fix bug #58264

2026-02-10 18:05:41 +08:00 · 2022-07-26 18:56:57 +03:00
parent 803d216e53
commit 0a65c6b5f4
4 changed files with 78 additions and 31 deletions
--- a/OfficeCryptReader/source/CryptTransform.cpp
+++ b/OfficeCryptReader/source/CryptTransform.cpp
@ -728,20 +728,20 @@ bool ECMADecryptor::CheckDataIntegrity(unsigned char* data, int  size)
 	_buf secretKey;
 	DecryptCipher( agileKey, pSalt, pKeyValue, secretKey, cryptData.cipherAlgorithm);  
 //----			
-	_buf iv1 = HashAppend(pDataSalt, pBlockHmacKey, cryptData.hashAlgorithm);
-	CorrectHashSize(iv1, cryptData.blockSize, 0x36);
+	_buf iv1 = HashAppend(pDataSalt, pBlockHmacKey, cryptData.dataHashAlgorithm);
+	CorrectHashSize(iv1, cryptData.dataBlockSize, 0x36);
 	
-	_buf iv2 = HashAppend(pDataSalt, pBlockHmacValue, cryptData.hashAlgorithm);
-	CorrectHashSize(iv2, cryptData.blockSize, 0x36);
+	_buf iv2 = HashAppend(pDataSalt, pBlockHmacValue, cryptData.dataHashAlgorithm);
+	CorrectHashSize(iv2, cryptData.dataBlockSize, 0x36);

 	_buf pSaltHmac;
-	DecryptCipher(secretKey,  iv1, pEncHmacKey, pSaltHmac, cryptData.cipherAlgorithm);
+	DecryptCipher(secretKey,  iv1, pEncHmacKey, pSaltHmac, cryptData.dataCipherAlgorithm);
 	
 	_buf expected;
-	DecryptCipher(secretKey,  iv2, pEncHmacValue, expected, cryptData.cipherAlgorithm);
+	DecryptCipher(secretKey,  iv2, pEncHmacValue, expected, cryptData.dataCipherAlgorithm);

 	std::string sData((char*)data, size);
-	_buf hmac = Hmac(pSaltHmac, cryptData.hashAlgorithm, sData);
+	_buf hmac = Hmac(pSaltHmac, cryptData.dataHashAlgorithm, sData);
 		
 	return (hmac == expected);
 }
@ -783,9 +783,9 @@ void ECMADecryptor::Decrypt(unsigned char* data_inp, int  size, unsigned char*&
 				sz = size - pos;
 			
 			_buf pIndex((unsigned char*)&i, 4);
-			iv = HashAppend(pDataSalt, pIndex, cryptData.hashAlgorithm);
+			iv = HashAppend(pDataSalt, pIndex, cryptData.dataHashAlgorithm);

-			CorrectHashSize(iv, cryptData.blockSize, 0x36);
+			CorrectHashSize(iv, cryptData.dataBlockSize, 0x36);
 			
 			_buf pInp(data_inp + pos, sz, false);
 			_buf pOut(data_out + pos, sz, false);
--- a/OfficeCryptReader/source/CryptTransform.h
+++ b/OfficeCryptReader/source/CryptTransform.h
@ -99,8 +99,7 @@ struct _ecmaCryptData
 	int			hashSize	= 0x14;
 	int			blockSize	= 0x10;
 	int			saltSize	= 0x10;
-
-	std::string dataSaltValue;
+	
 	std::string saltValue;
 	std::string encryptedKeyValue;
 	std::string encryptedVerifierInput;
@ -109,6 +108,15 @@ struct _ecmaCryptData
 	std::string encryptedHmacKey;
 	std::string encryptedHmacValue;

+//---------------------------------------------------------------------------------------------
+	CRYPT_METHOD::_hashAlgorithm	dataHashAlgorithm = CRYPT_METHOD::SHA1;
+	CRYPT_METHOD::_cipherAlgorithm	dataCipherAlgorithm = CRYPT_METHOD::AES_CBC;
+	std::string dataSaltValue;
+	int			dataKeySize = 0x10;
+	int			dataHashSize = 0x14;
+	int			dataBlockSize = 0x10;
+	int			dataSaltSize = 0x10;
+
 	bool bAgile	= true;

 //..........
--- a/OfficeCryptReader/source/ECMACryptFile.cpp
+++ b/OfficeCryptReader/source/ECMACryptFile.cpp
@ -248,7 +248,7 @@ bool ReadXmlEncryptionInfo(const std::string & xml_string, _ecmaCryptData & cryp
 						sName = xmlReader.GetName();
 						if (L"p:encryptedKey" == sName)
 						 {
-							_keyEncryptor k={};
+							_keyEncryptor k;
 							 
