summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java12
-rw-r--r--poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java6
-rw-r--r--poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java6
-rw-r--r--poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java6
4 files changed, 19 insertions, 11 deletions
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java
index 455959451e..73ed284721 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java
@@ -37,6 +37,7 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.Mac;
@@ -93,11 +94,12 @@ public class AgileEncryptor extends Encryptor {
, newIntegritySalt = IOUtils.safelyAllocate(hashSize, maxLen);
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(newVerifierSalt); // blocksize
- RandomSingleton.getInstance().nextBytes(newVerifier); // blocksize
- RandomSingleton.getInstance().nextBytes(newKeySalt); // blocksize
- RandomSingleton.getInstance().nextBytes(newKeySpec); // keysize
- RandomSingleton.getInstance().nextBytes(newIntegritySalt); // hashsize
+ SecureRandom r = RandomSingleton.getInstance();
+ r.nextBytes(newVerifierSalt); // blocksize
+ r.nextBytes(newVerifier); // blocksize
+ r.nextBytes(newKeySalt); // blocksize
+ r.nextBytes(newKeySpec); // keysize
+ r.nextBytes(newIntegritySalt); // hashsize
confirmPassword(password, newKeySpec, newKeySalt, newVerifierSalt, newVerifier, newIntegritySalt);
}
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java
index 9b4542ab0b..d543063121 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
@@ -51,12 +52,13 @@ public class BinaryRC4Encryptor extends Encryptor {
@Override
public void confirmPassword(String password) {
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16];
byte[] verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, verifier, salt, null);
}
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java
index f44ec7a7be..3e821f17a0 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
@@ -57,11 +58,12 @@ public class CryptoAPIEncryptor extends Encryptor {
@Override
public void confirmPassword(String password) {
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16];
byte[] verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, verifier, salt, null);
}
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java
index c5f931c62a..d5fbc712f8 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java
@@ -28,6 +28,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
+import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
@@ -64,11 +65,12 @@ public class StandardEncryptor extends Encryptor {
@Override
public void confirmPassword(String password) {
// see [MS-OFFCRYPTO] - 2.3.3 EncryptionVerifier
+ SecureRandom r = RandomSingleton.getInstance();
byte[] salt = new byte[16], verifier = new byte[16];
// using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed).
- RandomSingleton.getInstance().nextBytes(salt);
- RandomSingleton.getInstance().nextBytes(verifier);
+ r.nextBytes(salt);
+ r.nextBytes(verifier);
confirmPassword(password, null, null, salt, verifier, null);
}