strepsirrhini/office-gobmx
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move CryptTools from oox to comphelper so we can reuse it

Browse source 
Also move the relevant tests and clean-up the names a bit to make
it mroe consistent.

Change-Id: I929ef9c13b954fd6a506471231d1bc41e4ef9980
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176027
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
This commit is contained in:
Tomaž Vajngerl 2024-11-01 12:48:10 +01:00 committed by Tomaž Vajngerl
parent 6adbc3c717
commit c8cba8ae30
12 changed files with 366 additions and 309 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
comphelper/CppunitTest_comphelper_test.mk
View file

@ -20,6 +20,7 @@ $(eval $(call gb_CppunitTest_add_exception_objects,comphelper_test, \
comphelper/qa/unit/types_test \
comphelper/qa/unit/test_guards \
comphelper/qa/unit/test_traceevent \
comphelper/qa/unit/CryptoTest \
))
$(eval $(call gb_CppunitTest_use_ure,comphelper_test))

1
comphelper/Library_comphelper.mk
View file

@ -75,6 +75,7 @@ $(eval $(call gb_Library_add_exception_objects,comphelper,\
comphelper/source/container/enumerablemap \
comphelper/source/container/enumhelper \
comphelper/source/container/namecontainer \
comphelper/source/crypto/Crypto \
comphelper/source/eventattachermgr/eventattachermgr \
comphelper/source/misc/accessiblecomponenthelper \
comphelper/source/misc/accessibleeventnotifier \

100
comphelper/qa/unit/CryptoTest.cxx Normal file
View file

@ -0,0 +1,100 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
#include <sal/config.h>
#include <config_oox.h>
#include <comphelper/crypto/Crypto.hxx>
#include <comphelper/hash.hxx>
#include <rtl/ustring.hxx>
#include <cppunit/TestFixture.h>
#include <cppunit/extensions/HelperMacros.h>
#if USE_TLS_NSS
#include <nss.h>
#endif
class CryptoTest : public CppUnit::TestFixture
{
public:
virtual void tearDown()
{
#if USE_TLS_NSS
NSS_Shutdown();
#endif
}
void testCryptoHash();
void testRoundUp();
CPPUNIT_TEST_SUITE(CryptoTest);
CPPUNIT_TEST(testCryptoHash);
CPPUNIT_TEST(testRoundUp);
CPPUNIT_TEST_SUITE_END();
};
void CryptoTest::testCryptoHash()
{
// Check examples from Wikipedia (https://en.wikipedia.org/wiki/HMAC)
OString aContentString("The quick brown fox jumps over the lazy dog"_ostr);
std::vector<sal_uInt8> aContent(aContentString.getStr(),
aContentString.getStr() + aContentString.getLength());
std::vector<sal_uInt8> aKey = { 'k', 'e', 'y' };
{
comphelper::CryptoHash aCryptoHash(aKey, comphelper::CryptoHashType::SHA1);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(std::string("de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"),
comphelper::hashToString(aHash));
}
{
comphelper::CryptoHash aCryptoHash(aKey, comphelper::CryptoHashType::SHA256);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8"),
comphelper::hashToString(aHash));
}
{
comphelper::CryptoHash aCryptoHash(aKey, comphelper::CryptoHashType::SHA384);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(std::string("d7f4727e2c0b39ae0f1e40cc96f60242d5b7801841cea6fc592c5d3e1"
"ae50700582a96cf35e1e554995fe4e03381c237"),
comphelper::hashToString(aHash));
}
{
comphelper::CryptoHash aCryptoHash(aKey, comphelper::CryptoHashType::SHA512);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("b42af09057bac1e2d41708e48a902e09b5ff7f12ab428a4fe86653c73dd248fb82f948a549"
"f7b791a5b41915ee4d1ec3935357e4e2317250d0372afa2ebeeb3a"),
comphelper::hashToString(aHash));
}
}
void CryptoTest::testRoundUp()
{
CPPUNIT_ASSERT_EQUAL(16, comphelper::roundUp(16, 16));
CPPUNIT_ASSERT_EQUAL(32, comphelper::roundUp(32, 16));
CPPUNIT_ASSERT_EQUAL(64, comphelper::roundUp(64, 16));
CPPUNIT_ASSERT_EQUAL(16, comphelper::roundUp(01, 16));
CPPUNIT_ASSERT_EQUAL(32, comphelper::roundUp(17, 16));
CPPUNIT_ASSERT_EQUAL(32, comphelper::roundUp(31, 16));
}
CPPUNIT_TEST_SUITE_REGISTRATION(CryptoTest);
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

213
oox/source/crypto/CryptTools.cxx → comphelper/source/crypto/Crypto.cxx
View file

