diff options
Diffstat (limited to 'include/oox/crypto')
-rw-r--r-- | include/oox/crypto/AgileEngine.hxx | 147 | ||||
-rw-r--r-- | include/oox/crypto/CryptTools.hxx | 120 | ||||
-rw-r--r-- | include/oox/crypto/CryptoEngine.hxx | 66 | ||||
-rw-r--r-- | include/oox/crypto/DocumentDecryption.hxx | 54 | ||||
-rw-r--r-- | include/oox/crypto/DocumentEncryption.hxx | 52 | ||||
-rw-r--r-- | include/oox/crypto/Standard2007Engine.hxx | 61 | ||||
-rw-r--r-- | include/oox/crypto/StrongEncryptionDataSpace.hxx | 76 |
7 files changed, 576 insertions, 0 deletions
diff --git a/include/oox/crypto/AgileEngine.hxx b/include/oox/crypto/AgileEngine.hxx new file mode 100644 index 000000000..ece492871 --- /dev/null +++ b/include/oox/crypto/AgileEngine.hxx @@ -0,0 +1,147 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX +#define INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX + +#include <vector> + +#include <oox/dllapi.h> +#include <oox/crypto/CryptTools.hxx> +#include <oox/crypto/CryptoEngine.hxx> +#include <rtl/ustring.hxx> +#include <sal/types.h> + +namespace oox { + class BinaryXInputStream; + class BinaryXOutputStream; +} + +namespace oox::crypto { + +struct OOX_DLLPUBLIC AgileEncryptionInfo +{ + sal_Int32 spinCount; + sal_Int32 saltSize; + sal_Int32 keyBits; + sal_Int32 hashSize; + sal_Int32 blockSize; + + OUString cipherAlgorithm; + OUString cipherChaining; + OUString hashAlgorithm; + + std::vector<sal_uInt8> keyDataSalt; + + // Key Encryptor + std::vector<sal_uInt8> saltValue; + std::vector<sal_uInt8> encryptedVerifierHashInput; + std::vector<sal_uInt8> encryptedVerifierHashValue; + std::vector<sal_uInt8> encryptedKeyValue; + + // HMAC + std::vector<sal_uInt8> hmacKey; + std::vector<sal_uInt8> hmacHash; + std::vector<sal_uInt8> hmacCalculatedHash; + std::vector<sal_uInt8> hmacEncryptedKey; // encrypted Key + std::vector<sal_uInt8> hmacEncryptedValue; // encrypted Hash +}; + +struct OOX_DLLPUBLIC AgileEncryptionParameters +{ + sal_Int32 spinCount; + sal_Int32 saltSize; + sal_Int32 keyBits; + sal_Int32 hashSize; + sal_Int32 blockSize; + + OUString cipherAlgorithm; + OUString cipherChaining; + OUString hashAlgorithm; +}; + +enum class AgileEncryptionPreset +{ + AES_128_SHA1, + AES_256_SHA512, +}; + +class OOX_DLLPUBLIC AgileEngine final : public CryptoEngine +{ +private: + AgileEncryptionInfo mInfo; + AgileEncryptionPreset meEncryptionPreset; + + void calculateHashFinal(const OUString& rPassword, std::vector<sal_uInt8>& aHashFinal); + + void calculateBlock( + std::vector<sal_uInt8> const & rBlock, + std::vector<sal_uInt8>& rHashFinal, + std::vector<sal_uInt8>& rInput, + std::vector<sal_uInt8>& rOutput); + + void encryptBlock( + std::vector<sal_uInt8> const & rBlock, + std::vector<sal_uInt8>& rHashFinal, + std::vector<sal_uInt8>& rInput, + std::vector<sal_uInt8>& rOutput); + + static Crypto::CryptoType cryptoType(const AgileEncryptionInfo& rInfo); + +public: + AgileEngine(); + + AgileEncryptionInfo& getInfo() { return mInfo;} + + void setPreset(AgileEncryptionPreset ePreset) + { + meEncryptionPreset = ePreset; + } + + // Decryption + + void decryptEncryptionKey(OUString const & rPassword); + bool decryptAndCheckVerifierHash(OUString const & rPassword); + + bool generateEncryptionKey(OUString const & rPassword) override; + bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override; + bool decrypt(BinaryXInputStream& aInputStream, + BinaryXOutputStream& aOutputStream) override; + + bool checkDataIntegrity() override; + + bool decryptHmacKey(); + bool decryptHmacValue(); + + // Encryption + + void writeEncryptionInfo(BinaryXOutputStream& rStream) override; + + void encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream, + css::uno::Reference<css::io::XOutputStream>& rxOutputStream, + sal_uInt32 nSize) override; + + bool setupEncryption(OUString const & rPassword) override; + + bool generateAndEncryptVerifierHash(OUString const & rPassword); + + bool encryptHmacKey(); + bool encryptHmacValue(); + + bool encryptEncryptionKey(OUString const & rPassword); + void setupEncryptionParameters(AgileEncryptionParameters const & rAgileEncryptionParameters); + bool setupEncryptionKey(OUString const & rPassword); +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/CryptTools.hxx b/include/oox/crypto/CryptTools.hxx new file mode 100644 index 000000000..c8c142007 --- /dev/null +++ b/include/oox/crypto/CryptTools.hxx @@ -0,0 +1,120 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * This file incorporates work covered by the following license notice: + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed + * with this work for additional information regarding copyright + * ownership. The ASF licenses this file to you under the Apache + * License, Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.apache.org/licenses/LICENSE-2.0 . + */ + +#ifndef INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX +#define INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX + +#include <oox/dllapi.h> +#include <sal/types.h> + +#include <vector> +#include <memory> + +namespace oox::crypto { + +/** Rounds up the input to the nearest multiple + * + * For example: + * input 1, multiple 16 = 16 + * input 16, multiple 16 = 16 + * input 17, multiple 16 = 32 + * input 31, multiple 16 = 32 + */ +template<typename T> +T roundUp(T input, T multiple) +{ + if (input % multiple == 0) + return input; + return ((input / multiple) * multiple) + multiple; +} + +enum class CryptoHashType +{ + SHA1, + SHA256, + SHA512 +}; + +struct CryptoImpl; + +class OOX_DLLPUBLIC Crypto +{ +public: + enum CryptoType + { + UNKNOWN, + AES_128_ECB, + AES_128_CBC, + AES_256_CBC, + }; + +protected: + std::unique_ptr<CryptoImpl> mpImpl; + +protected: + Crypto(); + +public: + virtual ~Crypto(); +}; + +class Decrypt final : public Crypto +{ +public: + Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type); + + sal_uInt32 update( + std::vector<sal_uInt8>& output, + std::vector<sal_uInt8>& input, + sal_uInt32 inputLength = 0); + + + static sal_uInt32 aes128ecb( + std::vector<sal_uInt8>& output, + std::vector<sal_uInt8>& input, + std::vector<sal_uInt8>& key ); + +}; + +class Encrypt final : public Crypto +{ +public: + Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type); + + sal_uInt32 update( + std::vector<sal_uInt8>& output, + std::vector<sal_uInt8>& input, + sal_uInt32 inputLength = 0); +}; + +class OOX_DLLPUBLIC CryptoHash final : public Crypto +{ + sal_Int32 mnHashSize; +public: + CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType); + bool update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength = 0); + std::vector<sal_uInt8> finalize(); +}; + + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/CryptoEngine.hxx b/include/oox/crypto/CryptoEngine.hxx new file mode 100644 index 000000000..49009ac7e --- /dev/null +++ b/include/oox/crypto/CryptoEngine.hxx @@ -0,0 +1,66 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_CRYPTOENGINE_HXX +#define INCLUDED_OOX_CRYPTO_CRYPTOENGINE_HXX + +#include <vector> + +#include <rtl/ustring.hxx> +#include <sal/types.h> + +#include <com/sun/star/io/XInputStream.hpp> +#include <com/sun/star/io/XOutputStream.hpp> + +namespace oox { + class BinaryXInputStream; + class BinaryXOutputStream; +} + +namespace oox::crypto { + +class CryptoEngine +{ +protected: + std::vector<sal_uInt8> mKey; + +public: + CryptoEngine() + {} + + virtual ~CryptoEngine() + {} + + // Decryption + virtual bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) = 