diff options
Diffstat (limited to 'package/source/zippackage/ZipPackageStream.cxx')
-rw-r--r-- | package/source/zippackage/ZipPackageStream.cxx | 1359 |
1 files changed, 1359 insertions, 0 deletions
diff --git a/package/source/zippackage/ZipPackageStream.cxx b/package/source/zippackage/ZipPackageStream.cxx new file mode 100644 index 0000000000..d3068a6665 --- /dev/null +++ b/package/source/zippackage/ZipPackageStream.cxx @@ -0,0 +1,1359 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * This file incorporates work covered by the following license notice: + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed + * with this work for additional information regarding copyright + * ownership. The ASF licenses this file to you under the Apache + * License, Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.apache.org/licenses/LICENSE-2.0 . + */ + +#include <ZipPackageStream.hxx> + +#include <com/sun/star/beans/PropertyValue.hpp> +#include <com/sun/star/container/XNameContainer.hpp> +#include <com/sun/star/packages/NoRawFormatException.hpp> +#include <com/sun/star/packages/zip/ZipConstants.hpp> +#include <com/sun/star/embed/StorageFormats.hpp> +#include <com/sun/star/packages/zip/ZipIOException.hpp> +#include <com/sun/star/packages/NoEncryptionException.hpp> +#include <com/sun/star/packages/zip/ZipException.hpp> +#include <com/sun/star/packages/WrongPasswordException.hpp> +#include <com/sun/star/io/TempFile.hpp> +#include <com/sun/star/io/XInputStream.hpp> +#include <com/sun/star/io/XOutputStream.hpp> +#include <com/sun/star/io/XStream.hpp> +#include <com/sun/star/io/XSeekable.hpp> +#include <com/sun/star/xml/crypto/DigestID.hpp> +#include <com/sun/star/xml/crypto/CipherID.hpp> +#include <com/sun/star/xml/crypto/KDFID.hpp> + +#include <CRC32.hxx> +#include <ZipOutputEntry.hxx> +#include <ZipOutputStream.hxx> +#include <ZipPackage.hxx> +#include <ZipFile.hxx> +#include <EncryptedDataHeader.hxx> +#include <osl/diagnose.h> +#include "wrapstreamforshare.hxx" + +#include <comphelper/seekableinput.hxx> +#include <comphelper/servicehelper.hxx> +#include <comphelper/storagehelper.hxx> +#include <cppuhelper/supportsservice.hxx> +#include <unotools/tempfile.hxx> + +#include <rtl/random.h> +#include <sal/log.hxx> +#include <o3tl/unreachable.hxx> +#include <comphelper/diagnose_ex.hxx> + +#include <PackageConstants.hxx> + +#include <algorithm> +#include <cstddef> + +using namespace com::sun::star::packages::zip::ZipConstants; +using namespace com::sun::star::packages::zip; +using namespace com::sun::star::uno; +using namespace com::sun::star::lang; +using namespace com::sun::star; +using namespace cppu; + +#if OSL_DEBUG_LEVEL > 0 +#define THROW_WHERE SAL_WHERE +#else +#define THROW_WHERE "" +#endif + +ZipPackageStream::ZipPackageStream ( ZipPackage & rNewPackage, + const uno::Reference< XComponentContext >& xContext, + sal_Int32 nFormat, + bool bAllowRemoveOnInsert ) +: m_rZipPackage( rNewPackage ) +, m_bToBeCompressed ( true ) +, m_bToBeEncrypted ( false ) +, m_bHaveOwnKey ( false ) +, m_bIsEncrypted ( false ) +, m_nImportedStartKeyAlgorithm( 0 ) +, m_nImportedEncryptionAlgorithm( 0 ) +, m_nImportedDerivedKeySize( 0 ) +, m_nStreamMode( PACKAGE_STREAM_NOTSET ) +, m_nMagicalHackPos( 0 ) +, m_nMagicalHackSize( 0 ) +, m_nOwnStreamOrigSize( 0 ) +, m_bHasSeekable( false ) +, m_bCompressedIsSetFromOutside( false ) +, m_bFromManifest( false ) +, m_bUseWinEncoding( false ) +, m_bRawStream( false ) +{ + m_xContext = xContext; + m_nFormat = nFormat; + mbAllowRemoveOnInsert = bAllowRemoveOnInsert; + SetFolder ( false ); + aEntry.nVersion = -1; + aEntry.nFlag = 0; + aEntry.nMethod = -1; + aEntry.nTime = -1; + aEntry.nCrc = -1; + aEntry.nCompressedSize = -1; + aEntry.nSize = -1; + aEntry.nOffset = -1; + aEntry.nPathLen = -1; + aEntry.nExtraLen = -1; +} + +ZipPackageStream::~ZipPackageStream() +{ +} + +void ZipPackageStream::setZipEntryOnLoading( const ZipEntry &rInEntry ) +{ + aEntry.nVersion = rInEntry.nVersion; + aEntry.nFlag = rInEntry.nFlag; + aEntry.nMethod = rInEntry.nMethod; + aEntry.nTime = rInEntry.nTime; + aEntry.nCrc = rInEntry.nCrc; + aEntry.nCompressedSize = rInEntry.nCompressedSize; + aEntry.nSize = rInEntry.nSize; + aEntry.nOffset = rInEntry.nOffset; + aEntry.sPath = rInEntry.sPath; + aEntry.nPathLen = rInEntry.nPathLen; + aEntry.nExtraLen = rInEntry.nExtraLen; + + if ( aEntry.nMethod == STORED ) + m_bToBeCompressed = false; +} + +uno::Reference< io::XInputStream > const & ZipPackageStream::GetOwnSeekStream() +{ + if ( !m_bHasSeekable && m_xStream.is() ) + { + // The package component requires that every stream either be FROM a package or it must support XSeekable! + // The only exception is a nonseekable stream that is provided only for storing, if such a stream + // is accessed before commit it MUST be wrapped. + // Wrap the stream in case it is not seekable + m_xStream = ::comphelper::OSeekableInputWrapper::CheckSeekableCanWrap( m_xStream, m_xContext ); + uno::Reference< io::XSeekable > xSeek( m_xStream, UNO_QUERY_THROW ); + + m_bHasSeekable = true; + } + + return m_xStream; +} + +uno::Reference< io::XInputStream > ZipPackageStream::GetRawEncrStreamNoHeaderCopy() +{ + if ( m_nStreamMode != PACKAGE_STREAM_RAW || !GetOwnSeekStream().is() ) + throw io::IOException(THROW_WHERE ); + + if ( m_xBaseEncryptionData.is() ) + throw ZipIOException(THROW_WHERE "Encrypted stream without encryption data!" ); + + uno::Reference< io::XSeekable > xSeek( GetOwnSeekStream(), UNO_QUERY ); + if ( !xSeek.is() ) + throw ZipIOException(THROW_WHERE "The