@ -8,7 +8,7 @@
*
*/
#include <oox/crypto/CryptTools.hxx>
#include <comphelper/crypto/Crypto.hxx>
#include <com/sun/star/uno/RuntimeException.hpp>
#include <sal/types.h>
@ -26,20 +26,20 @@
#include <pk11pub.h>
#endif // USE_TLS_NSS
namespace oox::crypto {
namespace comphelper
{
#if USE_TLS_OPENSSL
#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
static HMAC_CTX *HMAC_CTX_new(void)
static HMAC_CTX* HMAC_CTX_new(void)
{
HMAC_CTX *pContext = new HMAC_CTX;
HMAC_CTX_init(pContext);
return pContext;
HMAC_CTX* pContext = new HMAC_CTX;
HMAC_CTX_init(pContext);
return pContext;
}
static void HMAC_CTX_free(HMAC_CTX *pContext)
static void HMAC_CTX_free(HMAC_CTX* pContext)
{
HMAC_CTX_cleanup(pContext);
delete pContext;
@ -48,17 +48,21 @@ static void HMAC_CTX_free(HMAC_CTX *pContext)
namespace
{
struct cipher_delete
{
void operator()(EVP_CIPHER_CTX* p) { EVP_CIPHER_CTX_free(p); }
};
struct cipher_delete
{
void operator()(EVP_CIPHER_CTX* p) { EVP_CIPHER_CTX_free(p); }
};
struct hmac_delete
struct hmac_delete
{
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_CTX_free' is deprecated
void
operator()(HMAC_CTX* p)
{
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_CTX_free' is deprecated
void operator()(HMAC_CTX* p) { HMAC_CTX_free(p); }
SAL_WNODEPRECATED_DECLARATIONS_POP
};
HMAC_CTX_free(p);
}
SAL_WNODEPRECATED_DECLARATIONS_POP
};
}
struct CryptoImpl
@ -68,7 +72,8 @@ struct CryptoImpl
CryptoImpl() = default;
void setupEncryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto::CryptoType eType)
void setupEncryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv,
Crypto::CryptoType eType)
{
mpContext.reset(EVP_CIPHER_CTX_new());
EVP_CIPHER_CTX_init(mpContext.get());
@ -84,7 +89,8 @@ struct CryptoImpl
EVP_CIPHER_CTX_set_padding(mpContext.get(), 0);
}
void setupDecryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto::CryptoType eType)
void setupDecryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv,
Crypto::CryptoType eType)
{
mpContext.reset(EVP_CIPHER_CTX_new());
EVP_CIPHER_CTX_init(mpContext.get());
@ -112,24 +118,28 @@ struct CryptoImpl
void setupCryptoHashContext(std::vector<sal_uInt8>& rKey, CryptoHashType eType)
{
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_CTX_new' is deprecated
mpHmacContext.reset(HMAC_CTX_new());
SAL_WNODEPRECATED_DECLARATIONS_POP
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_CTX_new' is deprecated
mpHmacContext.reset(HMAC_CTX_new());
SAL_WNODEPRECATED_DECLARATIONS_POP
const EVP_MD* aEvpMd = nullptr;
switch (eType)
{
case CryptoHashType::SHA1:
aEvpMd = EVP_sha1(); break;
aEvpMd = EVP_sha1();
break;
case CryptoHashType::SHA256:
aEvpMd = EVP_sha256(); break;
aEvpMd = EVP_sha256();
break;
case CryptoHashType::SHA384:
aEvpMd = EVP_sha384(); break;
aEvpMd = EVP_sha384();
break;
case CryptoHashType::SHA512:
aEvpMd = EVP_sha512(); break;
aEvpMd = EVP_sha512();
break;
}
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Init_ex' is deprecated
HMAC_Init_ex(mpHmacContext.get(), rKey.data(), rKey.size(), aEvpMd, nullptr);
SAL_WNODEPRECATED_DECLARATIONS_POP
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Init_ex' is deprecated
HMAC_Init_ex(mpHmacContext.get(), rKey.data(), rKey.size(), aEvpMd, nullptr);
SAL_WNODEPRECATED_DECLARATIONS_POP
}
~CryptoImpl()
@ -140,7 +150,7 @@ SAL_WNODEPRECATED_DECLARATIONS_POP
static const EVP_CIPHER* getCipher(Crypto::CryptoType type)
{
switch(type)
switch (type)
{
case Crypto::CryptoType::AES_128_ECB:
return EVP_aes_128_ecb();
@ -163,10 +173,10 @@ struct CryptoImpl
{
PK11SlotInfo* mSlot;
PK11Context* mContext;
SECItem* mSecParam;
PK11SymKey* mSymKey;
SECItem* mSecParam;
PK11SymKey* mSymKey;
PK11Context* mWrapKeyContext;
PK11SymKey* mWrapKey;
PK11SymKey* mWrapKey;
CryptoImpl()
: mSlot(nullptr)
@ -184,7 +194,10 @@ struct CryptoImpl
{
PRErrorCode error = PR_GetError();
const char* errorText = PR_ErrorToName(error);
throw css::uno::RuntimeException("NSS_NoDB_Init failed with " + OUString(errorText, strlen(errorText), RTL_TEXTENCODING_UTF8) + " (" + OUString::number(static_cast<int>(error)) + ")");
throw css::uno::RuntimeException(
"NSS_NoDB_Init failed with "
+ OUString(errorText, strlen(errorText), RTL_TEXTENCODING_UTF8) + " ("
+ OUString::number(static_cast<int>(error)) + ")");
}
}
}
@ -227,7 +240,8 @@ struct CryptoImpl
int wrap_key_len = PK11_GetBestKeyLength(mSlot, wrap_mechanism);
mWrapKey = PK11_KeyGen(mSlot, wrap_mechanism, nullptr, wrap_key_len, nullptr);
if (!mWrapKey)
throw css::uno::RuntimeException(u"PK11_KeyGen SymKey failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"PK11_KeyGen SymKey failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
/*
* Encrypt authkey with wrapping key
@ -237,21 +251,26 @@ struct CryptoImpl
* Initialization of IV is not needed because PK11_GetBestWrapMechanism should return ECB mode
*/
SECItem tmp_sec_item = {};
mWrapKeyContext = PK11_CreateContextBySymKey(wrap_mechanism, CKA_ENCRYPT, mWrapKey, &tmp_sec_item);
mWrapKeyContext
