Line data Source code
1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /*
3 : * This file is part of the LibreOffice project.
4 : *
5 : * This Source Code Form is subject to the terms of the Mozilla Public
6 : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : *
9 : * This file incorporates work covered by the following license notice:
10 : *
11 : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : * contributor license agreements. See the NOTICE file distributed
13 : * with this work for additional information regarding copyright
14 : * ownership. The ASF licenses this file to you under the Apache
15 : * License, Version 2.0 (the "License"); you may not use this file
16 : * except in compliance with the License. You may obtain a copy of
17 : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : */
19 :
20 : #include <algorithm>
21 :
22 : #include <comphelper/docpasswordhelper.hxx>
23 : #include <com/sun/star/beans/PropertyValue.hpp>
24 : #include <com/sun/star/task/XInteractionHandler.hpp>
25 :
26 : #include <osl/time.h>
27 : #include <osl/diagnose.h>
28 : #include <rtl/digest.h>
29 : #include <rtl/random.h>
30 : #include <string.h>
31 :
32 : using ::com::sun::star::uno::Sequence;
33 : using ::com::sun::star::uno::Exception;
34 : using ::com::sun::star::uno::Reference;
35 : using ::com::sun::star::uno::UNO_SET_THROW;
36 : using ::com::sun::star::task::PasswordRequestMode;
37 : using ::com::sun::star::task::PasswordRequestMode_PASSWORD_ENTER;
38 : using ::com::sun::star::task::PasswordRequestMode_PASSWORD_REENTER;
39 : using ::com::sun::star::task::XInteractionHandler;
40 : using ::com::sun::star::task::XInteractionRequest;
41 :
42 : using namespace ::com::sun::star;
43 :
44 : namespace comphelper {
45 :
46 :
47 :
48 0 : static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const OUString& aPassword, const uno::Sequence< sal_Int8 >& aSalt, sal_Int32 nCount, sal_Int32 nHashLength )
49 : {
50 0 : uno::Sequence< sal_Int8 > aResult;
51 :
52 0 : if ( !aPassword.isEmpty() && aSalt.getLength() && nCount && nHashLength )
53 : {
54 0 : OString aBytePass = OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 );
55 0 : aResult.realloc( 16 );
56 0 : rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ),
57 0 : aResult.getLength(),
58 0 : reinterpret_cast < const sal_uInt8 * > ( aBytePass.getStr() ),
59 0 : aBytePass.getLength(),
60 0 : reinterpret_cast < const sal_uInt8 * > ( aSalt.getConstArray() ),
61 0 : aSalt.getLength(),
62 0 : nCount );
63 : }
64 :
65 0 : return aResult;
66 : }
67 :
68 :
69 :
70 0 : IDocPasswordVerifier::~IDocPasswordVerifier()
71 : {
72 0 : }
73 :
74 :
75 0 : uno::Sequence< beans::PropertyValue > DocPasswordHelper::GenerateNewModifyPasswordInfo( const OUString& aPassword )
76 : {
77 0 : uno::Sequence< beans::PropertyValue > aResult;
78 :
79 0 : uno::Sequence< sal_Int8 > aSalt = GenerateRandomByteSequence( 16 );
