fdo#35422 Support to open encrypted Office 2010 and 2013 formats

Additionally encryption and decryption has been refactored. 2 engines have been added: AgileEngine and Standard2007Engine, which contain core functions for encryption and decryption. Standard2007Engine refers to encryption and decryption as used in Office 2007 and AgileEngine refers to encryption and decryption as used in Office 2010 and 2013. AgileEngine does not yet support encryption. Change-Id: Ica1d4d5a109fb204012b92a0c39325fe0b99b793
author: Tomaž Vajngerl <quikee@gmail.com> 2013-08-24 22:40:54 +0200
committer: Tomaž Vajngerl <quikee@gmail.com> 2013-08-24 22:53:04 +0200
commit: 4323c66840e4c7dcacda0e33d33d7e67fdb08f09 (patch)
tree: 5359bfda1a78e99f8fa2f8543b918e0f847ae230 /include
parent: 4d688beb2b2183ced387270e051dc25ee340fb4b (diff)
7 files changed, 519 insertions, 148 deletions
diff --git a/include/oox/core/DocumentCrypt.hxx b/include/oox/core/DocumentCrypt.hxx
deleted file mode 100644
index 9831c190fdcf..000000000000
--- a/include/oox/core/DocumentCrypt.hxx
+++ /dev/null
@@ -1,148 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/*
- * This file is part of the LibreOffice project.
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * This file incorporates work covered by the following license notice:
- *
- *   Licensed to the Apache Software Foundation (ASF) under one or more
- *   contributor license agreements. See the NOTICE file distributed
- *   with this work for additional information regarding copyright
- *   ownership. The ASF licenses this file to you under the Apache
- *   License, Version 2.0 (the "License"); you may not use this file
- *   except in compliance with the License. You may obtain a copy of
- *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
- */
-
-#ifndef DOCUMENTCRYPTO_HXX
-#define DOCUMENTCRYPTO_HXX
-
-#include "oox/dllapi.h"
-
-#include "oox/ole/olestorage.hxx"
-#include "oox/helper/binaryinputstream.hxx"
-#include "oox/helper/binaryoutputstream.hxx"
-
-#include <com/sun/star/io/XStream.hpp>
-#include <com/sun/star/beans/NamedValue.hpp>
-#include <com/sun/star/uno/Sequence.hxx>
-
-#include <vector>
-
-
-namespace oox {
-namespace core {
-
-const sal_uInt32 ENCRYPTINFO_CRYPTOAPI      = 0x00000004;
-const sal_uInt32 ENCRYPTINFO_DOCPROPS       = 0x00000008;
-const sal_uInt32 ENCRYPTINFO_EXTERNAL       = 0x00000010;
-const sal_uInt32 ENCRYPTINFO_AES            = 0x00000020;
-
-const sal_uInt32 ENCRYPT_ALGO_AES128        = 0x0000660E;
-const sal_uInt32 ENCRYPT_ALGO_AES192        = 0x0000660F;
-const sal_uInt32 ENCRYPT_ALGO_AES256        = 0x00006610;
-const sal_uInt32 ENCRYPT_ALGO_RC4           = 0x00006801;
-
-const sal_uInt32 ENCRYPT_HASH_SHA1          = 0x00008004;
-
-const sal_uInt32 ENCRYPT_KEY_SIZE_AES_128   = 0x00000080;
-const sal_uInt32 ENCRYPT_KEY_SIZE_AES_192   = 0x000000C0;
-const sal_uInt32 ENCRYPT_KEY_SIZE_AES_256   = 0x00000100;
-
-const sal_uInt32 ENCRYPT_PROVIDER_TYPE_AES  = 0x00000018;
-const sal_uInt32 ENCRYPT_PROVIDER_TYPE_RC4  = 0x00000001;
-
-// version of encryption info used in MS Office 2007 (major = 3, minor = 2)
-const sal_uInt32 VERSION_INFO_2007_FORMAT   = 0x00030002;
-
-const sal_Int32 SALT_LENGTH                    = 16;
-const sal_Int32 ENCRYPTED_VERIFIER_LENGTH      = 16;