= PK11_CreateContextBySymKey(wrap_mechanism, CKA_ENCRYPT, mWrapKey, &tmp_sec_item);
if (!mWrapKeyContext)
throw css::uno::RuntimeException(u"PK11_CreateContextBySymKey failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"PK11_CreateContextBySymKey failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
unsigned char wrapped_key_data[MAX_WRAPPED_KEY_LEN];
int wrapped_key_len = sizeof(wrapped_key_data);
if (PK11_CipherOp(mWrapKeyContext, wrapped_key_data, &wrapped_key_len,
sizeof(wrapped_key_data), key->data, key->len) != SECSuccess)
sizeof(wrapped_key_data), key->data, key->len)
!= SECSuccess)
{
throw css::uno::RuntimeException(u"PK11_CipherOp failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"PK11_CipherOp failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
}
if (PK11_Finalize(mWrapKeyContext) != SECSuccess)
throw css::uno::RuntimeException(u"PK11_Finalize failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"PK11_Finalize failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
/*
* Finally unwrap sym key
@ -261,28 +280,31 @@ struct CryptoImpl
wrapped_key.len = wrapped_key_len;
mSymKey = PK11_UnwrapSymKey(mWrapKey, wrap_mechanism, &tmp_sec_item, &wrapped_key,
mechanism, operation, key->len);
mechanism, operation, key->len);
}
return mSymKey;
}
void setupEncryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto::CryptoType type)
void setupEncryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv,
CryptoType type)
{
setupCryptoContext(key, iv, type, CKA_ENCRYPT);
}
void setupDecryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto::CryptoType type)
void setupDecryptContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv,
CryptoType type)
{
setupCryptoContext(key, iv, type, CKA_DECRYPT);
}
void setupCryptoContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto::CryptoType type, CK_ATTRIBUTE_TYPE operation)
void setupCryptoContext(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv,
CryptoType type, CK_ATTRIBUTE_TYPE operation)
{
CK_MECHANISM_TYPE mechanism = static_cast<CK_ULONG>(-1);
SECItem ivItem;
ivItem.type = siBuffer;
if(iv.empty())
if (iv.empty())
ivItem.data = nullptr;
else
ivItem.data = iv.data();
@ -290,13 +312,16 @@ struct CryptoImpl
SECItem* pIvItem = nullptr;
switch(type)
switch (type)
{
case Crypto::CryptoType::AES_128_ECB:
case CryptoType::AES_128_ECB:
mechanism = CKM_AES_ECB;
break;
case Crypto::CryptoType::AES_128_CBC:
case Crypto::CryptoType::AES_256_CBC:
case CryptoType::AES_128_CBC:
mechanism = CKM_AES_CBC;
pIvItem = &ivItem;
break;
case CryptoType::AES_256_CBC:
mechanism = CKM_AES_CBC;
pIvItem = &ivItem;
break;
@ -307,16 +332,18 @@ struct CryptoImpl
mSlot = PK11_GetBestSlot(mechanism, nullptr);
if (!mSlot)
throw css::uno::RuntimeException(u"NSS Slot failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"NSS Slot failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
SECItem keyItem;
keyItem.type = siBuffer;
keyItem.data = key.data();
keyItem.len = key.size();
keyItem.len = key.size();
mSymKey = ImportSymKey(mechanism, CKA_ENCRYPT, &keyItem);
if (!mSymKey)
throw css::uno::RuntimeException(u"NSS SymKey failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"NSS SymKey failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
mSecParam = PK11_ParamFromIV(mechanism, pIvItem);
mContext = PK11_CreateContextBySymKey(mechanism, operation, mSymKey, mSecParam);
@ -326,7 +353,7 @@ struct CryptoImpl
{
CK_MECHANISM_TYPE aMechanism = static_cast<CK_ULONG>(-1);
switch(eType)
switch (eType)
{
case CryptoHashType::SHA1:
aMechanism = CKM_SHA_1_HMAC;
@ -345,15 +372,17 @@ struct CryptoImpl
mSlot = PK11_GetBestSlot(aMechanism, nullptr);
if (!mSlot)
throw css::uno::RuntimeException(u"NSS Slot failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"NSS Slot failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
SECItem aKeyItem;
aKeyItem.data = rKey.data();
aKeyItem.len = rKey.size();
aKeyItem.len = rKey.size();
mSymKey = ImportSymKey(aMechanism, CKA_SIGN, &aKeyItem);
if (!mSymKey)
throw css::uno::RuntimeException(u"NSS SymKey failure"_ustr, css::uno::Reference<css::uno::XInterface>());
throw css::uno::RuntimeException(u"NSS SymKey failure"_ustr,
css::uno::Reference<css::uno::XInterface>());
SECItem param;
param.data = nullptr;
@ -363,7 +392,8 @@ struct CryptoImpl
};
#else
struct CryptoImpl
{};
{
};
#endif
Crypto::Crypto()
@ -371,9 +401,7 @@ Crypto::Crypto()
{
}
Crypto::~Crypto()
{
}
Crypto::~Crypto() {}
// DECRYPT
@ -388,12 +416,14 @@ Decrypt::Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto
#endif
}
sal_uInt32 Decrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input, sal_uInt32 inputLength)
sal_uInt32 Decrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
sal_uInt32 inputLength)
{
int outputLength = 0;
#if USE_TLS_OPENSSL + USE_TLS_NSS > 0
sal_uInt32 actualInputLength = inputLength == 0 || inputLength > input.size() ? input.size() : inputLength;
sal_uInt32 actualInputLength
= inputLength == 0 || inputLength > input.size() ? input.size() : inputLength;