stream must be seekable!" ); + + // skip header + xSeek->seek( n_ConstHeaderSize + m_xBaseEncryptionData->m_aInitVector.getLength() + + m_xBaseEncryptionData->m_aSalt.getLength() + m_xBaseEncryptionData->m_aDigest.getLength() ); + + // create temporary stream + rtl::Reference < utl::TempFileFastService > xTempFile = new utl::TempFileFastService; + uno::Reference < io::XInputStream > xTempIn = xTempFile->getInputStream(); + + // copy the raw stream to the temporary file starting from the current position + ::comphelper::OStorageHelper::CopyInputToOutput( GetOwnSeekStream(), xTempFile ); + xTempFile->closeOutput(); + xTempFile->seek( 0 ); + + return xTempIn; +} + +sal_Int32 ZipPackageStream::GetEncryptionAlgorithm() const +{ + return m_nImportedEncryptionAlgorithm ? m_nImportedEncryptionAlgorithm : m_rZipPackage.GetEncAlgID(); +} + +sal_Int32 ZipPackageStream::GetIVSize() const +{ + switch (GetEncryptionAlgorithm()) + { + case css::xml::crypto::CipherID::BLOWFISH_CFB_8: + return 8; + case css::xml::crypto::CipherID::AES_CBC_W3C_PADDING: + return 16; + case css::xml::crypto::CipherID::AES_GCM_W3C: + return 12; + default: + O3TL_UNREACHABLE; + } +} + +::rtl::Reference<EncryptionData> ZipPackageStream::GetEncryptionData(Bugs const bugs) +{ + ::rtl::Reference< EncryptionData > xResult; + if ( m_xBaseEncryptionData.is() ) + xResult = new EncryptionData( + *m_xBaseEncryptionData, + GetEncryptionKey(bugs), + GetEncryptionAlgorithm(), + m_oImportedChecksumAlgorithm ? m_oImportedChecksumAlgorithm : m_rZipPackage.GetChecksumAlgID(), + m_nImportedDerivedKeySize ? m_nImportedDerivedKeySize : m_rZipPackage.GetDefaultDerivedKeySize(), + GetStartKeyGenID(), + bugs != Bugs::None); + + return xResult; +} + +uno::Sequence<sal_Int8> ZipPackageStream::GetEncryptionKey(Bugs const bugs) +{ + uno::Sequence< sal_Int8 > aResult; + sal_Int32 nKeyGenID = GetStartKeyGenID(); + bool const bUseWinEncoding = (bugs == Bugs::WinEncodingWrongSHA1 || m_bUseWinEncoding); + + if ( m_bHaveOwnKey && m_aStorageEncryptionKeys.hasElements() ) + { + OUString aNameToFind; + if ( nKeyGenID == xml::crypto::DigestID::SHA256 ) + aNameToFind = PACKAGE_ENCRYPTIONDATA_SHA256UTF8; + else if ( nKeyGenID == xml::crypto::DigestID::SHA1 ) + { + aNameToFind = bUseWinEncoding + ? PACKAGE_ENCRYPTIONDATA_SHA1MS1252 + : (bugs == Bugs::WrongSHA1) + ? PACKAGE_ENCRYPTIONDATA_SHA1UTF8 + : PACKAGE_ENCRYPTIONDATA_SHA1CORRECT; + } + else + throw uno::RuntimeException(THROW_WHERE "No expected key is provided!" ); + + for ( const auto& rKey : std::as_const(m_aStorageEncryptionKeys) ) + if ( rKey.Name == aNameToFind ) + rKey.Value >>= aResult; + + // empty keys are not allowed here + // so it is not important whether there is no key, or the key is empty, it is an error + if ( !aResult.hasElements() ) + throw uno::RuntimeException(THROW_WHERE "No expected key is provided!" ); + } + else + aResult = m_aEncryptionKey; + + if ( !aResult.hasElements() || !m_bHaveOwnKey ) + aResult = m_rZipPackage.GetEncryptionKey(); + + return aResult; +} + +sal_Int32 ZipPackageStream::GetStartKeyGenID() const +{ + // generally should all the streams use the same Start Key + // but if raw copy without password takes place, we should preserve the imported algorithm + return m_nImportedStartKeyAlgorithm ? m_nImportedStartKeyAlgorithm : m_rZipPackage.GetStartKeyGenID(); +} + +uno::Reference< io::XInputStream > ZipPackageStream::TryToGetRawFromDataStream( bool bAddHeaderForEncr ) +{ + if ( m_nStreamMode != PACKAGE_STREAM_DATA || !GetOwnSeekStream().is() || ( bAddHeaderForEncr && !m_bToBeEncrypted ) ) + throw packages::NoEncryptionException(THROW_WHERE ); + + Sequence< sal_Int8 > aKey; + + if ( m_bToBeEncrypted ) + { + aKey = GetEncryptionKey(); + if ( !aKey.hasElements() ) + throw packages::NoEncryptionException(THROW_WHERE ); + } + + try + { + // create temporary file + uno::Reference < io::XStream > xTempStream(new utl::TempFileFastService); + + // create a package based on it + rtl::Reference<ZipPackage> pPackage = new ZipPackage( m_xContext ); + + Sequence< Any > aArgs{ Any(xTempStream) }; + pPackage->initialize( aArgs ); + + // create a new package stream + uno::Reference< XDataSinkEncrSupport > xNewPackStream( pPackage->createInstance(), UNO_QUERY_THROW ); + xNewPackStream->setDataStream( + new WrapStreamForShare(GetOwnSeekStream(), m_rZipPackage.GetSharedMutexRef())); + + uno::Reference< XPropertySet > xNewPSProps( xNewPackStream, UNO_QUERY_THROW ); + + // copy all the properties of this stream to the new stream + xNewPSProps->setPropertyValue("MediaType", Any( msMediaType ) ); + xNewPSProps->setPropertyValue("Compressed", Any( m_bToBeCompressed ) ); + if ( m_bToBeEncrypted ) + { + xNewPSProps->setPropertyValue(ENCRYPTION_KEY_PROPERTY, Any( aKey ) ); + xNewPSProps->setPropertyValue("Encrypted", Any( true ) ); + } + + // insert a new stream in the package + uno::Reference< XInterface > xTmp; + Any aRoot = pPackage->getByHierarchicalName("/"); + aRoot >>= xTmp; + uno::Reference< container::XNameContainer > xRootNameContainer( xTmp, UNO_QUERY_THROW ); + + uno::Reference< XInterface > xNPSDummy( xNewPackStream, UNO_QUERY ); + xRootNameContainer->insertByName("dummy", Any( xNPSDummy ) ); + + // commit the temporary package + pPackage->commitChanges(); + + // get raw stream from the temporary package + uno::Reference< io::XInputStream > xInRaw; + if ( bAddHeaderForEncr ) + xInRaw = xNewPackStream->getRawStream(); + else + xInRaw = xNewPackStream->getPlainRawStream(); + + // create another temporary file + rtl::Reference < utl::TempFileFastService > xTempOut = new utl::TempFileFastService; + uno::Reference < io::XInputStream > xTempIn( xTempOut ); + + // copy the raw stream to the temporary file + ::comphelper::OStorageHelper::CopyInputToOutput( xInRaw, xTempOut ); + xTempOut->closeOutput(); + xTempOut->seek( 0 ); + + // close raw stream, package stream and folder + xInRaw.clear(); + xNewPSProps.clear(); + xNPSDummy.clear(); + xNewPackStream.clear(); + xTmp.clear(); + xRootNameContainer.clear(); + + // return the stream representing the first temporary file + return xTempIn; + } + catch ( RuntimeException& ) + { + throw; + } + catch ( Exception& ) + { + } + + throw io::IOException(THROW_WHERE ); +} + +// presumably the purpose of this is to transfer encrypted streams between +// storages, needed for password-protected macros in documents, which is +// tragically a feature that exists +bool ZipPackageStream::ParsePackageRawStream() +{ + OSL_ENSURE( GetOwnSeekStream().is(), "A stream must be provided!" ); + + if ( !GetOwnSeekStream().is() ) + return false; + + bool bOk = false; + + ::rtl::Reference< BaseEncryptionData > xTempEncrData; + Sequence < sal_Int8 > aHeader ( 4 ); + + try + { + if ( GetOwnSeekStream()->readBytes ( aHeader, 4 ) == 4 ) + { + const sal_Int8 *pHeader = aHeader.getConstArray(); + sal_uInt32 nHeader = ( pHeader [0] & 0xFF ) | + ( pHeader [1] & 0xFF ) << 8 | + ( pHeader [2] & 0xFF ) << 16 | + ( pHeader [3] & 0xFF ) << 24; + if ( nHeader == n_ConstHeader ) + { + // this is one of our god-awful, but extremely devious hacks, everyone cheer + xTempEncrData = new BaseEncryptionData; + + OUString aMediaType; + sal_Int32 nEncAlgorithm = 0; + sal_Int32 nChecksumAlgorithm = 0; + sal_Int32 nDerivedKeySize = 0; + sal_Int32 nStartKeyGenID = 0; + sal_Int32 nMagHackSize = 0; + if ( ZipFile::StaticFillData( xTempEncrData, nEncAlgorithm, nChecksumAlgorithm, nDerivedKeySize, nStartKeyGenID, nMagHackSize, aMediaType, GetOwnSeekStream() ) ) + { + // We'll want to skip the data we've just read, so calculate how much we just read + // and remember it + m_nMagicalHackPos = n_ConstHeaderSize + xTempEncrData->m_aSalt.getLength() + + xTempEncrData->m_aInitVector.getLength() + + xTempEncrData->m_aDigest.getLength() + + aMediaType.getLength() * sizeof( sal_Unicode ); + m_nImportedEncryptionAlgorithm = nEncAlgorithm; + if (nChecksumAlgorithm == 0) + { + m_oImportedChecksumAlgorithm.reset(); + } + else + { + m_oImportedChecksumAlgorithm.emplace(nChecksumAlgorithm); + } + m_nImportedDerivedKeySize = nDerivedKeySize; + m_nImportedStartKeyAlgorithm = nStartKeyGenID; + m_nMagicalHackSize = nMagHackSize; + msMediaType = aMediaType; + + bOk = true; + } + } + } + } + catch( Exception& ) + { + } + + if ( !bOk ) + { + // the provided stream is not a raw stream + return false; + } + + m_xBaseEncryptionData = xTempEncrData; + SetIsEncrypted ( true ); + // it's already compressed and encrypted + m_bToBeEncrypted = m_bToBeCompressed = false; + + return true; +} + +static void ImplSetStoredData( ZipEntry & rEntry, uno::Reference< io::XInputStream> const & rStream ) +{ + // It's very annoying that we have to do this, but lots of zip packages + // don't allow data descriptors for STORED streams, meaning we have to + // know the size and CRC32 of uncompressed streams before we actually + // write them ! + CRC32 aCRC32; + rEntry.nMethod = STORED; + rEntry.nCompressedSize = rEntry.nSize = aCRC32.updateStream ( rStream ); + rEntry.nCrc = aCRC32.getValue(); +} + +bool ZipPackageStream::saveChild( + const OUString &rPath, + std::vector < uno::Sequence < beans::PropertyValue > > &rManList, + ZipOutputStream & rZipOut, + const uno::Sequence < sal_Int8 >& rEncryptionKey, + ::std::optional<sal_Int32> const oPBKDF2IterationCount, + ::std::optional<::std::tuple<sal_Int32, sal_Int32, sal_Int32>> const oArgon2Args, + const rtlRandomPool &rRandomPool) +{ + bool bSuccess = true; + + static constexpr OUString sDigestProperty (u"Digest"_ustr); + static constexpr OUString sEncryptionAlgProperty (u"EncryptionAlgorithm"_ustr); + static constexpr OUString sStartKeyAlgProperty (u"StartKeyAlgorithm"_ustr); + static constexpr OUString sDigestAlgProperty (u"DigestAlgorithm"_ustr); + static constexpr OUString sDerivedKeySizeProperty (u"DerivedKeySize"_ustr); + + uno::Sequence < beans::PropertyValue > aPropSet (PKG_SIZE_NOENCR_MNFST); + + // In case the entry we are reading is also the entry we are writing, we will + // store the ZipEntry data in pTempEntry + + // if pTempEntry is necessary, it will be released and passed to the ZipOutputStream + // and be deleted in the ZipOutputStream destructor + std::unique_ptr < ZipEntry > pAutoTempEntry ( new ZipEntry(aEntry) ); + ZipEntry* pTempEntry = pAutoTempEntry.get(); + + pTempEntry->sPath = rPath; + pTempEntry->nPathLen = static_cast<sal_Int16>( OUStringToOString( pTempEntry->sPath, RTL_TEXTENCODING_UTF8 ).getLength() ); + + const bool bToBeEncrypted = m_bToBeEncrypted && (rEncryptionKey.hasElements() || m_bHaveOwnKey); + const bool bToBeCompressed = bToBeEncrypted || m_bToBeCompressed; + + auto pPropSet = aPropSet.getArray(); + pPropSet[PKG_MNFST_MEDIATYPE].Name = "MediaType"; + pPropSet[PKG_MNFST_MEDIATYPE].Value <<= GetMediaType( ); + pPropSet[PKG_MNFST_VERSION].Name = "Version"; + pPropSet[PKG_MNFST_VERSION].Value <<= OUString(); // no version is stored for streams currently + pPropSet[PKG_MNFST_FULLPATH].Name = "FullPath"; + pPropSet[PKG_MNFST_FULLPATH].Value <<= pTempEntry->sPath; + + OSL_ENSURE( m_nStreamMode != PACKAGE_STREAM_NOTSET, "Unacceptable