You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by ki...@apache.org on 2021/11/14 12:44:07 UTC
svn commit: r1895031 - in /poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt: agile/AgileEncryptor.java binaryrc4/BinaryRC4Encryptor.java cryptoapi/CryptoAPIEncryptor.java standard/StandardEncryptor.java
Author: kiwiwings
Date: Sun Nov 14 12:44:07 2021
New Revision: 1895031
URL: http://svn.apache.org/viewvc?rev=1895031&view=rev
Log:
Code cleanup - repetitive calls
Modified:
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java
poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java
Modified: poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java
URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java?rev=1895031&r1=1895030&r2=1895031&view=diff
==============================================================================
--- poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java (original)
+++ poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java Sun Nov 14 12:44:07 2021
@@ -37,6 +37,7 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.Mac;
@@ -93,11 +94,12 @@ public class AgileEncryptor extends Encr
, newIntegritySalt = IOUtils.safelyAllocate(hashSize, maxLen);
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(newVerifierSalt); // blocksize
- RandomSingleton.getInstance().nextBytes(newVerifier); // blocksize
- RandomSingleton.getInstance().nextBytes(newKeySalt); // blocksize
- RandomSingleton.getInstance().nextBytes(newKeySpec); // keysize
- RandomSingleton.getInstance().nextBytes(newIntegritySalt); // hashsize
+ SecureRandom r = RandomSingleton.getInstance();
+ r.nextBytes(newVerifierSalt); // blocksize
+ r.nextBytes(newVerifier); // blocksize
+ r.nextBytes(newKeySalt); // blocksize
+ r.nextBytes(newKeySpec); // keysize
+ r.nextBytes(newIntegritySalt); // hashsize
confirmPassword(password, newKeySpec, newKeySalt, newVerifierSalt, newVerifier, newIntegritySalt);
}
Modified: poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java
URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java?rev=1895031&r1=1895030&r2=1895031&view=diff
==============================================================================
--- poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java (original)
+++ poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java Sun Nov 14 12:44:07 2021
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
@@ -51,12 +52,13 @@ public class BinaryRC4Encryptor extends
@Override
public void confirmPassword(String password) {
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16];
byte[] verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, verifier, salt, null);
}
Modified: poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java
URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java?rev=1895031&r1=1895030&r2=1895031&view=diff
==============================================================================
--- poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java (original)
+++ poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java Sun Nov 14 12:44:07 2021
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
@@ -57,11 +58,12 @@ public class CryptoAPIEncryptor extends
@Override
public void confirmPassword(String password) {
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16];
byte[] verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, verifier, salt, null);
}
Modified: poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java
URL: http://svn.apache.org/viewvc/poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java?rev=1895031&r1=1895030&r2=1895031&view=diff
==============================================================================
--- poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java (original)
+++ poi/trunk/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java Sun Nov 14 12:44:07 2021
@@ -28,6 +28,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
@@ -64,11 +65,12 @@ public class StandardEncryptor extends E
@Override
public void confirmPassword(String password) {
// see [MS-OFFCRYPTO] - 2.3.3 EncryptionVerifier
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16], verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, salt, verifier, null);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org