#else
(void)output;
(void)input;
@ -401,23 +431,26 @@ sal_uInt32 Decrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8
#endif
#if USE_TLS_OPENSSL
(void)EVP_DecryptUpdate(mpImpl->mpContext.get(), output.data(), &outputLength, input.data(), actualInputLength);
(void)EVP_DecryptUpdate(mpImpl->mpContext.get(), output.data(), &outputLength, input.data(),
actualInputLength);
#endif // USE_TLS_OPENSSL
#if USE_TLS_NSS
if (!mpImpl->mContext)
return 0;
(void)PK11_CipherOp(mpImpl->mContext, output.data(), &outputLength, actualInputLength, input.data(), actualInputLength);
(void)PK11_CipherOp(mpImpl->mContext, output.data(), &outputLength, actualInputLength,
input.data(), actualInputLength);
#endif // USE_TLS_NSS
return static_cast<sal_uInt32>(outputLength);
}
sal_uInt32 Decrypt::aes128ecb(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input, std::vector<sal_uInt8>& key)
sal_uInt32 Decrypt::aes128ecb(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
std::vector<sal_uInt8>& key)
{
sal_uInt32 outputLength = 0;
std::vector<sal_uInt8> iv;
Decrypt crypto(key, iv, Crypto::AES_128_ECB);
Decrypt crypto(key, iv, CryptoType::AES_128_ECB);
outputLength = crypto.update(output, input);
return outputLength;
}
@ -435,12 +468,14 @@ Encrypt::Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, Crypto
#endif
}
sal_uInt32 Encrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input, sal_uInt32 inputLength)
sal_uInt32 Encrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
sal_uInt32 inputLength)
{
int outputLength = 0;
#if USE_TLS_OPENSSL + USE_TLS_NSS > 0
sal_uInt32 actualInputLength = inputLength == 0 || inputLength > input.size() ? input.size() : inputLength;
sal_uInt32 actualInputLength
= inputLength == 0 || inputLength > input.size() ? input.size() : inputLength;
#else
(void)output;
(void)input;
@ -448,11 +483,13 @@ sal_uInt32 Encrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8
#endif
#if USE_TLS_OPENSSL
(void)EVP_EncryptUpdate(mpImpl->mpContext.get(), output.data(), &outputLength, input.data(), actualInputLength);
(void)EVP_EncryptUpdate(mpImpl->mpContext.get(), output.data(), &outputLength, input.data(),
actualInputLength);
#endif // USE_TLS_OPENSSL
#if USE_TLS_NSS
(void)PK11_CipherOp(mpImpl->mContext, output.data(), &outputLength, actualInputLength, input.data(), actualInputLength);
(void)PK11_CipherOp(mpImpl->mContext, output.data(), &outputLength, actualInputLength,
input.data(), actualInputLength);
#endif // USE_TLS_NSS
return static_cast<sal_uInt32>(outputLength);
@ -462,15 +499,18 @@ sal_uInt32 Encrypt::update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8
namespace
{
sal_Int32 getSizeForHashType(CryptoHashType eType)
{
switch (eType)
{
case CryptoHashType::SHA1: return 20;
case CryptoHashType::SHA256: return 32;
case CryptoHashType::SHA384: return 48;
case CryptoHashType::SHA512: return 64;
case CryptoHashType::SHA1:
return 20;
case CryptoHashType::SHA256:
return 32;
case CryptoHashType::SHA384:
return 48;
case CryptoHashType::SHA512:
return 64;
}
return 0;
}
@ -495,16 +535,18 @@ CryptoHash::CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType)
bool CryptoHash::update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength)
{
#if USE_TLS_OPENSSL + USE_TLS_NSS > 0
sal_uInt32 nActualInputLength = (nInputLength == 0 || nInputLength > rInput.size()) ? rInput.size() : nInputLength;
sal_uInt32 nActualInputLength
= (nInputLength == 0 || nInputLength > rInput.size()) ? rInput.size() : nInputLength;
#else
(void)rInput;
(void)nInputLength;
#endif
#if USE_TLS_OPENSSL
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Update' is deprecated
return HMAC_Update(mpImpl->mpHmacContext.get(), rInput.data(), nActualInputLength) != 0;
SAL_WNODEPRECATED_DECLARATIONS_POP
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Update' is deprecated
return HMAC_Update(mpImpl->mpHmacContext.get(), rInput.data(), nActualInputLength)
!= 0;
SAL_WNODEPRECATED_DECLARATIONS_POP
#elif USE_TLS_NSS
return PK11_DigestOp(mpImpl->mContext, rInput.data(), nActualInputLength) == SECSuccess;
#else
@ -515,19 +557,18 @@ SAL_WNODEPRECATED_DECLARATIONS_POP
std::vector<sal_uInt8> CryptoHash::finalize()
{
std::vector<sal_uInt8> aHash(mnHashSize, 0);
unsigned int nSizeWritten;
#if USE_TLS_OPENSSL
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Final' is deprecated
(void) HMAC_Final(mpImpl->mpHmacContext.get(), aHash.data(), &nSizeWritten);
SAL_WNODEPRECATED_DECLARATIONS_POP
unsigned int nSizeWritten = 0;
SAL_WNODEPRECATED_DECLARATIONS_PUSH // 'HMAC_Final' is deprecated
(void) HMAC_Final(mpImpl->mpHmacContext.get(), aHash.data(), &nSizeWritten);
SAL_WNODEPRECATED_DECLARATIONS_POP
#elif USE_TLS_NSS
unsigned int nSizeWritten = 0;
PK11_DigestFinal(mpImpl->mContext, aHash.data(), &nSizeWritten, aHash.size());
#endif
(void)nSizeWritten;
return aHash;
}
} // namespace oox::crypto
} // namespace comphelper
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

