3 files changed, 97 insertions, 28 deletions

diff --git a/include/oox/crypto/AgileEngine.hxx b/include/oox/crypto/AgileEngine.hxx
index dc7538fafde4..8d4183619f9c 100644
--- a/include/oox/crypto/AgileEngine.hxx
+++ b/include/oox/crypto/AgileEngine.hxx
@@ -13,6 +13,7 @@
 
 #include <vector>
 
+#include <oox/dllapi.h>
 #include <oox/crypto/CryptTools.hxx>
 #include <oox/crypto/CryptoEngine.hxx>
 #include <rtl/ustring.hxx>
@@ -26,7 +27,7 @@ namespace oox {
 namespace oox {
 namespace core {
 
-struct AgileEncryptionInfo
+struct OOX_DLLPUBLIC AgileEncryptionInfo
 {
     sal_Int32 spinCount;
     sal_Int32 saltSize;
@@ -39,15 +40,45 @@ struct AgileEncryptionInfo
     OUString hashAlgorithm;
 
     std::vector<sal_uInt8> keyDataSalt;
+
+    // Key Encryptor
     std::vector<sal_uInt8> saltValue;
     std::vector<sal_uInt8> encryptedVerifierHashInput;
     std::vector<sal_uInt8> encryptedVerifierHashValue;
     std::vector<sal_uInt8> encryptedKeyValue;
+
+    // HMAC
+    std::vector<sal_uInt8> hmacKey;
+    std::vector<sal_uInt8> hmacHash;
+    std::vector<sal_uInt8> hmacCalculatedHash;
+    std::vector<sal_uInt8> hmacEncryptedKey; // encrypted Key
+    std::vector<sal_uInt8> hmacEncryptedValue; // encrypted Hash
+};
+
+struct OOX_DLLPUBLIC AgileEncryptionParameters
+{
+    sal_Int32 spinCount;
+    sal_Int32 saltSize;
+    sal_Int32 keyBits;
+    sal_Int32 hashSize;
+    sal_Int32 blockSize;
+
+    OUString cipherAlgorithm;
+    OUString cipherChaining;
+    OUString hashAlgorithm;
 };
 
-class AgileEngine : public CryptoEngine
+enum class AgileEncryptionPreset
 {
+    AES_128_SHA1,
+    AES_256_SHA512,
+};
+
+class OOX_DLLPUBLIC AgileEngine : public CryptoEngine
+{
+private:
     AgileEncryptionInfo mInfo;
+    AgileEncryptionPreset meEncryptionPreset;
 
     void calculateHashFinal(const OUString& rPassword, std::vector<sal_uInt8>& aHashFinal);
 
@@ -57,28 +88,59 @@ class AgileEngine : public CryptoEngine
             std::vector<sal_uInt8>& rInput,
             std::vector<sal_uInt8>& rOutput);
 
+    void encryptBlock(
+            std::vector<sal_uInt8> const & rBlock,
+            std::vector<sal_uInt8>& rHashFinal,
+            std::vector<sal_uInt8>& rInput,
+            std::vector<sal_uInt8>& rOutput);
+
     static Crypto::CryptoType cryptoType(const AgileEncryptionInfo& rInfo);
 
+    bool calculateDecryptionKey(const OUString& rPassword);
+
 public:
-    AgileEngine() = default;
+    AgileEngine();
 
     AgileEncryptionInfo& getInfo() { return mInfo;}
 
-    virtual void writeEncryptionInfo(
-                    const OUString& rPassword,
-                    BinaryXOutputStream& rStream) override;
+    void setPreset(AgileEncryptionPreset ePreset)
+    {
+        meEncryptionPreset = ePreset;
+    }
 
-    virtual bool generateEncryptionKey(const OUString& rPassword) override;
+    // Decryption
 
-    virtual bool decrypt(
-                    BinaryXInputStream& aInputStream,
-                    BinaryXOutputStream& aOutputStream) override;
+    bool decryptEncryptionKey(OUString const & rPassword);
+    bool decryptAndCheckVerifierHash(OUString const & rPassword);
 
+    bool generateEncryptionKey(OUString const & rPassword) override;
     bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override;
+    bool decrypt(BinaryXInputStream& aInputStream,
+                 BinaryXOutputStream& aOutputStream) override;
+
+    bool checkDataIntegrity() override;
+
+    bool decryptHmacKey();
+    bool decryptHmacValue();
+
+    // Encryption
+
+    void writeEncryptionInfo(BinaryXOutputStream& rStream) override;
+
+    void encrypt(css::uno::Reference<css::io::XInputStream>&  rxInputStream,
+                 css::uno::Reference<css::io::XOutputStream>& rxOutputStream,
+                 sal_uInt32 nSize) override;
+
+    bool setupEncryption(OUString const & rPassword) override;
+
+    bool generateAndEncryptVerifierHash(OUString const & rPassword);
+
+    bool encryptHmacKey();
+    bool encryptHmacValue();
 
-    virtual void encrypt(
-                    BinaryXInputStream& aInputStream,
-                    BinaryXOutputStream& aOutputStream) override;
+    bool encryptEncryptionKey(OUString const & rPassword);
+    void setupEncryptionParameters(AgileEncryptionParameters const & rAgileEncryptionParameters);
+    bool setupEncryptionKey(OUString const & rPassword);
 };
 
 } // namespace core
diff --git a/include/oox/crypto/CryptoEngine.hxx b/include/oox/crypto/CryptoEngine.hxx
index 0b6844671457..8a947f10d106 100644
--- a/include/oox/crypto/CryptoEngine.hxx
+++ b/include/oox/crypto/CryptoEngine.hxx
@@ -17,6 +17,7 @@
 #include <sal/types.h>
 
 #include <com/sun/star/io/XInputStream.hpp>
+#include <com/sun/star/io/XOutputStream.hpp>
 
 namespace oox {
     class BinaryXInputStream;
@@ -38,9 +39,8 @@ public:
     virtual ~CryptoEngine()
     {}
 
-    virtual void writeEncryptionInfo(
-                    const OUString& rPassword,
-                    BinaryXOutputStream& rStream) = 0;
+    // Decryption
+    virtual bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) = 0;
 
     virtual bool generateEncryptionKey(const OUString& rPassword) = 0;
 
@@ -48,11 +48,16 @@ public:
                     BinaryXInputStream& aInputStream,
                     BinaryXOutputStream& aOutputStream) = 0;
 
-    virtual bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) = 0;
+    // Encryption
+    virtual void writeEncryptionInfo(BinaryXOutputStream & rStream) = 0;
 
-    virtual void encrypt(
-                    BinaryXInputStream& aInputStream,
-                    BinaryXOutputStream& aOutputStream) = 0;
+    virtual bool setupEncryption(const OUString& rPassword) = 0;
+
+    virtual void encrypt(css::uno::Reference<css::io::XInputStream> & rxInputStream,
+                         css::uno::Reference<css::io::XOutputStream> & rxOutputStream,
+                         sal_uInt32 nSize) = 0;
+
+    virtual bool checkDataIntegrity() = 0;
 };
 
 } // namespace core
diff --git a/include/oox/crypto/Standard2007Engine.hxx b/include/oox/crypto/Standard2007Engine.hxx
index 0ad7a21eec3b..996467ddde82 100644
--- a/include/oox/crypto/Standard2007Engine.hxx
+++ b/include/oox/crypto/Standard2007Engine.hxx
@@ -38,21 +38,23 @@ public:
 
     msfilter::StandardEncryptionInfo& getInfo() { return mInfo;}
 
-    virtual bool generateEncryptionKey(const OUString& rPassword) override;
+    bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override;
 
-    virtual void writeEncryptionInfo(
-                    const OUString& rPassword,
-                    BinaryXOutputStream& rStream) override;
+    virtual bool generateEncryptionKey(OUString const & rPassword) override;
 
     virtual bool decrypt(
                     BinaryXInputStream& aInputStream,
                     BinaryXOutputStream& aOutputStream) override;
 
-    bool readEncryptionInfo(css::uno::Reference<css::io::XInputStream> & rxInputStream) override;
+    bool checkDataIntegrity() override;
 
-    virtual void encrypt(
-                    BinaryXInputStream& aInputStream,
-                    BinaryXOutputStream& aOutputStream) override;
+    void encrypt(css::uno::Reference<css::io::XInputStream>&  rxInputStream,
+                 css::uno::Reference<css::io::XOutputStream>& rxOutputStream,
+                 sal_uInt32 nSize) override;
+
+    virtual void writeEncryptionInfo(BinaryXOutputStream& rStream) override;
+
+    virtual bool setupEncryption(OUString const & rPassword) override;
 
 };