0; + + virtual bool generateEncryptionKey(const OUString& rPassword) = 0; + + virtual bool decrypt( + BinaryXInputStream& aInputStream, + BinaryXOutputStream& aOutputStream) = 0; + + // Encryption + virtual void writeEncryptionInfo(BinaryXOutputStream & rStream) = 0; + + virtual bool setupEncryption(const OUString& rPassword) = 0; + + virtual void encrypt(const css::uno::Reference<css::io::XInputStream> & rxInputStream, + css::uno::Reference<css::io::XOutputStream> & rxOutputStream, + sal_uInt32 nSize) = 0; + + virtual bool checkDataIntegrity() = 0; +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/DocumentDecryption.hxx b/include/oox/crypto/DocumentDecryption.hxx new file mode 100644 index 000000000..33cab866f --- /dev/null +++ b/include/oox/crypto/DocumentDecryption.hxx @@ -0,0 +1,54 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_DOCUMENTDECRYPTION_HXX +#define INCLUDED_OOX_CRYPTO_DOCUMENTDECRYPTION_HXX + +#include <com/sun/star/beans/NamedValue.hpp> +#include <com/sun/star/uno/Reference.hxx> +#include <com/sun/star/uno/Sequence.hxx> +#include <rtl/ustring.hxx> + +namespace com::sun::star { + namespace beans { struct NamedValue; } + namespace io { class XInputStream; } + namespace io { class XStream; } + namespace uno { class XComponentContext; } + namespace packages { class XPackageEncryption; } +} + +namespace oox::ole { class OleStorage; } + +namespace oox::crypto { + +class DocumentDecryption +{ +private: + css::uno::Reference< css::uno::XComponentContext > mxContext; + oox::ole::OleStorage& mrOleStorage; + css::uno::Sequence<css::beans::NamedValue> maStreamsSequence; + css::uno::Reference< css::packages::XPackageEncryption > mxPackageEncryption; + +public: + DocumentDecryption(const css::uno::Reference< css::uno::XComponentContext >& rxContext, oox::ole::OleStorage& rOleStorage); + + bool decrypt(const css::uno::Reference< css::io::XStream >& xDocumentStream); + bool readEncryptionInfo(); + bool generateEncryptionKey(const OUString& rPassword); + + css::uno::Sequence< css::beans::NamedValue > createEncryptionData(const OUString& rPassword); + +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/DocumentEncryption.hxx b/include/oox/crypto/DocumentEncryption.hxx new file mode 100644 index 000000000..c2a3bd4ed --- /dev/null +++ b/include/oox/crypto/DocumentEncryption.hxx @@ -0,0 +1,52 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_DOCUMENTENCRYPTION_HXX +#define INCLUDED_OOX_CRYPTO_DOCUMENTENCRYPTION_HXX + +#include <com/sun/star/uno/Reference.hxx> +#include <com/sun/star/uno/Sequence.hxx> + +namespace com::sun::star { + namespace io { class XStream; } + namespace packages { class XPackageEncryption; } + namespace beans { struct NamedValue; } + namespace uno { class XComponentContext; } +} + +namespace oox::ole { class OleStorage; } + +namespace oox::crypto { + +class DocumentEncryption +{ +private: + css::uno::Reference< css::uno::XComponentContext > mxContext; + css::uno::Reference< css::io::XStream > mxDocumentStream; + oox::ole::OleStorage& mrOleStorage; + + css::uno::Reference< css::packages::XPackageEncryption > mxPackageEncryption; + const css::uno::Sequence< css::beans::NamedValue >& mMediaEncData; + +public: + DocumentEncryption(const css::uno::Reference< css::uno::XComponentContext >& rxContext, + css::uno::Reference< css::io::XStream > const & xDocumentStream, + oox::ole::OleStorage& rOleStorage, + const css::uno::Sequence< css::beans::NamedValue >& rMediaEncData); + + bool encrypt(); + +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/Standard2007Engine.hxx b/include/oox/crypto/Standard2007Engine.hxx new file mode 100644 index 000000000..8a7aec3e6 --- /dev/null +++ b/include/oox/crypto/Standard2007Engine.hxx @@ -0,0 +1,61 