Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 243
  • Last Modified:

Header of docx file

I need to read the docx file, in char array, (c++) to perform AES encryption on it. One idea I got from somebody else, was to actually access the header of docx file, and encrypt that header, instead of encrypting the complete content of the file. Because by doing so, the header will get encrypted and the file will become unreadable.
But I don't know, how to access the header of docx file. I know docx file is a zip format and first 2 bytes are PK, but how to specifically "access the header of docx file" ?
0
DD 25
Asked:
DD 25
  • 7
  • 4
  • 4
  • +1
1 Solution
 
Dave BaldwinFixer of ProblemsCommented:
"access the header of docx file" may be misleading.  This page https://support.office.com/en-us/article/Introduction-to-new-file-name-extensions-eca81dcb-5626-4e5b-8362-524d13ae4ec1 is a general description of the XML formats for Microsoft Office products.  The XML format documents are zipped and can contain more than one file including text and images.  If you view a DOCX file in a hex viewer, you will see the PK header followed often by a blank space and then one or more blocks of compressed data.

Attached is a sample of a DOCX file in hex view.
DOCX hex view
0
 
evilrixSenior Software Engineer (Avast)Commented:
In terms of dealing with the compression format, I recommend using the libarchive. It's a general purpose archive and compression toolkit, which has support for all major formats, include zip. It's very easy to use.

http://www.libarchive.org/

>> ncrypt that header, instead of encrypting the complete content of the file. Because by doing so, the header will get encrypted and the file will become unreadable.

Unreadable with Word, maybe, but not unreadable with a hex editor or text editor. If your use case is to encrypt the content you need to encrypt all the content. That said, doesn't Work natively support encryption? Knowing your use case would really help.
0
 
DD 25Author Commented:
Then I should aim toward encrypting the whole docx file instead of just its header? But for that I need to read the complete file content in a the char array first?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
Dave BaldwinFixer of ProblemsCommented:
After you encrypt the DOCX file, how do you plan to open it again?
0
 
DD 25Author Commented:
By decrypting it?
0
 
Dave BaldwinFixer of ProblemsCommented:
With what?  Are you going to distribute the decryption program so everyone has it?
0
 
DD 25Author Commented:
See my scenario is, user can upload file on the server , where the AES is working, it can encrypt it and place it at third party location. Then if user wants it, it is downloaded from it onto server where it decrypts it and gives it to user.
0
 
Dave BaldwinFixer of ProblemsCommented:
Normally you would encrypt something to prevent others from seeing the data.  I would never upload something if I wanted to keep it secret.  Or encrypt it before uploading it.  At the very minimum, make sure it is an HTTPS secure connection.  The more valuable these files are, the more effort others will put into getting the info.
0
 
DD 25Author Commented:
That is being done, the connection is HTTPS secure.
0
 
sarabandeCommented:
#include <sys/stat.h>
#include <fstream>
#include <vector>
#include <errno.h>

int main(int nargs, char * szargs[])
{
    if (nargs != 2) return -1;
    struct stat fs;
    if (stat(szargs[1], &fs)) != 0) return errno;
    std::ifstream ifs(szargs[1], std::ios::binary | std::in);
    std::vector<unsigned char> buf(fs.st_size);
    if (!ifs.read((char*)&buf[0], fs.st_size) return errno;
    ifs.close();
    // coming here all bytes of file are read into buf
    // you now may encrypt the buffer using a strong encryption tool
    ...
    return 0;
}

Open in new window


note, there are also tools which would encrypt the docx file directly at the command line.

Sara
0
 
DD 25Author Commented:
@sarabande can you explain what you just did?
0
 
sarabandeCommented:
can you explain what you just did?

it is the c++ code for the first question you asked in your initial post:

 
I need to read the docx file, in char array, (c++) to perform AES encryption on it.

if you were looking for a c++ solution of your problem, you could put the code into an empty cpp file and create a new empty windows console c++ project where the code would be a starter.

Sara
0
 
DD 25Author Commented:
@sarabande the code you provided didn't work
0
 
sarabandeCommented:
can you post your code and how you call it and what (error) messages/results you got?

Sara
0
 
DD 25Author Commented:
@sarabande
The error I was receiving was from other cpp file I had in same project plus some typo in your code that was my mistake
But anyway, isn't your code just another way of doing this
            ifstream myfile ("abc.docx", ios_base::binary);
If not, how is your code different?
0
 
sarabandeCommented:
ifstream myfile ("abc.docx", ios_base::binary);
this will open the file if it existed but not read it.

using stat function allows to check existence and size of a file without opening it.

I need to read the docx file, in char array, (c++) to perform AES encryption on it.

actually my code was an answer to your question not more not less. if you would have asked further questions i surely would have answered.

note, you don't have to accept answers which are not a solution.

Sara
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 7
  • 4
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now