From 34a1710e87b3b97efc889352f843fdace502ee32 Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Wed, 9 Mar 2011 17:29:09 +0100 Subject: mav60: #164341# support AES encryption --- comphelper/inc/comphelper/storagehelper.hxx | 1 + 1 file changed, 1 insertion(+) diff --git a/comphelper/inc/comphelper/storagehelper.hxx b/comphelper/inc/comphelper/storagehelper.hxx index 9d44b42e9514..6fdc050db3cf 100644 --- a/comphelper/inc/comphelper/storagehelper.hxx +++ b/comphelper/inc/comphelper/storagehelper.hxx @@ -44,6 +44,7 @@ #define ZIP_STORAGE_FORMAT_STRING ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "ZipFormat" ) ) #define OFOPXML_STORAGE_FORMAT_STRING ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "OFOPXMLFormat" ) ) +#define PACKAGE_ENCRYPTIONDATA_SHA256UTF8 ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PackageSHA256UTF8EncryptionKey" ) ) #define PACKAGE_ENCRYPTIONDATA_SHA1UTF8 ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PackageSHA1UTF8EncryptionKey" ) ) #define PACKAGE_ENCRYPTIONDATA_SHA1MS1252 ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PackageSHA1MS1252EncryptionKey" ) ) -- cgit v1.2.1 From ff0e866194b35ab33b0e622b9bd33253a4234263 Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Thu, 17 Mar 2011 09:16:41 +0100 Subject: mav60: #164341# support AES encryption --- comphelper/inc/comphelper/storagehelper.hxx | 5 +- comphelper/source/misc/storagehelper.cxx | 37 +++++++++-- unotools/inc/unotools/saveopt.hxx | 10 ++- unotools/source/config/saveopt.cxx | 98 +++++++++++++++++++++++++++-- 4 files changed, 137 insertions(+), 13 deletions(-) diff --git a/comphelper/inc/comphelper/storagehelper.hxx b/comphelper/inc/comphelper/storagehelper.hxx index 6fdc050db3cf..92a2411d6441 100644 --- a/comphelper/inc/comphelper/storagehelper.hxx +++ b/comphelper/inc/comphelper/storagehelper.hxx @@ -165,7 +165,10 @@ public: throw ( ::com::sun::star::uno::Exception ); static ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > - CreatePackageEncryptionData( const ::rtl::OUString& aPassword ); + CreatePackageEncryptionData( + const ::rtl::OUString& aPassword, + const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& xSF + = ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >() ); static sal_Bool IsValidZipEntryFileName( const ::rtl::OUString& aName, sal_Bool bSlashAllowed ); static sal_Bool IsValidZipEntryFileName( const sal_Unicode *pChar, sal_Int32 nLength, sal_Bool bSlashAllowed ); diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index 60ffa965fcf1..ae3c14c58d5b 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -34,6 +34,9 @@ #include #include #include +#include +#include +#include #include @@ -422,22 +425,44 @@ uno::Reference< embed::XStorage > OStorageHelper::GetStorageOfFormatFromStream( } // ---------------------------------------------------------------------- -uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( const ::rtl::OUString& aPassword ) +uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( const ::rtl::OUString& aPassword, const uno::Reference< lang::XMultiServiceFactory >& xSF ) { // TODO/LATER: Should not the method be part of DocPasswordHelper? uno::Sequence< beans::NamedValue > aEncryptionData; + sal_Int32 nSha1Ind = 0; if ( aPassword.getLength() ) { + // generate SHA256 start key + try + { + uno::Reference< lang::XMultiServiceFactory > xFactory = xSF.is() ? xSF : ::comphelper::getProcessServiceFactory(); + if ( !xFactory.is() ) + throw uno::RuntimeException(); + + uno::Reference< xml::crypto::XDigestContextSupplier > xDigestContextSupplier( xFactory->createInstance( rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "com.sun.star.xml.crypto.SEInitializer" ) ) ), uno::UNO_QUERY_THROW ); + uno::Reference< xml::crypto::XDigestContext > xDigestContext( xDigestContextSupplier->getDigestContext( xml::crypto::DigestID::SHA256, uno::Sequence< beans::NamedValue >() ), uno::UNO_SET_THROW ); + + ::rtl::OString aUTF8Password( ::rtl::OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 ) ); + xDigestContext->updateDigest( uno::Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( aUTF8Password.getStr() ), aUTF8Password.getLength() ) ); + uno::Sequence< sal_Int8 > aDigest = xDigestContext->finalizeDigestAndDispose(); + + aEncryptionData.realloc( ++nSha1Ind ); + aEncryptionData[0].Name = PACKAGE_ENCRYPTIONDATA_SHA256UTF8; + aEncryptionData[0].Value <<= aDigest; + } + catch ( uno::Exception& ) + {} + // MS_1252 encoding was used for SO60 document format password encoding, // this encoding supports only a minor subset of nonascii characters, // but for compatibility reasons it has to be used for old document formats - aEncryptionData.realloc( 2 ); - aEncryptionData[0].Name = PACKAGE_ENCRYPTIONDATA_SHA1UTF8; - aEncryptionData[1].Name = PACKAGE_ENCRYPTIONDATA_SHA1MS1252; + aEncryptionData.realloc( nSha1Ind + 2 ); + aEncryptionData[nSha1Ind].Name = PACKAGE_ENCRYPTIONDATA_SHA1UTF8; + aEncryptionData[nSha1Ind + 1].Name = PACKAGE_ENCRYPTIONDATA_SHA1MS1252; rtl_TextEncoding pEncoding[2] = { RTL_TEXTENCODING_UTF8, RTL_TEXTENCODING_MS_1252 }; - for ( sal_Int32 nInd = 0; nInd < 2; nInd++ ) + for ( sal_Int32 nInd = nSha1Ind; nInd < nSha1Ind + 2; nInd++ ) { ::rtl::OString aByteStrPass = ::rtl::OUStringToOString( aPassword, pEncoding[nInd] ); @@ -449,7 +474,7 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( if ( nError != rtl_Digest_E_None ) { - aEncryptionData.realloc( 0 ); + aEncryptionData.realloc( nSha1Ind ); break; } diff --git a/unotools/inc/unotools/saveopt.hxx b/unotools/inc/unotools/saveopt.hxx index 22cf75c5be3d..9dab6150a8ad 100644 --- a/unotools/inc/unotools/saveopt.hxx +++ b/unotools/inc/unotools/saveopt.hxx @@ -53,7 +53,9 @@ public: E_DOPRETTYPRINTING, E_WARNALIENFORMAT, E_LOADDOCPRINTER, - E_ODFDEFAULTVERSION + E_ODFDEFAULTVERSION, + E_USESHA1INODF12, + E_USEBLOWFISHINODF12 }; // keep enum values sorted that a less or greater compare maps to older and newer versions! @@ -119,6 +121,12 @@ public: void SetODFDefaultVersion( ODFDefaultVersion eVersion ); ODFDefaultVersion GetODFDefaultVersion() const; + void SetUseSHA1InODF12( sal_Bool bUse ); + sal_Bool IsUseSHA1InODF12() const; + + void SetUseBlowfishInODF12( sal_Bool bUse ); + sal_Bool IsUseBlowfishInODF12() const; + sal_Bool IsReadOnly( EOption eOption ) const; }; diff --git a/unotools/source/config/saveopt.cxx b/unotools/source/config/saveopt.cxx index 379ba65dc9e6..565816d31e27 100644 --- a/unotools/source/config/saveopt.cxx +++ b/unotools/source/config/saveopt.cxx @@ -79,7 +79,11 @@ class SvtSaveOptions_Impl : public utl::ConfigItem bSaveUnpacked, bDoPrettyPrinting, bWarnAlienFormat, - bLoadDocPrinter; + bLoadDocPrinter, + bUseSHA1InODF12, + bUseBlowfishInODF12; + + SvtSaveOptions::ODFDefaultVersion eODFDefaultVersion; sal_Bool bROAutoSaveTime, bROUseUserData, @@ -95,10 +99,10 @@ class SvtSaveOptions_Impl : public utl::ConfigItem bROWarnAlienFormat, bRODoPrettyPrinting, bROLoadDocPrinter, + bROUseSHA1InODF12, + bROUseBlowfishInODF12, bROODFDefaultVersion; - SvtSaveOptions::ODFDefaultVersion eODFDefaultVersion; - public: SvtSaveOptions_Impl(); ~SvtSaveOptions_Impl(); @@ -120,6 +124,9 @@ public: sal_Bool IsPrettyPrintingEnabled( ) const { return bDoPrettyPrinting; } sal_Bool IsWarnAlienFormat() const { return bWarnAlienFormat; } sal_Bool IsLoadDocPrinter() const { return bLoadDocPrinter; } + sal_Bool IsUseSHA1InODF12() const { return bUseSHA1InODF12; } + sal_Bool IsUseBlowfishInODF12() const { return bUseBlowfishInODF12; } + SvtSaveOptions::ODFDefaultVersion GetODFDefaultVersion() const { return eODFDefaultVersion; } @@ -137,6 +144,8 @@ public: void EnablePrettyPrinting( sal_Bool _bDoPP ); void SetWarnAlienFormat( sal_Bool _bDoPP ); void SetLoadDocPrinter( sal_Bool bNew ); + void SetUseSHA1InODF12( sal_Bool bUse ); + void SetUseBlowfishInODF12( sal_Bool bUse ); void SetODFDefaultVersion( SvtSaveOptions::ODFDefaultVersion eNew ); sal_Bool IsReadOnly( SvtSaveOptions::EOption eOption ) const; @@ -279,6 +288,24 @@ void SvtSaveOptions_Impl::SetODFDefaultVersion( SvtSaveOptions::ODFDefaultVersio } } +void SvtSaveOptions_Impl::SetUseSHA1InODF12( sal_Bool bUse ) +{ + if ( !bROUseSHA1InODF12 && bUseSHA1InODF12 != bUse ) + { + bUseSHA1InODF12 = bUse; + SetModified(); + } +} + +void SvtSaveOptions_Impl::SetUseBlowfishInODF12( sal_Bool bUse ) +{ + if ( !bROUseBlowfishInODF12 && bUseBlowfishInODF12 != bUse ) + { + bUseBlowfishInODF12 = bUse; + SetModified(); + } +} + sal_Bool SvtSaveOptions_Impl::IsReadOnly( SvtSaveOptions::EOption eOption ) const { sal_Bool bReadOnly = CFG_READONLY_DEFAULT; @@ -329,6 +356,12 @@ sal_Bool SvtSaveOptions_Impl::IsReadOnly( SvtSaveOptions::EOption eOption ) cons case SvtSaveOptions::E_ODFDEFAULTVERSION : bReadOnly = bROLoadDocPrinter; break; + case SvtSaveOptions::E_USESHA1INODF12: + bReadOnly = bROUseSHA1InODF12; + break; + case SvtSaveOptions::E_USEBLOWFISHINODF12: + bReadOnly = bROUseBlowfishInODF12; + break; } return bReadOnly; } @@ -349,6 +382,8 @@ sal_Bool SvtSaveOptions_Impl::IsReadOnly( SvtSaveOptions::EOption eOption ) cons #define INTERNET 13 #define SAVEWORKINGSET 14 #define ODFDEFAULTVERSION 15 +#define USESHA1INODF12 16 +#define USEBLOWFISHINODF12 17 Sequence< OUString > GetPropertyNames() { @@ -369,7 +404,9 @@ Sequence< OUString > GetPropertyNames() "URL/FileSystem", "URL/Internet", "WorkingSet", - "ODF/DefaultVersion" + "ODF/DefaultVersion", + "ODF/UseSHA1InODF12", + "ODF/UseBlowfishInODF12" }; const int nCount = sizeof( aPropNames ) / sizeof( const char* ); @@ -399,6 +436,9 @@ SvtSaveOptions_Impl::SvtSaveOptions_Impl() , bDoPrettyPrinting( sal_False ) , bWarnAlienFormat( sal_True ) , bLoadDocPrinter( sal_True ) + , eODFDefaultVersion( SvtSaveOptions::ODFVER_LATEST ) + , bUseSHA1InODF12( false ) + , bUseBlowfishInODF12( false ) , bROAutoSaveTime( CFG_READONLY_DEFAULT ) , bROUseUserData( CFG_READONLY_DEFAULT ) , bROBackup( CFG_READONLY_DEFAULT ) @@ -414,7 +454,8 @@ SvtSaveOptions_Impl::SvtSaveOptions_Impl() , bRODoPrettyPrinting( CFG_READONLY_DEFAULT ) , bROLoadDocPrinter( CFG_READONLY_DEFAULT ) , bROODFDefaultVersion( CFG_READONLY_DEFAULT ) - , eODFDefaultVersion( SvtSaveOptions::ODFVER_LATEST ) + , bROUseSHA1InODF12( CFG_READONLY_DEFAULT ) + , bROUseBlowfishInODF12( CFG_READONLY_DEFAULT ) { Sequence< OUString > aNames = GetPropertyNames(); Sequence< Any > aValues = GetProperties( aNames ); @@ -527,6 +568,16 @@ SvtSaveOptions_Impl::SvtSaveOptions_Impl() bROLoadDocPrinter = pROStates[nProp]; break; + case USESHA1INODF12: + bUseSHA1InODF12 = bTemp; + bROUseSHA1InODF12 = pROStates[nProp]; + break; + + case USEBLOWFISHINODF12: + bUseBlowfishInODF12 = bTemp; + bROUseBlowfishInODF12 = pROStates[nProp]; + break; + default : DBG_ERRORFILE( "invalid index to load a path" ); } @@ -704,6 +755,23 @@ void SvtSaveOptions_Impl::Commit() ++nRealCount; } break; + case USESHA1INODF12: + if (!bROUseSHA1InODF12) + { + pValues[nRealCount] <<= bUseSHA1InODF12; + pNames[nRealCount] = pOrgNames[i]; + ++nRealCount; + } + break; + case USEBLOWFISHINODF12: + if (!bROUseBlowfishInODF12) + { + pValues[nRealCount] <<= bUseBlowfishInODF12; + pNames[nRealCount] = pOrgNames[i]; + ++nRealCount; + } + break; + default: DBG_ERRORFILE( "invalid index to save a path" ); } @@ -995,6 +1063,26 @@ SvtSaveOptions::ODFDefaultVersion SvtSaveOptions::GetODFDefaultVersion() const return pImp->pSaveOpt->GetODFDefaultVersion(); } +void SvtSaveOptions::SetUseSHA1InODF12( sal_Bool bUse ) +{ + pImp->pSaveOpt->SetUseSHA1InODF12( bUse ); +} + +sal_Bool SvtSaveOptions::IsUseSHA1InODF12() const +{ + return pImp->pSaveOpt->IsUseSHA1InODF12(); +} + +void SvtSaveOptions::SetUseBlowfishInODF12( sal_Bool bUse ) +{ + pImp->pSaveOpt->SetUseBlowfishInODF12( bUse ); +} + +sal_Bool SvtSaveOptions::IsUseBlowfishInODF12() const +{ + return pImp->pSaveOpt->IsUseBlowfishInODF12(); +} + sal_Bool SvtSaveOptions::IsReadOnly( SvtSaveOptions::EOption eOption ) const { return pImp->pSaveOpt->IsReadOnly(eOption); -- cgit v1.2.1 From 948cb738925817a79b9a0f4671c3deb14abc513d Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Wed, 23 Mar 2011 14:13:24 +0100 Subject: mav60: #164341# fix problems with the new implementation --- comphelper/source/misc/storagehelper.cxx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index ae3c14c58d5b..0a4cddc6d066 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -462,7 +462,7 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( rtl_TextEncoding pEncoding[2] = { RTL_TEXTENCODING_UTF8, RTL_TEXTENCODING_MS_1252 }; - for ( sal_Int32 nInd = nSha1Ind; nInd < nSha1Ind + 2; nInd++ ) + for ( sal_Int32 nInd = 0; nInd < 2; nInd++ ) { ::rtl::OString aByteStrPass = ::rtl::OUStringToOString( aPassword, pEncoding[nInd] ); @@ -478,7 +478,7 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( break; } - aEncryptionData[nInd].Value <<= uno::Sequence< sal_Int8 >( (sal_Int8*)pBuffer, RTL_DIGEST_LENGTH_SHA1 ); + aEncryptionData[nSha1Ind+nInd].Value <<= uno::Sequence< sal_Int8 >( (sal_Int8*)pBuffer, RTL_DIGEST_LENGTH_SHA1 ); } } -- cgit v1.2.1 From 86bd1b506fce9542fce35dd0945e642bade4f57e Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Thu, 24 Mar 2011 19:39:35 +0100 Subject: mav60: fix rebase problems --- unotools/source/config/saveopt.cxx | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/unotools/source/config/saveopt.cxx b/unotools/source/config/saveopt.cxx index 565816d31e27..6a30149c555f 100644 --- a/unotools/source/config/saveopt.cxx +++ b/unotools/source/config/saveopt.cxx @@ -99,9 +99,9 @@ class SvtSaveOptions_Impl : public utl::ConfigItem bROWarnAlienFormat, bRODoPrettyPrinting, bROLoadDocPrinter, + bROODFDefaultVersion, bROUseSHA1InODF12, - bROUseBlowfishInODF12, - bROODFDefaultVersion; + bROUseBlowfishInODF12; public: SvtSaveOptions_Impl(); @@ -436,9 +436,9 @@ SvtSaveOptions_Impl::SvtSaveOptions_Impl() , bDoPrettyPrinting( sal_False ) , bWarnAlienFormat( sal_True ) , bLoadDocPrinter( sal_True ) + , bUseSHA1InODF12( sal_False ) + , bUseBlowfishInODF12( sal_False ) , eODFDefaultVersion( SvtSaveOptions::ODFVER_LATEST ) - , bUseSHA1InODF12( false ) - , bUseBlowfishInODF12( false ) , bROAutoSaveTime( CFG_READONLY_DEFAULT ) , bROUseUserData( CFG_READONLY_DEFAULT ) , bROBackup( CFG_READONLY_DEFAULT ) -- cgit v1.2.1 From f8691415aee65ddac28bd993bd4f6d0882685dad Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Sun, 27 Mar 2011 19:31:20 +0200 Subject: mav60: #164341# fix typo --- comphelper/source/misc/storagehelper.cxx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index 0a4cddc6d066..b6d46f3d291d 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -439,7 +439,7 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( if ( !xFactory.is() ) throw uno::RuntimeException(); - uno::Reference< xml::crypto::XDigestContextSupplier > xDigestContextSupplier( xFactory->createInstance( rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "com.sun.star.xml.crypto.SEInitializer" ) ) ), uno::UNO_QUERY_THROW ); + uno::Reference< xml::crypto::XDigestContextSupplier > xDigestContextSupplier( xFactory->createInstance( rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "com.sun.star.xml.crypto.NSSInitializer" ) ) ), uno::UNO_QUERY_THROW ); uno::Reference< xml::crypto::XDigestContext > xDigestContext( xDigestContextSupplier->getDigestContext( xml::crypto::DigestID::SHA256, uno::Sequence< beans::NamedValue >() ), uno::UNO_SET_THROW ); ::rtl::OString aUTF8Password( ::rtl::OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 ) ); -- cgit v1.2.1 From 8b361b59c7f668d66c6721389f7af7eefb56ce80 Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Sun, 27 Mar 2011 22:08:02 +0200 Subject: mav60: #164341# use simple nss initialization in case mscrypto is used --- comphelper/source/misc/storagehelper.cxx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index b6d46f3d291d..9b4e7a15cfca 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -451,7 +451,9 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( aEncryptionData[0].Value <<= aDigest; } catch ( uno::Exception& ) - {} + { + OSL_ENSURE( false, "Can not create SHA256 digest!" ); + } // MS_1252 encoding was used for SO60 document format password encoding, // this encoding supports only a minor subset of nonascii characters, -- cgit v1.2.1