Save should encrypt OOXML document if it was loaded encrypted.

Currently Agile encryption is not supported, so all documents loaded with "agile" encryption will be encrypted with "standard" encryption when they are saved afterwards. Change-Id: Id0477f43c00ed70032ca6b3390eebb1105d5ffa7
author: Tomaž Vajngerl <quikee@gmail.com> 2013-09-14 13:52:58 +0200
committer: Tomaž Vajngerl <quikee@gmail.com> 2013-09-15 15:34:16 +0200
commit: 13aedd1d0ec1ef4c5687c207eb1d9c986c1299d9 (patch)
tree: 79be0a561b2d6892158c67512b2e1ea71a7094b3 /oox
parent: e0a43dff646515bbbcd2099b6fc095a7a89b84f9 (diff)
5 files changed, 30 insertions, 67 deletions
diff --git a/oox/source/core/filterbase.cxx b/oox/source/core/filterbase.cxx
index ff498af719d2..1eee8458bbf1 100644
--- a/oox/source/core/filterbase.cxx
+++ b/oox/source/core/filterbase.cxx
@@ -545,7 +545,8 @@ void FilterBase::setMediaDescriptor( const Sequence< PropertyValue >& rMediaDesc
     OUString sFilterName = mxImpl->maMediaDesc.getUnpackedValueOrDefault( "FilterName", OUString() );
     try
     {
-        Reference< XNameAccess > xFilters( Reference<XMultiServiceFactory>(getComponentContext()->getServiceManager(), UNO_QUERY_THROW)->createInstance("com.sun.star.document.FilterFactory" ), UNO_QUERY_THROW );
+        Reference<XMultiServiceFactory> xFactory(getComponentContext()->getServiceManager(), UNO_QUERY_THROW);
+        Reference<XNameAccess> xFilters(xFactory->createInstance("com.sun.star.document.FilterFactory" ), UNO_QUERY_THROW );
         Any aValues = xFilters->getByName( sFilterName );
         Sequence<PropertyValue > aPropSeq;
         aValues >>= aPropSeq;
diff --git a/oox/source/core/filterdetect.cxx b/oox/source/core/filterdetect.cxx
index 7dd3f9210003..154cee0d8bde 100644
--- a/oox/source/core/filterdetect.cxx
+++ b/oox/source/core/filterdetect.cxx
@@ -286,8 +286,8 @@ PasswordVerifier::PasswordVerifier( DocumentDecryption& aDecryptor ) :
 
 comphelper::DocPasswordVerifierResult PasswordVerifier::verifyPassword( const OUString& rPassword, Sequence<NamedValue>& rEncryptionData )
 {
-    if( mDecryptor.generateEncryptionKey(rPassword) )
-        rEncryptionData = mDecryptor.createEncryptionData();
+    if(mDecryptor.generateEncryptionKey(rPassword))
+        rEncryptionData = mDecryptor.createEncryptionData(rPassword);
 
     return rEncryptionData.hasElements() ? comphelper::DocPasswordVerifierResult_OK : comphelper::DocPasswordVerifierResult_WRONG_PASSWORD;
 }
diff --git a/oox/source/core/xmlfilterbase.cxx b/oox/source/core/xmlfilterbase.cxx
index 763090ab2b20..109e9b1f3076 100644
--- a/oox/source/core/xmlfilterbase.cxx
+++ b/oox/source/core/xmlfilterbase.cxx
@@ -657,7 +657,7 @@ Reference<XStream> XmlFilterBase::implGetOutputStream( MediaDescriptor& rMediaDe
     OUString aPassword;
     for (int i=0; i<aMediaEncData.getLength(); i++)
     {
-        if (aMediaEncData[i].Name == "Password")
+        if (aMediaEncData[i].Name == "OOXPassword")
         {
             Any& any = aMediaEncData[i].Value;
             any >>= aPassword;
@@ -690,7 +690,7 @@ bool XmlFilterBase::implFinalizeExport( MediaDescriptor& rMediaDescriptor )
 
     for (int i=0; i<aMediaEncData.getLength(); i++)
     {
-        if (aMediaEncData[i].Name == "Password")
+        if (aMediaEncData[i].Name == "OOXPassword")
         {
             Any& any = aMediaEncData[i].Value;
             any >>= aPassword;
diff --git a/oox/source/crypto/DocumentDecryption.cxx b/oox/source/crypto/DocumentDecryption.cxx
index 1cb6481f704b..0d1c72933a35 100644
--- a/oox/source/crypto/DocumentDecryption.cxx
+++ b/oox/source/crypto/DocumentDecryption.cxx
@@ -202,23 +202,9 @@ DocumentDecryption::DocumentDecryption(oox::ole::OleStorage& rOleStorage, Refere
     mCryptoType(UNKNOWN)
 {}
 
-bool DocumentDecryption::checkEncryptionData(const Sequence<NamedValue>& rEncryptionData)
+bool DocumentDecryption::checkEncryptionData(const Sequence<NamedValue>& /*rEncryptionData*/)
 {
-    SequenceAsHashMap aHashData( rEncryptionData );
-    OUString type = aHashData.getUnpackedValueOrDefault( "CryptoType", OUString("Unknown") );
-    if (type == "Standard")
-    {
-        Sequence<sal_Int8> aKeySeq      = aHashData.getUnpackedValueOrDefault( "AES128EncryptionKey", Sequence<sal_Int8>() );
-        Sequence<sal_Int8> aVerifierSeq = aHashData.getUnpackedValueOrDefault( "AES128EncryptionVerifier", Sequence<sal_Int8>() );
-        Sequence<sal_Int8> aHashSeq     = aHashData.getUnpackedValueOrDefault( "AES128EncryptionVerifierHash", Sequence<sal_Int8>() );
-
-        vector<sal_uInt8> key      = convertToVector(aKeySeq);
-        vector<sal_uInt8> verifier = convertToVector(aVerifierSeq);
-        vector<sal_uInt8> hash     = convertToVector(aHashSeq);
-
-        return Standard2007Engine::checkEncryptionData( key, key.size(), verifier, verifier.size(), hash, hash.size() );
-    }
-    return type == "Agile";
+    return false;
 }
 
 bool DocumentDecryption::generateEncryptionKey(const OUString& rPassword)
@@ -363,30 +349,21 @@ bool DocumentDecryption::readEncryptionInfo()
     return bResult;
 }
 
-Sequence<NamedValue> DocumentDecryption::createEncryptionData()
+Sequence<NamedValue> DocumentDecryption::createEncryptionData(const OUString& rPassword)
 {
-    Sequence<NamedValue> aResult;
-
-    vector<sal_uInt8>& key = mEngine->getKey();
+    SequenceAsHashMap aEncryptionData;
 
-    if (key.size() > 0)
+    if (mCryptoType == AGILE)
     {
-        SequenceAsHashMap aEncryptionData;
-        if (mCryptoType == AGILE)
-        {
-            aEncryptionData["CryptoType"] <<= OUString("Agile");
-            aEncryptionData["AES128EncryptionKey"] <<= Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( &key[0] ), key.size() );
-            aResult = aEncryptionData.getAsConstNamedValueList();
-        }
-        else if (mCryptoType == STANDARD_2007)
-        {
-            aEncryptionData["CryptoType"] <<= OUString("Standard");
-            aEncryptionData["AES128EncryptionKey"] <<= Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( &key[0] ), key.size() );
-            aResult = aEncryptionData.getAsConstNamedValueList();
-        }
+        aEncryptionData["CryptoType"] <<= OUString("Agile");
+    }
+    else if (mCryptoType == STANDARD_2007)
+    {
+        aEncryptionData["CryptoType"] <<= OUString("Standard");
     }
 
-    return aResult;
+    aEncryptionData["OOXPassword"] <<= rPassword;
+    return aEncryptionData.getAsConstNamedValueList();
 }
 
 bool DocumentDecryption::decrypt(Reference<XStream> xDocumentStream)
diff --git a/oox/source/crypto/Standard2007Engine.cxx b/oox/source/crypto/Standard2007Engine.cxx
index 3c17bb60907c..b437846c5f57 100644
--- a/oox/source/crypto/Standard2007Engine.cxx
+++ b/oox/source/crypto/Standard2007Engine.cxx
@@ -164,16 +164,22 @@ bool Standard2007Engine::generateEncryptionKey(const OUString& password)
         mInfo.verifier.encryptedVerifier + ENCRYPTED_VERIFIER_LENGTH,
         encryptedVerifier.begin());
 
-    vector<sal_uInt8> encryptedVerifierHash(ENCRYPTED_VERIFIER_HASH_LENGTH);
+    vector<sal_uInt8> encryptedHash(ENCRYPTED_VERIFIER_HASH_LENGTH);
     std::copy(
         mInfo.verifier.encryptedVerifierHash,
         mInfo.verifier.encryptedVerifierHash + ENCRYPTED_VERIFIER_HASH_LENGTH,
-        encryptedVerifierHash.begin());
+        encryptedHash.begin());
 
-    return checkEncryptionData(
-                mKey, mKey.size(),
-                encryptedVerifier, encryptedVerifier.size(),
-                encryptedVerifierHash, encryptedVerifierHash.size() );
+    vector<sal_uInt8> verifier(encryptedVerifier.size(), 0);
+    Decrypt::aes128ecb(verifier, encryptedVerifier, mKey);
+
+    vector<sal_uInt8> verifierHash(encryptedHash.size(), 0);
+    Decrypt::aes128ecb(verifierHash, encryptedHash, mKey);
+
+    vector<sal_uInt8> hash(RTL_DIGEST_LENGTH_SHA1, 0);
+    sha1(hash, verifier);
+
+    return std::equal( hash.begin(), hash.end(), verifierHash.begin() );
 }
 
 bool Standard2007Engine::decrypt(
@@ -199,27 +205,6 @@ bool Standard2007Engine::decrypt(
     return true;
 }
 
-bool Standard2007Engine::checkEncryptionData(
-            vector<sal_uInt8> key, sal_uInt32 keySize,
-            vector<sal_uInt8> encryptedVerifier, sal_uInt32 verifierSize,
-            vector<sal_uInt8> encryptedHash, sal_uInt32 hashSize )
-{
-    // the only currently supported algorithm needs key size 128
-    if ( keySize != 16 || verifierSize != 16 )
-        return false;
-
-    vector<sal_uInt8> verifier(verifierSize, 0);
-    Decrypt::aes128ecb(verifier, encryptedVerifier, key);
-
-    vector<sal_uInt8> verifierHash(hashSize, 0);
-    Decrypt::aes128ecb(verifierHash, encryptedHash, key);
-
-    vector<sal_uInt8> hash(RTL_DIGEST_LENGTH_SHA1, 0);
-    sha1(hash, verifier);
-
-    return std::equal( hash.begin(), hash.end(), verifierHash.begin() );
-}
-
 bool Standard2007Engine::writeEncryptionInfo(const OUString& password, BinaryXOutputStream& rStream)
 {
     mInfo.header.flags        = ENCRYPTINFO_AES | ENCRYPTINFO_CRYPTOAPI;
author	Tomaž Vajngerl <quikee@gmail.com>	2013-09-14 13:52:58 +0200
committer	Tomaž Vajngerl <quikee@gmail.com>	2013-09-15 15:34:16 +0200
commit	13aedd1d0ec1ef4c5687c207eb1d9c986c1299d9 (patch)
tree	79be0a561b2d6892158c67512b2e1ea71a7094b3 /oox
parent	e0a43dff646515bbbcd2099b6fc095a7a89b84f9 (diff)