aboutsummaryrefslogtreecommitdiffstats
path: root/src/ooxml/resources
diff options
context:
space:
mode:
Diffstat (limited to 'src/ooxml/resources')
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsd39
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsdconfig24
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsd259
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsdconfig25
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsd66
-rw-r--r--src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsdconfig24
6 files changed, 437 insertions, 0 deletions
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsd b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsd
new file mode 100644
index 0000000000..7423c85de0
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsd
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xs:schema xmlns="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate" xmlns:e="http://schemas.microsoft.com/office/2006/encryption" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:import namespace="http://schemas.microsoft.com/office/2006/encryption" schemaLocation="encryptionInfo.xsd"/>
+ <xs:simpleType name="ST_PasswordKeyEncryptorUri">
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="CT_CertificateKeyEncryptor">
+ <xs:attribute name="encryptedKeyValue" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies the encrypted form of the intermediate key, which is encrypted with the public key contained within the X509Certificate attribute.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="X509Certificate" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies a DER-encoded X.509 certificate (1) used to encrypt the intermediate key. The certificate (1) MUST contain only the public portion of the public-private key pair.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="certVerifier" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies the HMAC of the binary data obtained by base64-decoding the X509Certificate attribute. The hashing algorithm used to derive the HMAC MUST be the hashing algorithm specified for the Encryption.keyData element. The secret key used to derive the HMAC MUST be the intermediate key. If the intermediate key is reset, any CertificateKeyEncryptor elements are also reset to contain the new intermediate key, except that the certVerifier attribute MUST match the value calculated using the current intermediate key, to verify that the CertificateKeyEncryptor element actually encrypted the current intermediate key. If a CertificateKeyEncryptor element does not have a correct certVerifier attribute, it MUST be discarded.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:element name="encryptedKey" type="CT_CertificateKeyEncryptor"/>
+</xs:schema>
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsdconfig b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsdconfig
new file mode 100644
index 0000000000..73a27fa50a
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionCertificate.xsdconfig
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xb:config xmlns:xb="http://xml.apache.org/xmlbeans/2004/02/xbean/config" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate">
+
+<xb:qname name="c:encryptedKey" javaname="EncryptedCertificateKey"/>
+
+</xb:config> \ No newline at end of file
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsd b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsd
new file mode 100644
index 0000000000..5b08560c3a
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsd
@@ -0,0 +1,259 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xs:schema xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.microsoft.com/office/2006/encryption" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:import namespace="http://schemas.microsoft.com/office/2006/keyEncryptor/password" schemaLocation="encryptionPassword.xsd"/>
+ <xs:import namespace="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate" schemaLocation="encryptionCertificate.xsd"/>
+ <xs:simpleType name="ST_SaltSize">
+ <xs:annotation>
+ <xs:documentation>An unsigned integer that specifies the number of bytes used by a salt. It MUST be at least 1 and no greater than 65,536.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:unsignedInt">
+ <xs:minInclusive value="1"/>
+ <xs:maxInclusive value="65536"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_BlockSize">
+ <xs:annotation>
+ <xs:documentation>An unsigned integer that specifies the number of bytes used to encrypt one block of data. It MUST be at least 2, no greater than 4096, and a multiple of 2.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:unsignedInt">
+ <xs:minInclusive value="2"/>
+ <xs:maxInclusive value="4096"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_KeyBits">
+ <xs:annotation>
+ <xs:documentation>An unsigned integer that specifies the number of bits used by an encryption algorithm. It MUST be at least 8 and a multiple of 8.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:unsignedInt">
+ <xs:minInclusive value="8"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_HashSize">
+ <xs:annotation>