ZipPackageStream mode!" ); + + m_bRawStream = false; + if ( m_nStreamMode == PACKAGE_STREAM_DETECT ) + m_bRawStream = ParsePackageRawStream(); + else if ( m_nStreamMode == PACKAGE_STREAM_RAW ) + m_bRawStream = true; + + bool bBackgroundThreadDeflate = false; + bool bTransportOwnEncrStreamAsRaw = false; + // During the storing the original size of the stream can be changed + // TODO/LATER: get rid of this hack + m_nOwnStreamOrigSize = m_bRawStream ? m_nMagicalHackSize : aEntry.nSize; + + bool bUseNonSeekableAccess = false; + uno::Reference < io::XInputStream > xStream; + if ( !IsPackageMember() && !m_bRawStream && !bToBeEncrypted && bToBeCompressed ) + { + // the stream is not a package member, not a raw stream, + // it should not be encrypted and it should be compressed, + // in this case nonseekable access can be used + + xStream = m_xStream; + uno::Reference < io::XSeekable > xSeek ( xStream, uno::UNO_QUERY ); + + bUseNonSeekableAccess = ( xStream.is() && !xSeek.is() ); + } + + if ( !bUseNonSeekableAccess ) + { + xStream = getRawData(); + + if ( !xStream.is() ) + { + OSL_FAIL( "ZipPackageStream didn't have a stream associated with it, skipping!" ); + bSuccess = false; + return bSuccess; + } + + uno::Reference < io::XSeekable > xSeek ( xStream, uno::UNO_QUERY ); + try + { + if ( xSeek.is() ) + { + // If the stream is a raw one, then we should be positioned + // at the beginning of the actual data + if ( !bToBeCompressed || m_bRawStream ) + { + // The raw stream can neither be encrypted nor connected + OSL_ENSURE( !m_bRawStream || !(bToBeCompressed || bToBeEncrypted), "The stream is already encrypted!" ); + xSeek->seek ( m_bRawStream ? m_nMagicalHackPos : 0 ); + ImplSetStoredData ( *pTempEntry, xStream ); + + // TODO/LATER: Get rid of hacks related to switching of Flag Method and Size properties! + } + else if ( bToBeEncrypted ) + { + // this is the correct original size + pTempEntry->nSize = xSeek->getLength(); + m_nOwnStreamOrigSize = pTempEntry->nSize; + } + + xSeek->seek ( 0 ); + } + else + { + // Okay, we don't have an xSeekable stream. This is possibly bad. + // check if it's one of our own streams, if it is then we know that + // each time we ask for it we'll get a new stream that will be + // at position zero...otherwise, assert and skip this stream... + if ( IsPackageMember() ) + { + // if the password has been changed then the stream should not be package member any more + if ( m_bIsEncrypted && m_bToBeEncrypted ) + { + // Should be handled close to the raw stream handling + bTransportOwnEncrStreamAsRaw = true; + pTempEntry->nMethod = STORED; + + // TODO/LATER: get rid of this situation + // this size should be different from the one that will be stored in manifest.xml + // it is used in storing algorithms and after storing the correct size will be set + pTempEntry->nSize = pTempEntry->nCompressedSize; + } + } + else + { + bSuccess = false; + return bSuccess; + } + } + } + catch ( uno::Exception& ) + { + bSuccess = false; + return bSuccess; + } + + if ( bToBeEncrypted || m_bRawStream || bTransportOwnEncrStreamAsRaw ) + { + if ( bToBeEncrypted && !bTransportOwnEncrStreamAsRaw ) + { + uno::Sequence<sal_Int8> aSalt(16); + // note: for GCM it's particularly important that IV is unique + uno::Sequence<sal_Int8> aVector(GetIVSize()); + rtl_random_getBytes ( rRandomPool, aSalt.getArray(), 16 ); + rtl_random_getBytes ( rRandomPool, aVector.getArray(), aVector.getLength() ); + if ( !m_bHaveOwnKey ) + { + m_aEncryptionKey = rEncryptionKey; + m_aStorageEncryptionKeys.realloc( 0 ); + } + + setInitialisationVector ( aVector ); + setSalt ( aSalt ); + setIterationCount(oPBKDF2IterationCount); + setArgon2Args(oArgon2Args); + } + + // last property is digest, which is inserted later if we didn't have + // a magic header + aPropSet.realloc(PKG_SIZE_ENCR_MNFST); + pPropSet = aPropSet.getArray(); + pPropSet[PKG_MNFST_INIVECTOR].Name = "InitialisationVector"; + pPropSet[PKG_MNFST_INIVECTOR].Value <<= m_xBaseEncryptionData->m_aInitVector; + pPropSet[PKG_MNFST_SALT].Name = "Salt"; + pPropSet[PKG_MNFST_SALT].Value <<= m_xBaseEncryptionData->m_aSalt; + if (m_xBaseEncryptionData->m_oArgon2Args) + { + pPropSet[PKG_MNFST_KDF].Name = "KeyDerivationFunction"; + pPropSet[PKG_MNFST_KDF].Value <<= xml::crypto::KDFID::Argon2id; + pPropSet[PKG_MNFST_ARGON2ARGS].Name = "Argon2Args"; + uno::Sequence<sal_Int32> const args{ + ::std::get<0>(*m_xBaseEncryptionData->m_oArgon2Args), + ::std::get<1>(*m_xBaseEncryptionData->m_oArgon2Args), + ::std::get<2>(*m_xBaseEncryptionData->m_oArgon2Args) }; + pPropSet[PKG_MNFST_ARGON2ARGS].Value <<= args; + } + else if (m_xBaseEncryptionData->m_oPBKDFIterationCount) + { + pPropSet[PKG_MNFST_KDF].Name = "KeyDerivationFunction"; + pPropSet[PKG_MNFST_KDF].Value <<= xml::crypto::KDFID::PBKDF2; + pPropSet[PKG_MNFST_ITERATION].Name = "IterationCount"; + pPropSet[PKG_MNFST_ITERATION].Value <<= *m_xBaseEncryptionData->m_oPBKDFIterationCount; + } + else + { + pPropSet[PKG_MNFST_KDF].Name = "KeyDerivationFunction"; + pPropSet[PKG_MNFST_KDF].Value <<= xml::crypto::KDFID::PGP_RSA_OAEP_MGF1P; + } + + // Need to store the uncompressed size in the manifest + OSL_ENSURE( m_nOwnStreamOrigSize >= 0, "The stream size was not correctly initialized!" ); + pPropSet[PKG_MNFST_UCOMPSIZE].Name = "Size"; + pPropSet[PKG_MNFST_UCOMPSIZE].Value <<= m_nOwnStreamOrigSize; + + if ( m_bRawStream || bTransportOwnEncrStreamAsRaw ) + { + ::rtl::Reference< EncryptionData > xEncData = GetEncryptionData(); + if ( !xEncData.is() ) + throw uno::RuntimeException(); + + pPropSet[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + pPropSet[PKG_MNFST_ENCALG].Value <<= xEncData->m_nEncAlg; + pPropSet[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; + pPropSet[PKG_MNFST_STARTALG].Value <<= xEncData->m_nStartKeyGenID; + if (xEncData->m_oCheckAlg) + { + assert(xEncData->m_nEncAlg != xml::crypto::CipherID::AES_GCM_W3C); + pPropSet[PKG_MNFST_DIGEST].Name = sDigestProperty; + pPropSet[PKG_MNFST_DIGEST].Value <<= m_xBaseEncryptionData->m_aDigest; + pPropSet[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; + pPropSet[PKG_MNFST_DIGESTALG].Value <<= *xEncData->m_oCheckAlg; + } + pPropSet[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty; + pPropSet[PKG_MNFST_DERKEYSIZE].Value <<= xEncData->m_nDerivedKeySize; + } + } + } + + // If the entry is already stored in the zip file in the format we + // want for this write...copy it raw + if ( !bUseNonSeekableAccess + && ( m_bRawStream || bTransportOwnEncrStreamAsRaw + || ( IsPackageMember() && !bToBeEncrypted + && ( ( aEntry.nMethod == DEFLATED && bToBeCompressed ) + || ( aEntry.nMethod == STORED && !bToBeCompressed ) ) ) ) ) + { + // If it's a PackageMember, then it's an unbuffered stream and we need + // to get a new version of it as we can't seek backwards. + if ( IsPackageMember() ) + { + xStream = getRawData(); + if ( !xStream.is() ) + { + // Make sure that we actually _got_ a new one ! + bSuccess = false; + return bSuccess; + } + } + + try + { + if ( m_bRawStream ) + xStream->skipBytes( m_nMagicalHackPos ); + + ZipOutputStream::setEntry(pTempEntry); + rZipOut.writeLOC(pTempEntry); + // coverity[leaked_storage] - the entry is provided to the ZipOutputStream that will delete it + pAutoTempEntry.release(); + + uno::Sequence < sal_Int8 > aSeq ( n_ConstBufferSize ); + sal_Int32 nLength; + + do + { + nLength = xStream->readBytes( aSeq, n_ConstBufferSize ); + if (nLength != n_ConstBufferSize) + aSeq.realloc(nLength); + + rZipOut.rawWrite(aSeq); + } + while ( nLength == n_ConstBufferSize ); + + rZipOut.rawCloseEntry(); + } + catch ( ZipException& ) + { + bSuccess = false; + } + catch ( io::IOException& ) + { + bSuccess = false; + } + } + else + { + // This stream is definitely not a raw stream + + // If nonseekable access is used the stream should be at the beginning and + // is useless after the storing. Thus if the storing fails the package should + // be thrown away ( as actually it is done currently )! + // To allow to reuse the package after the error, the optimization must be removed! + + // If it's a PackageMember, then our previous reference held a 'raw' stream + // so we need to re-get it, unencrypted, uncompressed and positioned at the + // beginning of the stream + if ( IsPackageMember() ) + { + xStream = getInputStream(); + if ( !xStream.is() ) + { + // Make sure that we actually _got_ a new one ! + bSuccess = false; + return bSuccess; + } + } + + if ( bToBeCompressed ) + { + pTempEntry->nMethod = DEFLATED; + pTempEntry->nCrc = -1; + pTempEntry->nCompressedSize = pTempEntry->nSize = -1; + } + + uno::Reference< io::XSeekable > xSeek(xStream, uno::UNO_QUERY); + // It's not worth to deflate jpegs to save ~1% in a slow process + // Unfortunately, does not work for streams protected by password + if (xSeek.is() && msMediaType.endsWith("/jpeg") && !m_bToBeEncrypted && !m_bToBeCompressed) + { + ImplSetStoredData(*pTempEntry, xStream); + xSeek->seek(0); + } + + try + { + ZipOutputStream::setEntry(pTempEntry); + // the entry is provided to the ZipOutputStream that will delete it + pAutoTempEntry.release(); + + if (pTempEntry->nMethod == STORED) + { + sal_Int32 nLength; + uno::Sequence< sal_Int8 > aSeq(n_ConstBufferSize); + rZipOut.writeLOC(pTempEntry, bToBeEncrypted); + do + { + nLength = xStream->readBytes(aSeq, n_ConstBufferSize); + if (nLength != n_ConstBufferSize) + aSeq.realloc(nLength); + + rZipOut.rawWrite(aSeq); + } + while ( nLength == n_ConstBufferSize ); + rZipOut.rawCloseEntry(bToBeEncrypted); + } + else + { + // tdf#89236 Encrypting in a background thread does not work + bBackgroundThreadDeflate = !bToBeEncrypted; + // Do not deflate small streams using threads. XSeekable's getLength() + // gives the full size, XInputStream's available() may not be + // the full size, but it appears that at this point it usually is. + sal_Int64 estimatedSize = xSeek.is() ? xSeek->getLength() : xStream->available(); + + if (estimatedSize > 1000000) + { + // Use ThreadDeflater which will split the stream into blocks and compress + // them in threads, but not in background (i.e. writeStream() will block). + // This is suitable for large data. + bBackgroundThreadDeflate = false; + rZipOut.writeLOC(pTempEntry, bToBeEncrypted); + ZipOutputEntryParallel aZipEntry(rZipOut.getStream(), m_xContext, *pTempEntry, this, bToBeEncrypted); + aZipEntry.writeStream(xStream); + rZipOut.rawCloseEntry(bToBeEncrypted); + } + else if (bBackgroundThreadDeflate && estimatedSize > 100000) + { + // tdf#93553 limit to a useful amount of pending tasks. Having way too many + // tasks pending may use a lot of memory. Take number of available + // cores and allow 4-times the amount for having the queue well filled. The + // 2nd parameter is the time to wait between cleanups in 10th of a second. + // Both values may be added to the configuration settings if needed. + static std::size_t nAllowedTasks(comphelper::ThreadPool::getPreferredConcurrency() * 4); //TODO: overflow + rZipOut.reduceScheduledThreadTasksToGivenNumberOrLess(nAllowedTasks); + + // Start