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_STANDARD2007ENGINE_HXX +#define INCLUDED_OOX_CRYPTO_STANDARD2007ENGINE_HXX + +#include <oox/dllapi.h> +#include <oox/crypto/CryptoEngine.hxx> +#include <filter/msfilter/mscodec.hxx> +#include <rtl/ustring.hxx> +#include <sal/types.h> + +namespace oox { + class BinaryXInputStream; + class BinaryXOutputStream; +} + +namespace oox::crypto { + +class OOX_DLLPUBLIC Standard2007Engine final : public CryptoEngine +{ + msfilter::StandardEncryptionInfo mInfo; + + bool generateVerifier(); + bool calculateEncryptionKey(const OUString& rPassword); + +public: + Standard2007Engine() = default; + + bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override; + + virtual bool generateEncryptionKey(OUString const & rPassword) override; + + virtual bool decrypt( + BinaryXInputStream& aInputStream, + BinaryXOutputStream& aOutputStream) override; + + bool checkDataIntegrity() override; + + void encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream, + css::uno::Reference<css::io::XOutputStream>& rxOutputStream, + sal_uInt32 nSize) override; + + virtual void writeEncryptionInfo(BinaryXOutputStream& rStream) override; + + virtual bool setupEncryption(OUString const & rPassword) override; + +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/oox/crypto/StrongEncryptionDataSpace.hxx b/include/oox/crypto/StrongEncryptionDataSpace.hxx new file mode 100644 index 000000000..cd7156515 --- /dev/null +++ b/include/oox/crypto/StrongEncryptionDataSpace.hxx @@ -0,0 +1,76 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#ifndef INCLUDED_OOX_CRYPTO_STRONGENCRYPTINDATASPACE_HXX +#define INCLUDED_OOX_CRYPTO_STRONGENCRYPTINDATASPACE_HXX + +#include <sal/config.h> + +#include <memory> + +#include <cppuhelper/implbase.hxx> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/packages/XPackageEncryption.hpp> +#include <com/sun/star/io/XInputStream.hpp> +#include <oox/crypto/CryptoEngine.hxx> + +namespace com::sun::star::uno +{ +class XComponentContext; +} + +namespace oox::crypto +{ +class StrongEncryptionDataSpace final + : public cppu::WeakImplHelper<css::lang::XServiceInfo, css::packages::XPackageEncryption> +{ + css::uno::Reference<css::uno::XComponentContext> mxContext; + std::unique_ptr<CryptoEngine> mCryptoEngine; + + css::uno::Reference<css::io::XInputStream> + getStream(const css::uno::Sequence<css::beans::NamedValue>& rStreams, + std::u16string_view sStreamName); + +public: + StrongEncryptionDataSpace(const css::uno::Reference<css::uno::XComponentContext>& rxContext); + + // Decryption + + virtual sal_Bool SAL_CALL generateEncryptionKey(const OUString& rPassword) override; + virtual sal_Bool SAL_CALL + readEncryptionInfo(const css::uno::Sequence<css::beans::NamedValue>& aStreams) override; + virtual sal_Bool SAL_CALL + decrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream, + css::uno::Reference<css::io::XOutputStream>& rxOutputStream) override; + + virtual sal_Bool SAL_CALL checkDataIntegrity() override; + + // Encryption + + virtual css::uno::Sequence<css::beans::NamedValue> + SAL_CALL encrypt(const css::uno::Reference<css::io::XInputStream>& rxInputStream) override; + + virtual sal_Bool SAL_CALL + setupEncryption(const css::uno::Sequence<css::beans::NamedValue>& rMediaEncData) override; + + virtual css::uno::Sequence<css::beans::NamedValue> + SAL_CALL createEncryptionData(const OUString& rPassword) override; + + // com.sun.star.lang.XServiceInfo + virtual OUString SAL_CALL getImplementationName() override; + virtual sal_Bool SAL_CALL supportsService(const OUString& rServiceName) override; + virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override; +}; + +} // namespace oox::crypto + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |