Add correct detection for encrypted powerpoint files. An exception will be thrown if they are encountered.\n(As we don't know how the encryption is done, we can't do any decryption of these files)

git-svn-id: https://svn.apache.org/repos/asf/jakarta/poi/trunk@418842 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Nick Burch 2006-07-03 20:34:41 +00:00
parent 444bb14a7e
commit 662a34291b
11 changed files with 564 additions and 60 deletions

View File

@ -0,0 +1,127 @@
/* ====================================================================
Copyright 2002-2004 Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.hslf;
import java.io.FileNotFoundException;
import org.apache.poi.hslf.record.CurrentUserAtom;
import org.apache.poi.hslf.record.DocumentEncryptionAtom;
import org.apache.poi.hslf.record.PersistPtrHolder;
import org.apache.poi.hslf.record.Record;
import org.apache.poi.hslf.record.UserEditAtom;
import org.apache.poi.poifs.filesystem.POIFSFileSystem;
import org.apache.poi.poifs.filesystem.DocumentEntry;
import org.apache.poi.poifs.filesystem.DocumentInputStream;
import org.apache.poi.util.LittleEndian;
/**
* This class provides helper functions for determining if a
* PowerPoint document is Encrypted.
* In future, it may also provide Encryption and Decryption
* functions, but first we'd need to figure out how
* PowerPoint encryption is really done!
*
* @author Nick Burch
*/
public class EncryptedSlideShow
{
/**
* Check to see if a HSLFSlideShow represents an encrypted
* PowerPoint document, or not
* @param hss The HSLFSlideShow to check
* @return true if encrypted, otherwise false
*/
public static boolean checkIfEncrypted(HSLFSlideShow hss) {
// Easy way to check - contains a stream
// "EncryptedSummary"
POIFSFileSystem fs = hss.getPOIFSFileSystem();
try {
fs.getRoot().getEntry("EncryptedSummary");
return true;
} catch(FileNotFoundException fnfe) {
// Doesn't have encrypted properties
}
// If they encrypted the document but not the properties,
// it's harder.
// We need to see what the last record pointed to by the
// first PersistPrtHolder is - if it's a
// DocumentEncryptionAtom, then the file's Encrypted
DocumentEncryptionAtom dea = fetchDocumentEncryptionAtom(hss);
if(dea != null) {
return true;
}
return false;
}
/**
* Return the DocumentEncryptionAtom for a HSLFSlideShow, or
* null if there isn't one.
* @return a DocumentEncryptionAtom, or null if there isn't one
*/
public static DocumentEncryptionAtom fetchDocumentEncryptionAtom(HSLFSlideShow hss) {
// Will be the last Record pointed to by the
// first PersistPrtHolder, if there is one
CurrentUserAtom cua = hss.getCurrentUserAtom();
if(cua.getCurrentEditOffset() != 0) {
// Grab the details of the UserEditAtom there
Record r = Record.buildRecordAtOffset(
hss.getUnderlyingBytes(),
(int)cua.getCurrentEditOffset()
);
if(! (r instanceof UserEditAtom)) { return null; }
UserEditAtom uea = (UserEditAtom)r;
// Now get the PersistPtrHolder
Record r2 = Record.buildRecordAtOffset(
hss.getUnderlyingBytes(),
uea.getPersistPointersOffset()
);
if(! (r2 instanceof PersistPtrHolder)) { return null; }
PersistPtrHolder pph = (PersistPtrHolder)r2;
// Now get the last record
int[] slideIds = pph.getKnownSlideIDs();
int maxSlideId = -1;
for(int i=0; i<slideIds.length; i++) {
if(slideIds[i] > maxSlideId) { maxSlideId = slideIds[i]; }
}
if(maxSlideId == -1) { return null; }
int offset = (
(Integer)pph.getSlideLocationsLookup().get(
new Integer(maxSlideId)
) ).intValue();
Record r3 = Record.buildRecordAtOffset(
hss.getUnderlyingBytes(),
offset
);
// If we have a DocumentEncryptionAtom, it'll be this one
if(r3 instanceof DocumentEncryptionAtom) {
return (DocumentEncryptionAtom)r3;
}
}
return null;
}
}

View File

@ -33,6 +33,7 @@ import org.apache.poi.hpsf.MutablePropertySet;
import org.apache.poi.hpsf.SummaryInformation; import org.apache.poi.hpsf.SummaryInformation;
import org.apache.poi.hpsf.DocumentSummaryInformation; import org.apache.poi.hpsf.DocumentSummaryInformation;
import org.apache.poi.hslf.exceptions.EncryptedPowerPointFileException;
import org.apache.poi.hslf.record.*; import org.apache.poi.hslf.record.*;
import org.apache.poi.hslf.usermodel.PictureData; import org.apache.poi.hslf.usermodel.PictureData;
@ -59,6 +60,14 @@ public class HSLFSlideShow extends POIDocument
// Raw Pictures contained in the pictures stream // Raw Pictures contained in the pictures stream
private PictureData[] _pictures; private PictureData[] _pictures;
/**
* Returns the underlying POIFSFileSystem for the document
* that is open.
*/
protected POIFSFileSystem getPOIFSFileSystem() {
return filesystem;
}
/** /**
* Constructs a Powerpoint document from fileName. Parses the document * Constructs a Powerpoint document from fileName. Parses the document
* and places all the important stuff into data structures. * and places all the important stuff into data structures.
@ -96,14 +105,28 @@ public class HSLFSlideShow extends POIDocument
{ {
this.filesystem = filesystem; this.filesystem = filesystem;
// Go find a PowerPoint document in the stream // First up, grab the "Current User" stream
// Save anything useful we come across // We need this before we can detect Encrypted Documents
readFIB(); readCurrentUserStream();
// Next up, grab the data that makes up the
// PowerPoint stream
readPowerPointStream();
// Check to see if we have an encrypted document,
// bailing out if we do
boolean encrypted = EncryptedSlideShow.checkIfEncrypted(this);
if(encrypted) {
throw new EncryptedPowerPointFileException("Encrypted PowerPoint files are not supported");
}
// Now, build records based on the PowerPoint stream
buildRecords();
// Look for Property Streams: // Look for Property Streams:
readProperties(); readProperties();
// Look for other streams // Look for any other streams
readOtherStreams(); readOtherStreams();
// Look for Picture Streams: // Look for Picture Streams:
@ -133,12 +156,12 @@ public class HSLFSlideShow extends POIDocument
/** /**
* Extracts the main document stream from the POI file then hands off * Extracts the main PowerPoint document stream from the
* to other functions that parse other areas. * POI file, ready to be passed
* *
* @throws IOException * @throws IOException
*/ */
private void readFIB() throws IOException private void readPowerPointStream() throws IOException
{ {
// Get the main document stream // Get the main document stream
DocumentEntry docProps = DocumentEntry docProps =
@ -147,7 +170,14 @@ public class HSLFSlideShow extends POIDocument
// Grab the document stream // Grab the document stream
_docstream = new byte[docProps.getSize()]; _docstream = new byte[docProps.getSize()];
filesystem.createDocumentInputStream("PowerPoint Document").read(_docstream); filesystem.createDocumentInputStream("PowerPoint Document").read(_docstream);
}
/**
* Builds the list of records, based on the contents
* of the PowerPoint stream
*/
private void buildRecords()
{
// The format of records in a powerpoint file are: // The format of records in a powerpoint file are:
// <little endian 2 byte "info"> // <little endian 2 byte "info">
// <little endian 2 byte "type"> // <little endian 2 byte "type">
@ -185,13 +215,10 @@ public class HSLFSlideShow extends POIDocument
_records = Record.findChildRecords(_docstream,0,_docstream.length); _records = Record.findChildRecords(_docstream,0,_docstream.length);
} }
/** /**
* Find the other from the filesystem (currently just CurrentUserAtom), * Find the "Current User" stream, and load it
* and load them
*/ */
public void readOtherStreams() { private void readCurrentUserStream() {
// Current User
try { try {
currentUser = new CurrentUserAtom(filesystem); currentUser = new CurrentUserAtom(filesystem);
} catch(IOException ie) { } catch(IOException ie) {
@ -200,6 +227,13 @@ public class HSLFSlideShow extends POIDocument
} }
} }
/**
* Find any other streams from the filesystem, and load them
*/
private void readOtherStreams() {
// Currently, there aren't any
}
/** /**
* Find and read in pictures contained in this presentation * Find and read in pictures contained in this presentation
*/ */

View File

@ -0,0 +1,34 @@
/* ====================================================================
Copyright 2002-2004 Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.hslf.exceptions;
/**
* This exception is thrown when we try to open a PowerPoint file, and
* discover that it is encrypted
*
* @author Nick Burch
*/
public class EncryptedPowerPointFileException extends IllegalStateException
{
public EncryptedPowerPointFileException(String s) {
super(s);
}
}

