svl/source/misc/PasswordHelper.cxx


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
 * This file is part of the LibreOffice project.
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 *
 * This file incorporates work covered by the following license notice:
 *
 *   Licensed to the Apache Software Foundation (ASF) under one or more
 *   contributor license agreements. See the NOTICE file distributed
 *   with this work for additional information regarding copyright
 *   ownership. The ASF licenses this file to you under the Apache
 *   License, Version 2.0 (the "License"); you may not use this file
 *   except in compliance with the License. You may obtain a copy of
 *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
 */


#include <svl/PasswordHelper.hxx>
#include <comphelper/hash.hxx>
#include <rtl/digest.h>
#include <memory>

using namespace com::sun::star;

void SvPasswordHelper::GetHashPasswordSHA256(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view rPassword)
{
    OString const tmp(OUStringToOString(rPassword, RTL_TEXTENCODING_UTF8));
    ::std::vector<unsigned char> const hash(::comphelper::Hash::calculateHash(
        reinterpret_cast<unsigned char const*>(tmp.getStr()), tmp.getLength(),
        ::comphelper::HashType::SHA256));
    rPassHash.realloc(hash.size());
    ::std::copy(hash.begin(), hash.end(), rPassHash.getArray());
    rtl_secureZeroMemory(const_cast<char *>(tmp.getStr()), tmp.getLength());
}

void SvPasswordHelper::GetHashPasswordSHA1UTF8(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view rPassword)
{
    OString const tmp(OUStringToOString(rPassword, RTL_TEXTENCODING_UTF8));
    ::std::vector<unsigned char> const hash(::comphelper::Hash::calculateHash(
        reinterpret_cast<unsigned char const*>(tmp.getStr()), tmp.getLength(),
        ::comphelper::HashType::SHA1));
    rPassHash.realloc(hash.size());
    ::std::copy(hash.begin(), hash.end(), rPassHash.getArray());
    rtl_secureZeroMemory(const_cast<char *>(tmp.getStr()), tmp.getLength());
}

void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, const char* pPass, sal_uInt32 nLen)
{
    rPassHash.realloc(RTL_DIGEST_LENGTH_SHA1);

    rtlDigestError aError = rtl_digest_SHA1 (pPass, nLen, reinterpret_cast<sal_uInt8*>(rPassHash.getArray()), rPassHash.getLength());
    if (aError != rtl_Digest_E_None)
    {
        rPassHash.realloc(0);
    }
}

void SvPasswordHelper::GetHashPasswordLittleEndian(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view sPass)
{
    sal_Int32 nSize(sPass.size());
    std::unique_ptr<char[]> pCharBuffer(new char[nSize * sizeof(sal_Unicode)]);

    for (sal_Int32 i = 0; i < nSize; ++i)
    {
        sal_Unicode ch(sPass[ i ]);
        pCharBuffer[2 * i] = static_cast< char >(ch & 0xFF);
        pCharBuffer[2 * i + 1] = static_cast< char >(ch >> 8);
    }

    GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
    rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
}

void SvPasswordHelper::GetHashPasswordBigEndian(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view sPass)
{
    sal_Int32 nSize(sPass.size());
    std::unique_ptr<char[]> pCharBuffer(new char[nSize * sizeof(sal_Unicode)]);

    for (sal_Int32 i = 0; i < nSize; ++i)
    {
        sal_Unicode ch(sPass[ i ]);
        pCharBuffer[2 * i] = static_cast< char >(ch >> 8);
        pCharBuffer[2 * i + 1] = static_cast< char >(ch & 0xFF);
    }

    GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
    rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
}

void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view sPass)
{
    GetHashPasswordLittleEndian(rPassHash, sPass);
}

bool SvPasswordHelper::CompareHashPassword(const uno::Sequence<sal_Int8>& rOldPassHash, std::u16string_view sNewPass)
{
    bool bResult = false;

    if (rOldPassHash.getLength() == RTL_DIGEST_LENGTH_SHA1)
    {
        uno::Sequence<sal_Int8> aNewPass(RTL_DIGEST_LENGTH_SHA1);
        GetHashPasswordSHA1UTF8(aNewPass, sNewPass);
        if (aNewPass == rOldPassHash)
        {
            bResult = true;
        }
        else
        {
            GetHashPasswordLittleEndian(aNewPass, sNewPass);
            if (aNewPass == rOldPassHash)
                bResult = true;
            else
            {
                GetHashPasswordBigEndian(aNewPass, sNewPass);
                bResult = (aNewPass == rOldPassHash);
            }
        }
    }
    else if (rOldPassHash.getLength() == 32)
    {
        uno::Sequence<sal_Int8> aNewPass;
        GetHashPasswordSHA256(aNewPass, sNewPass);
        bResult = aNewPass == rOldPassHash;
    }

    return bResult;
}

/* vim:set shiftwidth=4 softtabstop=4 expandtab: */