-const sal_Int32 ENCRYPTED_VERIFIER_HASH_LENGTH = 32;
-
-struct EncryptionStandardHeader
-{
-    sal_uInt32 flags;
-    sal_uInt32 sizeExtra;       // 0
-    sal_uInt32 algId;           // if flag AES && CRYPTOAPI this defaults to 128-bit AES
-    sal_uInt32 algIdHash;       // 0: determine by flags - defaults to SHA-1 if not external
-    sal_uInt32 keySize;         // key size in bits: 0 (determine by flags), 128, 192, 256
-    sal_uInt32 providedType;    // AES or RC4
-    sal_uInt32 reserved1;       // 0
-    sal_uInt32 reserved2;       // 0
-
-    EncryptionStandardHeader();
-};
-
-
-struct EncryptionVerifierAES
-{
-    sal_uInt32 saltSize;                                                // must be 0x00000010
-    sal_uInt8  salt[SALT_LENGTH];                                       // random generated salt value
-    sal_uInt8  encryptedVerifier[ENCRYPTED_VERIFIER_LENGTH];            // randomly generated verifier value
-    sal_uInt32 encryptedVerifierHashSize;                               // actually written hash size - depends on algorithm
-    sal_uInt8  encryptedVerifierHash[ENCRYPTED_VERIFIER_HASH_LENGTH];   // verifier value hash - itself also encrypted
-
-    EncryptionVerifierAES();
-};
-
-struct PackageEncryptionInfo
-{
-    EncryptionStandardHeader header;
-    EncryptionVerifierAES    verifier;
-};
-
-class OOX_DLLPUBLIC AesEncoder
-{
-private:
-    com::sun::star::uno::Reference< com::sun::star::io::XStream > mxDocumentStream;
-    oox::ole::OleStorage& mrOleStorage;
-    OUString maPassword;
-
-    PackageEncryptionInfo mEncryptionInfo;
-
-    bool checkEncryptionInfo(std::vector<sal_uInt8>& aKey, sal_uInt32 aKeyLength);
-    bool writeEncryptionInfo( BinaryOutputStream& rStream );
-
-public:
-    AesEncoder(
-        com::sun::star::uno::Reference< com::sun::star::io::XStream > xDocumentStream,
-        oox::ole::OleStorage& rOleStorage,
-        OUString aPassword);
-
-    bool encode();
-
-};
-
-class OOX_DLLPUBLIC AesDecoder
-{
-private:
-    oox::ole::OleStorage&   mrOleStorage;
-    PackageEncryptionInfo   mEncryptionInfo;
-    std::vector<sal_uInt8>  mKey;
-    sal_uInt32              mKeyLength;
-
-    bool readEncryptionInfoFromStream( BinaryInputStream& rStream );
-
-public:
-    AesDecoder(oox::ole::OleStorage& rOleStorage);
-
-    bool decode(com::sun::star::uno::Reference< com::sun::star::io::XStream > xDocumentStream);
-    bool readEncryptionInfo();
-    bool generateEncryptionKey(const OUString& rPassword);
-
-    com::sun::star::uno::Sequence< com::sun::star::beans::NamedValue > createEncryptionData();
-
-    bool checkCurrentEncryptionData();
-
-    static bool checkEncryptionData( const com::sun::star::uno::Sequence< com::sun::star::beans::NamedValue >& rEncryptionData );
-};
-
-} // namespace core
-} // namespace oox
-
-#endif
-
-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/AgileEngine.hxx b/include/oox/crypto/AgileEngine.hxx
new file mode 100644
index 000000000000..ddd7a3fffb50
--- /dev/null
+++ b/include/oox/crypto/AgileEngine.hxx
@@ -0,0 +1,81 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef AGILE_ENGINE_HXX
+#define AGILE_ENGINE_HXX
+
+#include "CryptTools.hxx"
+#include "CryptoEngine.hxx"
+
+namespace oox {
+namespace core {
+
+const sal_uInt32 SEGMENT_LENGTH = 4096;
+
+struct AgileEncryptionInfo
+{
+    sal_Int32               spinCount;
+    sal_Int32               saltSize;
+    sal_Int32               keyBits;
+    sal_Int32               hashSize;
+    sal_Int32               blockSize;
+
+    OUString cipherAlgorithm;
+    OUString cipherChaining;
+    OUString hashAlgorithm;
+
+    std::vector<sal_uInt8>  keyDataSalt;
+    std::vector<sal_uInt8>  saltValue;
+    std::vector<sal_uInt8>  encryptedVerifierHashInput;
+    std::vector<sal_uInt8>  encryptedVerifierHashValue;
+    std::vector<sal_uInt8>  encryptedKeyValue;
+};
+
+class AgileEngine : public CryptoEngine
+{
+    AgileEncryptionInfo mInfo;
+
+    bool calculateHashFinal(const OUString& rPassword, std::vector<sal_uInt8>& aHashFinal);
+
+    bool calculateBlock(
+            const std::vector<sal_uInt8>& rBlock,
+            std::vector<sal_uInt8>& rHashFinal,
+            std::vector<sal_uInt8>& rInput,
+            std::vector<sal_uInt8>& rOutput);
+
+    Crypto::CryptoType cryptoType(const AgileEncryptionInfo& rInfo);
+
+public:
+    AgileEngine();
+    virtual ~AgileEngine();
+
+    AgileEncryptionInfo& getInfo();
+
+    virtual bool writeEncryptionInfo(
+                    const OUString& rPassword,
+                    BinaryXOutputStream& rStream);
+
+    virtual bool generateEncryptionKey(const OUString& rPassword);
+
+    virtual bool decrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream);
+
+    virtual bool encrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream);
+};
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/CryptTools.hxx b/include/oox/crypto/CryptTools.hxx
new file mode 100644
index 000000000000..3c9bf0ba0426
--- /dev/null
+++ b/include/oox/crypto/CryptTools.hxx
@@ -0,0 +1,134 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#ifndef CRYPT_TOOLS_HXX
+#define CRYPT_TOOLS_HXX
+
+#include <config_oox.h>
+
+#include <rtl/ustring.hxx>
+
+#if USE_TLS_OPENSSL
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+#endif // USE_TLS_OPENSSL
+#if USE_TLS_NSS
+#include <nss.h>
+#include <pk11pub.h>
+#endif // USE_TLS_NSS
+
+#include <rtl/digest.h>
+#include <vector>
+
+namespace oox {
+namespace core {
+
+class Crypto
+{
+public:
+    enum CryptoType
+    {
+        UNKNOWN,
+        AES_128_ECB,
+        AES_128_CBC,
+        AES_256_CBC,
+    };
+
+protected:
+#if USE_TLS_OPENSSL
+    EVP_CIPHER_CTX mContext;
+#endif
+#if USE_TLS_NSS
+    PK11Context* mContext;
+    SECItem*     mSecParam;
+    PK11SymKey*  mSymKey;
+#endif
+    CryptoType mType;
+
+#if USE_TLS_OPENSSL
+    const EVP_CIPHER* getCipher(CryptoType type);
+#endif
+#if USE_TLS_NSS
+    void setupContext(
+            std::vector<sal_uInt8>& key,
+            std::vector<sal_uInt8>& iv,
+            CryptoType type,
+            CK_ATTRIBUTE_TYPE operation);
+#endif
+
+public:
+    Crypto(CryptoType type);
+
+    virtual ~Crypto();
+
+    virtual sal_uInt32 update(
+                    std::vector<sal_uInt8>& output,
+                    std::vector<sal_uInt8>& input,
+                    sal_uInt32 inputLength = 0) = 0;
+};
+
+class Decrypt : public Crypto
+{
+public:
+    Decrypt(std::vector<sal_uInt8>& key, CryptoType type);
+    Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
+
+    virtual sal_uInt32 update(
+                    std::vector<sal_uInt8>& output,
+                    std::vector<sal_uInt8>& input,
+                    sal_uInt32 inputLength = 0);
+
+
+    static sal_uInt32 aes128ecb(
+                    std::vector<sal_uInt8>& output,
+                    std::vector<sal_uInt8>& input,
+                    std::vector<sal_uInt8>& key );
+
+    static sal_uInt32 aes128cbc(
+                    std::vector<sal_uInt8>& output,
+                    std::vector<sal_uInt8>& input,
+                    std::vector<sal_uInt8>& key,
+                    std::vector<sal_uInt8>& iv );
+};
+
+class Encrypt : public Crypto
+{
+public:
+    Encrypt(std::vector<sal_uInt8>& key, CryptoType type);
+    Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
+
+    virtual sal_uInt32 update(
+                    std::vector<sal_uInt8>& output,
+                    std::vector<sal_uInt8>& input,
+                    sal_uInt32 inputLength = 0);
+};
+
+const sal_uInt32 SHA1_LENGTH    = 20;
+const sal_uInt32 SHA512_LENGTH  = 64;
+
+bool sha1( std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input );
+
+bool sha512( std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input );
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/CryptoEngine.hxx b/include/oox/crypto/CryptoEngine.hxx
new file mode 100644
index 000000000000..68bb0a8fa3f1
--- /dev/null
+++ b/include/oox/crypto/CryptoEngine.hxx
@@ -0,0 +1,59 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef CRYPTO_ENGINE_HXX
+#define CRYPTO_ENGINE_HXX
+
+#include <vector>
+
+#include "oox/helper/binaryinputstream.hxx"
+#include "oox/helper/binaryoutputstream.hxx"
+
+namespace oox {
+namespace core {
+
+class CryptoEngine
+{
+protected:
+    std::vector<sal_uInt8> mKey;
+
+public:
+    CryptoEngine()
+    {}
+
+    virtual ~CryptoEngine()
+    {}
+
+    virtual std::vector<sal_uInt8>& getKey()
+    {
+        return mKey;
+    }
+
+    virtual bool writeEncryptionInfo(
+                    const OUString& rPassword,
+                    BinaryXOutputStream& rStream) = 0;
+
+    virtual bool generateEncryptionKey(const OUString& rPassword) = 0;
+
+    virtual bool decrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream) = 0;
+
+    virtual bool encrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream) = 0;
+};
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/DocumentDecryption.hxx b/include/oox/crypto/DocumentDecryption.hxx
new file mode 100644
index 000000000000..768cdbf6b275
--- /dev/null
+++ b/include/oox/crypto/DocumentDecryption.hxx
@@ -0,0 +1,72 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef DOCUMENT_DECRYPTION_HXX
+#define DOCUMENT_DECRYPTION_HXX
+
+#include "oox/dllapi.h"
+
+#include "oox/ole/olestorage.hxx"
+#include "oox/helper/binaryinputstream.hxx"
+#include "oox/helper/binaryoutputstream.hxx"
+
+#include <com/sun/star/io/XStream.hpp>
+#include <com/sun/star/beans/NamedValue.hpp>
+#include <com/sun/star/uno/Sequence.hxx>
+
+#include "CryptTools.hxx"
+#include "AgileEngine.hxx"
+#include "Standard2007Engine.hxx"
+
+#include <boost/scoped_ptr.hpp>
+#include <vector>
+
+namespace oox {
+namespace core {
+
+class OOX_DLLPUBLIC DocumentDecryption
+{
+private:
+    com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > mxContext;
+
+    enum CryptoType
+    {
+        UNKNOWN,
+        STANDARD_2007,
+        AGILE
+    };
+
+    oox::ole::OleStorage&           mrOleStorage;
+    boost::scoped_ptr<CryptoEngine> mEngine;
+    CryptoType                      mCryptoType;
+
+    bool readAgileEncryptionInfo( com::sun::star::uno::Reference< com::sun::star::io::XInputStream >& rStream );
+    bool readStandard2007EncryptionInfo( BinaryInputStream& rStream );
+
+public:
+    DocumentDecryption(
+        oox::ole::OleStorage& rOleStorage,
+        com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > xContext);
+
+    bool decrypt(com::sun::star::uno::Reference< com::sun::star::io::XStream > xDocumentStream);
+    bool readEncryptionInfo();
+    bool generateEncryptionKey(const OUString& rPassword);
+
+    com::sun::star::uno::Sequence< com::sun::star::beans::NamedValue > createEncryptionData();
+
+    static bool checkEncryptionData( const com::sun::star::uno::Sequence< com::sun::star::beans::NamedValue >& rEncryptionData );
+};
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/DocumentEncryption.hxx b/include/oox/crypto/DocumentEncryption.hxx
new file mode 100644
index 000000000000..b4e142ea2ade
--- /dev/null
+++ b/include/oox/crypto/DocumentEncryption.hxx
@@ -0,0 +1,55 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef DOCUMENT_ENCRYPTION_HXX
+#define DOCUMENT_ENCRYPTION_HXX
+
+#include "oox/dllapi.h"
+
+#include "oox/ole/olestorage.hxx"
+
+#include <com/sun/star/io/XStream.hpp>
+#include <com/sun/star/beans/NamedValue.hpp>
+#include <com/sun/star/uno/Sequence.hxx>
+
+#include "CryptTools.hxx"
+#include "Standard2007Engine.hxx"
+
+#include <vector>
+
+
+namespace oox {
+namespace core {
+
+class OOX_DLLPUBLIC DocumentEncryption
+{
+private:
+    com::sun::star::uno::Reference< com::sun::star::io::XStream > mxDocumentStream;
+    oox::ole::OleStorage& mrOleStorage;
+    OUString maPassword;
+
+    Standard2007Engine mEngine;
+
+public:
+    DocumentEncryption(
+        com::sun::star::uno::Reference< com::sun::star::io::XStream > xDocumentStream,
+        oox::ole::OleStorage& rOleStorage,
+        OUString aPassword);
+
+    bool encrypt();
+
+};
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/Standard2007Engine.hxx b/include/oox/crypto/Standard2007Engine.hxx
new file mode 100644
index 000000000000..c53ec22cd124
--- /dev/null
+++ b/include/oox/crypto/Standard2007Engine.hxx
@@ -0,0 +1,118 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef STANDARD_2007_ENGINE_HXX
+#define STANDARD_2007_ENGINE_HXX
+
+#include "CryptTools.hxx"
+#include "CryptoEngine.hxx"
+
+namespace oox {
+namespace core {
+
+const sal_uInt32 ENCRYPTINFO_CRYPTOAPI      = 0x00000004;
+const sal_uInt32 ENCRYPTINFO_DOCPROPS       = 0x00000008;
+const sal_uInt32 ENCRYPTINFO_EXTERNAL       = 0x00000010;
+const sal_uInt32 ENCRYPTINFO_AES            = 0x00000020;
+
+const sal_uInt32 ENCRYPT_ALGO_AES128        = 0x0000660E;
+const sal_uInt32 ENCRYPT_ALGO_AES192        = 0x0000660F;
+const sal_uInt32 ENCRYPT_ALGO_AES256        = 0x00006610;
+const sal_uInt32 ENCRYPT_ALGO_RC4           = 0x00006801;
+
+const sal_uInt32 ENCRYPT_HASH_SHA1          = 0x00008004;
+
+const sal_uInt32 ENCRYPT_KEY_SIZE_AES_128   = 0x00000080;
+const sal_uInt32 ENCRYPT_KEY_SIZE_AES_192   = 0x000000C0;
+const sal_uInt32 ENCRYPT_KEY_SIZE_AES_256   = 0x00000100;
+
+const sal_uInt32 ENCRYPT_PROVIDER_TYPE_AES  = 0x00000018;
+const sal_uInt32 ENCRYPT_PROVIDER_TYPE_RC4  = 0x00000001;
+
+// version of encryption info used in MS Office 2007 (major = 3, minor = 2)
+const sal_uInt32 VERSION_INFO_2007_FORMAT   = 0x00020003;
+// version of encryption info - agile (major = 4, minor = 4)
+const sal_uInt32 VERSION_INFO_AGILE         = 0x00040004;
+
+const sal_uInt32 SALT_LENGTH                    = 16;
+const sal_uInt32 ENCRYPTED_VERIFIER_LENGTH      = 16;
+const sal_uInt32 ENCRYPTED_VERIFIER_HASH_LENGTH = 32;
+
+struct EncryptionStandardHeader
+{
+    sal_uInt32 flags;
+    sal_uInt32 sizeExtra;       // 0
+    sal_uInt32 algId;           // if flag AES && CRYPTOAPI this defaults to 128-bit AES
+    sal_uInt32 algIdHash;       // 0: determine by flags - defaults to SHA-1 if not external
+    sal_uInt32 keyBits;         // key size in bits: 0 (determine by flags), 128, 192, 256
+    sal_uInt32 providedType;    // AES or RC4
+    sal_uInt32 reserved1;       // 0
+    sal_uInt32 reserved2;       // 0
+
+    EncryptionStandardHeader();
+};
+
+struct EncryptionVerifierAES
+{
+    sal_uInt32 saltSize;                                                // must be 0x00000010
+    sal_uInt8  salt[SALT_LENGTH];                                       // random generated salt value
+    sal_uInt8  encryptedVerifier[ENCRYPTED_VERIFIER_LENGTH];            // randomly generated verifier value
+    sal_uInt32 encryptedVerifierHashSize;                               // actually written hash size - depends on algorithm
+    sal_uInt8  encryptedVerifierHash[ENCRYPTED_VERIFIER_HASH_LENGTH];   // verifier value hash - itself also encrypted
+
+    EncryptionVerifierAES();
+};
+
+struct StandardEncryptionInfo
+{
+    EncryptionStandardHeader header;
+    EncryptionVerifierAES    verifier;
+};
+
+class Standard2007Engine : public CryptoEngine
+{
+    StandardEncryptionInfo mInfo;
+
+    bool generateVerifier();
+    bool calculateEncryptionKey(const OUString& rPassword);
+
+public:
+    Standard2007Engine();
+    virtual ~Standard2007Engine();
+
+    StandardEncryptionInfo& getInfo();
+
+    static bool checkEncryptionData(
+                    std::vector<sal_uInt8> key, sal_uInt32 keySize,
+                    std::vector<sal_uInt8> encryptedVerifier, sal_uInt32 verifierSize,
+                    std::vector<sal_uInt8> encryptedHash, sal_uInt32 hashSize );
+
+    virtual bool generateEncryptionKey(const OUString& rPassword);
+
+    virtual bool writeEncryptionInfo(
+                    const OUString& rPassword,
+                    BinaryXOutputStream& rStream);
+
+    virtual bool decrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream);
+
+    virtual bool encrypt(
+                    BinaryXInputStream& aInputStream,
+                    BinaryXOutputStream& aOutputStream);
+
+};
+
+} // namespace core
+} // namespace oox
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
author	Tomaž Vajngerl <quikee@gmail.com>	2013-08-24 22:40:54 +0200
committer	Tomaž Vajngerl <quikee@gmail.com>	2013-08-24 22:53:04 +0200
commit	4323c66840e4c7dcacda0e33d33d7e67fdb08f09 (patch)
tree	5359bfda1a78e99f8fa2f8543b918e0f847ae230 /include
parent	4d688beb2b2183ced387270e051dc25ee340fb4b (diff)