPassword()

The following examples show how to use org.apache.poi.poifs.crypt.Decryptor#verifyPassword() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DocumentFactoryHelper.java    From lams with GNU General Public License v2.0 5 votes vote down vote up 
/**
 * Wrap the OLE2 data in the NPOIFSFileSystem into a decrypted stream by using
 * the given password.
 *
 * @param fs The OLE2 stream for the document
 * @param password The password, null if the default password should be used
 * @return A stream for reading the decrypted data
 * @throws IOException If an error occurs while decrypting or if the password does not match
 */
public static InputStream getDecryptedStream(final NPOIFSFileSystem fs, String password)
        throws IOException {
    EncryptionInfo info = new EncryptionInfo(fs);
    Decryptor d = Decryptor.getInstance(info);

    try {
        boolean passwordCorrect = false;
        if (password != null && d.verifyPassword(password)) {
            passwordCorrect = true;
        }
        if (!passwordCorrect && d.verifyPassword(Decryptor.DEFAULT_PASSWORD)) {
            passwordCorrect = true;
        }

        if (passwordCorrect) {
            // wrap the stream in a FilterInputStream to close the NPOIFSFileSystem
            // as well when the resulting OPCPackage is closed
            return new FilterInputStream(d.getDataStream(fs.getRoot())) {
                @Override
                public void close() throws IOException {
                    fs.close();

                    super.close();
                }
            };
        } else {
            if (password != null)
                throw new EncryptedDocumentException("Password incorrect");
            else
                throw new EncryptedDocumentException("The supplied spreadsheet is protected, but no password was supplied");
        }
    } catch (GeneralSecurityException e) {
        throw new IOException(e);
    }
}
Example 2
Source File: HSSFWorkbook.java    From lams with GNU General Public License v2.0 5 votes vote down vote up 
private void updateEncryptionInfo() {
    // make sure, that we've read all the streams ...
    readProperties();
    FilePassRecord fpr = (FilePassRecord)workbook.findFirstRecordBySid(FilePassRecord.sid);

    String password = Biff8EncryptionKey.getCurrentUserPassword();
    WorkbookRecordList wrl = workbook.getWorkbookRecordList();
    if (password == null) {
        if (fpr != null) {
            // need to remove password data
            wrl.remove(fpr);
        }
    } else {
        // create password record
        if (fpr == null) {
            fpr = new FilePassRecord(EncryptionMode.cryptoAPI);
            wrl.add(1, fpr);
        }

        // check if the password has been changed
        EncryptionInfo ei = fpr.getEncryptionInfo();
        EncryptionVerifier ver = ei.getVerifier();
        byte encVer[] = ver.getEncryptedVerifier();
        Decryptor dec = ei.getDecryptor();
        Encryptor enc = ei.getEncryptor();
        try {
            if (encVer == null || !dec.verifyPassword(password)) {
                enc.confirmPassword(password);
            } else {
                byte verifier[] = dec.getVerifier();
                byte salt[] = ver.getSalt();
                enc.confirmPassword(password, null, null, verifier, salt, null);
            }
        } catch (GeneralSecurityException e) {
            throw new EncryptedDocumentException("can't validate/update encryption setting", e);
        }
    }
}
Example 3
Source File: MSExcelOOXMLSignUtil.java    From hadoopoffice with Apache License 2.0 5 votes vote down vote up 
private void signEncryptedPackage(InputStream tmpFileInputStream, SignatureConfig sc, String password) throws IOException, InvalidFormatException, FormatNotUnderstoodException, XMLSignatureException, MarshalException {

	POIFSFileSystem poifsTemp = new POIFSFileSystem(tmpFileInputStream);
	EncryptionInfo info = new EncryptionInfo(poifsTemp);
	Decryptor d = Decryptor.getInstance(info);

	try {
		if (!d.verifyPassword(password)) {
			throw new FormatNotUnderstoodException("Error: Cannot decrypt new Excel file (.xlsx) for signing. Invalid password");
		}
		// signing
		OPCPackage pkg = OPCPackage.open(d.getDataStream(poifsTemp));
		sc.setOpcPackage(pkg);
		
		SignatureInfo si = new SignatureInfo();
		si.setSignatureConfig(sc);
		si.confirmSignature();
		// encrypt again
		Encryptor enc = info.getEncryptor();
		enc.confirmPassword(password);
		POIFSFileSystem poifs = new POIFSFileSystem();
		OutputStream os = enc.getDataStream(poifs);
		pkg.save(os);
		pkg.close();
		if (os!=null) {
			os.close();
		}
		poifs.writeFilesystem(this.finalOutputStream);
		if (poifs!=null) {
			poifs.close();
		}
		if (poifsTemp!=null) {
			poifsTemp.close();
		}
	} catch (GeneralSecurityException e) {
		
		LOG.error(e);
		throw new FormatNotUnderstoodException("Error: Cannot decrypt new Excel file (.xlsx)  for signing.");
	} 
}