+ <xs:documentation>An unsigned integer that specifies the number of bytes used by a hash value. It MUST be at least 1, no greater than 65,536, and the same number of bytes as the hash algorithm emits.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:unsignedInt">
+ <xs:minInclusive value="1"/>
+ <xs:maxInclusive value="65536"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_SpinCount">
+ <xs:annotation>
+ <xs:documentation>An unsigned integer that specifies the number of times to iterate on a hash of a password. It MUST NOT be greater than 10,000,000.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:unsignedInt">
+ <xs:minInclusive value="0"/>
+ <xs:maxInclusive value="10000000"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_CipherAlgorithm">
+ <xs:annotation>
+ <xs:appinfo>modified for poi - list is restricted to given list in [ms-offcrypto]</xs:appinfo>
+ <xs:documentation>A string that specifies the cipher algorithm. Values that are not defined MAY be used, and a compliant implementation is not required to support all defined values. Any algorithm that can be resolved by name by the underlying operating system can be used for hashing or encryption. Only block algorithms are supported for encryption. AES-128 is the default encryption algorithm, and SHA-1 is the default hashing algorithm if no other algorithms have been configured.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="AES">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the AES algorithm.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="RC2">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [RFC2268] (http://tools.ietf.org/html/rfc2268). The use of RC2 is not recommended. If RC2 is used with a key length of less than 128 bits, documents could interoperate incorrectly across different versions of Windows.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="RC4">
+ <xs:annotation>
+ <xs:documentation>MUST NOT be used.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="DES">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the DES algorithm. The use of DES is not recommended. If DES is used, the key length specified in the KeyBits element is required to be set to 64 for 56-bit encryption, and the key decrypted from encryptedKeyValue of KeyEncryptor is required to include the DES parity bits.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="DESX">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [DRAFT-DESX] (http://tools.ietf.org/html/draft-ietf-ipsec-ciph-desx-00). The use of DESX is not recommended. If DESX is used, documents could interoperate incorrectly across different versions of Windows.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="3DES">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [RFC1851] (http://tools.ietf.org/html/rfc1851). If 3DES or 3DES_112 is used, the key length specified in the KeyBits element is required to be set to 192 for 168-bit encryption and 128 for 112-bit encryption, and the key decrypted from encryptedKeyValue of KeyEncryptor is required to include the DES parity bits.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="3DES_112">
+ <xs:annotation>
+ <xs:documentation>see 3DES</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_CipherChaining">
+ <xs:annotation>
+ <xs:documentation>A string that specifies the chaining mode used by CipherAlgorithm. For more details about chaining modes, see [BCMO800-38A] (http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf).</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="ChainingModeCBC">
+ <xs:annotation>
+ <xs:documentation>block chaining (CBC)</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="ChainingModeCFB">
+ <xs:annotation>
+ <xs:documentation>Cipher feedback chaining (CFB), with an 8-bit window</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:simpleType name="ST_HashAlgorithm">
+ <xs:annotation>
+ <xs:appinfo>modified for poi - list is restricted to given list in [ms-offcrypto]</xs:appinfo>
+ <xs:documentation>A string specifying a hashing algorithm. Values that are not defined MAY be used, and a compliant implementation is not required to support all defined values.</xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="SHA1">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [RFC4634] (http://tools.ietf.org/html/rfc4634).</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="SHA256">
+ <xs:annotation>
+ <xs:documentation>see SHA1</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="SHA384">
+ <xs:annotation>
+ <xs:documentation>see SHA1</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="SHA512">
+ <xs:annotation>
+ <xs:documentation>see SHA1</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="MD5">
+ <xs:annotation>
+ <xs:documentation>MUST conform to MD5.</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="MD4">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [RFC1320] (http://tools.ietf.org/html/rfc1320).</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="MD2">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the algorithm as specified in [RFC1319] (http://tools.ietf.org/html/rfc1319).</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="RIPEMD-128">