80 0 : sal_Int32 nCount = 1024;
81 :
82 0 : uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, 16 );
83 0 : if ( aNewHash.getLength() )
84 : {
85 0 : aResult.realloc( 4 );
86 0 : aResult[0].Name = "algorithm-name";
87 0 : aResult[0].Value <<= OUString( "PBKDF2" );
88 0 : aResult[1].Name = "salt";
89 0 : aResult[1].Value <<= aSalt;
90 0 : aResult[2].Name = "iteration-count";
91 0 : aResult[2].Value <<= nCount;
92 0 : aResult[3].Name = "hash";
93 0 : aResult[3].Value <<= aNewHash;
94 : }
95 :
96 0 : return aResult;
97 : }
98 :
99 :
100 0 : bool DocPasswordHelper::IsModifyPasswordCorrect( const OUString& aPassword, const uno::Sequence< beans::PropertyValue >& aInfo )
101 : {
102 0 : bool bResult = false;
103 0 : if ( !aPassword.isEmpty() && aInfo.getLength() )
104 : {
105 0 : OUString sAlgorithm;
106 0 : uno::Sequence< sal_Int8 > aSalt;
107 0 : uno::Sequence< sal_Int8 > aHash;
108 0 : sal_Int32 nCount = 0;
109 :
110 0 : for ( sal_Int32 nInd = 0; nInd < aInfo.getLength(); nInd++ )
111 : {
112 0 : if ( aInfo[nInd].Name == "algorithm-name" )
113 0 : aInfo[nInd].Value >>= sAlgorithm;
114 0 : else if ( aInfo[nInd].Name == "salt" )
115 0 : aInfo[nInd].Value >>= aSalt;
116 0 : else if ( aInfo[nInd].Name == "iteration-count" )
117 0 : aInfo[nInd].Value >>= nCount;
118 0 : else if ( aInfo[nInd].Name == "hash" )
119 0 : aInfo[nInd].Value >>= aHash;
120 : }
121 :
122 0 : if ( sAlgorithm == "PBKDF2" && aSalt.getLength() && nCount > 0 && aHash.getLength() )
123 : {
124 0 : uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, aHash.getLength() );
125 0 : for ( sal_Int32 nInd = 0; nInd < aNewHash.getLength() && nInd < aHash.getLength() && aNewHash[nInd] == aHash[nInd]; nInd ++ )
126 : {
127 0 : if ( nInd == aNewHash.getLength() - 1 && nInd == aHash.getLength() - 1 )
128 0 : bResult = true;
129 0 : }
130 0 : }
131 : }
132 :
133 0 : return bResult;
134 : }
135 :
136 :
137 0 : sal_uInt32 DocPasswordHelper::GetWordHashAsUINT32(
138 : const OUString& aUString )
139 : {
140 : static const sal_uInt16 pInitialCode[] = {
141 : 0xE1F0, // 1
142 : 0x1D0F, // 2
143 : 0xCC9C, // 3
144 : 0x84C0, // 4
145 : 0x110C, // 5
146 : 0x0E10, // 6
147 : 0xF1CE, // 7
148 : 0x313E, // 8
149 : 0x1872, // 9
150 : 0xE139, // 10
151 : 0xD40F, // 11
152 : 0x84F9, // 12
153 : 0x280C, // 13
154 : 0xA96A, // 14
155 : 0x4EC3 // 15
156 : };
157 :
158 : static const sal_uInt16 pEncryptionMatrix[15][7] = {
159 : { 0xAEFC, 0x4DD9, 0x9BB2, 0x2745, 0x4E8A, 0x9D14, 0x2A09}, // last-14
160 : { 0x7B61, 0xF6C2, 0xFDA5, 0xEB6B, 0xC6F7, 0x9DCF, 0x2BBF}, // last-13
161 : { 0x4563, 0x8AC6, 0x05AD, 0x0B5A, 0x16B4, 0x2D68, 0x5AD0}, // last-12
162 : { 0x0375, 0x06EA, 0x0DD4, 0x1BA8, 0x3750, 0x6EA0, 0xDD40}, // last-11
163 : { 0xD849, 0xA0B3, 0x5147, 0xA28E, 0x553D, 0xAA7A, 0x44D5}, // last-10
164 : { 0x6F45, 0xDE8A, 0xAD35, 0x4A4B, 0x9496, 0x390D, 0x721A}, // last-9
165 : { 0xEB23, 0xC667, 0x9CEF, 0x29FF, 0x53FE, 0xA7FC, 0x5FD9}, // last-8
