Line data Source code
1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /*
3 : * This file is part of the LibreOffice project.
4 : *
5 : * This Source Code Form is subject to the terms of the Mozilla Public
6 : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : *
9 : */
10 :
11 : #include "oox/crypto/DocumentDecryption.hxx"
12 :
13 : #include <comphelper/sequenceashashmap.hxx>
14 : #include <sax/tools/converter.hxx>
15 : #include <cppuhelper/implbase1.hxx>
16 :
17 : #include <com/sun/star/io/XSeekable.hpp>
18 : #include <com/sun/star/uno/XComponentContext.hpp>
19 : #include <com/sun/star/xml/sax/XFastParser.hpp>
20 : #include <com/sun/star/xml/sax/XFastTokenHandler.hpp>
21 : #include <com/sun/star/xml/sax/FastParser.hpp>
22 : #include <com/sun/star/xml/sax/FastToken.hpp>
23 :
24 : namespace oox {
25 : namespace core {
26 :
27 : using namespace css::beans;
28 : using namespace css::io;
29 : using namespace css::lang;
30 : using namespace css::uno;
31 : using namespace css::xml::sax;
32 : using namespace css::xml;
33 :
34 : using namespace std;
35 :
36 : using ::comphelper::SequenceAsHashMap;
37 : using ::sax::Converter;
38 :
39 : namespace {
40 :
41 0 : vector<sal_uInt8> convertToVector(Sequence<sal_Int8>& input)
42 : {
43 0 : const sal_uInt8* inputArray = reinterpret_cast<const sal_uInt8*>( input.getConstArray() );
44 0 : return vector<sal_uInt8>(inputArray, inputArray + input.getLength());
45 : }
46 :
47 0 : class AgileTokenHandler : public cppu::WeakImplHelper1< XFastTokenHandler >
48 : {
49 : public:
50 0 : virtual sal_Int32 SAL_CALL getToken( const OUString& /*nIdentifier*/ ) throw (RuntimeException, std::exception) SAL_OVERRIDE
51 : {
52 0 : return FastToken::DONTKNOW;
53 : }
54 :
55 0 : virtual sal_Int32 SAL_CALL getTokenFromUTF8( const Sequence< sal_Int8 >& /*nIdentifier*/ ) throw (RuntimeException, std::exception) SAL_OVERRIDE
56 : {
57 0 : return FastToken::DONTKNOW;
58 : }
59 :
60 0 : virtual OUString SAL_CALL getIdentifier( sal_Int32 /*nToken*/ ) throw (RuntimeException, std::exception) SAL_OVERRIDE
61 : {
62 0 : return OUString();
63 : }
64 :
65 0 : virtual Sequence<sal_Int8> SAL_CALL getUTF8Identifier(sal_Int32 /*nToken*/) throw (RuntimeException, std::exception) SAL_OVERRIDE
66 : {
67 0 : return Sequence<sal_Int8>();
68 : }
69 : };
70 :
71 0 : class AgileDocumentHandler : public ::cppu::WeakImplHelper1< XFastDocumentHandler >
72 : {
73 : AgileEncryptionInfo& mInfo;
74 :
75 : public:
76 0 : AgileDocumentHandler(AgileEncryptionInfo& rInfo) :
77 0 : mInfo(rInfo)
78 0 : {}
79 :
80 0 : void SAL_CALL startDocument()
81 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
82 0 : {}
83 0 : void SAL_CALL endDocument()
84 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
85 0 : {}
86 0 : void SAL_CALL setDocumentLocator( const Reference< XLocator >& /*xLocator*/ )
87 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
88 0 : {}
89 0 : void SAL_CALL startFastElement( sal_Int32 /*Element*/, const Reference< XFastAttributeList >& /*Attribs*/ )
90 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
91 0 : {}
92 :
93 0 : void SAL_CALL startUnknownElement( const OUString& /*aNamespace*/, const OUString& aName, const Reference< XFastAttributeList >& aAttributeList )
94 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
95 : {
96 0 : if(aName == "keyData")
97 : {
98 0 : Sequence<Attribute> aAttributes(aAttributeList->getUnknownAttributes());
99 :
100 0 : for (int i=0; i<aAttributes.getLength(); i++)
101 : {
102 0 : if (aAttributes[i].Name == "saltValue")
103 : {
104 0 : Sequence<sal_Int8> keyDataSalt;
105 0 : Converter::decodeBase64(keyDataSalt, aAttributes[i].Value);
106 0 : mInfo.keyDataSalt = convertToVector(keyDataSalt);
107 : }
108 0 : }
109 : }
110 0 : else if(aName == "encryptedKey")
111 : {
112 0 : Sequence<Attribute> aAttributes(aAttributeList->getUnknownAttributes());
113 0 : for (int i=0; i<aAttributes.getLength(); i++)
114 : {
115 0 : if (aAttributes[i].Name == "spinCount")
116 : {
117 0 : Converter::convertNumber(mInfo.spinCount, aAttributes[i].Value);
118 : }
119 0 : else if (aAttributes[i].Name == "saltSize")
120 : {
121 0 : Converter::convertNumber(mInfo.saltSize, aAttributes[i].Value);
122 : }
123 0 : else if (aAttributes[i].Name == "blockSize")
124 : {
125 0 : Converter::convertNumber(mInfo.blockSize, aAttributes[i].Value);
126 : }
127 0 : else if (aAttributes[i].Name == "keyBits")
128 : {
129 0 : Converter::convertNumber(mInfo.keyBits, aAttributes[i].Value);
130 : }
131 0 : else if (aAttributes[i].Name == "hashSize")
132 : {
133 0 : Converter::convertNumber(mInfo.hashSize, aAttributes[i].Value);
134 : }
135 0 : else if (aAttributes[i].Name == "cipherAlgorithm")
136 : {
137 0 : mInfo.cipherAlgorithm = aAttributes[i].Value;
138 : }
139 0 : else if (aAttributes[i].Name == "cipherChaining")
140 : {
141 0 : mInfo.cipherChaining = aAttributes[i].Value;
142 : }
143 0 : else if (aAttributes[i].Name == "hashAlgorithm")
144 : {
145 0 : mInfo.hashAlgorithm = aAttributes[i].Value;
146 : }
147 0 : else if (aAttributes[i].Name == "saltValue")
148 : {
149 0 : Sequence<sal_Int8> saltValue;
150 0 : Converter::decodeBase64(saltValue, aAttributes[i].Value);
151 0 : mInfo.saltValue = convertToVector(saltValue);
152 : }
153 0 : else if (aAttributes[i].Name == "encryptedVerifierHashInput")
154 : {
155 0 : Sequence<sal_Int8> encryptedVerifierHashInput;
156 0 : Converter::decodeBase64(encryptedVerifierHashInput, aAttributes[i].Value);
157 0 : mInfo.encryptedVerifierHashInput = convertToVector(encryptedVerifierHashInput);
158 : }
159 0 : else if (aAttributes[i].Name == "encryptedVerifierHashValue")
160 : {
161 0 : Sequence<sal_Int8> encryptedVerifierHashValue;
162 0 : Converter::decodeBase64(encryptedVerifierHashValue, aAttributes[i].Value);
163 0 : mInfo.encryptedVerifierHashValue = convertToVector(encryptedVerifierHashValue);
164 : }
165 0 : else if (aAttributes[i].Name == "encryptedKeyValue")
166 : {
167 0 : Sequence<sal_Int8> encryptedKeyValue;
168 0 : Converter::decodeBase64(encryptedKeyValue, aAttributes[i].Value);
169 0 : mInfo.encryptedKeyValue = convertToVector(encryptedKeyValue);
170 : }
171 0 : }
172 : }
173 0 : }
174 :
175 0 : void SAL_CALL endFastElement( sal_Int32 /*aElement*/ )
176 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
177 0 : {}
178 0 : void SAL_CALL endUnknownElement( const OUString& /*aNamespace*/, const OUString& /*aName*/ )
179 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
180 0 : {}
181 :
182 0 : Reference< XFastContextHandler > SAL_CALL createFastChildContext( sal_Int32 /*aElement*/, const Reference< XFastAttributeList >& /*aAttribs*/ )
183 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
184 : {
185 0 : return NULL;
186 : }
187 :
188 0 : Reference< XFastContextHandler > SAL_CALL createUnknownChildContext( const OUString& /*aNamespace*/, const OUString& /*aName*/, const Reference< XFastAttributeList >& /*aAttribs*/ )
189 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
190 : {
191 0 : return this;
192 : }
193 :
194 0 : void SAL_CALL characters( const OUString& /*aChars*/ )
195 : throw (RuntimeException, SAXException, std::exception) SAL_OVERRIDE