99
include/comphelper/crypto/Crypto.hxx Normal file
View file

@ -0,0 +1,99 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
*/
#pragma once
#include <comphelper/comphelperdllapi.h>
#include <sal/types.h>
#include <vector>
#include <memory>
namespace comphelper
{
/** Rounds up the input to the nearest multiple
*
* For example:
* input 1, multiple 16 = 16
* input 16, multiple 16 = 16
* input 17, multiple 16 = 32
* input 31, multiple 16 = 32
*/
template <typename T> T roundUp(T input, T multiple)
{
if (input % multiple == 0)
return input;
return ((input / multiple) * multiple) + multiple;
}
enum class CryptoHashType
{
SHA1,
SHA256,
SHA384,
SHA512
};
enum class CryptoType
{
UNKNOWN,
AES_128_ECB,
AES_128_CBC,
AES_256_CBC,
};
struct CryptoImpl;
class COMPHELPER_DLLPUBLIC Crypto
{
protected:
std::unique_ptr<CryptoImpl> mpImpl;
protected:
Crypto();
public:
virtual ~Crypto();
};
class COMPHELPER_DLLPUBLIC Decrypt final : public Crypto
{
public:
Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
sal_uInt32 update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0);
static sal_uInt32 aes128ecb(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
std::vector<sal_uInt8>& key);
};
class COMPHELPER_DLLPUBLIC Encrypt final : public Crypto
{
public:
Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
sal_uInt32 update(std::vector<sal_uInt8>& output, std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0);
};
class COMPHELPER_DLLPUBLIC CryptoHash final : public Crypto
{
sal_Int32 mnHashSize;
public:
CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType);
bool update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength = 0);
std::vector<sal_uInt8> finalize();
};
} // namespace comphelper
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

