1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- /* ====================================================================
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ==================================================================== */
-
- package org.apache.poi.poifs.crypt;
-
- import org.apache.poi.EncryptedDocumentException;
-
- public enum CipherAlgorithm {
- // key size for rc4: 0x00000028 - 0x00000080 (inclusive) with 8-bit increments
- // no block size, because its a streaming cipher
- rc4(CipherProvider.rc4, "RC4", 0x6801, 0x40, new int[]{0x28,0x30,0x38,0x40,0x48,0x50,0x58,0x60,0x68,0x70,0x78,0x80}, -1, 20, "RC4", false),
- // aes has always a block size of 128 - only its keysize may vary
- aes128(CipherProvider.aes, "AES", 0x660E, 128, new int[]{128}, 16, 32, "AES", false),
- aes192(CipherProvider.aes, "AES", 0x660F, 192, new int[]{192}, 16, 32, "AES", false),
- aes256(CipherProvider.aes, "AES", 0x6610, 256, new int[]{256}, 16, 32, "AES", false),
- rc2(null, "RC2", -1, 0x80, new int[]{0x28,0x30,0x38,0x40,0x48,0x50,0x58,0x60,0x68,0x70,0x78,0x80}, 8, 20, "RC2", false),
- des(null, "DES", -1, 64, new int[]{64}, 8/*for 56-bit*/, 32, "DES", false),
- // desx is not supported. Not sure, if it can be simulated by des3 somehow
- des3(null, "DESede", -1, 192, new int[]{192}, 8, 32, "3DES", false),
- // need bouncycastle provider for this one ...
- des3_112(null, "DESede", -1, 128, new int[]{128}, 8, 32, "3DES_112", true),
- // only for digital signatures
- rsa(null, "RSA", -1, 1024, new int[]{1024, 2048, 3072, 4096}, -1, -1, "", false);
-
- public final CipherProvider provider;
- public final String jceId;
- public final int ecmaId;
- public final int defaultKeySize;
- public final int[] allowedKeySize;
- public final int blockSize;
- public final int encryptedVerifierHashLength;
- public final String xmlId;
- public final boolean needsBouncyCastle;
-
- CipherAlgorithm(CipherProvider provider, String jceId, int ecmaId, int defaultKeySize, int[] allowedKeySize, int blockSize, int encryptedVerifierHashLength, String xmlId, boolean needsBouncyCastle) {
- this.provider = provider;
- this.jceId = jceId;
- this.ecmaId = ecmaId;
- this.defaultKeySize = defaultKeySize;
- this.allowedKeySize = allowedKeySize.clone();
- this.blockSize = blockSize;
- this.encryptedVerifierHashLength = encryptedVerifierHashLength;
- this.xmlId = xmlId;
- this.needsBouncyCastle = needsBouncyCastle;
- }
-
- public static CipherAlgorithm fromEcmaId(int ecmaId) {
- for (CipherAlgorithm ca : CipherAlgorithm.values()) {
- if (ca.ecmaId == ecmaId) return ca;
- }
- throw new EncryptedDocumentException("cipher algorithm " + ecmaId + " not found");
- }
-
- public static CipherAlgorithm fromXmlId(String xmlId, int keySize) {
- for (CipherAlgorithm ca : CipherAlgorithm.values()) {
- if (!ca.xmlId.equals(xmlId)) continue;
- for (int ks : ca.allowedKeySize) {
- if (ks == keySize) return ca;
- }
- }
- throw new EncryptedDocumentException("cipher algorithm " + xmlId + "/" + keySize + " not found");
- }
- }
|