What OOXML can I enter in a PPTX to password protect the presentation?

Ian Peterson 20

I have a PPTX and I want to make it password protected programatically by inserting OOXML. When I try to check the Diff of a non-protected and protected document, the files in the password protected OOXML are encrypted and the only line that is human readable which I find in EncryptionInfo doesn't seems to make a difference in my output when placed in the header (method has been used and worked in DOCX and XLSX). The precise steps I have taken are to attempt writing the exact XML snippet below into the w:documentProtection XML into the presentation.xml file wihing the presentation OOXML. The line I was able to find and attempted to use is

<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="PsN9IUU1oJmcsDaUVt60jw=="/><dataIntegrity encryptedHmacKey="me26S0uLwwSIu+NW8PVASbKe7PEmQmSoLBpPs2dlHuo+iVK6mp+CjANO14Jylg8OKEv7b0kuCS0QZlOdVdNwdw==" encryptedHmacValue="C4rKQnpdr57Y8YP7b51MbJ+2++I8jJEjhaDKUeMJEqcI94d+3EcSSRaT8QZT/8kNMMIUsIb9nQz5caam/uOZ7A=="/><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="12iX0LrGmamKXhk/lyvE2w==" encryptedVerifierHashInput="6kQNg3TeSwcmsZwF+Hze2w==" encryptedVerifierHashValue="mQvtKWbOwmvkTI40mxOAUXE/umUXZ08/9PKAVpixWzBtn3LmUarxwd/EFXK2nYRqa3W50/1bKiC6VovW0x9TLQ==" encryptedKeyValue="2TQY5R3eV/7IXGMxfyPVbCwyaCERpK8bKcuf7RNau4M="/></keyEncryptor></keyEncryptors></encryption>

Mike Bowen 1,791 Reputation points Microsoft Employee

2024-02-15T20:52:35.7+00:00

Hi @Ian Peterson ,

I will investigate this for you. To help me, could you please clarify a few things. I believe you are trying to encrypt a pptx file by editing the xml parts of the file. Is that correct? Also, when you say, "method has been used and worked in DOCX and XLSX", do you mean that you have been able to encrypt xlsx and docx files by adding the <encryption /> element to the <w:documentProtection /> element in their xml? If so, where in the xml did you add it?

Best Regards, Michael Bowen Senior Escalation Engineer - Microsoft Open Specifications

Ian Peterson 20

@Mike Bowen Correct, I am looking to edit the xml to encrypt the file. The exact part inserted differs for DOCX and XLSX but it was found the same way. For DOCX the line required was

<w:documentProtection xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main" w:edit="readOnly" w:enforcement="1" w:cryptProviderType="rsaAES" w:cryptAlgorithmClass="hash" w:cryptAlgorithmType="typeAny" w:cryptAlgorithmSid="14" w:cryptSpinCount="100000" w:hash="L7YqUbN/bZgKjaTOh+lCB/V7MkqM687DWdvmBo+W6hurqc4QQAPUpyks4p0xm6kxNsx6QX8lMN6ZY/jHt9Tt4w==" w:salt="aIvb12S+dH9ujC/SIuo5Qg=="/>

And this was inserted into the header to created the desired output. For XLSX instead the following can be inserted into the header->workbook

<workbookProtection xmlns="http://schemas.openxmlformats.org/spreadsheetml/2006/main" workbookAlgorithmName="SHA-512" workbookHashValue="AsUBLqoNgb9cxu3ZGb2YWJjWQl2YC20vdhBxOXjT4Obm4Fk3wXX3omZw7Vgdv9dbrkEyS7eILg65cTDqRy30xg==" workbookSaltValue="lN2si99HJuVMhUd0ljktuw==" workbookSpinCount="100000" lockStructure="1"/>

And then on each worksheet element added the following

<sheetProtection xmlns="http://schemas.openxmlformats.org/spreadsheetml/2006/main" algorithmName="SHA-512" hashValue="IuyH4GHn3AeA+7kR+lwGotqPrRjWKDKmSQ4zNhUkmfDA0nYNUv+po2JNgl66dDTDLuLtr6I1l3vVuKkacqHSKA==" saltValue="EHV08jUtcdoBUC4dmmhX3g==" spinCount="100000" sheet="1" objects="1" scenarios="1"/>

I believe the PPTX implementation will need to be more similar to the XLSX approach with slides and the master slide, but the encryption makes it difficult to find what is required to achieve this. Let me know if I can provide any further information!