166 : { 0x47D3, 0x8FA6, 0x8FA6, 0x1EDA, 0x3DB4, 0x7B68, 0xF6D0}, // last-7
167 : { 0xB861, 0x60E3, 0xC1C6, 0x93AD, 0x377B, 0x6EF6, 0xDDEC}, // last-6
168 : { 0x45A0, 0x8B40, 0x06A1, 0x0D42, 0x1A84, 0x3508, 0x6A10}, // last-5
169 : { 0xAA51, 0x4483, 0x8906, 0x022D, 0x045A, 0x08B4, 0x1168}, // last-4
170 : { 0x76B4, 0xED68, 0xCAF1, 0x85C3, 0x1BA7, 0x374E, 0x6E9C}, // last-3
171 : { 0x3730, 0x6E60, 0xDCC0, 0xA9A1, 0x4363, 0x86C6, 0x1DAD}, // last-2
172 : { 0x3331, 0x6662, 0xCCC4, 0x89A9, 0x0373, 0x06E6, 0x0DCC}, // last-1
173 : { 0x1021, 0x2042, 0x4084, 0x8108, 0x1231, 0x2462, 0x48C4} // last
174 : };
175 :
176 0 : sal_uInt32 nResult = 0;
177 0 : sal_uInt32 nLen = aUString.getLength();
178 :
179 0 : if ( nLen )
180 : {
181 0 : if ( nLen > 15 )
182 0 : nLen = 15;
183 :
184 0 : sal_uInt16 nHighResult = pInitialCode[nLen - 1];
185 0 : sal_uInt16 nLowResult = 0;
186 :
187 0 : const sal_Unicode* pStr = aUString.getStr();
188 0 : for ( sal_uInt32 nInd = 0; nInd < nLen; nInd++ )
189 : {
190 : // NO Encoding during conversion!
191 : // The specification says that the low byte should be used in case it is not NULL
192 0 : char nHighChar = (char)( pStr[nInd] >> 8 );
193 0 : char nLowChar = (char)( pStr[nInd] & 0xFF );
194 0 : char nChar = nLowChar ? nLowChar : nHighChar;
195 :
196 0 : for ( int nMatrixInd = 0; nMatrixInd < 7; ++nMatrixInd )
197 : {
198 0 : if ( ( nChar & ( 1 << nMatrixInd ) ) != 0 )
199 0 : nHighResult = nHighResult ^ pEncryptionMatrix[15 - nLen + nInd][nMatrixInd];
200 : }
201 :
202 0 : nLowResult = ( ( ( nLowResult >> 14 ) & 0x0001 ) | ( ( nLowResult << 1 ) & 0x7FFF ) ) ^ nChar;
203 : }
204 :
205 0 : nLowResult = (sal_uInt16)( ( ( ( nLowResult >> 14 ) & 0x001 ) | ( ( nLowResult << 1 ) & 0x7FF ) ) ^ nLen ^ 0xCE4B );
206 :
207 0 : nResult = ( nHighResult << 16 ) | nLowResult;
208 : }
209 :
210 0 : return nResult;
211 : }
212 :
213 :
214 0 : sal_uInt16 DocPasswordHelper::GetXLHashAsUINT16(
215 : const OUString& aUString,
216 : rtl_TextEncoding nEnc )
217 : {
218 0 : sal_uInt16 nResult = 0;
219 :
220 0 : OString aString = OUStringToOString( aUString, nEnc );
221 :
222 0 : if ( !aString.isEmpty() && aString.getLength() <= SAL_MAX_UINT16 )
223 : {
224 0 : for ( sal_Int32 nInd = aString.getLength() - 1; nInd >= 0; nInd-- )
225 : {
226 0 : nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF );
227 0 : nResult ^= aString[nInd];
228 : }
229 :
230 0 : nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF );
231 0 : nResult ^= ( 0x8000 | ( 'N' << 8 ) | 'K' );
232 0 : nResult ^= aString.getLength();
233 : }
234 :
235 0 : return nResult;
236 : }
237 :
238 :
239 0 : Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
240 : const OUString& aUString,
241 : rtl_TextEncoding nEnc )
242 : {
243 0 : sal_uInt16 nHash = GetXLHashAsUINT16( aUString, nEnc );
244 0 : Sequence< sal_Int8 > aResult( 2 );
245 0 : aResult[0] = ( nHash >> 8 );
246 0 : aResult[1] = ( nHash & 0xFF );
247 :
248 0 : return aResult;
249 : }
250 :
251 :
252 0 : /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateRandomByteSequence( sal_Int32 nLength )
253 : {
254 0 : uno::Sequence< sal_Int8 > aResult( nLength );
255 :
256 : TimeValue aTime;
257 0 : osl_getSystemTime( &aTime );
258 0 : rtlRandomPool aRandomPool = rtl_random_createPool ();
259 0 : rtl_random_addBytes ( aRandomPool, &aTime, 8 );
260 0 : rtl_random_getBytes ( aRandomPool, aResult.getArray(), nLength );
261 0 : rtl_random_destroyPool ( aRandomPool );
262 :
263 0 : return aResult;
264 : }
265 :
266 :
267 :
268 0 : /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const OUString& aPassword, const uno::Sequence< sal_Int8 >& aDocId )
269 : {
270 0 : uno::Sequence< sal_Int8 > aResultKey;
271 0 : if ( !aPassword.isEmpty() && aDocId.getLength() == 16 )
272 : {
273 : sal_uInt16 pPassData[16];
274 0 : memset( pPassData, 0, sizeof(pPassData) );
275 :
276 0 : sal_Int32 nPassLen = ::std::min< sal_Int32 >( aPassword.getLength(), 15 );
277 0 : memcpy( pPassData, aPassword.getStr(), nPassLen * sizeof(pPassData[0]) );
278 :
279 0 : aResultKey = GenerateStd97Key( pPassData, aDocId );
280 : }
281 :
282 0 : return aResultKey;
283 : }
284 :
285 :
286 0 : /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const uno::Sequence< sal_Int8 >& aDocId )
287 : {
288 0 : uno::Sequence< sal_Int8 > aResultKey;
289 :
290 0 : if ( aDocId.getLength() == 16 )
291 0 : aResultKey = GenerateStd97Key(pPassData, reinterpret_cast<const sal_uInt8*>(aDocId.getConstArray()));
292 :
293 0 : return aResultKey;
294 : }
295 :
296 :
297 0 : /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const sal_uInt8 pDocId[16] )
298 : {
299 0 : uno::Sequence< sal_Int8 > aResultKey;
300 0 : if ( pPassData[0] )
301 : {
302 : sal_uInt8 pKeyData[64];
303 0 : memset( pKeyData, 0, sizeof(pKeyData) );
304 :
305 0 : sal_Int32 nInd = 0;
306 :
307 : // Fill PassData into KeyData.
308 0 : for ( nInd = 0; nInd < 16 && pPassData[nInd]; nInd++)
309 : {
310 0 : pKeyData[2*nInd] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 0) & 0xff );
311 0 : pKeyData[2*nInd + 1] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 8) & 0xff );
312 : }
313 :
314 0 : pKeyData[2*nInd] = 0x80;
315 0 : pKeyData[56] = sal::static_int_cast< sal_uInt8 >( nInd << 4 );
316 :
317 : // Fill raw digest of KeyData into KeyData.
318 0 : rtlDigest hDigest = rtl_digest_create ( rtl_Digest_AlgorithmMD5 );
319 : (void)rtl_digest_updateMD5 (
320 0 : hDigest, pKeyData, sizeof(pKeyData));
321 : (void)rtl_digest_rawMD5 (
322 0 : hDigest, pKeyData, RTL_DIGEST_LENGTH_MD5);
323 :
324 : // Update digest with KeyData and Unique.
325 0 : for ( nInd = 0; nInd < 16; nInd++ )
326 : {
327 0 : rtl_digest_updateMD5( hDigest, pKeyData, 5 );
328 0 : rtl_digest_updateMD5( hDigest, pDocId, 16 );
329 : }
330 :
331 : // Update digest with padding.
332 0 : pKeyData[16] = 0x80;
333 0 : memset( pKeyData + 17, 0, sizeof(pKeyData) - 17 );
334 0 : pKeyData[56] = 0x80;
335 0 : pKeyData[57] = 0x0a;
336 :
337 0 : rtl_digest_updateMD5( hDigest, &(pKeyData[16]), sizeof(pKeyData) - 16 );
338 :
339 : // Fill raw digest of above updates
340 0 : aResultKey.realloc( RTL_DIGEST_LENGTH_MD5 );
341 0 : rtl_digest_rawMD5 ( hDigest, reinterpret_cast<sal_uInt8*>(aResultKey.getArray()), aResultKey.getLength() );
342 :
343 : // Erase KeyData array and leave.
344 0 : rtl_secureZeroMemory (pKeyData, sizeof(pKeyData));
345 : }
346 :
347 0 : return aResultKey;
348 : }
349 :
350 :
351 :
352 :
353 0 : /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword(
354 : IDocPasswordVerifier& rVerifier,
355 : const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& rMediaEncData,
356 : const OUString& rMediaPassword,
357 : const Reference< XInteractionHandler >& rxInteractHandler,
358 : const OUString& rDocumentName,
359 : DocPasswordRequestType eRequestType,
360 : const ::std::vector< OUString >* pDefaultPasswords,
361 : bool* pbIsDefaultPassword )
362 : {
363 0 : ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > aEncData;
364 0 : DocPasswordVerifierResult eResult = DocPasswordVerifierResult_WRONG_PASSWORD;
365 :
366 : // first, try provided default passwords
367 0 : if( pbIsDefaultPassword )
368 0 : *pbIsDefaultPassword = false;
369 0 : if( pDefaultPasswords )
370 : {
371 0 : for( ::std::vector< OUString >::const_iterator aIt = pDefaultPasswords->begin(), aEnd = pDefaultPasswords->end(); (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && (aIt != aEnd); ++aIt )
372 : {
373 : OSL_ENSURE( !aIt->isEmpty(), "DocPasswordHelper::requestAndVerifyDocPassword - unexpected empty default password" );
374 0 : if( !aIt->isEmpty() )
375 : {
376 0 : eResult = rVerifier.verifyPassword( *aIt, aEncData );
377 0 : if( pbIsDefaultPassword )
378 0 : *pbIsDefaultPassword = eResult == DocPasswordVerifierResult_OK;
379 : }
380 : }
381 : }
382 :
383 : // try media encryption data (skip, if result is OK or ABORT)
384 0 : if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
385 : {
386 0 : if( rMediaEncData.getLength() > 0 )
387 : {
388 0 : eResult = rVerifier.verifyEncryptionData( rMediaEncData );
389 0 : if( eResult == DocPasswordVerifierResult_OK )
390 0 : aEncData = rMediaEncData;
391 : }
392 : }
393 :
394 : // try media password (skip, if result is OK or ABORT)
395 0 : if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
396 : {
397 0 : if( !rMediaPassword.isEmpty() )
398 0 : eResult = rVerifier.verifyPassword( rMediaPassword, aEncData );
399 : }
400 :
401 : // request a password (skip, if result is OK or ABORT)
402 0 : if( (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && rxInteractHandler.is() ) try
403 : {
404 0 : PasswordRequestMode eRequestMode = PasswordRequestMode_PASSWORD_ENTER;
405 0 : while( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
406 : {
407 0 : DocPasswordRequest* pRequest = new DocPasswordRequest( eRequestType, eRequestMode, rDocumentName );
408 0 : Reference< XInteractionRequest > xRequest( pRequest );
409 0 : rxInteractHandler->handle( xRequest );
410 0 : if( pRequest->isPassword() )
411 : {
412 0 : if( !pRequest->getPassword().isEmpty() )
413 0 : eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData );
414 : }
415 : else
416 : {
417 0 : eResult = DocPasswordVerifierResult_ABORT;
418 : }
419 0 : eRequestMode = PasswordRequestMode_PASSWORD_REENTER;
420 0 : }
421 : }
422 0 : catch( Exception& )
423 : {
424 : }
425 :
426 0 : return (eResult == DocPasswordVerifierResult_OK) ? aEncData : uno::Sequence< beans::NamedValue >();
427 : }
428 :
429 : } // namespace comphelper
430 :
431 : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