a new thread task deflating this zip entry + ZipOutputEntryInThread *pZipEntry = new ZipOutputEntryInThread( + m_xContext, *pTempEntry, this, bToBeEncrypted); + rZipOut.addDeflatingThreadTask( pZipEntry, + pZipEntry->createTask( rZipOut.getThreadTaskTag(), xStream) ); + } + else + { + bBackgroundThreadDeflate = false; + rZipOut.writeLOC(pTempEntry, bToBeEncrypted); + ZipOutputEntry aZipEntry(rZipOut.getStream(), m_xContext, *pTempEntry, this, bToBeEncrypted); + aZipEntry.writeStream(xStream); + rZipOut.rawCloseEntry(bToBeEncrypted); + } + } + } + catch ( ZipException& ) + { + bSuccess = false; + } + catch ( io::IOException& ) + { + bSuccess = false; + } + + if ( bToBeEncrypted ) + { + ::rtl::Reference< EncryptionData > xEncData = GetEncryptionData(); + if ( !xEncData.is() ) + throw uno::RuntimeException(); + + // very confusing: half the encryption properties are + // unconditionally added above and the other half conditionally; + // assert that we have the expected group and not duplicates + assert(std::any_of(aPropSet.begin(), aPropSet.end(), [](auto const& it){ return it.Name == "Salt"; })); + assert(!std::any_of(aPropSet.begin(), aPropSet.end(), [](auto const& it){ return it.Name == sEncryptionAlgProperty; })); + + pPropSet[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + pPropSet[PKG_MNFST_ENCALG].Value <<= xEncData->m_nEncAlg; + pPropSet[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; + pPropSet[PKG_MNFST_STARTALG].Value <<= xEncData->m_nStartKeyGenID; + if (xEncData->m_oCheckAlg) + { + assert(xEncData->m_nEncAlg != xml::crypto::CipherID::AES_GCM_W3C); + pPropSet[PKG_MNFST_DIGEST].Name = sDigestProperty; + pPropSet[PKG_MNFST_DIGEST].Value <<= m_xBaseEncryptionData->m_aDigest; + pPropSet[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; + pPropSet[PKG_MNFST_DIGESTALG].Value <<= *xEncData->m_oCheckAlg; + } + pPropSet[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty; + pPropSet[PKG_MNFST_DERKEYSIZE].Value <<= xEncData->m_nDerivedKeySize; + + SetIsEncrypted ( true ); + } + } + + if (bSuccess && !bBackgroundThreadDeflate) + successfullyWritten(pTempEntry); + + if ( aPropSet.hasElements() + && ( m_nFormat == embed::StorageFormats::PACKAGE || m_nFormat == embed::StorageFormats::OFOPXML ) ) + rManList.push_back( aPropSet ); + + return bSuccess; +} + +void ZipPackageStream::successfullyWritten( ZipEntry const *pEntry ) +{ + if ( !IsPackageMember() ) + { + if ( m_xStream.is() ) + { + m_xStream->closeInput(); + m_xStream.clear(); + m_bHasSeekable = false; + } + SetPackageMember ( true ); + } + + if ( m_bRawStream ) + { + // the raw stream was integrated and now behaves + // as usual encrypted stream + SetToBeEncrypted( true ); + } + + // Then copy it back afterwards... + aEntry = *pEntry; + + // TODO/LATER: get rid of this hack ( the encrypted stream size property is changed during saving ) + if ( m_bIsEncrypted ) + setSize( m_nOwnStreamOrigSize ); + + aEntry.nOffset *= -1; +} + +void ZipPackageStream::SetPackageMember( bool bNewValue ) +{ + if ( bNewValue ) + { + m_nStreamMode = PACKAGE_STREAM_PACKAGEMEMBER; + m_nMagicalHackPos = 0; + m_nMagicalHackSize = 0; + } + else if ( m_nStreamMode == PACKAGE_STREAM_PACKAGEMEMBER ) + m_nStreamMode = PACKAGE_STREAM_NOTSET; // must be reset +} + +// XActiveDataSink +void SAL_CALL ZipPackageStream::setInputStream( const uno::Reference< io::XInputStream >& aStream ) +{ + // if seekable access is required the wrapping will be done on demand + m_xStream = aStream; + m_nImportedEncryptionAlgorithm = 0; + m_bHasSeekable = false; + SetPackageMember ( false ); + aEntry.nTime = -1; + m_nStreamMode = PACKAGE_STREAM_DETECT; +} + +uno::Reference< io::XInputStream > ZipPackageStream::getRawData() +{ + try + { + if ( IsPackageMember() ) + { + return m_rZipPackage.getZipFile().getRawData( aEntry, GetEncryptionData(), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef(), false/*bUseBufferedStream*/ ); + } + else if ( GetOwnSeekStream().is() ) + { + return new WrapStreamForShare( GetOwnSeekStream(), m_rZipPackage.GetSharedMutexRef() ); + } + else + return uno::Reference < io::XInputStream > (); + } + catch ( ZipException & )//rException ) + { + TOOLS_WARN_EXCEPTION( "package", "" ); + return uno::Reference < io::XInputStream > (); + } + catch ( Exception & ) + { + TOOLS_WARN_EXCEPTION( "package", "Exception is thrown during stream wrapping!" ); + return uno::Reference < io::XInputStream > (); + } +} + +uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getInputStream() +{ + try + { + if ( IsPackageMember() ) + { + return m_rZipPackage.getZipFile().getInputStream( aEntry, GetEncryptionData(), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + } + else if ( GetOwnSeekStream().is() ) + { + return new WrapStreamForShare( GetOwnSeekStream(), m_rZipPackage.GetSharedMutexRef() ); + } + else + return uno::Reference < io::XInputStream > (); + } + catch ( ZipException & )//rException ) + { + TOOLS_WARN_EXCEPTION( "package", "" ); + return uno::Reference < io::XInputStream > (); + } + catch ( const Exception & ) + { + TOOLS_WARN_EXCEPTION( "package", "Exception is thrown during stream wrapping!"); + return uno::Reference < io::XInputStream > (); + } +} + +// XDataSinkEncrSupport +uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getDataStream() +{ + // There is no stream attached to this object + if ( m_nStreamMode == PACKAGE_STREAM_NOTSET ) + return uno::Reference< io::XInputStream >(); + + // this method can not be used together with old approach + if ( m_nStreamMode == PACKAGE_STREAM_DETECT ) + throw packages::zip::ZipIOException(THROW_WHERE ); + + if ( IsPackageMember() ) + { + uno::Reference< io::XInputStream > xResult; + try + { + xResult = m_rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(Bugs::None), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + } + catch( const packages::WrongPasswordException& ) + { + // note: due to SHA1 check this fallback is only done for + // * ODF 1.2 files written by OOo < 3.4beta / LO < 3.5 + // * ODF 1.1/OOoXML files written by any version + if ( m_rZipPackage.GetStartKeyGenID() == xml::crypto::DigestID::SHA1 ) + { + SAL_WARN("package", "ZipPackageStream::getDataStream(): SHA1 mismatch, trying fallbacks..."); + try + { // tdf#114939 try with legacy StarOffice SHA1 bug + xResult = m_rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(Bugs::WrongSHA1), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + return xResult; + } + catch (const packages::WrongPasswordException&) + { + /* ignore and try next... */ + } + + try + { + // rhbz#1013844 / fdo#47482 workaround for the encrypted + // OpenOffice.org 1.0 documents generated by Libreoffice <= + // 3.6 with the new encryption format and using SHA256, but + // missing a specified startkey of SHA256 + + // force SHA256 and see if that works + m_nImportedStartKeyAlgorithm = xml::crypto::DigestID::SHA256; + xResult = m_rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + return xResult; + } + catch (const packages::WrongPasswordException&) + { + // if that didn't work, restore to SHA1 and trundle through the *other* earlier + // bug fix + m_nImportedStartKeyAlgorithm = xml::crypto::DigestID::SHA1; + } + + // workaround for the encrypted documents generated with the old OOo1.x bug. + if ( !m_bUseWinEncoding ) + { + xResult = m_rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(Bugs::WinEncodingWrongSHA1), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + m_bUseWinEncoding = true; + } + else + throw; + } + else + throw; + } + return xResult; + } + else if ( m_nStreamMode == PACKAGE_STREAM_RAW ) + return ZipFile::StaticGetDataFromRawStream( m_rZipPackage.GetSharedMutexRef(), m_xContext, GetOwnSeekStream(), GetEncryptionData() ); + else if ( GetOwnSeekStream().is() ) + { + return new WrapStreamForShare( GetOwnSeekStream(), m_rZipPackage.GetSharedMutexRef() ); + } + else + return uno::Reference< io::XInputStream >(); +} + +uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getRawStream() +{ + // There is no stream attached to this object + if ( m_nStreamMode == PACKAGE_STREAM_NOTSET ) + return uno::Reference< io::XInputStream >(); + + // this method can not be used together with old approach + if ( m_nStreamMode == PACKAGE_STREAM_DETECT ) + throw packages::zip::ZipIOException(THROW_WHERE ); + + if ( IsPackageMember() ) + { + if ( !m_bIsEncrypted || !GetEncryptionData().is() ) + throw packages::NoEncryptionException(THROW_WHERE ); + + return m_rZipPackage.getZipFile().getWrappedRawStream( aEntry, GetEncryptionData(), msMediaType, m_rZipPackage.GetSharedMutexRef() ); + } + else if ( GetOwnSeekStream().is() ) + { + if ( m_nStreamMode == PACKAGE_STREAM_RAW ) + { + return new WrapStreamForShare( GetOwnSeekStream(), m_rZipPackage.GetSharedMutexRef() ); + } + else if ( m_nStreamMode == PACKAGE_STREAM_DATA && m_bToBeEncrypted ) + return TryToGetRawFromDataStream( true ); + } + + throw packages::NoEncryptionException(THROW_WHERE ); +} + +void SAL_CALL ZipPackageStream::setDataStream( const uno::Reference< io::XInputStream >& aStream ) +{ + setInputStream( aStream ); + m_nStreamMode = PACKAGE_STREAM_DATA; +} + +void SAL_CALL ZipPackageStream::setRawStream( const uno::Reference< io::XInputStream >& aStream ) +{ + // wrap the stream in case it is not seekable + uno::Reference< io::XInputStream > xNewStream = ::comphelper::OSeekableInputWrapper::CheckSeekableCanWrap( aStream, m_xContext ); + uno::Reference< io::XSeekable > xSeek( xNewStream, UNO_QUERY_THROW ); + xSeek->seek( 0 ); + uno::Reference< io::XInputStream > xOldStream = m_xStream; + m_xStream = xNewStream; + if ( !ParsePackageRawStream() ) + { + m_xStream = xOldStream; + throw packages::NoRawFormatException(THROW_WHERE ); + } + + // the raw stream MUST have seekable access + m_bHasSeekable = true; + + SetPackageMember ( false ); + aEntry.nTime = -1; + m_nStreamMode = PACKAGE_STREAM_RAW; +} + +uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getPlainRawStream() +{ + // There is no stream attached to this object + if ( m_nStreamMode == PACKAGE_STREAM_NOTSET ) + return uno::Reference< io::XInputStream >(); + + // this method can not be used together with old approach + if ( m_nStreamMode == PACKAGE_STREAM_DETECT ) + throw packages::zip::ZipIOException(THROW_WHERE ); + + if ( IsPackageMember() ) + { + return m_rZipPackage.getZipFile().getRawData( aEntry, GetEncryptionData(), m_bIsEncrypted, m_rZipPackage.GetSharedMutexRef() ); + } + else if ( GetOwnSeekStream().is() ) + { + if ( m_nStreamMode == PACKAGE_STREAM_RAW ) + { + // the header should not be returned here + return GetRawEncrStreamNoHeaderCopy(); + } + else if ( m_nStreamMode == PACKAGE_STREAM_DATA ) + return TryToGetRawFromDataStream( false ); + } + + return uno::Reference< io::XInputStream >(); +} + +// XPropertySet +void SAL_CALL ZipPackageStream::setPropertyValue( const OUString& aPropertyName, const Any& aValue ) +{ + if ( aPropertyName == "MediaType" ) + { + if ( m_rZipPackage.getFormat() != embed::StorageFormats::PACKAGE && m_rZipPackage.getFormat() != embed::StorageFormats::OFOPXML ) + throw beans::PropertyVetoException(THROW_WHERE ); + + if ( !