View File

@ -0,0 +1,101 @@
/* ====================================================================
Copyright 2002-2004 Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.hslf.record;
import org.apache.poi.util.LittleEndian;
import org.apache.poi.util.StringUtil;
import java.io.IOException;
import java.io.OutputStream;
/**
* A Document Encryption Atom (type 12052). Holds information
* on the Encryption of a Document
*
* @author Nick Burch
*/
public class DocumentEncryptionAtom extends RecordAtom
{
private byte[] _header;
private static long _type = 12052l;
private byte[] data;
private String encryptionProviderName;
/**
* For the Document Encryption Atom
*/
protected DocumentEncryptionAtom(byte[] source, int start, int len) {
// Get the header
_header = new byte[8];
System.arraycopy(source,start,_header,0,8);
// Grab everything else, for now
data = new byte[len-8];
System.arraycopy(source, start+8, data, 0, len-8);
// Grab the provider, from byte 8+44 onwards
// It's a null terminated Little Endian String
int endPos = -1;
int pos = start + 8+44;
while(pos < (start+len) && endPos < 0) {
if(source[pos] == 0 && source[pos+1] == 0) {
// Hit the end
endPos = pos;
}
pos += 2;
}
pos = start + 8+44;
int stringLen = (endPos-pos) / 2;
encryptionProviderName = StringUtil.getFromUnicodeLE(source, pos, stringLen);
}
/**
* Return the length of the encryption key, in bits
*/
public int getKeyLength() {
return data[28];
}
/**
* Return the name of the encryption provider used
*/
public String getEncryptionProviderName() {
return encryptionProviderName;
}
/**
* We are of type 12052
*/
public long getRecordType() { return _type; }
/**
* Write the contents of the record back, so it can be written
* to disk
*/
public void writeOut(OutputStream out) throws IOException {
// Header
out.write(_header);
// Data
out.write(data);
}
}

View File

@ -83,6 +83,23 @@ public abstract class Record
o.write(bs); o.write(bs);
} }
/**
* Build and return the Record at the given offset.
* Note - does less error checking and handling than findChildRecords
* @param b The byte array to build from
* @param offset The offset to build at
*/
public static Record buildRecordAtOffset(byte[] b, int offset) {
long type = LittleEndian.getUShort(b,offset+2);
long rlen = LittleEndian.getUInt(b,offset+4);
// Sanity check the length
int rleni = (int)rlen;
if(rleni < 0) { rleni = 0; }
return createRecordForType(type,b,offset,8+rleni);
}
/** /**
* Default method for finding child records of a container record * Default method for finding child records of a container record
*/ */

View File

@ -157,6 +157,9 @@ public class RecordTypes {
public static final Type Comment2000Summary = new Type(12004,null); public static final Type Comment2000Summary = new Type(12004,null);
public static final Type Comment2000SummaryAtom = new Type(12005,null); public static final Type Comment2000SummaryAtom = new Type(12005,null);
// Records ~12050 seem to be related to Document Encryption
public static final Type DocumentEncryptionAtom = new Type(12052,DocumentEncryptionAtom.class);
//records greater then 0xF000 belong to with Microsoft Office Drawing format also known as Escher //records greater then 0xF000 belong to with Microsoft Office Drawing format also known as Escher
public static final int EscherDggContainer = 0xf000; public static final int EscherDggContainer = 0xf000;
public static final int EscherDgg = 0xf006; public static final int EscherDgg = 0xf006;

View File

@ -0,0 +1,81 @@
/* ====================================================================
Copyright 2002-2004 Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.hslf;
import junit.framework.TestCase;
import org.apache.poi.hslf.exceptions.EncryptedPowerPointFileException;
import org.apache.poi.hslf.record.*;
/**
* Tests that HSLFSlideShow does the right thing with an encrypted file
*
* @author Nick Burch (nick at torchbox dot com)
*/
public class TestEncryptedFile extends TestCase {
// A non encrypted file
private String ss_ne;
// An encrypted file, with encrypted properties
private String ss_e;
// An encrypted file, without encrypted properties
private String ss_np_e;
// An encrypted file, with a 56 bit key
private String ss_56_e;
public TestEncryptedFile() throws Exception {
String dirname = System.getProperty("HSLF.testdata.path");
ss_ne = dirname + "/basic_test_ppt_file.ppt";
ss_e = dirname + "/Password_Protected-hello.ppt";
ss_np_e = dirname + "/Password_Protected-np-hello.ppt";
ss_56_e = dirname + "/Password_Protected-56-hello.ppt";
}
public void testLoadNonEncrypted() throws Exception {
HSLFSlideShow hss = new HSLFSlideShow(ss_ne);
assertNotNull(hss);
}
public void testLoadEncrypted() throws Exception {
try {
new HSLFSlideShow(ss_e);
fail();
} catch(EncryptedPowerPointFileException e) {
// Good
}
try {
new HSLFSlideShow(ss_np_e);
fail();
} catch(EncryptedPowerPointFileException e) {
// Good
}
try {
new HSLFSlideShow(ss_56_e);
fail();
} catch(EncryptedPowerPointFileException e) {
// Good
}
}
}

View File

@ -0,0 +1,107 @@
/* ====================================================================
Copyright 2002-2004 Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
==================================================================== */
package org.apache.poi.hslf.record;
import junit.framework.TestCase;
/**
* Tests that DocumentEncryptionAtom works properly.
*
* @author Nick Burch (nick at torchbox dot com)
*/
public class TestDocumentEncryptionAtom extends TestCase {
// From a real file
private byte[] data_a = new byte[] {
0x0F, 00, 0x14, 0x2F, 0xBE-256, 00, 00, 00,
02, 00, 02, 00, 0x0C, 00, 00, 00,
0x76, 00, 00, 00, 0x0C, 00, 00, 00,
00, 00, 00, 00, 01, 0x68, 00, 00,
04, 0x80-256, 00, 00, 0x28, 00, 00, 00,
01, 00, 00, 00, 0x30, 00, 0x26, 01,
00, 00, 00, 00,
0x4D, 00, 0x69, 00,
0x63, 00, 0x72, 00, 0x6F, 00, 0x73, 00,
0x6F, 00, 0x66, 00, 0x74, 00, 0x20, 00,
0x42, 00, 0x61, 00, 0x73, 00, 0x65, 00,
0x20, 00, 0x43, 00, 0x72, 00, 0x79, 00,
0x70, 00, 0x74, 00, 0x6F, 00, 0x67, 00,
0x72, 00, 0x61, 00, 0x70, 00, 0x68, 00,
0x69, 00, 0x63, 00, 0x20, 00, 0x50, 00,
0x72, 00, 0x6F, 00, 0x76, 00, 0x69, 00,
0x64, 00, 0x65, 00, 0x72, 00, 0x20, 00,
0x76, 00, 0x31, 00, 0x2E, 00, 0x30, 00,
0x00, 0x00,
0x10, 00, 0x00, 00,
0x62, 0xA6-256,
0xDF-256, 0xEA-256, 0x96-256, 0x84-256,
0xFB-256, 0x89-256, 0x93-256, 0xCA-256,
0xBA-256, 0xEE-256, 0x8E-256, 0x43,
0xC8-256, 0x71, 0xD1-256, 0x89-256,
0xF6-256, 0x4B, 0x2B, 0xD9-256,
0x7E, 0x0B, 0x52, 0xFB-256,
0x68, 0xD7-256, 0x5A, 0x4E, 0x45, 0xDF-256, 0x14, 0x00,
0x00, 0x00, 0x93-256, 0x15, 0x27, 0xEB-256, 0x21, 0x54,
0x7F, 0x0B, 0x56, 0x07, 0xEE-256, 0x66, 0xEB-256, 0x6F,
0xB2-256, 0x8E-256, 0x67, 0x54, 0x07, 0x04, 0x00
};
private byte[] data_b = new byte[] {
15, 0, 20, 47, -66, 0, 0, 0,
2, 0, 2, 0, 4,
0, 0, 0, 118, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0,
0, 1, 104, 0, 0, 4, -128, 0, 0, 56, 0, 0, 0,
1, 0, 0, 0, 48, 0, 38, 1, 0, 0, 0, 0, 77, 0,
105, 0, 99, 0, 114, 0, 111, 0, 115, 0, 111,
0, 102, 0, 116, 0, 32, 0, 66, 0, 97, 0, 115,
0, 101, 0, 32, 0, 67, 0, 114, 0, 121, 0, 112,
0, 116, 0, 111, 0, 103, 0, 114, 0, 97, 0,
112, 0, 104, 0, 105, 0, 99, 0, 32, 0, 80, 0,
114, 0, 111, 0, 118, 0, 105, 0, 100, 0, 101,
0, 114, 0, 32, 0, 118, 0, 49, 0, 46, 0, 48,
0, 0, 0, 16, 0, 0, 0, -80, -66, 112, -40, 57,
110, 54, 80, 64, 61, -73, -29, 48, -35, -20,
17, -40, 84, 54, 6, -103, 125, -22, -72, 53,
103, -114, 13, -48, 111, 29, 78, 20, 0, 0,
0, -97, -67, 55, -62, -94, 14, 15, -21, 37,
3, -104, 22, 6, 102, -61, -98, 62, 40, 61, 21
};
public void testRecordType() throws Exception {
DocumentEncryptionAtom dea1 = new DocumentEncryptionAtom(data_a, 0, data_a.length);
assertEquals(12052l, dea1.getRecordType());
DocumentEncryptionAtom dea2 = new DocumentEncryptionAtom(data_b, 0, data_b.length);
assertEquals(12052l, dea2.getRecordType());
System.out.println(data_a.length);
System.out.println(data_b.length);
}
public void testEncryptionTypeName() throws Exception {
DocumentEncryptionAtom dea1 = new DocumentEncryptionAtom(data_a, 0, data_a.length);
assertEquals("Microsoft Base Cryptographic Provider v1.0", dea1.getEncryptionProviderName());
DocumentEncryptionAtom dea2 = new DocumentEncryptionAtom(data_b, 0, data_b.length);
assertEquals("Microsoft Base Cryptographic Provider v1.0", dea2.getEncryptionProviderName());
}
}