 							WritingElement_ReadAttributes_Start( xmlReader)
 								WritingElement_ReadAttributes_Read_if     ( xmlReader, "spinCount",			k.spinCount )
@ -281,37 +281,66 @@ bool ReadXmlEncryptionInfo(const std::string & xml_string, _ecmaCryptData & cryp
 	cryptData.saltSize				 = atoi(keyEncryptors[0].saltSize.c_str());
 	cryptData.keySize				 = atoi(keyEncryptors[0].keyBits.c_str() ) / 8;
 	
-	cryptData.dataSaltValue          = DecodeBase64(keyData.saltValue);
 	cryptData.saltValue              = DecodeBase64(keyEncryptors[0].saltValue);
 	cryptData.encryptedKeyValue      = DecodeBase64(keyEncryptors[0].encryptedKeyValue);
 	cryptData.encryptedVerifierInput = DecodeBase64(keyEncryptors[0].encryptedVerifierHashInput);
 	cryptData.encryptedVerifierValue = DecodeBase64(keyEncryptors[0].encryptedVerifierHashValue);
-	  
-	cryptData.encryptedHmacKey       = DecodeBase64(dataIntegrity.encryptedHmacKey);
-	cryptData.encryptedHmacValue     = DecodeBase64(dataIntegrity.encryptedHmacValue);
+	
+		 if (keyEncryptors[0].hashAlgorithm == "SHA1")		cryptData.hashAlgorithm = CRYPT_METHOD::SHA1;
+	else if (keyEncryptors[0].hashAlgorithm == "SHA224")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA224;
+	else if (keyEncryptors[0].hashAlgorithm == "SHA256")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA256;
+	else if (keyEncryptors[0].hashAlgorithm == "SHA384")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA384;
+	else if (keyEncryptors[0].hashAlgorithm == "SHA512")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA512;
+	else if (keyEncryptors[0].hashAlgorithm == "MD5")		cryptData.hashAlgorithm = CRYPT_METHOD::MD5;
+
+	if (keyEncryptors[0].cipherAlgorithm == "AES")
+	{
+		cryptData.cipherAlgorithm = CRYPT_METHOD::AES_CBC;
+		//if (keyEncryptors[0].cipherChaining == "ChainingModeCBC")	cryptData.cipherAlgorithm = CRYPT_METHOD::AES_CBC;
+		if (keyEncryptors[0].cipherChaining == "ChainingModeCFB")	cryptData.dataCipherAlgorithm = CRYPT_METHOD::AES_CFB;
+	}
+	else if (keyEncryptors[0].cipherAlgorithm == "RC4")
+	{
+		cryptData.dataCipherAlgorithm = CRYPT_METHOD::RC4;
+	}
+	else if (keyEncryptors[0].cipherAlgorithm == "DES")
+	{
+		cryptData.dataCipherAlgorithm = CRYPT_METHOD::DES_CBC;
+		//if (keyEncryptors[0].cipherChaining == "ChainingModeCBC")	cryptData.cipherAlgorithm = CRYPT_METHOD::DES_CBC;
+		if (keyEncryptors[0].cipherChaining == "ChainingModeECB")	cryptData.cipherAlgorithm = CRYPT_METHOD::DES_ECB;
+	}
+//---------------------------------------------------------------------------------------------------------------
+	cryptData.encryptedHmacKey = DecodeBase64(dataIntegrity.encryptedHmacKey);
+	cryptData.encryptedHmacValue = DecodeBase64(dataIntegrity.encryptedHmacValue);
+//---------------------------------------------------------------------------------------------------------------
+	cryptData.dataSaltValue			= DecodeBase64(keyData.saltValue);
+	cryptData.dataBlockSize			= atoi(keyData.blockSize.c_str());
+	cryptData.dataHashSize			= atoi(keyData.hashSize.c_str());
+	cryptData.dataSaltSize			= atoi(keyData.saltSize.c_str());
+	cryptData.dataKeySize			= atoi(keyData.keyBits.c_str()) / 8;

