oox: Handle agile encryption info "reserved" field correctly

The "reserved" filed is written fter the version number major, minor which is used to identify the encryption as agile. The "reserved" field must always have the value 0x00000040. This change writes the reserved filed correctly and when encryption and when decrypting it checks the value an potentially bails out if it desn't contain the expected value. Change-Id: I2045dc64e0c6bbb3318384e25deef2ba8f41b94c Reviewed-on: https://gerrit.libreoffice.org/57140 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
author: Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk> 2018-07-07 15:22:36 +0200
committer: Tomaž Vajngerl <quikee@gmail.com> 2018-07-07 22:58:34 +0200
commit: 7ba835ff5837290598d0b27c90a8abcfedf5b210 (patch)
tree: 5dfb662d735872107b9edcf53131dc883122d97e /oox/source
parent: 8efeb81537726445954b10314ebbd770d266ac20 (diff)
2 files changed, 11 insertions, 2 deletions
diff --git a/oox/source/crypto/AgileEngine.cxx b/oox/source/crypto/AgileEngine.cxx
index a4fa8c476c74..299ba2802bfe 100644
--- a/oox/source/crypto/AgileEngine.cxx
+++ b/oox/source/crypto/AgileEngine.cxx
@@ -486,6 +486,16 @@ bool AgileEngine::decrypt(BinaryXInputStream& aInputStream,
 
 bool AgileEngine::readEncryptionInfo(uno::Reference<io::XInputStream> & rxInputStream)
 {
+    // Check reserved value
+    std::vector<sal_uInt8> aExpectedReservedBytes(sizeof(sal_uInt32));
+    ByteOrderConverter::writeLittleEndian(aExpectedReservedBytes.data(), msfilter::AGILE_ENCRYPTION_RESERVED);
+
+    uno::Sequence<sal_Int8> aReadReservedBytes(sizeof(sal_uInt32));
+    rxInputStream->readBytes(aReadReservedBytes, aReadReservedBytes.getLength());
+
+    if (!std::equal(aReadReservedBytes.begin(), aReadReservedBytes.end(), aExpectedReservedBytes.begin()))
+        return false;
+
     mInfo.spinCount = 0;
     mInfo.saltSize = 0;
     mInfo.keyBits = 0;
@@ -695,7 +705,7 @@ bool AgileEngine::setupEncryptionKey(OUString const & rPassword)
 void AgileEngine::writeEncryptionInfo(BinaryXOutputStream & rStream)
 {
     rStream.WriteUInt32(msfilter::VERSION_INFO_AGILE);
-    rStream.WriteUInt32(0); // reserved
+    rStream.WriteUInt32(msfilter::AGILE_ENCRYPTION_RESERVED);
 
     SvMemoryStream aMemStream;
     tools::XmlWriter aXmlWriter(&aMemStream);
diff --git a/oox/source/crypto/DocumentDecryption.cxx b/oox/source/crypto/DocumentDecryption.cxx
index b68882ad6b03..16cc29551b21 100644
--- a/oox/source/crypto/DocumentDecryption.cxx
+++ b/oox/source/crypto/DocumentDecryption.cxx
@@ -58,7 +58,6 @@ bool DocumentDecryption::readEncryptionInfo()
             break;
         case msfilter::VERSION_INFO_AGILE:
             mCryptoType = AGILE; // Set encryption info format
-            xEncryptionInfo->skipBytes(4);
             mEngine.reset(new AgileEngine);
             break;
         default:
author	Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk>	2018-07-07 15:22:36 +0200
committer	Tomaž Vajngerl <quikee@gmail.com>	2018-07-07 22:58:34 +0200
commit	7ba835ff5837290598d0b27c90a8abcfedf5b210 (patch)
tree	5dfb662d735872107b9edcf53131dc883122d97e /oox/source
parent	8efeb81537726445954b10314ebbd770d266ac20 (diff)