From 13aedd1d0ec1ef4c5687c207eb1d9c986c1299d9 Mon Sep 17 00:00:00 2001 From: Tomaž Vajngerl Date: Sat, 14 Sep 2013 13:52:58 +0200 Subject: Save should encrypt OOXML document if it was loaded encrypted. Currently Agile encryption is not supported, so all documents loaded with "agile" encryption will be encrypted with "standard" encryption when they are saved afterwards. Change-Id: Id0477f43c00ed70032ca6b3390eebb1105d5ffa7 --- oox/source/core/filterbase.cxx | 3 +- oox/source/core/filterdetect.cxx | 4 +-- oox/source/core/xmlfilterbase.cxx | 4 +-- oox/source/crypto/DocumentDecryption.cxx | 47 ++++++++------------------------ oox/source/crypto/Standard2007Engine.cxx | 39 ++++++++------------------ 5 files changed, 30 insertions(+), 67 deletions(-) (limited to 'oox/source') diff --git a/oox/source/core/filterbase.cxx b/oox/source/core/filterbase.cxx index ff498af719d2..1eee8458bbf1 100644 --- a/oox/source/core/filterbase.cxx +++ b/oox/source/core/filterbase.cxx @@ -545,7 +545,8 @@ void FilterBase::setMediaDescriptor( const Sequence< PropertyValue >& rMediaDesc OUString sFilterName = mxImpl->maMediaDesc.getUnpackedValueOrDefault( "FilterName", OUString() ); try { - Reference< XNameAccess > xFilters( Reference(getComponentContext()->getServiceManager(), UNO_QUERY_THROW)->createInstance("com.sun.star.document.FilterFactory" ), UNO_QUERY_THROW ); + Reference xFactory(getComponentContext()->getServiceManager(), UNO_QUERY_THROW); + Reference xFilters(xFactory->createInstance("com.sun.star.document.FilterFactory" ), UNO_QUERY_THROW ); Any aValues = xFilters->getByName( sFilterName ); Sequence aPropSeq; aValues >>= aPropSeq; diff --git a/oox/source/core/filterdetect.cxx b/oox/source/core/filterdetect.cxx index 7dd3f9210003..154cee0d8bde 100644 --- a/oox/source/core/filterdetect.cxx +++ b/oox/source/core/filterdetect.cxx @@ -286,8 +286,8 @@ PasswordVerifier::PasswordVerifier( DocumentDecryption& aDecryptor ) : comphelper::DocPasswordVerifierResult PasswordVerifier::verifyPassword( const OUString& rPassword, Sequence& rEncryptionData ) { - if( mDecryptor.generateEncryptionKey(rPassword) ) - rEncryptionData = mDecryptor.createEncryptionData(); + if(mDecryptor.generateEncryptionKey(rPassword)) + rEncryptionData = mDecryptor.createEncryptionData(rPassword); return rEncryptionData.hasElements() ? comphelper::DocPasswordVerifierResult_OK : comphelper::DocPasswordVerifierResult_WRONG_PASSWORD; } diff --git a/oox/source/core/xmlfilterbase.cxx b/oox/source/core/xmlfilterbase.cxx index 763090ab2b20..109e9b1f3076 100644 --- a/oox/source/core/xmlfilterbase.cxx +++ b/oox/source/core/xmlfilterbase.cxx @@ -657,7 +657,7 @@ Reference XmlFilterBase::implGetOutputStream( MediaDescriptor& rMediaDe OUString aPassword; for (int i=0; i>= aPassword; @@ -690,7 +690,7 @@ bool XmlFilterBase::implFinalizeExport( MediaDescriptor& rMediaDescriptor ) for (int i=0; i>= aPassword; diff --git a/oox/source/crypto/DocumentDecryption.cxx b/oox/source/crypto/DocumentDecryption.cxx index 1cb6481f704b..0d1c72933a35 100644 --- a/oox/source/crypto/DocumentDecryption.cxx +++ b/oox/source/crypto/DocumentDecryption.cxx @@ -202,23 +202,9 @@ DocumentDecryption::DocumentDecryption(oox::ole::OleStorage& rOleStorage, Refere mCryptoType(UNKNOWN) {} -bool DocumentDecryption::checkEncryptionData(const Sequence& rEncryptionData) +bool DocumentDecryption::checkEncryptionData(const Sequence& /*rEncryptionData*/) { - SequenceAsHashMap aHashData( rEncryptionData ); - OUString type = aHashData.getUnpackedValueOrDefault( "CryptoType", OUString("Unknown") ); - if (type == "Standard") - { - Sequence aKeySeq = aHashData.getUnpackedValueOrDefault( "AES128EncryptionKey", Sequence() ); - Sequence aVerifierSeq = aHashData.getUnpackedValueOrDefault( "AES128EncryptionVerifier", Sequence() ); - Sequence aHashSeq = aHashData.getUnpackedValueOrDefault( "AES128EncryptionVerifierHash", Sequence() ); - - vector key = convertToVector(aKeySeq); - vector verifier = convertToVector(aVerifierSeq); - vector hash = convertToVector(aHashSeq); - - return Standard2007Engine::checkEncryptionData( key, key.size(), verifier, verifier.size(), hash, hash.size() ); - } - return type == "Agile"; + return false; } bool DocumentDecryption::generateEncryptionKey(const OUString& rPassword) @@ -363,30 +349,21 @@ bool DocumentDecryption::readEncryptionInfo() return bResult; } -Sequence DocumentDecryption::createEncryptionData() +Sequence DocumentDecryption::createEncryptionData(const OUString& rPassword) { - Sequence aResult; - - vector& key = mEngine->getKey(); + SequenceAsHashMap aEncryptionData; - if (key.size() > 0) + if (mCryptoType == AGILE) { - SequenceAsHashMap aEncryptionData; - if (mCryptoType == AGILE) - { - aEncryptionData["CryptoType"] <<= OUString("Agile"); - aEncryptionData["AES128EncryptionKey"] <<= Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( &key[0] ), key.size() ); - aResult = aEncryptionData.getAsConstNamedValueList(); - } - else if (mCryptoType == STANDARD_2007) - { - aEncryptionData["CryptoType"] <<= OUString("Standard"); - aEncryptionData["AES128EncryptionKey"] <<= Sequence< sal_Int8 >( reinterpret_cast< const sal_Int8* >( &key[0] ), key.size() ); - aResult = aEncryptionData.getAsConstNamedValueList(); - } + aEncryptionData["CryptoType"] <<= OUString("Agile"); + } + else if (mCryptoType == STANDARD_2007) + { + aEncryptionData["CryptoType"] <<= OUString("Standard"); } - return aResult; + aEncryptionData["OOXPassword"] <<= rPassword; + return aEncryptionData.getAsConstNamedValueList(); } bool DocumentDecryption::decrypt(Reference xDocumentStream) diff --git a/oox/source/crypto/Standard2007Engine.cxx b/oox/source/crypto/Standard2007Engine.cxx index 3c17bb60907c..b437846c5f57 100644 --- a/oox/source/crypto/Standard2007Engine.cxx +++ b/oox/source/crypto/Standard2007Engine.cxx @@ -164,16 +164,22 @@ bool Standard2007Engine::generateEncryptionKey(const OUString& password) mInfo.verifier.encryptedVerifier + ENCRYPTED_VERIFIER_LENGTH, encryptedVerifier.begin()); - vector encryptedVerifierHash(ENCRYPTED_VERIFIER_HASH_LENGTH); + vector encryptedHash(ENCRYPTED_VERIFIER_HASH_LENGTH); std::copy( mInfo.verifier.encryptedVerifierHash, mInfo.verifier.encryptedVerifierHash + ENCRYPTED_VERIFIER_HASH_LENGTH, - encryptedVerifierHash.begin()); + encryptedHash.begin()); - return checkEncryptionData( - mKey, mKey.size(), - encryptedVerifier, encryptedVerifier.size(), - encryptedVerifierHash, encryptedVerifierHash.size() ); + vector verifier(encryptedVerifier.size(), 0); + Decrypt::aes128ecb(verifier, encryptedVerifier, mKey); + + vector verifierHash(encryptedHash.size(), 0); + Decrypt::aes128ecb(verifierHash, encryptedHash, mKey); + + vector hash(RTL_DIGEST_LENGTH_SHA1, 0); + sha1(hash, verifier); + + return std::equal( hash.begin(), hash.end(), verifierHash.begin() ); } bool Standard2007Engine::decrypt( @@ -199,27 +205,6 @@ bool Standard2007Engine::decrypt( return true; } -bool Standard2007Engine::checkEncryptionData( - vector key, sal_uInt32 keySize, - vector encryptedVerifier, sal_uInt32 verifierSize, - vector encryptedHash, sal_uInt32 hashSize ) -{ - // the only currently supported algorithm needs key size 128 - if ( keySize != 16 || verifierSize != 16 ) - return false; - - vector verifier(verifierSize, 0); - Decrypt::aes128ecb(verifier, encryptedVerifier, key); - - vector verifierHash(hashSize, 0); - Decrypt::aes128ecb(verifierHash, encryptedHash, key); - - vector hash(RTL_DIGEST_LENGTH_SHA1, 0); - sha1(hash, verifier); - - return std::equal( hash.begin(), hash.end(), verifierHash.begin() ); -} - bool Standard2007Engine::writeEncryptionInfo(const OUString& password, BinaryXOutputStream& rStream) { mInfo.header.flags = ENCRYPTINFO_AES | ENCRYPTINFO_CRYPTOAPI; -- cgit