diff options
4 files changed, 19 insertions, 11 deletions
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java index 455959451e..73ed284721 100644 --- a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java +++ b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/AgileEncryptor.java @@ -37,6 +37,7 @@ import java.io.InputStream; import java.io.OutputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; +import java.security.SecureRandom; import javax.crypto.Cipher; import javax.crypto.Mac; @@ -93,11 +94,12 @@ public class AgileEncryptor extends Encryptor { , newIntegritySalt = IOUtils.safelyAllocate(hashSize, maxLen); // using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed). - RandomSingleton.getInstance().nextBytes(newVerifierSalt); // blocksize - RandomSingleton.getInstance().nextBytes(newVerifier); // blocksize - RandomSingleton.getInstance().nextBytes(newKeySalt); // blocksize - RandomSingleton.getInstance().nextBytes(newKeySpec); // keysize - RandomSingleton.getInstance().nextBytes(newIntegritySalt); // hashsize + SecureRandom r = RandomSingleton.getInstance(); + r.nextBytes(newVerifierSalt); // blocksize + r.nextBytes(newVerifier); // blocksize + r.nextBytes(newKeySalt); // blocksize + r.nextBytes(newKeySpec); // keysize + r.nextBytes(newIntegritySalt); // hashsize confirmPassword(password, newKeySpec, newKeySalt, newVerifierSalt, newVerifier, newIntegritySalt); } diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java index 9b4542ab0b..d543063121 100644 --- a/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java +++ b/poi/src/main/java/org/apache/poi/poifs/crypt/binaryrc4/BinaryRC4Encryptor.java @@ -22,6 +22,7 @@ import java.io.IOException; import java.io.OutputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; +import java.security.SecureRandom; import javax.crypto.Cipher; import javax.crypto.SecretKey; @@ -51,12 +52,13 @@ public class BinaryRC4Encryptor extends Encryptor { @Override public void confirmPassword(String password) { + SecureRandom r = RandomSingleton.getInstance(); byte[] salt = new byte[16]; byte[] verifier = new byte[16]; // using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed). - RandomSingleton.getInstance().nextBytes(salt); - RandomSingleton.getInstance().nextBytes(verifier); + r.nextBytes(salt); + r.nextBytes(verifier); confirmPassword(password, null, null, verifier, salt, null); } diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java index f44ec7a7be..3e821f17a0 100644 --- a/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java +++ b/poi/src/main/java/org/apache/poi/poifs/crypt/cryptoapi/CryptoAPIEncryptor.java @@ -22,6 +22,7 @@ import java.io.IOException; import java.io.OutputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; +import java.security.SecureRandom; import java.util.ArrayList; import java.util.List; @@ -57,11 +58,12 @@ public class CryptoAPIEncryptor extends Encryptor { @Override public void confirmPassword(String password) { + SecureRandom r = RandomSingleton.getInstance(); byte[] salt = new byte[16]; byte[] verifier = new byte[16]; // using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed). - RandomSingleton.getInstance().nextBytes(salt); - RandomSingleton.getInstance().nextBytes(verifier); + r.nextBytes(salt); + r.nextBytes(verifier); confirmPassword(password, null, null, verifier, salt, null); } diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java b/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java index c5f931c62a..d5fbc712f8 100644 --- a/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java +++ b/poi/src/main/java/org/apache/poi/poifs/crypt/standard/StandardEncryptor.java @@ -28,6 +28,7 @@ import java.io.IOException; import java.io.OutputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; +import java.security.SecureRandom; import java.util.Arrays; import javax.crypto.Cipher; @@ -64,11 +65,12 @@ public class StandardEncryptor extends Encryptor { @Override public void confirmPassword(String password) { // see [MS-OFFCRYPTO] - 2.3.3 EncryptionVerifier + SecureRandom r = RandomSingleton.getInstance(); byte[] salt = new byte[16], verifier = new byte[16]; // using a java.security.SecureRandom (and avoid allocating a new SecureRandom for each random number needed). - RandomSingleton.getInstance().nextBytes(salt); - RandomSingleton.getInstance().nextBytes(verifier); + r.nextBytes(salt); + r.nextBytes(verifier); confirmPassword(password, null, null, salt, verifier, null); } |