 	if (keyData.cipherAlgorithm == "AES")
 	{
 		cryptData.cipherAlgorithm = CRYPT_METHOD::AES_CBC;
 		//if (keyData.cipherChaining == "ChainingModeCBC")	cryptData.cipherAlgorithm = CRYPT_METHOD::AES_CBC;
-		if (keyData.cipherChaining == "ChainingModeCFB")	cryptData.cipherAlgorithm = CRYPT_METHOD::AES_CFB;
+		if (keyData.cipherChaining == "ChainingModeCFB")	cryptData.dataCipherAlgorithm = CRYPT_METHOD::AES_CFB;
 	}
 	else if (keyData.cipherAlgorithm == "RC4")
 	{
-		cryptData.cipherAlgorithm = CRYPT_METHOD::RC4;
+		cryptData.dataCipherAlgorithm = CRYPT_METHOD::RC4;
 	}
 	else if (keyData.cipherAlgorithm == "DES")
 	{
-		cryptData.cipherAlgorithm = CRYPT_METHOD::DES_CBC;
+		cryptData.dataCipherAlgorithm = CRYPT_METHOD::DES_CBC;
 		//if (keyData.cipherChaining == "ChainingModeCBC")	cryptData.cipherAlgorithm = CRYPT_METHOD::DES_CBC;
 		if (keyData.cipherChaining == "ChainingModeECB")	cryptData.cipherAlgorithm = CRYPT_METHOD::DES_ECB;
 	}
-	if		(keyData.hashAlgorithm == "SHA1")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA1;
-	else if (keyData.hashAlgorithm == "SHA224")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA224;
-	else if (keyData.hashAlgorithm == "SHA256")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA256;
-	else if (keyData.hashAlgorithm == "SHA384")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA384;
-	else if (keyData.hashAlgorithm == "SHA512")	cryptData.hashAlgorithm = CRYPT_METHOD::SHA512;
-	else if (keyData.hashAlgorithm == "MD5")	cryptData.hashAlgorithm = CRYPT_METHOD::MD5;
+		 if (keyData.hashAlgorithm == "SHA1")	cryptData.dataHashAlgorithm = CRYPT_METHOD::SHA1;
+	else if (keyData.hashAlgorithm == "SHA224")	cryptData.dataHashAlgorithm = CRYPT_METHOD::SHA224;
+	else if (keyData.hashAlgorithm == "SHA256")	cryptData.dataHashAlgorithm = CRYPT_METHOD::SHA256;
+	else if (keyData.hashAlgorithm == "SHA384")	cryptData.dataHashAlgorithm = CRYPT_METHOD::SHA384;
+	else if (keyData.hashAlgorithm == "SHA512")	cryptData.dataHashAlgorithm = CRYPT_METHOD::SHA512;
+	else if (keyData.hashAlgorithm == "MD5")	cryptData.dataHashAlgorithm = CRYPT_METHOD::MD5;

 	return true;
 }
@ -634,6 +663,12 @@ bool ReadStandartEncryptionInfo(unsigned char* data, int size, _ecmaCryptData &
 		cryptData.keySize	= 256 /8;	
 		break;
 	}
+	cryptData.dataHashAlgorithm = cryptData.hashAlgorithm;
+	cryptData.dataBlockSize = cryptData.blockSize;
+	cryptData.dataCipherAlgorithm = cryptData.cipherAlgorithm;
+	cryptData.dataHashSize = cryptData.hashSize;
+	cryptData.dataKeySize = cryptData.keySize;
+	cryptData.dataSaltSize = cryptData.saltSize;
 	return true;
 }

@ -664,13 +699,13 @@ bool ECMACryptFile::EncryptOfficeFile(const std::wstring &file_name_inp, const s
 	//else
 	{
 		cryptData.bAgile			= true;
-		cryptData.cipherAlgorithm	= CRYPT_METHOD::AES_CBC;
-		cryptData.hashAlgorithm		= CRYPT_METHOD::SHA512;
-		cryptData.keySize			= 0x20;
-		cryptData.hashSize			= 0x40;
-		cryptData.blockSize			= 0x10;
-		cryptData.saltSize			= 0x10;
 		cryptData.spinCount			= 100000;
+		cryptData.cipherAlgorithm	= cryptData.dataCipherAlgorithm = CRYPT_METHOD::AES_CBC;
+		cryptData.hashAlgorithm		= cryptData.dataHashAlgorithm	= CRYPT_METHOD::SHA512;
+		cryptData.keySize			= cryptData.dataKeySize			= 0x20;
+		cryptData.hashSize			= cryptData.dataHashSize		= 0x40;
+		cryptData.blockSize			= cryptData.dataBlockSize		= 0x10;
+		cryptData.saltSize			= cryptData.dataSaltSize		= 0x10;
 	}
 	//cryptData.bAgile				= true;
 	//cryptData.cipherAlgorithm		= CRYPT_METHOD::DES_CBC;