Accepted answer

Mike Bowen 1,791 Microsoft Employee

Hi Ian Peterson,

Thanks for the clarification. The element you need to add password for editing is the p:modifyVerifier. It needs to be added to the presentation.xml part and it should be an immediate child of the p:presentation element and it must come before any extList elements in the part. It should be similar to this:

<p:modifyVerifier cryptProviderType="rsaAES" cryptAlgorithmClass="hash" cryptAlgorithmType="typeAny" cryptAlgorithmSid="14" spinCount="100000" saltData="ZkNVQ370CHOj5dkCeIwdxQ==" hashData="gIJEhXtNejdlCNvTxQgppRNRgbEX5Hojrupnna1NLCI77wFVhDFHWZV2AOz/RMQi7aOUe9dzd8DOQdbNbR7Biw=="/>

Please note, however, this does not encrypt the file and can be easily undone by removing the element from the xml.

When a password protected document is created in the Office User Interface (UI) becomes a Microsoft Compound File Binary File Format (MS-CFB) document (not a ZIP package), though the file extension does not change (e.g., xlsx, docx, pptx). Subsequently, the UI protected document will open within the Office UI but you cannot rename the file extension to *.zip and browse it with Explorer.

This is not what happens when you add an element to the xml part. When you add the p:modifyVerifier element to a pptx (or the other elements for docx and xlsx), PowerPoint (or Word or Excel) will require a password to open the pptx for editing, but it if a user edits the xml and removes the p:modifyVerifier element then no password will be required for editing.

Best Regards,

Michael Bowen

Senior Escalation Engineer - Microsoft Open Specifications

Hyder Ali Sikkandar 26 Reputation points

2024-12-09T14:24:02.73+00:00

@mike bowen , the above information was very useful for pptx password protection for keeping the pptx format. Is there a same rule for word and excel? . I mean we need to add the respective element(protection) after or before particular element in word and excel?

Mike Bowen 1,791 Microsoft Employee

Hi @Hyder Ali Sikkandar

The ISO/IEC 29500-1:2016(E) standard contains the xsd schemas for these elements. The possible child elements are listed in sequences for the different types. Not all child elements listed in a sequence are required, but they must appear in the order they appear in the sequence if they are included.

The workbookProtection must be a child of the workbook element from the workbook part. The ISO/IEC 29500-1:2016(E) standards defines the workbook element in section 18.2.27 workbook (Workbook). In its schema the possible children are defined in the following sequence:

<xsd:sequence>
  <xsd:element name="fileVersion" type="CT_FileVersion" minOccurs="0" maxOccurs="1" />
  <xsd:element name="fileSharing" type="CT_FileSharing" minOccurs="0" maxOccurs="1" />
  <xsd:element name="workbookPr" type="CT_WorkbookPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="workbookProtection" type="CT_WorkbookProtection" minOccurs="0" maxOccurs="1" />
  <xsd:element name="bookViews" type="CT_BookViews" minOccurs="0" maxOccurs="1" />
  <xsd:element name="sheets" type="CT_Sheets" minOccurs="1" maxOccurs="1" />
  <xsd:element name="functionGroups" type="CT_FunctionGroups" minOccurs="0" maxOccurs="1" />
  <xsd:element name="externalReferences" type="CT_ExternalReferences" minOccurs="0" maxOccurs="1" />
  <xsd:element name="definedNames" type="CT_DefinedNames" minOccurs="0" maxOccurs="1" />
  <xsd:element name="calcPr" type="CT_CalcPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="oleSize" type="CT_OleSize" minOccurs="0" maxOccurs="1" />
  <xsd:element name="customWorkbookViews" type="CT_CustomWorkbookViews" minOccurs="0" maxOccurs="1" />
  <xsd:element name="pivotCaches" type="CT_PivotCaches" minOccurs="0" maxOccurs="1" />
  <xsd:element name="smartTagPr" type="CT_SmartTagPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="smartTagTypes" type="CT_SmartTagTypes" minOccurs="0" maxOccurs="1" />
  <xsd:element name="webPublishing" type="CT_WebPublishing" minOccurs="0" maxOccurs="1" />
  <xsd:element name="fileRecoveryPr" type="CT_FileRecoveryPr" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element name="webPublishObjects" type="CT_WebPublishObjects" minOccurs="0" maxOccurs="1" />
  <xsd:element name="extLst" type="CT_ExtensionList" minOccurs="0" maxOccurs="1" />
</xsd:sequence>

The child elements of the workbook element must appear in the same order as they do in this sequence, however, not all elements are required. Looking at the sequence only the sheets element has a minOccurs of 1, so it is the only required element, all others are optional. In this sequence workbookProtection comes after workbookPr and before bookViews, but if, for example, there is no bookViews element in your workbook part, then the workbookProtection would immediately proceed the required sheets element. Similarly, if there was no workbookPr element, then the workbookProtection would follow the fileSharing element.

The sheetProtection element must be a child of the worksheet element at the from a sheet part, defined in ISO/IEC 29500-1:2016(E) 18.3.1.99 worksheet (Worksheet). The following sequence defines the possible children of the worksheet element:

<xsd:sequence>
  <xsd:element name="sheetPr" type="CT_SheetPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="dimension" type="CT_SheetDimension" minOccurs="0" maxOccurs="1" />
  <xsd:element name="sheetViews" type="CT_SheetViews" minOccurs="0" maxOccurs="1" />
  <xsd:element name="sheetFormatPr" type="CT_SheetFormatPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="cols" type="CT_Cols" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element name="sheetData" type="CT_SheetData" minOccurs="1" maxOccurs="1" />
  <xsd:element name="sheetCalcPr" type="CT_SheetCalcPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="sheetProtection" type="CT_SheetProtection" minOccurs="0" maxOccurs="1" />
  <xsd:element name="protectedRanges" type="CT_ProtectedRanges" minOccurs="0" maxOccurs="1" />
  <xsd:element name="scenarios" type="CT_Scenarios" minOccurs="0" maxOccurs="1" />
  <xsd:element name="autoFilter" type="CT_AutoFilter" minOccurs="0" maxOccurs="1" />
  <xsd:element name="sortState" type="CT_SortState" minOccurs="0" maxOccurs="1" />
  <xsd:element name="dataConsolidate" type="CT_DataConsolidate" minOccurs="0" maxOccurs="1" />
  <xsd:element name="customSheetViews" type="CT_CustomSheetViews" minOccurs="0" maxOccurs="1" />
  <xsd:element name="mergeCells" type="CT_MergeCells" minOccurs="0" maxOccurs="1" />
  <xsd:element name="phoneticPr" type="CT_PhoneticPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="conditionalFormatting" type="CT_ConditionalFormatting" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element name="dataValidations" type="CT_DataValidations" minOccurs="0" maxOccurs="1" />
  <xsd:element name="hyperlinks" type="CT_Hyperlinks" minOccurs="0" maxOccurs="1" />
  <xsd:element name="printOptions" type="CT_PrintOptions" minOccurs="0" maxOccurs="1" />
  <xsd:element name="pageMargins" type="CT_PageMargins" minOccurs="0" maxOccurs="1" />
  <xsd:element name="pageSetup" type="CT_PageSetup" minOccurs="0" maxOccurs="1" />
  <xsd:element name="headerFooter" type="CT_HeaderFooter" minOccurs="0" maxOccurs="1" />
  <xsd:element name="rowBreaks" type="CT_PageBreak" minOccurs="0" maxOccurs="1" />
  <xsd:element name="colBreaks" type="CT_PageBreak" minOccurs="0" maxOccurs="1" />
  <xsd:element name="customProperties" type="CT_CustomProperties" minOccurs="0" maxOccurs="1" />
  <xsd:element name="cellWatches" type="CT_CellWatches" minOccurs="0" maxOccurs="1" />
  <xsd:element name="ignoredErrors" type="CT_IgnoredErrors" minOccurs="0" maxOccurs="1" />
  <xsd:element name="smartTags" type="CT_SmartTags" minOccurs="0" maxOccurs="1" />
  <xsd:element name="drawing" type="CT_Drawing" minOccurs="0" maxOccurs="1" />
  <xsd:element name="drawingHF" type="CT_DrawingHF" minOccurs="0" maxOccurs="1" />
  <xsd:element name="picture" type="CT_SheetBackgroundPicture" minOccurs="0" maxOccurs="1" />
  <xsd:element name="oleObjects" type="CT_OleObjects" minOccurs="0" maxOccurs="1" />
  <xsd:element name="controls" type="CT_Controls" minOccurs="0" maxOccurs="1" />
  <xsd:element name="webPublishItems" type="CT_WebPublishItems" minOccurs="0" maxOccurs="1" />
  <xsd:element name="tableParts" type="CT_TableParts" minOccurs="0" maxOccurs="1" />
  <xsd:element name="extLst" type="CT_ExtensionList" minOccurs="0" maxOccurs="1" />
</xsd:sequence>

Note the only required child of worksheet element is the sheetData and the other elements, if they exist, must be in this order.

The documentProtection must be a child of the settings element from the settings part. The settings element is described in ISO/IEC 29500-1:2016(E) 17.15.1.78 settings (Document Settings). In the settings schema this sequence defines the settings element's possible children. The child elements, if they exist, must appear in the same order as the sequence.

<xsd:sequence>
  <xsd:element name="writeProtection" type="CT_WriteProtection" minOccurs="0" />
  <xsd:element name="view" type="CT_View" minOccurs="0" />
  <xsd:element name="zoom" type="CT_Zoom" minOccurs="0" />
  <xsd:element name="removePersonalInformation" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="removeDateAndTime" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotDisplayPageBoundaries" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="displayBackgroundShape" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="printPostScriptOverText" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="printFractionalCharacterWidth" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="printFormsData" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="embedTrueTypeFonts" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="embedSystemFonts" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="saveSubsetFonts" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="saveFormsData" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="mirrorMargins" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="alignBordersAndEdges" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="bordersDoNotSurroundHeader" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="bordersDoNotSurroundFooter" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="gutterAtTop" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="hideSpellingErrors" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="hideGrammaticalErrors" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="activeWritingStyle" type="CT_WritingStyle" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element name="proofState" type="CT_Proof" minOccurs="0" />
  <xsd:element name="formsDesign" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="attachedTemplate" type="CT_Rel" minOccurs="0" />
  <xsd:element name="linkStyles" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="stylePaneFormatFilter" type="CT_StylePaneFilter" minOccurs="0" />
  <xsd:element name="stylePaneSortMethod" type="CT_StyleSort" minOccurs="0" />
  <xsd:element name="documentType" type="CT_DocType" minOccurs="0" />
  <xsd:element name="mailMerge" type="CT_MailMerge" minOccurs="0" />
  <xsd:element name="revisionView" type="CT_TrackChangesView" minOccurs="0" />
  <xsd:element name="trackRevisions" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotTrackMoves" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotTrackFormatting" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="documentProtection" type="CT_DocProtect" minOccurs="0" />
  <xsd:element name="autoFormatOverride" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="styleLockTheme" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="styleLockQFSet" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="defaultTabStop" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="autoHyphenation" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="consecutiveHyphenLimit" type="CT_DecimalNumber" minOccurs="0" />
  <xsd:element name="hyphenationZone" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="doNotHyphenateCaps" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="showEnvelope" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="summaryLength" type="CT_DecimalNumberOrPrecent" minOccurs="0" />
  <xsd:element name="clickAndTypeStyle" type="CT_String" minOccurs="0" />
  <xsd:element name="defaultTableStyle" type="CT_String" minOccurs="0" />
  <xsd:element name="evenAndOddHeaders" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="bookFoldRevPrinting" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="bookFoldPrinting" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="bookFoldPrintingSheets" type="CT_DecimalNumber" minOccurs="0" />
  <xsd:element name="drawingGridHorizontalSpacing" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="drawingGridVerticalSpacing" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="displayHorizontalDrawingGridEvery" type="CT_DecimalNumber" minOccurs="0" />
  <xsd:element name="displayVerticalDrawingGridEvery" type="CT_DecimalNumber" minOccurs="0" />
  <xsd:element name="doNotUseMarginsForDrawingGridOrigin" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="drawingGridHorizontalOrigin" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="drawingGridVerticalOrigin" type="CT_TwipsMeasure" minOccurs="0" />
  <xsd:element name="doNotShadeFormData" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="noPunctuationKerning" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="characterSpacingControl" type="CT_CharacterSpacing" minOccurs="0" />
  <xsd:element name="printTwoOnOne" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="strictFirstAndLastChars" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="noLineBreaksAfter" type="CT_Kinsoku" minOccurs="0" />
  <xsd:element name="noLineBreaksBefore" type="CT_Kinsoku" minOccurs="0" />
  <xsd:element name="savePreviewPicture" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotValidateAgainstSchema" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="saveInvalidXml" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="ignoreMixedContent" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="alwaysShowPlaceholderText" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotDemarcateInvalidXml" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="saveXmlDataOnly" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="useXSLTWhenSaving" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="saveThroughXslt" type="CT_SaveThroughXslt" minOccurs="0" />
  <xsd:element name="showXMLTags" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="alwaysMergeEmptyNamespace" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="updateFields" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="footnotePr" type="CT_FtnDocProps" minOccurs="0" />
  <xsd:element name="endnotePr" type="CT_EdnDocProps" minOccurs="0" />
  <xsd:element name="compat" type="CT_Compat" minOccurs="0" />
  <xsd:element name="docVars" type="CT_DocVars" minOccurs="0" />
  <xsd:element name="rsids" type="CT_DocRsids" minOccurs="0" />
  <xsd:element ref="m:mathPr" minOccurs="0" maxOccurs="1" />
  <xsd:element name="attachedSchema" type="CT_String" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element name="themeFontLang" type="CT_Language" minOccurs="0" maxOccurs="1" />
  <xsd:element name="clrSchemeMapping" type="CT_ColorSchemeMapping" minOccurs="0" />
  <xsd:element name="doNotIncludeSubdocsInStats" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="doNotAutoCompressPictures" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="forceUpgrade" type="CT_Empty" minOccurs="0" maxOccurs="1" />
  <xsd:element name="captions" type="CT_Captions" minOccurs="0" maxOccurs="1" />
  <xsd:element name="readModeInkLockDown" type="CT_ReadingModeInkLockDown" minOccurs="0" />
  <xsd:element name="smartTagType" type="CT_SmartTagType" minOccurs="0" maxOccurs="unbounded" />
  <xsd:element ref="sl:schemaLibrary" minOccurs="0" maxOccurs="1" />
  <xsd:element name="doNotEmbedSmartTags" type="CT_OnOff" minOccurs="0" />
  <xsd:element name="decimalSymbol" type="CT_String" minOccurs="0" maxOccurs="1" />
  <xsd:element name="listSeparator" type="CT_String" minOccurs="0" maxOccurs="1" />
</xsd:sequence>

Information about the ISO/IEC 29500-1:2016(E) standard and download information is available here: www.iso.org/standard/71691.html.

I hope that answers your question about the required element order.

Best regards, Michael Bowen Microsoft Open Specifications

Hyder Ali Sikkandar 26 Reputation points

2024-12-10T00:26:05.11+00:00
Hi @@mike bowen,

Thanks a lot for the detailed explanation. This answered my query. However, though application enforces the password prompt using the office application(powerpoint) always says the provided password is incorrect("this is not the right password"). Should i need to handle anything specifical while generating the salt and hash for my password. i have provided "hashData" and saltData so like the above xml mentioned. but it seems the application not able to generate the exact value or am i missing anything. should we need "hashValue" "SaltValue". The below algorithm i am using to generate the hash

Generate 16 random bytes for salt

password string is converted to bytes using UTF-16 Little Endian encoding.

Prepend salt bytes to password bytes (Prepend bytes got in the first step)

Hashed the bytes obtained in step 3

convert to base64 for the bytes obtained in step 1 this is SaltData in xml

convert to base64 for the bytes obtained in step 5 this hashData in xml.

<p:modifyVerifier algorithmName="SHA-512" hashData="iblOXMgvJ746z1wUwXr2qOgd4Ltz1WNXdo3KNd9MmbN6TK98F85FWPzG6UXA6zxh0wcb//6xKgd5sf5eAHVIEw==" saltData="549dG7EzkenzdvwT6D2+nA==" spinCount="0" cryptoProviderType="rsaAES" cryptAlgorithmClass="hash" cryptAlgorithmSid="14" cryptAlgorithmType="typeAny" />

Regards,

Hyder
Mike Bowen 1,791 Reputation points Microsoft Employee

2024-12-10T17:21:04.9933333+00:00

Hi Hyder Ali Sikkandar,

Are you following the MS-OFFCRYPTO specification to do the workbook protection?
Hyder Ali Sikkandar 26 Reputation points

2024-12-10T17:35:54.5466667+00:00

Hi @Mike Bowen,

No, i didn't follow the https://learn.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/e47faaed-ee58-4309-9033-88b342df5469 . I just followed the https://learn.microsoft.com/en-us/dotnet/api/documentformat.openxml.presentation.modificationverifier?view=openxml-3.0.1te

the mentioned algorithm steps working fine for word document protection(password is accepted by word app). but the same is not working for powerpoint
Hyder Ali Sikkandar 26 Reputation points

2024-12-10T17:54:05.54+00:00

Hi @Mike Bowen ,

I didnt use the MS-CRYPTO[https://learn.microsoft.com/en-us/openspecs/office_file_formats/ms-offcrypto/e47faaed-ee58-4309-9033-88b342df5469] , based on your previous comment and the link below i was try to generate or fill modifyVerifier xml element https://learn.microsoft.com/en-us/dotnet/api/documentformat.openxml.presentation.modificationverifier?view=openxml-3.0.1 This steps mentioned above for generating hash and salt works fine for word application, but for powerpoint application i am getting the password mismatch error
Mike Bowen 1,791 Reputation points Microsoft Employee

2024-12-10T20:41:09.6933333+00:00

Hi Hyder Ali Sikkandar,

PowerPoint deviates from the standard in how it generates the hash, which could be the issue here. Take a look at MS-OI29500 2.1.1104 Part 1 Section 19.2.1.19, modifyVerifier (Modification Verifier) and look at how it calculates the hashData value.
Hyder Ali Sikkandar 26 Reputation points

2024-12-11T13:27:40.19+00:00
Hi @mike bowen , thanks for the above link. Now i could manage to solve the issue. Thanks again.

The algorithm is same as mentioned above but in the xml element didnt mention the algorithm name, sid of algorithm is enough, just kept the elements as below

<p:modifyVerifier cryptProviderType="rsaAES" cryptAlgorithmClass="hash" cryptAlgorithmType="typeAny" cryptAlgorithmSid="14" spinCount="100000" saltData="SaltValue" hashData="HashData"/>

Share via

What OOXML can I enter in a PPTX to password protect the presentation?

0 additional answers

Your answer