196 0 : {}
197 : };
198 :
199 : } // namespace
200 :
201 0 : DocumentDecryption::DocumentDecryption(oox::ole::OleStorage& rOleStorage, Reference<XComponentContext> xContext) :
202 : mxContext(xContext),
203 : mrOleStorage(rOleStorage),
204 0 : mCryptoType(UNKNOWN)
205 0 : {}
206 :
207 0 : bool DocumentDecryption::checkEncryptionData(const Sequence<NamedValue>& /*rEncryptionData*/)
208 : {
209 0 : return false;
210 : }
211 :
212 0 : bool DocumentDecryption::generateEncryptionKey(const OUString& rPassword)
213 : {
214 0 : if (mEngine.get())
215 0 : return mEngine->generateEncryptionKey(rPassword);
216 0 : return false;
217 : }
218 :
219 0 : bool DocumentDecryption::readAgileEncryptionInfo(Reference< XInputStream >& xInputStream)
220 : {
221 0 : AgileEngine* engine = new AgileEngine();
222 0 : mEngine.reset(engine);
223 0 : AgileEncryptionInfo& info = engine->getInfo();
224 :
225 0 : Reference<XFastDocumentHandler> xFastDocumentHandler( new AgileDocumentHandler(info) );
226 0 : Reference<XFastTokenHandler> xFastTokenHandler ( new AgileTokenHandler );
227 :
228 : Reference<XFastParser> xParser(
229 0 : css::xml::sax::FastParser::create(mxContext));
230 :
231 0 : xParser->setFastDocumentHandler( xFastDocumentHandler );
232 0 : xParser->setTokenHandler( xFastTokenHandler );
233 :
234 0 : InputSource aInputSource;
235 0 : aInputSource.aInputStream = xInputStream;
236 0 : xParser->parseStream( aInputSource );
237 :
238 : // CHECK info data
239 0 : if (2 > info.blockSize || info.blockSize > 4096)
240 0 : return false;
241 :
242 0 : if (0 > info.spinCount || info.spinCount > 10000000)
243 0 : return false;
244 :
245 0 : if (1 > info.saltSize|| info.saltSize > 65536) // Check
246 0 : return false;
247 :
248 : // AES 128 CBC with SHA1
249 0 : if (info.keyBits == 128 &&
250 0 : info.cipherAlgorithm == "AES" &&
251 0 : info.cipherChaining == "ChainingModeCBC" &&
252 0 : info.hashAlgorithm == "SHA1" &&
253 0 : info.hashSize == 20)
254 : {
255 0 : return true;
256 : }
257 :
258 : // AES 256 CBC with SHA512
259 0 : if (info.keyBits == 256 &&
260 0 : info.cipherAlgorithm == "AES" &&
261 0 : info.cipherChaining == "ChainingModeCBC" &&
262 0 : info.hashAlgorithm == "SHA512" &&
263 0 : info.hashSize == 64 )
264 : {
265 0 : return true;
266 : }
267 :
268 0 : return false;
269 : }
270 :
271 0 : bool DocumentDecryption::readStandard2007EncryptionInfo(BinaryInputStream& rStream)
272 : {
273 0 : Standard2007Engine* engine = new Standard2007Engine();
274 0 : mEngine.reset(engine);
275 0 : StandardEncryptionInfo& info = engine->getInfo();
276 :
277 :
278 0 : rStream >> info.header.flags;
279 0 : if( getFlag( info.header.flags, ENCRYPTINFO_EXTERNAL ) )
280 0 : return false;
281 :
282 : sal_uInt32 nHeaderSize;
283 0 : rStream >> nHeaderSize;
284 :
285 0 : sal_uInt32 actualHeaderSize = sizeof(info.header);
286 :
287 0 : if( (nHeaderSize < actualHeaderSize) )
288 0 : return false;
289 :
290 0 : rStream >> info.header.flags;
291 0 : rStream >> info.header.sizeExtra;
292 0 : rStream >> info.header.algId;
293 0 : rStream >> info.header.algIdHash;
294 0 : rStream >> info.header.keyBits;
295 0 : rStream >> info.header.providedType;
296 0 : rStream >> info.header.reserved1;
297 0 : rStream >> info.header.reserved2;
298 :
299 0 : rStream.skip( nHeaderSize - actualHeaderSize );
300 :
301 0 : rStream >> info.verifier.saltSize;
302 0 : rStream.readArray(info.verifier.salt, SAL_N_ELEMENTS(info.verifier.salt));
303 0 : rStream.readArray(info.verifier.encryptedVerifier, SAL_N_ELEMENTS(info.verifier.encryptedVerifier));
304 0 : rStream >> info.verifier.encryptedVerifierHashSize;
305 0 : rStream.readArray(info.verifier.encryptedVerifierHash, SAL_N_ELEMENTS(info.verifier.encryptedVerifierHash));
306 :
307 0 : if( info.verifier.saltSize != 16 )
308 0 : return false;
309 :
310 : // check flags and algorithm IDs, required are AES128 and SHA-1
311 0 : if( !getFlag( info.header.flags , ENCRYPTINFO_CRYPTOAPI ) )
312 0 : return false;
313 :
314 0 : if( !getFlag( info.header.flags, ENCRYPTINFO_AES ) )
315 0 : return false;
316 :
317 : // algorithm ID 0 defaults to AES128 too, if ENCRYPTINFO_AES flag is set
318 0 : if( info.header.algId != 0 && info.header.algId != ENCRYPT_ALGO_AES128 )
319 0 : return false;
320 :
321 : // hash algorithm ID 0 defaults to SHA-1 too
322 0 : if( info.header.algIdHash != 0 && info.header.algIdHash != ENCRYPT_HASH_SHA1 )
323 0 : return false;
324 :
325 0 : if( info.verifier.encryptedVerifierHashSize != 20 )
326 0 : return false;
327 :
328 0 : return !rStream.isEof();
329 : }
330 :
331 0 : bool DocumentDecryption::readEncryptionInfo()
332 : {
333 0 : if( !mrOleStorage.isStorage() )
334 0 : return false;
335 :
336 0 : Reference< XInputStream > xEncryptionInfo( mrOleStorage.openInputStream( "EncryptionInfo" ), UNO_SET_THROW );
337 :
338 0 : bool bResult = false;
339 :
340 0 : BinaryXInputStream aBinaryInputStream( xEncryptionInfo, true );
341 :
342 : sal_uInt32 aVersion;
343 0 : aBinaryInputStream >> aVersion;
344 :
345 0 : switch (aVersion)
346 : {
347 : case VERSION_INFO_2007_FORMAT:
348 : case VERSION_INFO_2007_FORMAT_SP2:
349 0 : mCryptoType = STANDARD_2007; // Set encryption info format
350 0 : bResult = readStandard2007EncryptionInfo( aBinaryInputStream );
351 0 : break;
352 : case VERSION_INFO_AGILE:
353 0 : mCryptoType = AGILE; // Set encryption info format
354 0 : aBinaryInputStream.skip(4);
355 0 : bResult = readAgileEncryptionInfo( xEncryptionInfo );
356 0 : break;
357 : default:
358 0 : break;
359 : }
360 :
361 0 : return bResult;
362 : }
363 :
364 0 : Sequence<NamedValue> DocumentDecryption::createEncryptionData(const OUString& rPassword)
365 : {
366 0 : SequenceAsHashMap aEncryptionData;
367 :
368 0 : if (mCryptoType == AGILE)
369 : {
370 0 : aEncryptionData["CryptoType"] <<= OUString("Agile");
371 : }
372 0 : else if (mCryptoType == STANDARD_2007)
373 : {
374 0 : aEncryptionData["CryptoType"] <<= OUString("Standard");
375 : }
376 :
377 0 : aEncryptionData["OOXPassword"] <<= rPassword;
378 0 : return aEncryptionData.getAsConstNamedValueList();
379 : }
380 :
381 0 : bool DocumentDecryption::decrypt(Reference<XStream> xDocumentStream)
382 : {
383 0 : bool aResult = false;
384 :
385 0 : if( !mrOleStorage.isStorage() )
386 0 : return false;
387 :
388 : // open the required input streams in the encrypted package
389 0 : Reference< XInputStream > xEncryptedPackage( mrOleStorage.openInputStream( "EncryptedPackage" ), UNO_SET_THROW );
390 :
391 : // create temporary file for unencrypted package
392 0 : Reference< XOutputStream > xDecryptedPackage( xDocumentStream->getOutputStream(), UNO_SET_THROW );
393 0 : BinaryXOutputStream aDecryptedPackage( xDecryptedPackage, true );
394 0 : BinaryXInputStream aEncryptedPackage( xEncryptedPackage, true );
395 :
396 0 : aResult = mEngine->decrypt(aEncryptedPackage, aDecryptedPackage);
397 :
398 0 : xDecryptedPackage->flush();
399 0 : aDecryptedPackage.seekToStart();
400 :
401 0 : return aResult;
402 : }
403 :
404 : } // namespace core
405 0 : } // namespace oox
406 :
407 : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
