aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--poi/src/main/java/org/apache/poi/poifs/crypt/CryptoFunctions.java6
-rw-r--r--poi/src/test/java/org/apache/poi/poifs/crypt/TestXorEncryption.java18
2 files changed, 23 insertions, 1 deletions
diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/CryptoFunctions.java b/poi/src/main/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
index 4a8883597b..28babc0c0f 100644
--- a/poi/src/main/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
+++ b/poi/src/main/java/org/apache/poi/poifs/crypt/CryptoFunctions.java
@@ -538,7 +538,11 @@ public final class CryptoFunctions {
// The MS-OFFCRYPTO misses some infos about the various rotation sizes
byte[] obfuscationArray = new byte[16];
System.arraycopy(passBytes, 0, obfuscationArray, 0, passBytes.length);
- System.arraycopy(PAD_ARRAY, 0, obfuscationArray, passBytes.length, PAD_ARRAY.length-passBytes.length+1);
+ if (passBytes.length == 0) {
+ System.arraycopy(PAD_ARRAY, 0, obfuscationArray, passBytes.length, PAD_ARRAY.length);
+ } else {
+ System.arraycopy(PAD_ARRAY, 0, obfuscationArray, passBytes.length, PAD_ARRAY.length - passBytes.length + 1);
+ }
int xorKey = createXorKey1(password);
diff --git a/poi/src/test/java/org/apache/poi/poifs/crypt/TestXorEncryption.java b/poi/src/test/java/org/apache/poi/poifs/crypt/TestXorEncryption.java
index 3250bc0307..47e32ae4be 100644
--- a/poi/src/test/java/org/apache/poi/poifs/crypt/TestXorEncryption.java
+++ b/poi/src/test/java/org/apache/poi/poifs/crypt/TestXorEncryption.java
@@ -32,6 +32,7 @@ import org.apache.poi.hssf.record.crypto.Biff8EncryptionKey;
import org.apache.poi.hssf.usermodel.HSSFSheet;
import org.apache.poi.hssf.usermodel.HSSFWorkbook;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
+import org.apache.poi.util.HexDump;
import org.apache.poi.util.HexRead;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
@@ -54,6 +55,23 @@ class TestXorEncryption {
}
@Test
+ void testXorEncryptionEmptyPassword() {
+ // Xor-Password: ""
+ // 2.5.343 XORObfuscation
+ // key = 0
+ // verifier = 0
+ int verifier = CryptoFunctions.createXorVerifier1("");
+ int key = CryptoFunctions.createXorKey1("");
+ assertEquals(0, key);
+ assertEquals(0, verifier);
+
+ byte[] xorArrAct = CryptoFunctions.createXorArray1("");
+ byte[] xorArrExp = HexRead.readFromString("EE-FF-FF-EA-FF-FF-E6-02-00-FA-3C-00-FE-3C-00-00");
+ assertThat("Having: " + HexDump.dump(xorArrAct, 0, 0),
+ xorArrExp, equalTo(xorArrAct));
+ }
+
+ @Test
void testUserFile() throws IOException {
File f = getSampleFile("xor-encryption-abc.xls");
Biff8EncryptionKey.setCurrentUserPassword("abc");
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-11 13:49:47 +0000