11
include/oox/crypto/AgileEngine.hxx
View file

@ -8,16 +8,15 @@
*
*/
#ifndef INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX
#define INCLUDED_OOX_CRYPTO_AGILEENGINE_HXX
#pragma once
#include <vector>
#include <oox/dllapi.h>
#include <oox/crypto/CryptTools.hxx>
#include <oox/crypto/CryptoEngine.hxx>
#include <rtl/ustring.hxx>
#include <sal/types.h>
#include <comphelper/crypto/Crypto.hxx>
namespace oox {
class BinaryXInputStream;
@ -94,7 +93,7 @@ private:
std::vector<sal_uInt8>& rInput,
std::vector<sal_uInt8>& rOutput);
static Crypto::CryptoType cryptoType(const AgileEncryptionInfo& rInfo);
static comphelper::CryptoType cryptoType(const AgileEncryptionInfo& rInfo);
public:
AgileEngine();
@ -141,8 +140,6 @@ public:
bool setupEncryptionKey(OUString const & rPassword);
};
} // namespace oox::crypto
#endif
} // namespace comphelper::crypto
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

121
include/oox/crypto/CryptTools.hxx
View file

@ -1,121 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* This file incorporates work covered by the following license notice:
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed
* with this work for additional information regarding copyright
* ownership. The ASF licenses this file to you under the Apache
* License, Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
*/
#ifndef INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX
#define INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX
#include <oox/dllapi.h>
#include <sal/types.h>
#include <vector>
#include <memory>
namespace oox::crypto {
/** Rounds up the input to the nearest multiple
*
* For example:
* input 1, multiple 16 = 16
* input 16, multiple 16 = 16
* input 17, multiple 16 = 32
* input 31, multiple 16 = 32
*/
template<typename T>
T roundUp(T input, T multiple)
{
if (input % multiple == 0)
return input;
return ((input / multiple) * multiple) + multiple;
}
enum class CryptoHashType
{
SHA1,
SHA256,
SHA384,
SHA512
};
struct CryptoImpl;
class OOX_DLLPUBLIC Crypto
{
public:
enum CryptoType
{
UNKNOWN,
AES_128_ECB,
AES_128_CBC,
AES_256_CBC,
};
protected:
std::unique_ptr<CryptoImpl> mpImpl;
protected:
Crypto();
public:
virtual ~Crypto();
};
class Decrypt final : public Crypto
{
public:
Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
sal_uInt32 update(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0);
static sal_uInt32 aes128ecb(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
std::vector<sal_uInt8>& key );
};
class Encrypt final : public Crypto
{
public:
Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
sal_uInt32 update(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0);
};
class OOX_DLLPUBLIC CryptoHash final : public Crypto
{
sal_Int32 mnHashSize;
public:
CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType);
bool update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength = 0);
std::vector<sal_uInt8> finalize();
};
} // namespace oox::crypto
#endif
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

1
oox/Library_oox.mk
View file

@ -139,7 +139,6 @@ $(eval $(call gb_Library_add_exception_objects,oox,\
oox/source/core/relationshandler \
oox/source/core/xmlfilterbase \
oox/source/crypto/AgileEngine \
oox/source/crypto/CryptTools \
oox/source/crypto/DocumentEncryption \
oox/source/crypto/DocumentDecryption \
oox/source/crypto/Standard2007Engine \

60
oox/qa/unit/CryptoTest.cxx
View file

@ -31,8 +31,7 @@ class CryptoTest : public CppUnit::TestFixture
{
public:
virtual ~CryptoTest() override;
void testCryptoHash();
void testRoundUp();
void testStandard2007();
void testAgileEncryptionVerifier();
void testAgileEncryptionInfoWritingAndParsing();
@ -40,8 +39,6 @@ public:
void testAgileEncryptingAndDecrypting();
CPPUNIT_TEST_SUITE(CryptoTest);
CPPUNIT_TEST(testCryptoHash);
CPPUNIT_TEST(testRoundUp);
CPPUNIT_TEST(testStandard2007);
CPPUNIT_TEST(testAgileEncryptionVerifier);
CPPUNIT_TEST(testAgileEncryptionInfoWritingAndParsing);
@ -71,61 +68,6 @@ CryptoTest::~CryptoTest()
#endif
}
void CryptoTest::testCryptoHash()
{
// Check examples from Wikipedia (https://en.wikipedia.org/wiki/HMAC)
OString aContentString("The quick brown fox jumps over the lazy dog"_ostr);
std::vector<sal_uInt8> aContent(aContentString.getStr(),
aContentString.getStr() + aContentString.getLength());
std::vector<sal_uInt8> aKey = { 'k', 'e', 'y' };
{
oox::crypto::CryptoHash aCryptoHash(aKey, oox::crypto::CryptoHashType::SHA1);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(std::string("de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"),
toString(aHash));
}
{
oox::crypto::CryptoHash aCryptoHash(aKey, oox::crypto::CryptoHashType::SHA256);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8"),
toString(aHash));
}
{
oox::crypto::CryptoHash aCryptoHash(aKey, oox::crypto::CryptoHashType::SHA384);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(std::string("d7f4727e2c0b39ae0f1e40cc96f60242d5b7801841cea6fc592c5d3e1"
"ae50700582a96cf35e1e554995fe4e03381c237"),
toString(aHash));
}
{
oox::crypto::CryptoHash aCryptoHash(aKey, oox::crypto::CryptoHashType::SHA512);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("b42af09057bac1e2d41708e48a902e09b5ff7f12ab428a4fe86653c73dd248fb82f948a549"
"f7b791a5b41915ee4d1ec3935357e4e2317250d0372afa2ebeeb3a"),
toString(aHash));
}
}
void CryptoTest::testRoundUp()
{
CPPUNIT_ASSERT_EQUAL(16, oox::crypto::roundUp(16, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::crypto::roundUp(32, 16));
CPPUNIT_ASSERT_EQUAL(64, oox::crypto::roundUp(64, 16));
CPPUNIT_ASSERT_EQUAL(16, oox::crypto::roundUp(01, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::crypto::roundUp(17, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::crypto::roundUp(31, 16));
}
void CryptoTest::testStandard2007()
{
oox::crypto::Standard2007Engine aEngine;

