1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
|
/*************************************************************************
*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* Copyright 2000, 2010 Oracle and/or its affiliates.
*
* OpenOffice.org - a multi-platform office productivity suite
*
* This file is part of OpenOffice.org.
*
* OpenOffice.org is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License version 3
* only, as published by the Free Software Foundation.
*
* OpenOffice.org is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License version 3 for more details
* (a copy is included in the LICENSE file that accompanied this code).
*
* You should have received a copy of the GNU Lesser General Public License
* version 3 along with OpenOffice.org. If not, see
* <http://www.openoffice.org/license.html>
* for a copy of the LGPLv3 License.
*
************************************************************************/
#ifndef OOX_CORE_BINARYCODEC_HXX
#define OOX_CORE_BINARYCODEC_HXX
#include <rtl/cipher.h>
#include <rtl/digest.h>
namespace oox { class AttributeList; }
namespace oox {
namespace core {
// ============================================================================
class CodecHelper
{
public:
/** Returns the password hash if it is in the required 16-bit limit. */
static sal_uInt16 getPasswordHash( const AttributeList& rAttribs, sal_Int32 nElement );
private:
CodecHelper();
~CodecHelper();
};
// ============================================================================
/** Encodes and decodes data from/to protected MS Office documents.
Implements a simple XOR encoding/decoding algorithm used in MS Office
versions up to MSO 95.
*/
class BinaryCodec_XOR
{
public:
/** Enumerates codec types supported by this XOR codec implementation. */
enum CodecType
{
CODEC_WORD, /// MS Word XOR codec.
CODEC_EXCEL /// MS Excel XOR codec.
};
public:
/** Default constructor.
Two-step construction in conjunction with the initKey() and verifyKey()
functions allows to try to initialize with different passwords (e.g.
built-in default password used for Excel workbook protection).
*/
explicit BinaryCodec_XOR( CodecType eCodecType );
~BinaryCodec_XOR();
/** Initializes the algorithm with the specified password.
@param pnPassData
Character array containing the password. Must be zero terminated,
which results in a maximum length of 15 characters.
*/
void initKey( const sal_uInt8 pnPassData[ 16 ] );
/** Verifies the validity of the password using the passed key and hash.
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param nKey
Password key value read from the file.
@param nHash
Password hash value read from the file.
@return
True = test was successful.
*/
bool verifyKey( sal_uInt16 nKey, sal_uInt16 nHash ) const;
/** Reinitializes the codec to start a new memory block.
Resets the internal key offset to 0.
@precond
The codec must be initialized with the initKey() function before
this function can be used.
*/
void startBlock();
/** Decodes a block of memory.
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param pnDestData
Destination buffer. Will contain the decrypted data afterwards.
@param pnSrcData
Encrypted data block.
@param nBytes
Size of the passed data blocks. pnDestData and pnSrcData must be of
this size.
@return
True = decoding was successful (no error occured).
*/
bool decode(
sal_uInt8* pnDestData,
const sal_uInt8* pnSrcData,
sal_Int32 nBytes );
/** Lets the cipher skip a specific amount of bytes.
This function sets the cipher to the same state as if the specified
amount of data has been decoded with one or more calls of decode().
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param nBytes
Number of bytes to be skipped (cipher "seeks" forward).
@return
True = skip was successful (no error occured).
*/
bool skip( sal_Int32 nBytes );
// static -----------------------------------------------------------------
/** Calculates the 16-bit hash value for the given password.
The password data may be longer than 16 bytes. The array does not need
to be terminated with a null byte (but it can without invalidating the
result).
*/
static sal_uInt16 getHash( const sal_uInt8* pnPassData, sal_Int32 nSize );
private:
CodecType meCodecType; /// Codec type.
sal_uInt8 mpnKey[ 16 ]; /// Encryption key.
sal_Int32 mnOffset; /// Key offset.
sal_uInt16 mnBaseKey; /// Base key from password.
sal_uInt16 mnHash; /// Hash value from password.
};
// ============================================================================
/** Encodes and decodes data from protected MSO 97+ documents.
This is a wrapper class around low level cryptographic functions from RTL.
Implementation is based on the wvDecrypt package by Caolan McNamara:
http://www.csn.ul.ie/~caolan/docs/wvDecrypt.html
*/
class BinaryCodec_RCF
{
public:
/** Default constructor.
Two-step construction in conjunction with the initKey() and verifyKey()
functions allows to try to initialize with different passwords (e.g.
built-in default password used for Excel workbook protection).
*/
explicit BinaryCodec_RCF();
~BinaryCodec_RCF();
/** Initializes the algorithm with the specified password and document ID.
@param pnPassData
Unicode character array containing the password. Must be zero
terminated, which results in a maximum length of 15 characters.
@param pnSalt
Random salt data block read from or written to the file.
*/
void initKey(
const sal_uInt16 pnPassData[ 16 ],
const sal_uInt8 pnSalt[ 16 ] );
/** Verifies the validity of the password using the passed salt data.
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param pnVerifier
Verifier block read from the file.
@param pnVerifierHash
Verifier hash read from the file.
@return
True = test was successful.
*/
bool verifyKey(
const sal_uInt8 pnVerifier[ 16 ],
const sal_uInt8 pnVerifierHash[ 16 ] );
/** Rekeys the codec using the specified counter.
After reading a specific amount of data the cipher algorithm needs to
be rekeyed using a counter that counts the data blocks.
The block size is for example 512 bytes for MS Word files and 1024
bytes for MS Excel files.
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param nCounter
Block counter used to rekey the cipher.
*/
bool startBlock( sal_Int32 nCounter );
/** Decodes a block of memory.
@see rtl_cipher_decode()
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param pnDestData
Destination buffer. Will contain the decrypted data afterwards.
@param pnSrcData
Encrypted data block.
@param nBytes
Size of the passed data blocks. pnDestData and pnSrcData must be of
this size.
@return
True = decoding was successful (no error occured).
*/
bool decode(
sal_uInt8* pnDestData,
const sal_uInt8* pnSrcData,
sal_Int32 nBytes );
/** Lets the cipher skip a specific amount of bytes.
This function sets the cipher to the same state as if the specified
amount of data has been decoded with one or more calls of decode().
@precond
The codec must be initialized with the initKey() function before
this function can be used.
@param nBytes
Number of bytes to be skipped (cipher "seeks" forward).
@return
True = skip was successful (no error occured).
*/
bool skip( sal_Int32 nBytes );
private:
rtlCipher mhCipher;
rtlDigest mhDigest;
sal_uInt8 mpnDigestValue[ RTL_DIGEST_LENGTH_MD5 ];
};
// ============================================================================
} // namespace core
} // namespace oox
#endif
|
