summaryrefslogtreecommitdiffstats
path: root/include/oox/crypto
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
commit267c6f2ac71f92999e969232431ba04678e7437e (patch)
tree358c9467650e1d0a1d7227a21dac2e3d08b622b2 /include/oox/crypto
parentInitial commit. (diff)
downloadlibreoffice-267c6f2ac71f92999e969232431ba04678e7437e.tar.xz
libreoffice-267c6f2ac71f92999e969232431ba04678e7437e.zip
Adding upstream version 4:24.2.0.upstream/4%24.2.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'include/oox/crypto')
-rw-r--r--include/oox/crypto/AgileEngine.hxx148
-rw-r--r--include/oox/crypto/CryptTools.hxx121
-rw-r--r--include/oox/crypto/CryptoEngine.hxx66
-rw-r--r--include/oox/crypto/DocumentDecryption.hxx54
-rw-r--r--include/oox/crypto/DocumentEncryption.hxx52
-rw-r--r--include/oox/crypto/Standard2007Engine.hxx61
-rw-r--r--include/oox/crypto/StrongEncryptionDataSpace.hxx76
7 files changed, 578 insertions, 0 deletions
diff --git a/include/oox/crypto/AgileEngine.hxx b/include/oox/crypto/AgileEngine.hxx
new file mode 100644
index 0000000000..07ce3cb5ee
--- /dev/null
+++ b/include/oox/crypto/AgileEngine.hxx
@@ -0,0 +1,148 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX
+#define INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX
+
+#include <vector>
+
+#include <oox/dllapi.h>
+#include <oox/crypto/CryptTools.hxx>
+#include <oox/crypto/CryptoEngine.hxx>
+#include <rtl/ustring.hxx>
+#include <sal/types.h>
+
+namespace oox {
+ class BinaryXInputStream;
+ class BinaryXOutputStream;
+}
+
+namespace oox::crypto {
+
+struct OOX_DLLPUBLIC AgileEncryptionInfo
+{
+ sal_Int32 spinCount;
+ sal_Int32 saltSize;
+ sal_Int32 keyBits;
+ sal_Int32 hashSize;
+ sal_Int32 blockSize;
+
+ OUString cipherAlgorithm;
+ OUString cipherChaining;
+ OUString hashAlgorithm;
+
+ std::vector<sal_uInt8> keyDataSalt;
+
+ // Key Encryptor
+ std::vector<sal_uInt8> saltValue;
+ std::vector<sal_uInt8> encryptedVerifierHashInput;
+ std::vector<sal_uInt8> encryptedVerifierHashValue;
+ std::vector<sal_uInt8> encryptedKeyValue;
+
+ // HMAC
+ std::vector<sal_uInt8> hmacKey;
+ std::vector<sal_uInt8> hmacHash;
+ std::vector<sal_uInt8> hmacCalculatedHash;
+ std::vector<sal_uInt8> hmacEncryptedKey; // encrypted Key
+ std::vector<sal_uInt8> hmacEncryptedValue; // encrypted Hash
+};
+
+struct OOX_DLLPUBLIC AgileEncryptionParameters
+{
+ sal_Int32 spinCount;
+ sal_Int32 saltSize;
+ sal_Int32 keyBits;
+ sal_Int32 hashSize;
+ sal_Int32 blockSize;
+
+ OUString cipherAlgorithm;
+ OUString cipherChaining;
+ OUString hashAlgorithm;
+};
+
+enum class AgileEncryptionPreset
+{
+ AES_128_SHA1,
+ AES_128_SHA384,
+ AES_256_SHA512,
+};
+
+class OOX_DLLPUBLIC AgileEngine final : public CryptoEngine
+{
+private:
+ AgileEncryptionInfo mInfo;
+ AgileEncryptionPreset meEncryptionPreset;
+
+ void calculateHashFinal(const OUString& rPassword, std::vector<sal_uInt8>& aHashFinal);
+
+ void calculateBlock(
+ std::vector<sal_uInt8> const & rBlock,
+ std::vector<sal_uInt8>& rHashFinal,
+ std::vector<sal_uInt8>& rInput,
+ std::vector<sal_uInt8>& rOutput);
+
+ void encryptBlock(
+ std::vector<sal_uInt8> const & rBlock,
+ std::vector<sal_uInt8>& rHashFinal,
+ std::vector<sal_uInt8>& rInput,
+ std::vector<sal_uInt8>& rOutput);
+
+ static Crypto::CryptoType cryptoType(const AgileEncryptionInfo& rInfo);
+
+public:
+ AgileEngine();
+
+ AgileEncryptionInfo& getInfo() { return mInfo;}
+
+ void setPreset(AgileEncryptionPreset ePreset)
+ {
+ meEncryptionPreset = ePreset;
+ }
+
+ // Decryption
+
+ void decryptEncryptionKey(OUString const & rPassword);
+ bool decryptAndCheckVerifierHash(OUString const & rPassword);
+
+ bool generateEncryptionKey(OUString const & rPassword) override;
+ bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override;