(aValue >>= msMediaType) ) + throw IllegalArgumentException(THROW_WHERE "MediaType must be a string!", + uno::Reference< XInterface >(), + 2 ); + + if ( !msMediaType.isEmpty() ) + { + if ( msMediaType.indexOf ( "text" ) != -1 + || msMediaType == "application/vnd.sun.star.oleobject" ) + m_bToBeCompressed = true; + else if ( !m_bCompressedIsSetFromOutside ) + m_bToBeCompressed = false; + } + } + else if ( aPropertyName == "Size" ) + { + if ( !( aValue >>= aEntry.nSize ) ) + throw IllegalArgumentException(THROW_WHERE "Wrong type for Size property!", + uno::Reference< XInterface >(), + 2 ); + } + else if ( aPropertyName == "Encrypted" ) + { + if ( m_rZipPackage.getFormat() != embed::StorageFormats::PACKAGE ) + throw beans::PropertyVetoException(THROW_WHERE ); + + bool bEnc = false; + if ( !(aValue >>= bEnc) ) + throw IllegalArgumentException(THROW_WHERE "Wrong type for Encrypted property!", + uno::Reference< XInterface >(), + 2 ); + + // In case of new raw stream, the stream must not be encrypted on storing + if ( bEnc && m_nStreamMode == PACKAGE_STREAM_RAW ) + throw IllegalArgumentException(THROW_WHERE "Raw stream can not be encrypted on storing", + uno::Reference< XInterface >(), + 2 ); + + m_bToBeEncrypted = bEnc; + if ( m_bToBeEncrypted && !m_xBaseEncryptionData.is() ) + m_xBaseEncryptionData = new BaseEncryptionData; + + } + else if ( aPropertyName == ENCRYPTION_KEY_PROPERTY ) + { + if ( m_rZipPackage.getFormat() != embed::StorageFormats::PACKAGE ) + throw beans::PropertyVetoException(THROW_WHERE ); + + uno::Sequence< sal_Int8 > aNewKey; + + if ( !( aValue >>= aNewKey ) ) + { + OUString sTempString; + if ( !(aValue >>= sTempString) ) + throw IllegalArgumentException(THROW_WHERE "Wrong type for EncryptionKey property!", + uno::Reference< XInterface >(), + 2 ); + + sal_Int32 nPathLength = sTempString.getLength(); + Sequence < sal_Int8 > aSequence ( nPathLength ); + sal_Int8 *pArray = aSequence.getArray(); + const sal_Unicode *pChar = sTempString.getStr(); + for ( sal_Int32 i = 0; i < nPathLength; i++ ) + pArray[i] = static_cast < sal_Int8 > ( pChar[i] ); + aNewKey = aSequence; + } + + if ( aNewKey.hasElements() ) + { + if ( !m_xBaseEncryptionData.is() ) + m_xBaseEncryptionData = new BaseEncryptionData; + + m_aEncryptionKey = aNewKey; + // In case of new raw stream, the stream must not be encrypted on storing + m_bHaveOwnKey = true; + if ( m_nStreamMode != PACKAGE_STREAM_RAW ) + m_bToBeEncrypted = true; + } + else + { + m_bHaveOwnKey = false; + m_aEncryptionKey.realloc( 0 ); + } + + m_aStorageEncryptionKeys.realloc( 0 ); + } + else if ( aPropertyName == STORAGE_ENCRYPTION_KEYS_PROPERTY ) + { + if ( m_rZipPackage.getFormat() != embed::StorageFormats::PACKAGE ) + throw beans::PropertyVetoException(THROW_WHERE ); + + uno::Sequence< beans::NamedValue > aKeys; + if ( !( aValue >>= aKeys ) ) + { + throw IllegalArgumentException(THROW_WHERE "Wrong type for StorageEncryptionKeys property!", + uno::Reference< XInterface >(), + 2 ); + } + + if ( aKeys.hasElements() ) + { + if ( !m_xBaseEncryptionData.is() ) + m_xBaseEncryptionData = new BaseEncryptionData; + + m_aStorageEncryptionKeys = aKeys; + + // In case of new raw stream, the stream must not be encrypted on storing + m_bHaveOwnKey = true; + if ( m_nStreamMode != PACKAGE_STREAM_RAW ) + m_bToBeEncrypted = true; + } + else + { + m_bHaveOwnKey = false; + m_aStorageEncryptionKeys.realloc( 0 ); + } + + m_aEncryptionKey.realloc( 0 ); + } + else if ( aPropertyName == "Compressed" ) + { + bool bCompr = false; + + if ( !(aValue >>= bCompr) ) + throw IllegalArgumentException(THROW_WHERE "Wrong type for Compressed property!", + uno::Reference< XInterface >(), + 2 ); + + // In case of new raw stream, the stream must not be encrypted on storing + if ( bCompr && m_nStreamMode == PACKAGE_STREAM_RAW ) + throw IllegalArgumentException(THROW_WHERE "Raw stream can not be encrypted on storing", + uno::Reference< XInterface >(), + 2 ); + + m_bToBeCompressed = bCompr; + m_bCompressedIsSetFromOutside = true; + } + else + throw beans::UnknownPropertyException(aPropertyName); +} + +Any SAL_CALL ZipPackageStream::getPropertyValue( const OUString& PropertyName ) +{ + if ( PropertyName == "MediaType" ) + { + return Any(msMediaType); + } + else if ( PropertyName == "Size" ) + { + return Any(aEntry.nSize); + } + else if ( PropertyName == "Encrypted" ) + { + return Any((m_nStreamMode == PACKAGE_STREAM_RAW) || m_bToBeEncrypted); + } + else if ( PropertyName == "WasEncrypted" ) + { + return Any(m_bIsEncrypted); + } + else if ( PropertyName == "Compressed" ) + { + return Any(m_bToBeCompressed); + } + else if ( PropertyName == ENCRYPTION_KEY_PROPERTY ) + { + return Any(m_aEncryptionKey); + } + else if ( PropertyName == STORAGE_ENCRYPTION_KEYS_PROPERTY ) + { + return Any(m_aStorageEncryptionKeys); + } + else + throw beans::UnknownPropertyException(PropertyName); +} + +void ZipPackageStream::setSize ( const sal_Int64 nNewSize ) +{ + if ( aEntry.nCompressedSize != nNewSize ) + aEntry.nMethod = DEFLATED; + aEntry.nSize = nNewSize; +} +OUString ZipPackageStream::getImplementationName() +{ + return "ZipPackageStream"; +} + +Sequence< OUString > ZipPackageStream::getSupportedServiceNames() +{ + return { "com.sun.star.packages.PackageStream" }; +} + +sal_Bool SAL_CALL ZipPackageStream::supportsService( OUString const & rServiceName ) +{ + return cppu::supportsService(this, rServiceName); +} + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |