search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
GPU-Calc: remove Alloc_Host_Ptr for clmem of NAN vector
[LibreOffice.git] / oox / source / crypto / DocumentDecryption.cxx
blob0d1c72933a35c811990028e3583798ab0dec7ede
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 */
10
11 #include "oox/crypto/DocumentDecryption.hxx"
12
13 #include <comphelper/sequenceashashmap.hxx>
14 #include <sax/tools/converter.hxx>
15 #include <cppuhelper/implbase1.hxx>
16
17 #include <com/sun/star/io/XSeekable.hpp>
18 #include <com/sun/star/xml/sax/XFastParser.hpp>
19 #include <com/sun/star/xml/sax/XFastTokenHandler.hpp>
20 #include <com/sun/star/xml/sax/FastToken.hpp>
21
22 namespace oox {
23 namespace core {
24
25 using namespace css::beans;
26 using namespace css::io;
27 using namespace css::lang;
28 using namespace css::uno;
29 using namespace css::xml::sax;
30 using namespace css::xml;
31
32 using namespace std;
33
34 using ::comphelper::SequenceAsHashMap;
35 using ::sax::Converter;
36
37 namespace {
38
39 vector<sal_uInt8> convertToVector(Sequence<sal_Int8>& input)
40 {
41 const sal_uInt8* inputArray = reinterpret_cast<const sal_uInt8*>( input.getConstArray() );
42 return vector<sal_uInt8>(inputArray, inputArray + input.getLength());
43 }
44
45 class AgileTokenHandler : public cppu::WeakImplHelper1< XFastTokenHandler >
46 {
47 public:
48 virtual sal_Int32 SAL_CALL getToken( const OUString& /*nIdentifier*/ ) throw (RuntimeException)
49 {
50 return FastToken::DONTKNOW;
51 }
52
53 virtual sal_Int32 SAL_CALL getTokenFromUTF8( const Sequence< sal_Int8 >& /*nIdentifier*/ ) throw (RuntimeException)
54 {
55 return FastToken::DONTKNOW;
56 }
57
58 virtual OUString SAL_CALL getIdentifier( sal_Int32 /*nToken*/ ) throw (RuntimeException)
59 {
60 return OUString();
61 }
62
63 virtual Sequence<sal_Int8> SAL_CALL getUTF8Identifier(sal_Int32 /*nToken*/) throw (RuntimeException)
64 {
65 return Sequence<sal_Int8>();
66 }
67 };
68
69 class AgileDocumentHandler : public ::cppu::WeakImplHelper1< XFastDocumentHandler >
70 {
71 AgileEncryptionInfo& mInfo;
72
73 public:
74 AgileDocumentHandler(AgileEncryptionInfo& rInfo) :
75 mInfo(rInfo)
76 {}
77
78 void SAL_CALL startDocument()
79 throw (RuntimeException, SAXException)
80 {}
81 void SAL_CALL endDocument()
82 throw (RuntimeException, SAXException)
83 {}
84 void SAL_CALL setDocumentLocator( const Reference< XLocator >& /*xLocator*/ )
85 throw (RuntimeException, SAXException)
86 {}
87 void SAL_CALL startFastElement( sal_Int32 /*Element*/, const Reference< XFastAttributeList >& /*Attribs*/ )
88 throw (RuntimeException, SAXException)
89 {}
90
91 void SAL_CALL startUnknownElement( const OUString& /*aNamespace*/, const OUString& aName, const Reference< XFastAttributeList >& aAttributeList )
92 throw (RuntimeException, SAXException)
93 {
94 if(aName == "keyData")
95 {
96 Sequence<Attribute> aAttributes(aAttributeList->getUnknownAttributes());
97
98 for (int i=0; i<aAttributes.getLength(); i++)
99 {
100 if (aAttributes[i].Name == "saltValue")
101 {
102 Sequence<sal_Int8> keyDataSalt;
103 Converter::decodeBase64(keyDataSalt, aAttributes[i].Value);
104 mInfo.keyDataSalt = convertToVector(keyDataSalt);
105 }
106 }
107 }
108 else if(aName == "encryptedKey")
109 {
110 Sequence<Attribute> aAttributes(aAttributeList->getUnknownAttributes());
111 for (int i=0; i<aAttributes.getLength(); i++)
112 {
113 if (aAttributes[i].Name == "spinCount")
114 {
115 Converter::convertNumber(mInfo.spinCount, aAttributes[i].Value);
116 }
117 else if (aAttributes[i].Name == "saltSize")
118 {
119 Converter::convertNumber(mInfo.saltSize, aAttributes[i].Value);
120 }
121 else if (aAttributes[i].Name == "blockSize")
122 {
123 Converter::convertNumber(mInfo.blockSize, aAttributes[i].Value);
124 }
125 else if (aAttributes[i].Name == "keyBits")
126 {
127 Converter::convertNumber(mInfo.keyBits, aAttributes[i].Value);
128 }
129 else if (aAttributes[i].Name == "hashSize")
130 {
131 Converter::convertNumber(mInfo.hashSize, aAttributes[i].Value);
132 }
133 else if (aAttributes[i].Name == "cipherAlgorithm")
134 {
135 mInfo.cipherAlgorithm = aAttributes[i].Value;
136 }
137 else if (aAttributes[i].Name == "cipherChaining")
138 {
139 mInfo.cipherChaining = aAttributes[i].Value;
140 }
141 else if (aAttributes[i].Name == "hashAlgorithm")
142 {
143 mInfo.hashAlgorithm = aAttributes[i].Value;
144 }
145 else if (aAttributes[i].Name == "saltValue")
146 {
147 Sequence<sal_Int8> saltValue;
148 Converter::decodeBase64(saltValue, aAttributes[i].Value);
149 mInfo.saltValue = convertToVector(saltValue);
150 }
151 else if (aAttributes[i].Name == "encryptedVerifierHashInput")
152 {
153 Sequence<sal_Int8> encryptedVerifierHashInput;
154 Converter::decodeBase64(encryptedVerifierHashInput, aAttributes[i].Value);
155 mInfo.encryptedVerifierHashInput = convertToVector(encryptedVerifierHashInput);
156 }
157 else if (aAttributes[i].Name == "encryptedVerifierHashValue")
158 {
159 Sequence<sal_Int8> encryptedVerifierHashValue;
160 Converter::decodeBase64(encryptedVerifierHashValue, aAttributes[i].Value);
161 mInfo.encryptedVerifierHashValue = convertToVector(encryptedVerifierHashValue);
162 }
163 else if (aAttributes[i].Name == "encryptedKeyValue")
164 {
165 Sequence<sal_Int8> encryptedKeyValue;
166 Converter::decodeBase64(encryptedKeyValue, aAttributes[i].Value);
167 mInfo.encryptedKeyValue = convertToVector(encryptedKeyValue);
168 }
169 }
170 }
171 }
172
173 void SAL_CALL endFastElement( sal_Int32 /*aElement*/ )
174 throw (RuntimeException, SAXException)
175 {}
176 void SAL_CALL endUnknownElement( const OUString& /*aNamespace*/, const OUString& /*aName*/ )
177 throw (RuntimeException, SAXException)
178 {}
179
180 Reference< XFastContextHandler > SAL_CALL createFastChildContext( sal_Int32 /*aElement*/, const Reference< XFastAttributeList >& /*aAttribs*/ )
181 throw (RuntimeException, SAXException)
182 {
183 return NULL;
184 }
185
186 Reference< XFastContextHandler > SAL_CALL createUnknownChildContext( const OUString& /*aNamespace*/, const OUString& /*aName*/, const Reference< XFastAttributeList >& /*aAttribs*/ )
187 throw (RuntimeException, SAXException)
188 {
189 return this;
190 }
191
192 void SAL_CALL characters( const OUString& /*aChars*/ )
193 throw (RuntimeException, SAXException)
194 {}
195 };
196
197 } // namespace
198
199 DocumentDecryption::DocumentDecryption(oox::ole::OleStorage& rOleStorage, Reference<XComponentContext> xContext) :
200 mxContext(xContext),
201 mrOleStorage(rOleStorage),
202 mCryptoType(UNKNOWN)
203 {}
204
205 bool DocumentDecryption::checkEncryptionData(const Sequence<NamedValue>& /*rEncryptionData*/)
206 {
207 return false;
208 }
209
210 bool DocumentDecryption::generateEncryptionKey(const OUString& rPassword)
211 {
212 if (mEngine.get())
213 return mEngine->generateEncryptionKey(rPassword);
214 return false;
215 }
216
217 bool DocumentDecryption::readAgileEncryptionInfo(Reference< XInputStream >& xInputStream)
218 {
219 AgileEngine* engine = new AgileEngine();
220 mEngine.reset(engine);
221 AgileEncryptionInfo& info = engine->getInfo();
222
223 Reference<XMultiComponentFactory> xFactory( mxContext->getServiceManager(), UNO_SET_THROW );
224 Reference<XFastDocumentHandler> xFastDocumentHandler( new AgileDocumentHandler(info) );
225 Reference<XFastTokenHandler> xFastTokenHandler ( new AgileTokenHandler );
226
227 Reference<XFastParser> xParser;
228 xParser.set( xFactory->createInstanceWithContext( "com.sun.star.xml.sax.FastParser", mxContext ), UNO_QUERY_THROW );
229
230 if (!xParser.is())
231 return false;
232
233 xParser->setFastDocumentHandler( xFastDocumentHandler );
234 xParser->setTokenHandler( xFastTokenHandler );
235
236 InputSource aInputSource;
237 aInputSource.aInputStream = xInputStream;
238 xParser->parseStream( aInputSource );
239
240 // CHECK info data
241 if (2 > info.blockSize || info.blockSize > 4096)
242 return false;
243
244 if (0 > info.spinCount || info.spinCount > 10000000)
245 return false;
246
247 if (1 > info.saltSize|| info.saltSize > 65536) // Check
248 return false;
249
250 // AES 128 CBC with SHA1
251 if (info.keyBits == 128 &&
252 info.cipherAlgorithm == "AES" &&
253 info.cipherChaining == "ChainingModeCBC" &&
254 info.hashAlgorithm == "SHA1" &&
255 info.hashSize == 20)
256 {
257 return true;
258 }
259
260 // AES 256 CBC with SHA512
261 if (info.keyBits == 256 &&
262 info.cipherAlgorithm == "AES" &&
263 info.cipherChaining == "ChainingModeCBC" &&
264 info.hashAlgorithm == "SHA512" &&
265 info.hashSize == 64 )
266 {
267 return true;
268 }
269
270 return false;
271 }
272
273 bool DocumentDecryption::readStandard2007EncryptionInfo(BinaryInputStream& rStream)
274 {
275 Standard2007Engine* engine = new Standard2007Engine();
276 mEngine.reset(engine);
277 StandardEncryptionInfo& info = engine->getInfo();
278
279
280 rStream >> info.header.flags;
281 if( getFlag( info.header.flags, ENCRYPTINFO_EXTERNAL ) )
282 return false;
283
284 sal_uInt32 nHeaderSize;
285 rStream >> nHeaderSize;
286
287 sal_uInt32 actualHeaderSize = sizeof(info.header);
288
289 if( (nHeaderSize < actualHeaderSize) )
290 return false;
291
292 rStream >> info.header;
293 rStream.skip( nHeaderSize - actualHeaderSize );
294 rStream >> info.verifier;
295
296 if( info.verifier.saltSize != 16 )
297 return false;
298
299 // check flags and algorithm IDs, required are AES128 and SHA-1
300 if( !getFlag( info.header.flags , ENCRYPTINFO_CRYPTOAPI ) )
301 return false;
302
303 if( !getFlag( info.header.flags, ENCRYPTINFO_AES ) )
304 return false;
305
306 // algorithm ID 0 defaults to AES128 too, if ENCRYPTINFO_AES flag is set
307 if( info.header.algId != 0 && info.header.algId != ENCRYPT_ALGO_AES128 )
308 return false;
309
310 // hash algorithm ID 0 defaults to SHA-1 too
311 if( info.header.algIdHash != 0 && info.header.algIdHash != ENCRYPT_HASH_SHA1 )
312 return false;
313
314 if( info.verifier.encryptedVerifierHashSize != 20 )
315 return false;
316
317 return !rStream.isEof();
318 }
319
320 bool DocumentDecryption::readEncryptionInfo()
321 {
322 if( !mrOleStorage.isStorage() )
323 return false;
324
325 Reference< XInputStream > xEncryptionInfo( mrOleStorage.openInputStream( "EncryptionInfo" ), UNO_SET_THROW );
326
327 bool bResult = false;
328
329 BinaryXInputStream aBinaryInputStream( xEncryptionInfo, true );
330
331 sal_uInt32 aVersion;
332 aBinaryInputStream >> aVersion;
333
334 switch (aVersion)
335 {
336 case VERSION_INFO_2007_FORMAT:
337 mCryptoType = STANDARD_2007; // Set encryption info format
338 bResult = readStandard2007EncryptionInfo( aBinaryInputStream );
339 break;
340 case VERSION_INFO_AGILE:
341 mCryptoType = AGILE; // Set encryption info format
342 aBinaryInputStream.skip(4);
343 bResult = readAgileEncryptionInfo( xEncryptionInfo );
344 break;
345 default:
346 break;
347 }
348
349 return bResult;
350 }
351
352 Sequence<NamedValue> DocumentDecryption::createEncryptionData(const OUString& rPassword)
353 {
354 SequenceAsHashMap aEncryptionData;
355
356 if (mCryptoType == AGILE)
357 {
358 aEncryptionData["CryptoType"] <<= OUString("Agile");
359 }
360 else if (mCryptoType == STANDARD_2007)
361 {
362 aEncryptionData["CryptoType"] <<= OUString("Standard");
363 }
364
365 aEncryptionData["OOXPassword"] <<= rPassword;
366 return aEncryptionData.getAsConstNamedValueList();
367 }
368
369 bool DocumentDecryption::decrypt(Reference<XStream> xDocumentStream)
370 {
371 bool aResult = false;
372
373 if( !mrOleStorage.isStorage() )
374 return false;
375
376 // open the required input streams in the encrypted package
377 Reference< XInputStream > xEncryptedPackage( mrOleStorage.openInputStream( "EncryptedPackage" ), UNO_SET_THROW );
378
379 // create temporary file for unencrypted package
380 Reference< XOutputStream > xDecryptedPackage( xDocumentStream->getOutputStream(), UNO_SET_THROW );
381 BinaryXOutputStream aDecryptedPackage( xDecryptedPackage, true );
382 BinaryXInputStream aEncryptedPackage( xEncryptedPackage, true );
383
384 aResult = mEngine->decrypt(aEncryptedPackage, aDecryptedPackage);
385
386 xDecryptedPackage->flush();
387 aDecryptedPackage.seekToStart();
388
389 return aResult;
390 }
391
392 } // namespace core
393 } // namespace oox
394
395 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE