From c886bf2ae2ce7493f8590277ebd325baa7948fe3 Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Wed, 9 Mar 2011 17:29:09 +0100 Subject: mav60: #164341# support AES encryption --- package/inc/EncryptedDataHeader.hxx | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'package/inc/EncryptedDataHeader.hxx') diff --git a/package/inc/EncryptedDataHeader.hxx b/package/inc/EncryptedDataHeader.hxx index c4683e746..7a538360b 100644 --- a/package/inc/EncryptedDataHeader.hxx +++ b/package/inc/EncryptedDataHeader.hxx @@ -35,6 +35,9 @@ Version number 2 bytes Iteraction count 4 bytes Size 4 bytes + EncAlgorithm 4 bytes + DigestAlgorithm 4 bytes + DerivedKeySize 4 bytes Salt length 2 bytes IV length 2 bytes Digest length 2 bytes @@ -45,7 +48,7 @@ MediaType X bytes */ -const sal_uInt32 n_ConstHeader = 0x0502474dL; // "MG\002\005" -const sal_Int32 n_ConstHeaderSize = 22; // + salt length + iv length + digest length + mediatype length +const sal_uInt32 n_ConstHeader = 0x05024d4dL; // "MM\002\005" +const sal_Int32 n_ConstHeaderSize = 34; // + salt length + iv length + digest length + mediatype length const sal_Int16 n_ConstCurrentVersion = 1; #endif -- cgit v1.2.3 From e22e029fd6977543289598b5af682b4c4b4141e7 Mon Sep 17 00:00:00 2001 From: Mikhail Voytenko Date: Thu, 24 Mar 2011 13:44:49 +0100 Subject: mav60: #164341# fix problems with the new implementation --- package/inc/EncryptedDataHeader.hxx | 33 +++++++++++++------------- package/inc/EncryptionData.hxx | 5 +++- package/inc/ZipFile.hxx | 1 + package/inc/ZipPackage.hxx | 2 +- package/inc/ZipPackageStream.hxx | 2 +- package/source/manifest/ManifestImport.cxx | 1 + package/source/zipapi/ZipFile.cxx | 13 ++++++++++ package/source/zippackage/ZipPackageFolder.cxx | 4 ++-- package/source/zippackage/ZipPackageStream.cxx | 18 ++++++++------ 9 files changed, 51 insertions(+), 28 deletions(-) (limited to 'package/inc/EncryptedDataHeader.hxx') diff --git a/package/inc/EncryptedDataHeader.hxx b/package/inc/EncryptedDataHeader.hxx index 7a538360b..0c37a308a 100644 --- a/package/inc/EncryptedDataHeader.hxx +++ b/package/inc/EncryptedDataHeader.hxx @@ -31,24 +31,25 @@ /* The structure of this header is as follows: - Header signature 4 bytes - Version number 2 bytes - Iteraction count 4 bytes - Size 4 bytes - EncAlgorithm 4 bytes - DigestAlgorithm 4 bytes - DerivedKeySize 4 bytes - Salt length 2 bytes - IV length 2 bytes - Digest length 2 bytes - MediaType length 2 bytes - Salt content X bytes - IV content X bytes - digest content X bytes - MediaType X bytes + Header signature 4 bytes + Version number 2 bytes + Iteraction count 4 bytes + Size 4 bytes + EncAlgorithm 4 bytes + DigestAlgorithm 4 bytes + DerivedKeySize 4 bytes + StartKeyAlgorithm 4 bytes + Salt length 2 bytes + IV length 2 bytes + Digest length 2 bytes + MediaType length 2 bytes + Salt content X bytes + IV content X bytes + digest content X bytes + MediaType X bytes */ const sal_uInt32 n_ConstHeader = 0x05024d4dL; // "MM\002\005" -const sal_Int32 n_ConstHeaderSize = 34; // + salt length + iv length + digest length + mediatype length +const sal_Int32 n_ConstHeaderSize = 38; // + salt length + iv length + digest length + mediatype length const sal_Int16 n_ConstCurrentVersion = 1; #endif diff --git a/package/inc/EncryptionData.hxx b/package/inc/EncryptionData.hxx index d0a020c19..07215c088 100644 --- a/package/inc/EncryptionData.hxx +++ b/package/inc/EncryptionData.hxx @@ -56,13 +56,15 @@ public: sal_Int32 m_nEncAlg; sal_Int32 m_nCheckAlg; sal_Int32 m_nDerivedKeySize; + sal_Int32 m_nStartKeyGenID; - EncryptionData( const BaseEncryptionData& aData, const ::com::sun::star::uno::Sequence< sal_Int8 >& aKey, sal_Int32 nEncAlg, sal_Int32 nCheckAlg, sal_Int32 nDerivedKeySize ) + EncryptionData( const BaseEncryptionData& aData, const ::com::sun::star::uno::Sequence< sal_Int8 >& aKey, sal_Int32 nEncAlg, sal_Int32 nCheckAlg, sal_Int32 nDerivedKeySize, sal_Int32 nStartKeyGenID ) : BaseEncryptionData( aData ) , m_aKey( aKey ) , m_nEncAlg( nEncAlg ) , m_nCheckAlg( nCheckAlg ) , m_nDerivedKeySize( nDerivedKeySize ) + , m_nStartKeyGenID( nStartKeyGenID ) {} EncryptionData( const EncryptionData& aData ) @@ -71,6 +73,7 @@ public: , m_nEncAlg( aData.m_nEncAlg ) , m_nCheckAlg( aData.m_nCheckAlg ) , m_nDerivedKeySize( aData.m_nDerivedKeySize ) + , m_nStartKeyGenID( aData.m_nStartKeyGenID ) {} }; diff --git a/package/inc/ZipFile.hxx b/package/inc/ZipFile.hxx index cd003d66c..ae59587ad 100644 --- a/package/inc/ZipFile.hxx +++ b/package/inc/ZipFile.hxx @@ -150,6 +150,7 @@ public: sal_Int32 &rEncAlgorithm, sal_Int32 &rChecksumAlgorithm, sal_Int32 &rDerivedKeySize, + sal_Int32 &rStartKeyGenID, sal_Int32 &rSize, ::rtl::OUString& aMediaType, ::com::sun::star::uno::Reference < com::sun::star::io::XInputStream > &rStream ); diff --git a/package/inc/ZipPackage.hxx b/package/inc/ZipPackage.hxx index 3bdb5afde..1339d18a0 100644 --- a/package/inc/ZipPackage.hxx +++ b/package/inc/ZipPackage.hxx @@ -133,7 +133,7 @@ public: ZipFile& getZipFile() { return *m_pZipFile;} sal_Int32 getFormat() const { return m_nFormat; } - sal_Int32 GetKeyGenID() const { return m_nStartKeyGenerationID; } + sal_Int32 GetStartKeyGenID() const { return m_nStartKeyGenerationID; } sal_Int32 GetEncAlgID() const { return m_nCommonEncryptionID; } sal_Int32 GetChecksumAlgID() const { return m_nChecksumDigestID; } sal_Int32 GetDefaultDerivedKeySize() const { return m_nCommonEncryptionID == ::com::sun::star::xml::crypto::CipherID::AES_CBC_W3C_PADDING ? 32 : 16; } diff --git a/package/inc/ZipPackageStream.hxx b/package/inc/ZipPackageStream.hxx index c8b94dd0f..250ac6354 100644 --- a/package/inc/ZipPackageStream.hxx +++ b/package/inc/ZipPackageStream.hxx @@ -98,7 +98,7 @@ public: ::com::sun::star::uno::Sequence< sal_Int8 > GetEncryptionKey( bool bWinEncoding = false ); - sal_Int32 GetKeyGenID(); + sal_Int32 GetStartKeyGenID(); const com::sun::star::uno::Sequence < sal_Int8 > getInitialisationVector () const { return m_xBaseEncryptionData->m_aInitVector;} diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx index f2fe7af75..76dd4e786 100644 --- a/package/source/manifest/ManifestImport.cxx +++ b/package/source/manifest/ManifestImport.cxx @@ -167,6 +167,7 @@ void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Re { // If this element exists, then this stream is encrypted and we need // to import the initialisation vector, salt and iteration count used + nDerivedKeySize = 0; OUString aString = aConvertedAttribs[sChecksumTypeAttribute]; if ( !bIgnoreEncryptData ) { diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 8f1157cc9..a214afbe8 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -257,6 +257,13 @@ void ZipFile::StaticFillHeader( const ::rtl::Reference< EncryptionData >& rData, *(pHeader++) = static_cast< sal_Int8 >(( nDerivedKeySize >> 16 ) & 0xFF); *(pHeader++) = static_cast< sal_Int8 >(( nDerivedKeySize >> 24 ) & 0xFF); + // Then the start key generation algorithm + sal_Int32 nKeyAlgID = rData->m_nStartKeyGenID; + *(pHeader++) = static_cast< sal_Int8 >(( nKeyAlgID >> 0 ) & 0xFF); + *(pHeader++) = static_cast< sal_Int8 >(( nKeyAlgID >> 8 ) & 0xFF); + *(pHeader++) = static_cast< sal_Int8 >(( nKeyAlgID >> 16 ) & 0xFF); + *(pHeader++) = static_cast< sal_Int8 >(( nKeyAlgID >> 24 ) & 0xFF); + // Then the salt length *(pHeader++) = static_cast< sal_Int8 >(( nSaltLength >> 0 ) & 0xFF); *(pHeader++) = static_cast< sal_Int8 >(( nSaltLength >> 8 ) & 0xFF); @@ -294,6 +301,7 @@ sal_Bool ZipFile::StaticFillData ( ::rtl::Reference< BaseEncryptionData > & rDa sal_Int32 &rEncAlg, sal_Int32 &rChecksumAlg, sal_Int32 &rDerivedKeySize, + sal_Int32 &rStartKeyGenID, sal_Int32 &rSize, ::rtl::OUString& aMediaType, uno::Reference < XInputStream > &rStream ) @@ -335,6 +343,11 @@ sal_Bool ZipFile::StaticFillData ( ::rtl::Reference< BaseEncryptionData > & rDa rDerivedKeySize |= ( pBuffer[nPos++] & 0xFF ) << 16; rDerivedKeySize |= ( pBuffer[nPos++] & 0xFF ) << 24; + rStartKeyGenID = pBuffer[nPos++] & 0xFF; + rStartKeyGenID |= ( pBuffer[nPos++] & 0xFF ) << 8; + rStartKeyGenID |= ( pBuffer[nPos++] & 0xFF ) << 16; + rStartKeyGenID |= ( pBuffer[nPos++] & 0xFF ) << 24; + sal_Int16 nSaltLength = pBuffer[nPos++] & 0xFF; nSaltLength |= ( pBuffer[nPos++] & 0xFF ) << 8; sal_Int16 nIVLength = ( pBuffer[nPos++] & 0xFF ); diff --git a/package/source/zippackage/ZipPackageFolder.cxx b/package/source/zippackage/ZipPackageFolder.cxx index 0ac319bcd..e53268cca 100644 --- a/package/source/zippackage/ZipPackageFolder.cxx +++ b/package/source/zippackage/ZipPackageFolder.cxx @@ -550,7 +550,7 @@ void ZipPackageFolder::saveContents( ::rtl::OUString &rPath, std::vector < uno:: aPropSet[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; aPropSet[PKG_MNFST_ENCALG].Value <<= xEncData->m_nEncAlg; aPropSet[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; - aPropSet[PKG_MNFST_STARTALG].Value <<= pStream->GetKeyGenID(); + aPropSet[PKG_MNFST_STARTALG].Value <<= xEncData->m_nStartKeyGenID; aPropSet[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; aPropSet[PKG_MNFST_DIGESTALG].Value <<= xEncData->m_nCheckAlg; aPropSet[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty; @@ -678,7 +678,7 @@ void ZipPackageFolder::saveContents( ::rtl::OUString &rPath, std::vector < uno:: aPropSet[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; aPropSet[PKG_MNFST_ENCALG].Value <<= xEncData->m_nEncAlg; aPropSet[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; - aPropSet[PKG_MNFST_STARTALG].Value <<= pStream->GetKeyGenID(); + aPropSet[PKG_MNFST_STARTALG].Value <<= xEncData->m_nStartKeyGenID; aPropSet[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; aPropSet[PKG_MNFST_DIGESTALG].Value <<= xEncData->m_nCheckAlg; aPropSet[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty; diff --git a/package/source/zippackage/ZipPackageStream.cxx b/package/source/zippackage/ZipPackageStream.cxx index f755d60e1..2f3592106 100644 --- a/package/source/zippackage/ZipPackageStream.cxx +++ b/package/source/zippackage/ZipPackageStream.cxx @@ -221,7 +221,8 @@ sal_Int32 ZipPackageStream::GetBlockSize() const GetEncryptionKey( bUseWinEncoding ), GetEncryptionAlgorithm(), m_nImportedChecksumAlgorithm ? m_nImportedChecksumAlgorithm : rZipPackage.GetChecksumAlgID(), - m_nImportedDerivedKeySize ? m_nImportedDerivedKeySize : rZipPackage.GetDefaultDerivedKeySize() ); + m_nImportedDerivedKeySize ? m_nImportedDerivedKeySize : rZipPackage.GetDefaultDerivedKeySize(), + GetStartKeyGenID() ); return xResult; } @@ -236,7 +237,7 @@ void ZipPackageStream::SetBaseEncryptionData( const ::rtl::Reference< BaseEncryp uno::Sequence< sal_Int8 > ZipPackageStream::GetEncryptionKey( bool bUseWinEncoding ) { uno::Sequence< sal_Int8 > aResult; - sal_Int32 nKeyGenID = m_nImportedStartKeyAlgorithm ? m_nImportedStartKeyAlgorithm : rZipPackage.GetKeyGenID(); + sal_Int32 nKeyGenID = GetStartKeyGenID(); bUseWinEncoding = ( bUseWinEncoding || m_bUseWinEncoding ); if ( bHaveOwnKey && m_aStorageEncryptionKeys.getLength() ) @@ -270,10 +271,11 @@ uno::Sequence< sal_Int8 > ZipPackageStream::GetEncryptionKey( bool bUseWinEncodi } //-------------------------------------------------------------------------- -sal_Int32 ZipPackageStream::GetKeyGenID() +sal_Int32 ZipPackageStream::GetStartKeyGenID() { - // all the streams must use the same Start Key - return rZipPackage.GetKeyGenID(); + // generally should all the streams use the same Start Key + // but if raw copy without password takes place, we should preserve the imported algorithm + return m_nImportedStartKeyAlgorithm ? m_nImportedStartKeyAlgorithm : rZipPackage.GetStartKeyGenID(); } //-------------------------------------------------------------------------- @@ -420,7 +422,8 @@ sal_Bool ZipPackageStream::ParsePackageRawStream() sal_Int32 nEncAlgorithm = 0; sal_Int32 nChecksumAlgorithm = 0; sal_Int32 nDerivedKeySize = 0; - if ( ZipFile::StaticFillData( xTempEncrData, nEncAlgorithm, nChecksumAlgorithm, nDerivedKeySize, nMagHackSize, aMediaType, GetOwnSeekStream() ) ) + sal_Int32 nStartKeyGenID = 0; + if ( ZipFile::StaticFillData( xTempEncrData, nEncAlgorithm, nChecksumAlgorithm, nDerivedKeySize, nStartKeyGenID, nMagHackSize, aMediaType, GetOwnSeekStream() ) ) { // We'll want to skip the data we've just read, so calculate how much we just read // and remember it @@ -431,6 +434,7 @@ sal_Bool ZipPackageStream::ParsePackageRawStream() m_nImportedEncryptionAlgorithm = nEncAlgorithm; m_nImportedChecksumAlgorithm = nChecksumAlgorithm; m_nImportedDerivedKeySize = nDerivedKeySize; + m_nImportedStartKeyAlgorithm = nStartKeyGenID; m_nMagicalHackSize = nMagHackSize; sMediaType = aMediaType; @@ -566,7 +570,7 @@ uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getDataStream() catch( packages::WrongPasswordException& ) { // workaround for the encrypted documents generated with the old OOo1.x bug. - if ( rZipPackage.GetKeyGenID() == xml::crypto::DigestID::SHA1 && !m_bUseWinEncoding ) + if ( rZipPackage.GetStartKeyGenID() == xml::crypto::DigestID::SHA1 && !m_bUseWinEncoding ) { xResult = rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData( true ), bIsEncrypted, rZipPackage.GetSharedMutexRef() ); m_bUseWinEncoding = true; -- cgit v1.2.3