2.6.56 CT_ProtectedRange
Target namespace: http://schemas.microsoft.com/office/spreadsheetml/2009/9/main
Referenced by: CT_ProtectedRanges
A complex type that specifies a cell range to be unprotected. The cell range is editable with a password or proper credentials when sheet protection is on and the cell is locked.
Child Elements:
xm:sqref: A sqref element that specifies the cell range to be unprotected.
Attributes:
password: An ST_UnsignedShortHex ([ISO/IEC29500-4:2016] section 15.8.2) attribute that specifies the verifier value of the password required for editing the cell range. If the value is 0x0000, then there is no password.
The verifier value is calculated in two stages. First, the provided Unicode password string is converted to a new character string in the ANSI code page of the current system by using the algorithm specified in the revisionsPassword attribute in [ISO/IEC29500-4:2016] section 15.3.3. Second, this string is input into the XOR obfuscation algorithm specified in [MS-OFFCRYPTO] section 2.3.7.1 to produce a 16-bit password verifier value.
This attribute MUST NOT be present if algorithmName is present.
algorithmName: An ST_Xstring ([ISO/IEC29500-1:2016] section 22.9.2.19) attribute that specifies the name of the hash algorithm used to calculate hashValue. If this attribute is present, hashValue, saltValue, and spinCount MUST also be present. This attribute MUST NOT be present if password is present.
hashValue: A base64Binary ([XMLSCHEMA2/2] section 3.2.16) attribute that specifies the hash value for the password required to edit this range. This value will be compared with the resulting hash value after hashing the user-supplied password by using the algorithm specified by algorithmName, and if the two values match, the protection will no longer be enforced.
Password hashes are computed by the algorithm specified in [MS-OFFCRYPTO] section 2.4.2.4. Under circumstances as specified in [MS-OFFCRYPTO] section 1.3.4, the password is first converted to a 16-bit verifier value and reinterpreted as a single Unicode character, which is then passed to the algorithm specified in [MS-OFFCRYPTO] section 2.4.2.4. There is no way to determine which method was used to generate a hash without knowledge of the password; it is necessary to compute both hashes to verify the password.
This attribute MUST be present if and only if algorithmName is present.
saltValue: A base64Binary ([XMLSCHEMA2/2] section 3.2.16) attribute that specifies the salt used to calculate hashValue. This attribute MUST be present if and only if algorithmName is present.
spinCount: An unsignedInt ([XMLSCHEMA2/2] section 3.3.22) attribute that specifies the number of times that the hash function was iterated over the password to generate the hashValue. It MUST NOT be greater than 10,000,000. This attribute MUST be present if and only if algorithmName is present.
name: An ST_Xstring ([ISO/IEC29500-1:2016] section 22.9.2.19) attribute that specifies the title of the cell range. The value MUST be unique for the sheet. The number of characters in the string MUST be greater than or equal to 1, and less than or equal to 255. The string MUST conform to the following Augmented Backus-Naur Form (ABNF) ([RFC5234]) grammar:
-
string = name-start-character *name-character name-start-character = "_" / "\" / Unicode-character name-character = name-start-character / Unicode-space / Unicode-digit / "?" / "."
The following points summarize this grammar:
Unicode-character is any code point that is a character as defined by the Unicode character properties, [UNICODE5.1] chapter 4.
Unicode-digit is any code point that is a digit as defined by the Unicode character properties, [UNICODE5.1] chapter 4.
Unicode-space is any code point that is a space as defined by the Unicode character properties, [UNICODE5.1] chapter 4.
securityDescriptor: A string ([XMLSCHEMA2/2] section 3.2.1) attribute that describes a security descriptor ([MS-AZOD] section 1.1.1.3) that lists users who can edit the cell range without providing the password.
The following W3C XML Schema ([XMLSCHEMA1/2] section 2.1) fragment specifies the contents of this complex type.
-
<xsd:complexType name="CT_ProtectedRange"> <xsd:sequence maxOccurs="1"> <xsd:element ref="xm:sqref" minOccurs="1" maxOccurs="1"/> </xsd:sequence> <xsd:attribute name="password" type="x:ST_UnsignedShortHex" use="optional"/> <xsd:attribute name="algorithmName" type="x:ST_Xstring" use="optional"/> <xsd:attribute name="hashValue" type="xsd:base64Binary" use="optional"/> <xsd:attribute name="saltValue" type="xsd:base64Binary" use="optional"/> <xsd:attribute name="spinCount" type="xsd:unsignedInt" use="optional"/> <xsd:attribute name="name" type="x:ST_Xstring" use="required"/> <xsd:attribute name="securityDescriptor" type="xsd:string" use="optional"/> </xsd:complexType>
See section 5.4 for the full W3C XML Schema ([XMLSCHEMA1/2] section 2.1).