+ <xs:annotation>
+ <xs:documentation>MUST conform to the hash functions specified in [ISO/IEC 10118]. (https://en.wikipedia.org/wiki/RIPEMD)</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="RIPEMD-160">
+ <xs:annotation>
+ <xs:documentation>see RIPEMD-128 (https://en.wikipedia.org/wiki/RIPEMD)</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ <xs:enumeration value="WHIRLPOOL">
+ <xs:annotation>
+ <xs:documentation>see RIPEMD-128 (https://en.wikipedia.org/wiki/ISO/IEC_10118-3)</xs:documentation>
+ </xs:annotation>
+ </xs:enumeration>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="CT_KeyData">
+ <xs:annotation>
+ <xs:documentation>A complex type that specifies the encryption used within this element. The saltValue attribute is a base64-encoded binary value that is randomly generated. The number of bytes required to decode the saltValue attribute MUST be equal to the value of the saltSize attribute.</xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="saltSize" type="ST_SaltSize" use="required"/>
+ <xs:attribute name="blockSize" type="ST_BlockSize" use="required"/>
+ <xs:attribute name="keyBits" type="ST_KeyBits" use="required"/>
+ <xs:attribute name="hashSize" type="ST_HashSize" use="required"/>
+ <xs:attribute name="cipherAlgorithm" type="ST_CipherAlgorithm" use="required"/>
+ <xs:attribute name="cipherChaining" type="ST_CipherChaining" use="required"/>
+ <xs:attribute name="hashAlgorithm" type="ST_HashAlgorithm" use="required"/>
+ <xs:attribute name="saltValue" type="xs:base64Binary" use="required"/>
+ </xs:complexType>
+ <xs:complexType name="CT_DataIntegrity">
+ <xs:annotation>
+ <xs:documentation>A complex type that specifies data used to verify whether the encrypted data passes an integrity check. It MUST be generated using the method specified in section 2.3.4.14 (http://msdn.microsoft.com/en-us/library/dd924068(v=office.12).aspx).</xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="encryptedHmacKey" type="xs:base64Binary" use="required">
+ <xs:annotation>
+ <xs:documentation>A base64-encoded value that specifies an encrypted key used in calculating the encryptedHmacValue.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="encryptedHmacValue" type="xs:base64Binary" use="required">
+ <xs:annotation>
+ <xs:documentation>A base64-encoded value that specifies an HMAC derived from encryptedHmacKey and the encrypted data.</xs:documentation>
+ </xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:complexType name="CT_KeyEncryptor">
+ <xs:annotation>
+ <xs:appinfo>modified for POI</xs:appinfo>
+ <xs:documentation>A complex type that specifies the parameters used to encrypt an intermediate key, which is used to perform the final encryption of the document. To ensure extensibility, arbitrary elements can be defined to encrypt the intermediate key. The intermediate key MUST be the same for all KeyEncryptor elements.</xs:documentation>
+ </xs:annotation>
+ <xs:choice>
+ <xs:element ref="p:encryptedKey"/>
+ <xs:element ref="c:encryptedKey"/>
+ </xs:choice>
+ <xs:attribute name="uri">
+ <xs:annotation>
+ <xs:appinfo>modified for POI</xs:appinfo>
+ </xs:annotation>
+ <xs:simpleType>
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="http://schemas.microsoft.com/office/2006/keyEncryptor/password"/>
+ <xs:enumeration value="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:complexType name="CT_KeyEncryptors">
+ <xs:annotation>
+ <xs:documentation>A sequence of KeyEncryptor elements. Exactly one KeyEncryptors element MUST be present, and the KeyEncryptors element MUST contain at least one KeyEncryptor.</xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="keyEncryptor" type="CT_KeyEncryptor" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:complexType name="CT_Encryption">
+ <xs:sequence>
+ <xs:element name="keyData" type="CT_KeyData"/>
+ <xs:element name="dataIntegrity" type="CT_DataIntegrity">
+ <xs:annotation>
+ <xs:appinfo>modified for POI</xs:appinfo>
+ <xs:documentation>All ECMA-376 documents [ECMA-376] encrypted by Microsoft Office using agile encryption will have a DataIntegrity element present. The schema allows for a DataIntegrity element to not be present because the encryption schema can be used by applications that do not create ECMA-376 documents [ECMA-376].</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ <xs:element name="keyEncryptors" type="CT_KeyEncryptors">
+ <xs:annotation>
+ <xs:documentation>The KeyEncryptor element, which MUST be used when encrypting password-protected agile encryption documents, is either a PasswordKeyEncryptor or a CertificateKeyEncryptor. Exactly one PasswordKeyEncryptor MUST be present. Zero or more CertificateKeyEncryptor elements are contained within the KeyEncryptors element.</xs:documentation>
+ </xs:annotation>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="encryption" type="CT_Encryption"/>
+</xs:schema>
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsdconfig b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsdconfig
new file mode 100644
index 0000000000..c9474a0f3a
