github-starred/libxlsxwriter
2
0
Fork 0
mirror of https://github.com/jmcnamara/libxlsxwriter.git synced 2026-05-15 14:15:54 -06:00
Code Issues 16 Projects Packages Wiki Activity Actions

[GH-ISSUE #286] Does libxlsxwriter contain any encryption/decryption code? #230

New issue
Closed
opened 2026-05-05 12:00:15 -06:00 by gitea-mirror · 6 comments
gitea-mirror commented 2026-05-05 12:00:15 -06:00
Owner
Copy link

Originally created by @znakeeye on GitHub (May 4, 2020).
Original GitHub issue: https://github.com/jmcnamara/libxlsxwriter/issues/286

Originally assigned to: @jmcnamara on GitHub.

When compiling the library, will any type of encryption/decryption be linked with the library?

Reading the source code, there seem to be few fragments of encryption which are excluded:

/* Encryption not required by libxlsxwriter. */
#ifndef NOCRYPT
#define NOCRYPT
#endif
#ifndef NOUNCRYPT
#define NOUNCRYPT
#endif

However, it would be great if the documentation was clear about the use of encryption/decryption. This is a very important topic e.g. when it comes to trade compliance.

Originally created by @znakeeye on GitHub (May 4, 2020). Original GitHub issue: https://github.com/jmcnamara/libxlsxwriter/issues/286 Originally assigned to: @jmcnamara on GitHub. When compiling the library, will any type of encryption/decryption be linked with the library? Reading the source code, there seem to be few fragments of encryption which are excluded: ``` /* Encryption not required by libxlsxwriter. */ #ifndef NOCRYPT #define NOCRYPT #endif #ifndef NOUNCRYPT #define NOUNCRYPT #endif ``` However, it would be great if the documentation was clear about the use of encryption/decryption. This is a very important topic e.g. when it comes to **trade compliance**.
gitea-mirror 2026-05-05 12:00:15 -06:00
  • closed this issue
  • added the
    question
         label
gitea-mirror commented 2026-05-05 12:00:21 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 4, 2020):

When compiling the library, will any type of encryption/decryption be linked with the library?

No. The NOCRYPT flag is for minizip.c in the third party code.

This is a very important topic e.g. when it comes to trade compliance.

Good suggestion. I'll add something about that to the Licence page.

<!-- gh-comment-id:623488673 --> @jmcnamara commented on GitHub (May 4, 2020): > When compiling the library, will any type of encryption/decryption be linked with the library? No. The `NOCRYPT` flag is for minizip.c in the third party code. > This is a very important topic e.g. when it comes to **trade compliance**. Good suggestion. I'll add something about that to the Licence page.
gitea-mirror commented 2026-05-05 12:00:22 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 4, 2020):

Note, the library does embed and use (optionally on) MD5 which is a hashing function. I don't know if that is covered or forbidden by export/trade compliance. Does anyone know?

<!-- gh-comment-id:623492834 --> @jmcnamara commented on GitHub (May 4, 2020): Note, the library does embed and use ([optionally on](https://libxlsxwriter.github.io/license.html)) MD5 which is a hashing function. I don't know if that is covered or forbidden by export/trade compliance. Does anyone know?
gitea-mirror commented 2026-05-05 12:00:23 -06:00
Author
Owner
Copy link

@znakeeye commented on GitHub (May 5, 2020):

A bit uncertain, I'd say. Here is a somewhat old source that states that MD5 is "cryptographic". Still, this hashing function is no longer considered secure. Hmm.

Which parts of the library depend on MD5?

<!-- gh-comment-id:623894047 --> @znakeeye commented on GitHub (May 5, 2020): A bit uncertain, I'd say. [Here](https://www.federalregister.gov/documents/2010/06/25/2010-15072/encryption-export-controls-revision-of-license-exception-enc-and-mass-market-eligibility-submission) is a somewhat old source that states that `MD5` is "cryptographic". Still, this hashing function is no longer considered secure. Hmm. Which parts of the library depend on MD5?
gitea-mirror commented 2026-05-05 12:00:24 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 5, 2020):

Which parts of the library depend on MD5?

From the Licence file:

Note, the MD5 library is used to avoid including duplicate image files in the xlsx file. If this functionality isn't required it is possible to compile libxlsxwriter without this library by passing USE_NO_MD5=1 to make.

<!-- gh-comment-id:623896670 --> @jmcnamara commented on GitHub (May 5, 2020): > Which parts of the library depend on MD5? From the [Licence](https://libxlsxwriter.github.io/license.html) file: _Note, the MD5 library is used to avoid including duplicate image files in the xlsx file. If this functionality isn't required it is possible to compile libxlsxwriter without this library by passing `USE_NO_MD5=1` to make._
gitea-mirror commented 2026-05-05 12:00:26 -06:00
Author
Owner
Copy link

@znakeeye commented on GitHub (May 5, 2020):

Ah, great. So with this flag set, the library will definitely be 100% free of cryptographic functions. It seems.

<!-- gh-comment-id:623899259 --> @znakeeye commented on GitHub (May 5, 2020): Ah, great. So with this flag set, the library will definitely be 100% free of cryptographic functions. It seems.
gitea-mirror commented 2026-05-05 12:00:28 -06:00
Author
Owner
Copy link

@jmcnamara commented on GitHub (May 31, 2020):

Closing this even though we didn't get an answer to the underlying question on whether export compliance is required with libxlsxwriter. If anyone know that please let me know.

<!-- gh-comment-id:636467236 --> @jmcnamara commented on GitHub (May 31, 2020): Closing this even though we didn't get an answer to the underlying question on whether export compliance is required with libxlsxwriter. If anyone know that please let me know.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
coverity
cmake-improvements
cmake_pkgconfig_fix
ctest
button
tables
autofilter
dtoa
iwyu
openssl
gentoo
gh310
condition_format
rich_string_html
header_footer_images
custom_data_labels
object_position
gh265
constant_mode_comments2
constant_mode_comments
vml
md5
vcpkg
hyperlinks
api_refactor
win_fopen
gh203
rich_strings
chartsheet
in_mem_image
gh192
revert-162-master
data_validation
meson
charts
scan_build
utf8_strlen
tmpfileplus
custom_properties
insert_image
default_row
control_chars
worksheet_protect
dev
red_black
panes
mkstemp
defined_names
optimise
wip
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.9
v1.1.8
RELEASE_1.1.7
RELEASE_1.1.6
RELEASE_1.1.5
RELEASE_1.1.4
RELEASE_1.1.3
RELEASE_1.1.2
RELEASE_1.1.1
RELEASE_1.1.0
RELEASE_1.0.9
RELEASE_1.0.8
RELEASE_1.0.7
RELEASE_1.0.6
RELEASE_1.0.5
RELEASE_1.0.4
RELEASE_1.0.3
RELEASE_1.0.2
RELEASE_1.0.1
RELEASE_1.0.0
RELEASE_0.9.9
RELEASE_0.9.8
RELEASE_0.9.7
RELEASE_0.9.6
RELEASE_0.9.5
RELEASE_0.9.4
RELEASE_0.9.3
RELEASE_0.9.2
RELEASE_0.9.1
RELEASE_0.9.0
RELEASE_0.8.9
RELEASE_0.8.8
RELEASE_0.8.7
RELEASE_0.8.6
RELEASE_0.8.5
RELEASE_0.8.4
RELEASE_0.8.3
RELEASE_0.8.2
RELEASE_0.8.1
RELEASE_0.8.0
RELEASE_0.7.9
RELEASE_0.7.8
RELEASE_0.7.7
RELEASE_0.7.6
RELEASE_0.7.5
RELEASE_0.7.4
RELEASE_0.7.3
RELEASE_0.7.2
RELEASE_0.7.1
RELEASE_0.7.0
RELEASE_0.6.9
RELEASE_0.6.8
RELEASE_0.6.7
RELEASE_0.6.6
RELEASE_0.6.5
RELEASE_0.6.4
RELEASE_0.6.3
RELEASE_0.6.2
RELEASE_0.6.1
RELEASE_0.6.0
RELEASE_0.5.9
RELEASE_0.5.8
RELEASE_0.5.7
RELEASE_0.5.6
RELEASE_0.5.5
RELEASE_0.5.4
RELEASE_0.5.3
RELEASE_0.5.2
RELEASE_0.5.1
RELEASE_0.5.0
RELEASE_0.4.9
RELEASE_0.4.8
RELEASE_0.4.7
RELEASE_0.4.6
RELEASE_0.4.5
RELEASE_0.4.4
RELEASE_0.4.3
RELEASE_0.4.2
RELEASE_0.4.1
RELEASE_0.4.0
RELEASE_0.3.9
RELEASE_0.3.8
RELEASE_0.3.7
RELEASE_0.3.6
RELEASE_0.3.5
RELEASE_0.3.4
RELEASE_0.3.3
RELEASE_0.3.2
RELEASE_0.3.1
RELEASE_0.3.0
RELEASE_0.2.9
RELEASE_0.2.8
RELEASE_0.2.7
RELEASE_0.2.6
RELEASE_0.2.5
RELEASE_0.2.4
RELEASE_0.2.3
RELEASE_0.2.2
RELEASE_0.2.1
RELEASE_0.2.0
RELEASE_0.1.9
RELEASE_0.1.8
RELEASE_0.1.7
RELEASE_0.1.6
RELEASE_0.1.5
RELEASE_0.1.4
RELEASE_0.1.3
RELEASE_0.1.2
RELEASE_0.1.1
RELEASE_0.1.0
RELEASE_0.0.9
RELEASE_0.0.8
RELEASE_0.0.7
RELEASE_0.0.6
RELEASE_0.0.5
RELEASE_0.0.4
RELEASE_0.0.3
RELEASE_0.0.2
RELEASE_0.0.1
Labels
Clear labels   
awaiting user feedback

   
bug

   
cmake

   
cmake

   
docs

   
feature request

   
in progress

   
long term

   
medium term

   
medium term

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
ready to close

   
short term

   
under investigation

   
wontfix
No labels
awaiting user feedback
bug
cmake
cmake
docs
feature request
in progress
long term
medium term
medium term
pull-request
question
question
ready to close
short term
under investigation
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/libxlsxwriter#230
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?