Merge pull request #4 from mazurin/master

Cannot open password protected SHA1 encrypted files. doy#68
MichaelDaum · Jan 2, 2024 · ddc45e0 · ddc45e0
2 parents dda3c09 + 8a8b3dc
commit ddc45e0
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 3 deletions.
diff --git a/lib/Spreadsheet/ParseXLSX/Decryptor.pm b/lib/Spreadsheet/ParseXLSX/Decryptor.pm
@@ -148,6 +148,7 @@ sub _agileDecryption {
     my $encryptedVerifierHashInput = MIME::Base64::decode($info->att('encryptedVerifierHashInput'));
     my $encryptedVerifierHashValue = MIME::Base64::decode($info->att('encryptedVerifierHashValue'));
     my $encryptedKeyValue = MIME::Base64::decode($info->att('encryptedKeyValue'));
+    my $hashSize = 0 + $info->att('hashSize');
 
     my $keyDecryptor = Spreadsheet::ParseXLSX::Decryptor::Agile->new({
                   cipherAlgorithm => $info->att('cipherAlgorithm'),
@@ -160,7 +161,7 @@ sub _agileDecryption {
                   blockSize       => 0 + $info->att('blockSize')
               });
 
-    $keyDecryptor->verifyPassword($encryptedVerifierHashInput, $encryptedVerifierHashValue);
+    $keyDecryptor->verifyPassword($encryptedVerifierHashInput, $encryptedVerifierHashValue, $hashSize);
 
     my $key = $keyDecryptor->decrypt($encryptedKeyValue, "\x14\x6e\x0b\xe7\xab\xac\xd0\xd6");
 
@@ -199,7 +200,7 @@ sub new {
 
     if ($self->{hashAlgorithm} eq 'SHA512') {
         $self->{hashProc} = \&Digest::SHA::sha512;
-    } elsif ($self->{hashAlgorithm} eq 'SHA-1') {
+    } elsif (($self->{hashAlgorithm} eq 'SHA-1') || ($self->{hashAlgorithm} eq 'SHA1')) {
         $self->{hashProc} = \&Digest::SHA::sha1;
     } elsif ($self->{hashAlgorithm} eq 'SHA256') {
         $self->{hashProc} = \&Digest::SHA::sha256;

diff --git a/lib/Spreadsheet/ParseXLSX/Decryptor/Agile.pm b/lib/Spreadsheet/ParseXLSX/Decryptor/Agile.pm
@@ -94,10 +94,12 @@ sub decryptFile {
 
 sub verifyPassword {
     my $self = shift;
-    my ($encryptedVerifier, $encryptedVerifierHash) = @_;
+    my ($encryptedVerifier, $encryptedVerifierHash, $hashSize) = @_;
 
     my $encryptedVerifierHash0 = $self->{hashProc}->($self->decrypt($encryptedVerifier, "\xfe\xa7\xd2\x76\x3b\x4b\x9e\x79"));
     $encryptedVerifierHash = $self->decrypt($encryptedVerifierHash, "\xd7\xaa\x0f\x6d\x30\x61\x34\x4e");
+    $encryptedVerifierHash0 = substr($encryptedVerifierHash0, 0, $hashSize);
+    $encryptedVerifierHash = substr($encryptedVerifierHash, 0, $hashSize);
 
     die "Wrong password: $self" unless ($encryptedVerifierHash0 eq $encryptedVerifierHash);
 }

diff --git a/t/data/encryption-agile-SHA1-foobar.xlsx b/t/data/encryption-agile-SHA1-foobar.xlsx
diff --git a/t/encryption.t b/t/encryption.t
@@ -23,6 +23,24 @@ use Spreadsheet::ParseXLSX;
     }
 }
 
+{
+    my $filename = 't/data/encryption-agile-SHA1-foobar.xlsx';
+    my @inputs = (
+        $filename,
+        do { open my $fh, '<:raw:bytes', $filename or die; $fh },
+        do { open my $fh, '<:raw:bytes', $filename or die; local $/; my $d = <$fh>; \$d },
+    );
+
+    my $parser = Spreadsheet::ParseXLSX->new(Password => 'foobar');
+    for my $input (@inputs) {
+        my $workbook = $parser->parse($input);
+
+        my $worksheet = $workbook->worksheet(0);
+        my $cell = $worksheet->get_cell(0, 0);
+        is($cell->value, 'i can read this cell');
+    }
+}
+
 {
     my $filename = 't/data/encryption-standard-default-password.xlsx';
     my @inputs = (