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionInfo.xsdconfig
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xb:config xmlns:xb="http://xml.apache.org/xmlbeans/2004/02/xbean/config" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password">
+
+<xb:qname name="c:encryptedKey" javaname="EncryptedCertificateKey"/>
+<xb:qname name="p:encryptedKey" javaname="EncryptedPasswordKey"/>
+
+</xb:config> \ No newline at end of file
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsd b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsd
new file mode 100644
index 0000000000..79ae888a0e
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsd
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xs:schema xmlns="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:e="http://schemas.microsoft.com/office/2006/encryption" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.microsoft.com/office/2006/keyEncryptor/password" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:import namespace="http://schemas.microsoft.com/office/2006/encryption" schemaLocation="encryptionInfo.xsd"/>
+ <xs:simpleType name="ST_PasswordKeyEncryptorUri">
+ <xs:restriction base="xs:token">
+ <xs:enumeration value="http://schemas.microsoft.com/office/2006/keyEncryptor/password"/>
+ </xs:restriction>
+ </xs:simpleType>
+ <xs:complexType name="CT_PasswordKeyEncryptor">
+ <xs:attribute name="saltSize" type="e:ST_SaltSize" use="required">
+ <xs:annotation><xs:documentation>A SaltSize that specifies the size of the salt for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="blockSize" type="e:ST_BlockSize" use="required">
+ <xs:annotation><xs:documentation>A BlockSize that specifies the block size for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="keyBits" type="e:ST_KeyBits" use="required">
+ <xs:annotation><xs:documentation>A KeyBits that specifies the number of bits for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="hashSize" type="e:ST_HashSize" use="required">
+ <xs:annotation><xs:documentation>A HashSize that specifies the size of the binary form of the hash for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="cipherAlgorithm" type="e:ST_CipherAlgorithm" use="required">
+ <xs:annotation><xs:documentation>A CipherAlgorithm that specifies the cipher algorithm for a PasswordKeyEncryptor. The cipher algorithm specified MUST be the same as the cipher algorithm specified for the Encryption.keyData element.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="cipherChaining" type="e:ST_CipherChaining" use="required">
+ <xs:annotation><xs:documentation>A CipherChaining that specifies the cipher chaining mode for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="hashAlgorithm" type="e:ST_HashAlgorithm" use="required">
+ <xs:annotation><xs:documentation>A HashAlgorithm that specifies the hashing algorithm for a PasswordKeyEncryptor. The hashing algorithm specified MUST be the same as the hashing algorithm specified for the Encryption.keyData element.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="saltValue" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded binary byte array that specifies the salt value for a PasswordKeyEncryptor. The number of bytes required by the decoded form of this element MUST be saltSize.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="spinCount" type="e:ST_SpinCount" use="required">
+ <xs:annotation><xs:documentation>A SpinCount that specifies the spin count for a PasswordKeyEncryptor.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="encryptedVerifierHashInput" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies the encrypted verifier hash input for a PasswordKeyEncryptor used in password verification.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="encryptedVerifierHashValue" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies the encrypted verifier hash value for a PasswordKeyEncryptor used in password verification.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ <xs:attribute name="encryptedKeyValue" type="xs:base64Binary" use="required">
+ <xs:annotation><xs:documentation>A base64-encoded value that specifies the encrypted form of the intermediate key.</xs:documentation></xs:annotation>
+ </xs:attribute>
+ </xs:complexType>
+ <xs:element name="encryptedKey" type="CT_PasswordKeyEncryptor"/>
+</xs:schema>
diff --git a/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsdconfig b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsdconfig
new file mode 100644
index 0000000000..3a2bb2c8e9
--- /dev/null
+++ b/src/ooxml/resources/org/apache/poi/poifs/crypt/encryptionPassword.xsdconfig
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ====================================================================
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ====================================================================
+-->
+<xb:config xmlns:xb="http://xml.apache.org/xmlbeans/2004/02/xbean/config" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password">
+
+<xb:qname name="p:encryptedKey" javaname="EncryptedPasswordKey"/>
+
+</xb:config> \ No newline at end of file