50
oox/source/crypto/AgileEngine.cxx
View file

@ -218,14 +218,14 @@ bool hashCalc(std::vector<sal_uInt8>& output,
return false;
}
CryptoHashType cryptoHashTypeFromString(std::u16string_view sAlgorithm)
comphelper::CryptoHashType cryptoHashTypeFromString(std::u16string_view sAlgorithm)
{
if (sAlgorithm == u"SHA512")
return CryptoHashType::SHA512;
return comphelper::CryptoHashType::SHA512;
else if (sAlgorithm == u"SHA384")
return CryptoHashType::SHA384;
return comphelper::CryptoHashType::SHA384;
else
return CryptoHashType::SHA1;
return comphelper::CryptoHashType::SHA1;
}
} // namespace
@ -234,13 +234,13 @@ AgileEngine::AgileEngine()
: meEncryptionPreset(AgileEncryptionPreset::AES_256_SHA512)
{}
Crypto::CryptoType AgileEngine::cryptoType(const AgileEncryptionInfo& rInfo)
comphelper::CryptoType AgileEngine::cryptoType(const AgileEncryptionInfo& rInfo)
{
if (rInfo.keyBits == 128 && rInfo.cipherAlgorithm == "AES" && rInfo.cipherChaining == "ChainingModeCBC")
return Crypto::AES_128_CBC;
return comphelper::CryptoType::AES_128_CBC;
else if (rInfo.keyBits == 256 && rInfo.cipherAlgorithm == "AES" && rInfo.cipherChaining == "ChainingModeCBC")
return Crypto::AES_256_CBC;
return Crypto::UNKNOWN;
return comphelper::CryptoType::AES_256_CBC;
return comphelper::CryptoType::UNKNOWN;
}
static std::vector<sal_uInt8> calculateIV(comphelper::HashType eType,
@ -252,7 +252,7 @@ static std::vector<sal_uInt8> calculateIV(comphelper::HashType eType,
aHasher.update(rSalt.data(), rSalt.size());
aHasher.update(rBlock.data(), rBlock.size());
std::vector<sal_uInt8> aIV = aHasher.finalize();
aIV.resize(roundUp(sal_Int32(aIV.size()), nCipherBlockSize), 0x36);
aIV.resize(comphelper::roundUp(sal_Int32(aIV.size()), nCipherBlockSize), 0x36);
return aIV;
}
@ -274,7 +274,7 @@ void AgileEngine::calculateBlock(
std::copy(hash.begin(), hash.begin() + keySize, key.begin());
Decrypt aDecryptor(key, mInfo.saltValue, cryptoType(mInfo));
comphelper::Decrypt aDecryptor(key, mInfo.saltValue, cryptoType(mInfo));
aDecryptor.update(rOutput, rInput);
}
@ -296,7 +296,7 @@ void AgileEngine::encryptBlock(
std::copy(hash.begin(), hash.begin() + keySize, key.begin());
Encrypt aEncryptor(key, mInfo.saltValue, cryptoType(mInfo));
comphelper::Encrypt aEncryptor(key, mInfo.saltValue, cryptoType(mInfo));
aEncryptor.update(rOutput, rInput);
}
@ -338,7 +338,7 @@ bool AgileEngine::decryptAndCheckVerifierHash(OUString const & rPassword)
std::vector<sal_uInt8>& encryptedHashInput = mInfo.encryptedVerifierHashInput;
// SALT - needs to be a multiple of block size (?)
sal_uInt32 nSaltSize = roundUp(mInfo.saltSize, mInfo.blockSize);
sal_uInt32 nSaltSize = comphelper::roundUp(mInfo.saltSize, mInfo.blockSize);
if (nSaltSize < encryptedHashInput.size())
return false;
std::vector<sal_uInt8> hashInput(nSaltSize, 0);
@ -400,7 +400,7 @@ bool AgileEngine::decryptHmacKey()
std::vector<sal_uInt8> iv = calculateIV(eType, mInfo.keyDataSalt, constBlockHmac1, mInfo.blockSize);
// Decrypt without key, calculated iv
Decrypt aDecrypt(mKey, iv, cryptoType(mInfo));
comphelper::Decrypt aDecrypt(mKey, iv, cryptoType(mInfo));
aDecrypt.update(mInfo.hmacKey, mInfo.hmacEncryptedKey);
mInfo.hmacKey.resize(mInfo.hashSize, 0);
@ -427,7 +427,7 @@ bool AgileEngine::decryptHmacValue()
std::vector<sal_uInt8> iv = calculateIV(eType, mInfo.keyDataSalt, constBlockHmac2, mInfo.blockSize);
// Decrypt without key, calculated iv
Decrypt aDecrypt(mKey, iv, cryptoType(mInfo));
comphelper::Decrypt aDecrypt(mKey, iv, cryptoType(mInfo));
aDecrypt.update(mInfo.hmacHash, mInfo.hmacEncryptedValue);
mInfo.hmacHash.resize(mInfo.hashSize, 0);
@ -446,7 +446,7 @@ bool AgileEngine::checkDataIntegrity()
bool AgileEngine::decrypt(BinaryXInputStream& aInputStream,
BinaryXOutputStream& aOutputStream)
{
CryptoHash aCryptoHash(mInfo.hmacKey, cryptoHashTypeFromString(mInfo.hashAlgorithm));
comphelper::CryptoHash aCryptoHash(mInfo.hmacKey, cryptoHashTypeFromString(mInfo.hashAlgorithm));
sal_uInt32 totalSize = aInputStream.readuInt32(); // Document unencrypted size - 4 bytes
// account for size in HMAC
@ -492,7 +492,7 @@ bool AgileEngine::decrypt(BinaryXInputStream& aInputStream,
// Only if hash > keySize
std::copy(hash.begin(), hash.begin() + keySize, iv.begin());
Decrypt aDecryptor(mKey, iv, AgileEngine::cryptoType(mInfo));
comphelper::Decrypt aDecryptor(mKey, iv, cryptoType(mInfo));
outputLength = aDecryptor.update(outputBuffer, inputBuffer, inputLength);
sal_uInt32 writeLength = std::min(outputLength, remaining);
@ -593,7 +593,7 @@ bool AgileEngine::generateAndEncryptVerifierHash(OUString const & rPassword)
return false;
// HASH - needs to be modified to be multiple of block size
sal_Int32 nVerifierHash = roundUp(mInfo.hashSize, mInfo.blockSize);
sal_Int32 nVerifierHash = comphelper::roundUp(mInfo.hashSize, mInfo.blockSize);
std::vector<sal_uInt8> unencryptedVerifierHashValue;
if (!hashCalc(unencryptedVerifierHashValue, unencryptedVerifierHashInput, mInfo.hashAlgorithm))
return false;
@ -619,7 +619,7 @@ bool AgileEngine::encryptHmacKey()
return false;
// Encrypted salt must be multiple of block size
sal_Int32 nEncryptedSaltSize = oox::crypto::roundUp(mInfo.hashSize, mInfo.blockSize);
sal_Int32 nEncryptedSaltSize = comphelper::roundUp(mInfo.hashSize, mInfo.blockSize);
// We need to extend hmacSalt to multiple of block size, padding with 0x36
std::vector<sal_uInt8> extendedSalt(mInfo.hmacKey);
@ -643,7 +643,7 @@ bool AgileEngine::encryptHmacKey()
std::vector<sal_uInt8> iv = calculateIV(eType, mInfo.keyDataSalt, constBlockHmac1, mInfo.blockSize);
// Encrypt without key, calculated iv
Encrypt aEncryptor(mKey, iv, cryptoType(mInfo));
comphelper::Encrypt aEncryptor(mKey, iv, cryptoType(mInfo));
aEncryptor.update(mInfo.hmacEncryptedKey, extendedSalt);
return true;
@ -651,7 +651,7 @@ bool AgileEngine::encryptHmacKey()
bool AgileEngine::encryptHmacValue()
{
sal_Int32 nEncryptedValueSize = roundUp(mInfo.hashSize, mInfo.blockSize);
sal_Int32 nEncryptedValueSize = comphelper::roundUp(mInfo.hashSize, mInfo.blockSize);
mInfo.hmacEncryptedValue.clear();
mInfo.hmacEncryptedValue.resize(nEncryptedValueSize, 0);
@ -672,7 +672,7 @@ bool AgileEngine::encryptHmacValue()
std::vector<sal_uInt8> iv = calculateIV(eType, mInfo.keyDataSalt, constBlockHmac2, mInfo.blockSize);
// Encrypt without key, calculated iv
Encrypt aEncryptor(mKey, iv, cryptoType(mInfo));
comphelper::Encrypt aEncryptor(mKey, iv, cryptoType(mInfo));
aEncryptor.update(mInfo.hmacEncryptedValue, extendedHash);
return true;
@ -726,7 +726,7 @@ void AgileEngine::setupEncryptionParameters(AgileEncryptionParameters const & rA
mInfo.keyDataSalt.resize(mInfo.saltSize);
mInfo.saltValue.resize(mInfo.saltSize);
mInfo.encryptedVerifierHashInput.resize(mInfo.saltSize);
mInfo.encryptedVerifierHashValue.resize(roundUp(mInfo.hashSize, mInfo.blockSize), 0);
mInfo.encryptedVerifierHashValue.resize(comphelper::roundUp(mInfo.hashSize, mInfo.blockSize), 0);
}
bool AgileEngine::setupEncryptionKey(OUString const & rPassword)
@ -803,7 +803,7 @@ void AgileEngine::encrypt(const css::uno::Reference<css::io::XInputStream> & rx
css::uno::Reference<css::io::XOutputStream> & rxOutputStream,
sal_uInt32 nSize)
{
CryptoHash aCryptoHash(mInfo.hmacKey, cryptoHashTypeFromString(mInfo.hashAlgorithm));
comphelper::CryptoHash aCryptoHash(mInfo.hmacKey, cryptoHashTypeFromString(mInfo.hashAlgorithm));
BinaryXOutputStream aBinaryOutputStream(rxOutputStream, false);
BinaryXInputStream aBinaryInputStream(rxInputStream, false);
@ -839,7 +839,7 @@ void AgileEngine::encrypt(const css::uno::Reference<css::io::XInputStream> & rx
while ((inputLength = aBinaryInputStream.readMemory(inputBuffer.data(), inputBuffer.size())) > 0)
{
sal_uInt32 correctedInputLength = inputLength % mInfo.blockSize == 0 ?
inputLength : oox::crypto::roundUp(inputLength, sal_uInt32(mInfo.blockSize));
inputLength : comphelper::roundUp(inputLength, sal_uInt32(mInfo.blockSize));
// Update Key
auto p = saltWithBlockKey.begin() + saltSize;
@ -853,7 +853,7 @@ void AgileEngine::encrypt(const css::uno::Reference<css::io::XInputStream> & rx
// Only if hash > keySize
std::copy(hash.begin(), hash.begin() + keySize, iv.begin());
Encrypt aEncryptor(mKey, iv, AgileEngine::cryptoType(mInfo));
comphelper::Encrypt aEncryptor(mKey, iv, AgileEngine::cryptoType(mInfo));
outputLength = aEncryptor.update(outputBuffer, inputBuffer, correctedInputLength);
aBinaryOutputStream.writeMemory(outputBuffer.data(), outputLength);
aCryptoHash.update(outputBuffer, outputLength);