+ bool decrypt(BinaryXInputStream& aInputStream,
+ BinaryXOutputStream& aOutputStream) override;
+
+ bool checkDataIntegrity() override;
+
+ bool decryptHmacKey();
+ bool decryptHmacValue();
+
+ // Encryption
+
+ void writeEncryptionInfo(BinaryXOutputStream& rStream) override;
+
+ void encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream,
+ css::uno::Reference<css::io::XOutputStream>& rxOutputStream,
+ sal_uInt32 nSize) override;
+
+ bool setupEncryption(OUString const & rPassword) override;
+
+ bool generateAndEncryptVerifierHash(OUString const & rPassword);
+
+ bool encryptHmacKey();
+ bool encryptHmacValue();
+
+ bool encryptEncryptionKey(OUString const & rPassword);
+ void setupEncryptionParameters(AgileEncryptionParameters const & rAgileEncryptionParameters);
+ bool setupEncryptionKey(OUString const & rPassword);
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/CryptTools.hxx b/include/oox/crypto/CryptTools.hxx
new file mode 100644
index 0000000000..10382b9793
--- /dev/null
+++ b/include/oox/crypto/CryptTools.hxx
@@ -0,0 +1,121 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX
+#define INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX
+
+#include <oox/dllapi.h>
+#include <sal/types.h>
+
+#include <vector>
+#include <memory>
+
+namespace oox::crypto {
+
+/** Rounds up the input to the nearest multiple
+ *
+ * For example:
+ * input 1, multiple 16 = 16
+ * input 16, multiple 16 = 16
+ * input 17, multiple 16 = 32
+ * input 31, multiple 16 = 32
+ */
+template<typename T>
+T roundUp(T input, T multiple)
+{
+ if (input % multiple == 0)
+ return input;
+ return ((input / multiple) * multiple) + multiple;
+}
+
+enum class CryptoHashType
+{
+ SHA1,
+ SHA256,
+ SHA384,
+ SHA512
+};
+
+struct CryptoImpl;
+
+class OOX_DLLPUBLIC Crypto
+{
+public:
+ enum CryptoType
+ {
+ UNKNOWN,
+ AES_128_ECB,
+ AES_128_CBC,
+ AES_256_CBC,
+ };
+
+protected:
+ std::unique_ptr<CryptoImpl> mpImpl;
+
+protected:
+ Crypto();
+
+public:
+ virtual ~Crypto();
+};
+
+class Decrypt final : public Crypto
+{
+public:
+ Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
+
+ sal_uInt32 update(
+ std::vector<sal_uInt8>& output,
+ std::vector<sal_uInt8>& input,
+ sal_uInt32 inputLength = 0);
+
+
+ static sal_uInt32 aes128ecb(
+ std::vector<sal_uInt8>& output,
+ std::vector<sal_uInt8>& input,
+ std::vector<sal_uInt8>& key );
+
+};
+
+class Encrypt final : public Crypto
+{
+public:
+ Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
+
+ sal_uInt32 update(
+ std::vector<sal_uInt8>& output,
+ std::vector<sal_uInt8>& input,
+ sal_uInt32 inputLength = 0);
+};
+
+class OOX_DLLPUBLIC CryptoHash final : public Crypto
+{
+ sal_Int32 mnHashSize;
+public:
+ CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType);
+ bool update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength = 0);
+ std::vector<sal_uInt8> finalize();
+};
+
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/CryptoEngine.hxx b/include/oox/crypto/CryptoEngine.hxx
new file mode 100644
index 0000000000..49009ac7e2
--- /dev/null
+++ b/include/oox/crypto/CryptoEngine.hxx
@@ -0,0 +1,66 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_CRYPTOENGINE_HXX
+#define INCLUDED_OOX_CRYPTO_CRYPTOENGINE_HXX
+
+#include <vector>
+
+#include <rtl/ustring.hxx>
+#include <sal/types.h>
+
+#include <com/sun/star/io/XInputStream.hpp>
+#include <com/sun/star/io/XOutputStream.hpp>
+
+namespace oox {
+ class BinaryXInputStream;
+ class BinaryXOutputStream;
+}
+
+namespace oox::crypto {
+
+class CryptoEngine
+{
+protected:
+ std::vector<sal_uInt8> mKey;
+
+public:
+ CryptoEngine()
+ {}
+
+ virtual ~CryptoEngine()
+ {}
+
+ // Decryption
+ virtual bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) = 0;
+
+ virtual bool generateEncryptionKey(const OUString& rPassword) = 0;
+
+ virtual bool decrypt(
+ BinaryXInputStream& aInputStream,
+ BinaryXOutputStream& aOutputStream) = 0;
+
+ // Encryption
+ virtual void writeEncryptionInfo(BinaryXOutputStream & rStream) = 0;
+
+ virtual bool setupEncryption(const OUString& rPassword) = 0;
+
+ virtual void encrypt(const css::uno::Reference<css::io::XInputStream> & rxInputStream,
+ css::uno::Reference<css::io::XOutputStream> & rxOutputStream,
+ sal_uInt32 nSize) = 0;
+
+ virtual bool checkDataIntegrity() = 0;
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/DocumentDecryption.hxx b/include/oox/crypto/DocumentDecryption.hxx
new file mode 100644
index 0000000000..fc3c4af6a5
--- /dev/null
+++ b/include/oox/crypto/DocumentDecryption.hxx
@@ -0,0 +1,54 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_DOCUMENTDECRYPTION_HXX
+#define INCLUDED_OOX_CRYPTO_DOCUMENTDECRYPTION_HXX
+
+#include <com/sun/star/beans/NamedValue.hpp>
+#include <com/sun/star/uno/Reference.hxx>
+#include <com/sun/star/uno/Sequence.hxx>
+#include <rtl/ustring.hxx>
+
+namespace com::sun::star {
+ namespace beans { struct NamedValue; }
+ namespace io { class XInputStream; }
+ namespace io { class XStream; }
+ namespace uno { class XComponentContext; }
+ namespace packages { class XPackageEncryption; }
+}
+
+namespace oox::ole { class OleStorage; }
+
+namespace oox::crypto {
+
+class DocumentDecryption
+{
+private:
+ css::uno::Reference< css::uno::XComponentContext > mxContext;
+ oox::ole::OleStorage& mrOleStorage;
+ css::uno::Sequence<css::beans::NamedValue> maStreamsSequence;
+ css::uno::Reference< css::packages::XPackageEncryption > mxPackageEncryption;
+
+public:
+ DocumentDecryption(css::uno::Reference< css::uno::XComponentContext > xContext, oox::ole::OleStorage& rOleStorage);
+
+ bool decrypt(const css::uno::Reference< css::io::XStream >& xDocumentStream);
+ bool readEncryptionInfo();
+ bool generateEncryptionKey(const OUString& rPassword);
+
+ css::uno::Sequence< css::beans::NamedValue > createEncryptionData(const OUString& rPassword);
+
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/DocumentEncryption.hxx b/include/oox/crypto/DocumentEncryption.hxx
new file mode 100644
index 0000000000..c2a3bd4ed5
--- /dev/null
+++ b/include/oox/crypto/DocumentEncryption.hxx
@@ -0,0 +1,52 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_DOCUMENTENCRYPTION_HXX
+#define INCLUDED_OOX_CRYPTO_DOCUMENTENCRYPTION_HXX
+
+#include <com/sun/star/uno/Reference.hxx>
+#include <com/sun/star/uno/Sequence.hxx>
+
+namespace com::sun::star {
+ namespace io { class XStream; }
+ namespace packages { class XPackageEncryption; }
+ namespace beans { struct NamedValue; }
+ namespace uno { class XComponentContext; }
+}
+
+namespace oox::ole { class OleStorage; }
+
+namespace oox::crypto {
+
+class DocumentEncryption
+{
+private:
+ css::uno::Reference< css::uno::XComponentContext > mxContext;
+ css::uno::Reference< css::io::XStream > mxDocumentStream;
+ oox::ole::OleStorage& mrOleStorage;
+
+ css::uno::Reference< css::packages::XPackageEncryption > mxPackageEncryption;
+ const css::uno::Sequence< css::beans::NamedValue >& mMediaEncData;
+
+public:
+ DocumentEncryption(const css::uno::Reference< css::uno::XComponentContext >& rxContext,
+ css::uno::Reference< css::io::XStream > const & xDocumentStream,
+ oox::ole::OleStorage& rOleStorage,
+ const css::uno::Sequence< css::beans::NamedValue >& rMediaEncData);
+
+ bool encrypt();
+
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/Standard2007Engine.hxx b/include/oox/crypto/Standard2007Engine.hxx
new file mode 100644
index 0000000000..17ebbccd25
--- /dev/null
+++ b/include/oox/crypto/Standard2007Engine.hxx
@@ -0,0 +1,61 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_STANDARD2007ENGINE_HXX
+#define INCLUDED_OOX_CRYPTO_STANDARD2007ENGINE_HXX
+
+#include <oox/dllapi.h>
+#include <oox/crypto/CryptoEngine.hxx>
+#include <filter/msfilter/mscodec.hxx>
+#include <rtl/ustring.hxx>
+#include <sal/types.h>
+
+namespace oox {
+ class BinaryXInputStream;
+ class BinaryXOutputStream;
+}
+
+namespace oox::crypto {
+
+class OOX_DLLPUBLIC Standard2007Engine final : public CryptoEngine
+{
+ msfilter::StandardEncryptionInfo mInfo;
+
+ bool generateVerifier();
+ bool calculateEncryptionKey(std::u16string_view rPassword);
+
+public:
+ Standard2007Engine() = default;
+
+ bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override;
+
+ virtual bool generateEncryptionKey(OUString const & rPassword) override;
+
+ virtual bool decrypt(
+ BinaryXInputStream& aInputStream,
+ BinaryXOutputStream& aOutputStream) override;
+
+ bool checkDataIntegrity() override;
+
+ void encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream,
+ css::uno::Reference<css::io::XOutputStream>& rxOutputStream,
+ sal_uInt32 nSize) override;
+
+ virtual void writeEncryptionInfo(BinaryXOutputStream& rStream) override;
+
+ virtual bool setupEncryption(OUString const & rPassword) override;
+
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/oox/crypto/StrongEncryptionDataSpace.hxx b/include/oox/crypto/StrongEncryptionDataSpace.hxx
new file mode 100644
index 0000000000..cd7156515a
--- /dev/null
+++ b/include/oox/crypto/StrongEncryptionDataSpace.hxx
@@ -0,0 +1,76 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_OOX_CRYPTO_STRONGENCRYPTINDATASPACE_HXX
+#define INCLUDED_OOX_CRYPTO_STRONGENCRYPTINDATASPACE_HXX
+
+#include <sal/config.h>
+
+#include <memory>
+
+#include <cppuhelper/implbase.hxx>
+#include <com/sun/star/lang/XServiceInfo.hpp>
+#include <com/sun/star/packages/XPackageEncryption.hpp>
+#include <com/sun/star/io/XInputStream.hpp>
+#include <oox/crypto/CryptoEngine.hxx>
+
+namespace com::sun::star::uno
+{
+class XComponentContext;
+}
+
+namespace oox::crypto
+{
+class StrongEncryptionDataSpace final
+ : public cppu::WeakImplHelper<css::lang::XServiceInfo, css::packages::XPackageEncryption>
+{
+ css::uno::Reference<css::uno::XComponentContext> mxContext;
+ std::unique_ptr<CryptoEngine> mCryptoEngine;
+
+ css::uno::Reference<css::io::XInputStream>
+ getStream(const css::uno::Sequence<css::beans::NamedValue>& rStreams,
+ std::u16string_view sStreamName);
+
+public:
+ StrongEncryptionDataSpace(const css::uno::Reference<css::uno::XComponentContext>& rxContext);
+
+ // Decryption
+
+ virtual sal_Bool SAL_CALL generateEncryptionKey(const OUString& rPassword) override;
+ virtual sal_Bool SAL_CALL
+ readEncryptionInfo(const css::uno::Sequence<css::beans::NamedValue>& aStreams) override;
+ virtual sal_Bool SAL_CALL
+ decrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream,
+ css::uno::Reference<css::io::XOutputStream>& rxOutputStream) override;
+
+ virtual sal_Bool SAL_CALL checkDataIntegrity() override;
+
+ // Encryption
+
+ virtual css::uno::Sequence<css::beans::NamedValue>
+ SAL_CALL encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream) override;
+
+ virtual sal_Bool SAL_CALL
+ setupEncryption(const css::uno::Sequence<css::beans::NamedValue>& rMediaEncData) override;
+
+ virtual css::uno::Sequence<css::beans::NamedValue>
+ SAL_CALL createEncryptionData(const OUString& rPassword) override;
+
+ // com.sun.star.lang.XServiceInfo
+ virtual OUString SAL_CALL getImplementationName() override;
+ virtual sal_Bool SAL_CALL supportsService(const OUString& rServiceName) override;
+ virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override;
+};
+
+} // namespace oox::crypto
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */