You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@poi.apache.org by Alexander Kurtakov <al...@blue-edge.bg> on 2005/07/25 09:34:15 UTC
Passord protected files question
Hi All,
I've got a question about password protected office files. Is there some
kind of agreement how they should be handled?
I found this code in the net it is for the
org.apache.poi.hdf.extractor.WordDocument line 245:
//Check to see if it's encrypted
// Looking for bit with 0x0100 in short at 0xa (returns 256 if set)
if((info & 0x0100) == 256) {
// Encrypted document found
throw new IOException("The document is encrypted");
}
Shouldn't a more specific exception (e.g.
PasswordProtectedFileException) be thrown? And not only for doc files
but also for ppt and xls locally i have patched the code(for local use)
with my findings that record type 49 indicates also password protected
file for xls and 51432 is for ppt files. But this is only an assumtion
cause i was just checking what king of record fails when loading office
documents. I'm volunteering for making this changes if they are welcomed
by the poi developers but I'll need some info about the specific record
types to be sure that I'm not producing garbage and also what is the
best place to put such a changes.
Best regards,
Alexander Kurtakov
---------------------------------------------------------------------
To unsubscribe, e-mail: poi-dev-unsubscribe@jakarta.apache.org
Mailing List: http://jakarta.apache.org/site/mail2.html#poi
The Apache Jakarta POI Project: http://jakarta.apache.org/poi/
Re: Passord protected files question
Posted by Nick Burch <ni...@torchbox.com>.
On Mon, 25 Jul 2005, Alexander Kurtakov wrote:
> and 51432 is for ppt files. But this is only an assumtion
Alas it's not that simple.
Password protected powerpoint files are seriously seriously icky. As best
I can tell, they're badly cobbled together, and not planned....
Rather than encrypt the data and leave the record headers alone, or pop
the whole lot in an encrypted container record, or in a different OLE
stream, they've done something odd. It appears they encrypt all the
records (including record headers etc) except for the last two records.
The UserEditAtom pointed to by the CurrentUserAtom stream is in the clear.
Before that appears to be some sort of crypto record (or possibly two, I
haven't figured that one out)
So, every time you encrypt a powerpoint file, the encrypted form of the
first record differs. This means there's not one single first record type
you can check for
One option might be to test if the size reported in the first record is
larger than size of the whole document. However, that won't work in all
cases - there's nothing stopping the encrypted size appearing to be a
small little endian number, since the output of the encryption is almost
random. The larger the document size, the greater the chance that the
encrypted size of the first record appears to be a number smaller than the
overall size.
This is going to take some more pondering. Quite why they didn't have a
different stream (eg EncryptedPowerPointDocument), or at least a flag in
the CurrentUserAtom, escapes me. Bah...
Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: poi-dev-unsubscribe@jakarta.apache.org
Mailing List: http://jakarta.apache.org/site/mail2.html#poi
The Apache Jakarta POI Project: http://jakarta.apache.org/poi/
Re: Passord protected files question
Posted by Nick Burch <ni...@torchbox.com>.
On Mon, 25 Jul 2005, Alexander Kurtakov wrote:
> I'm volunteering for making this changes if they are welcomed by the poi
> developers but I'll need some info about the specific record types to be
> sure that I'm not producing garbage and also what is the best place to
> put such a changes.
Could you attach some sample password protected files to bugzilla? One for
each of word, excel and powerpoint would be good.
That way, once we come up with a solution, we'll have example files to
run against in our junit tests. It'll also give us something to play with
while we decide what's the best way to handle it all
Thanks
Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: poi-dev-unsubscribe@jakarta.apache.org
Mailing List: http://jakarta.apache.org/site/mail2.html#poi
The Apache Jakarta POI Project: http://jakarta.apache.org/poi/