16
oox/source/crypto/Standard2007Engine.cxx
View file

@ -10,11 +10,11 @@
#include <oox/crypto/Standard2007Engine.hxx>
#include <oox/crypto/CryptTools.hxx>
#include <oox/helper/binaryinputstream.hxx>
#include <oox/helper/binaryoutputstream.hxx>
#include <rtl/random.h>
#include <comphelper/crypto/Crypto.hxx>
#include <comphelper/hash.hxx>
namespace oox::crypto {
@ -50,7 +50,7 @@ bool Standard2007Engine::generateVerifier()
lclRandomGenerateValues(verifier.data(), verifier.size());
std::vector<sal_uInt8> iv;
Encrypt aEncryptorVerifier(mKey, iv, Crypto::AES_128_ECB);
comphelper::Encrypt aEncryptorVerifier(mKey, iv, comphelper::CryptoType::AES_128_ECB);
if (aEncryptorVerifier.update(encryptedVerifier, verifier) != msfilter::ENCRYPTED_VERIFIER_LENGTH)
return false;
std::copy(encryptedVerifier.begin(), encryptedVerifier.end(), mInfo.verifier.encryptedVerifier);
@ -61,7 +61,7 @@ bool Standard2007Engine::generateVerifier()
std::vector<sal_uInt8> encryptedHash(comphelper::SHA256_HASH_LENGTH, 0);
Encrypt aEncryptorHash(mKey, iv, Crypto::AES_128_ECB);
comphelper::Encrypt aEncryptorHash(mKey, iv, comphelper::CryptoType::AES_128_ECB);
aEncryptorHash.update(encryptedHash, hash, hash.size());
std::copy(encryptedHash.begin(), encryptedHash.end(), mInfo.verifier.encryptedVerifierHash);
@ -148,10 +148,10 @@ bool Standard2007Engine::generateEncryptionKey(const OUString& password)
encryptedHash.begin());
std::vector<sal_uInt8> verifier(encryptedVerifier.size(), 0);
Decrypt::aes128ecb(verifier, encryptedVerifier, mKey);
comphelper::Decrypt::aes128ecb(verifier, encryptedVerifier, mKey);
std::vector<sal_uInt8> verifierHash(encryptedHash.size(), 0);
Decrypt::aes128ecb(verifierHash, encryptedHash, mKey);
comphelper::Decrypt::aes128ecb(verifierHash, encryptedHash, mKey);
std::vector<sal_uInt8> hash = comphelper::Hash::calculateHash(verifier.data(), verifier.size(), comphelper::HashType::SHA1);
@ -165,7 +165,7 @@ bool Standard2007Engine::decrypt(BinaryXInputStream& aInputStream,
aInputStream.skip(4); // Reserved 4 Bytes
std::vector<sal_uInt8> iv;
Decrypt aDecryptor(mKey, iv, Crypto::AES_128_ECB);
comphelper::Decrypt aDecryptor(mKey, iv, comphelper::CryptoType::AES_128_ECB);
std::vector<sal_uInt8> inputBuffer (4096);
std::vector<sal_uInt8> outputBuffer(4096);
sal_uInt32 inputLength;
@ -261,13 +261,13 @@ void Standard2007Engine::encrypt(const css::uno::Reference<css::io::XInputStream
sal_uInt32 outputLength;
std::vector<sal_uInt8> iv;
Encrypt aEncryptor(mKey, iv, Crypto::AES_128_ECB);
comphelper::Encrypt aEncryptor(mKey, iv, comphelper::CryptoType::AES_128_ECB);
while ((inputLength = aBinaryInputStream.readMemory(inputBuffer.data(), inputBuffer.size())) > 0)
{
// increase size to multiple of 16 (size of mKey) if necessary
inputLength = inputLength % AES128Size == 0 ?
inputLength : roundUp(inputLength, AES128Size);
inputLength : comphelper::roundUp(inputLength, AES128Size);
outputLength = aEncryptor.update(outputBuffer, inputBuffer, inputLength);
aBinaryOutputStream.writeMemory(outputBuffer.data(), outputLength);
}

2
solenv/clang-format/excludelist
View file

@ -5316,7 +5316,6 @@ include/oox/core/relations.hxx
include/oox/core/relationshandler.hxx
include/oox/core/xmlfilterbase.hxx
include/oox/crypto/AgileEngine.hxx
include/oox/crypto/CryptTools.hxx
include/oox/crypto/CryptoEngine.hxx
include/oox/crypto/DocumentDecryption.hxx
include/oox/crypto/DocumentEncryption.hxx
@ -6961,7 +6960,6 @@ oox/source/core/relations.cxx
oox/source/core/relationshandler.cxx
oox/source/core/xmlfilterbase.cxx
oox/source/crypto/AgileEngine.cxx
oox/source/crypto/CryptTools.cxx
oox/source/crypto/DocumentEncryption.cxx
oox/source/crypto/Standard2007Engine.cxx
oox/source/docprop/docprophandler.cxx