pengjunjie/core
1
0
Fork 1
mirror of https://github.com/ONLYOFFICE/core.git synced 2026-04-07 13:55:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

OfficeCryptReader - check data integrity

Browse Source
This commit is contained in:
ElenaSubbotina
2017-05-30 19:49:54 +03:00
parent f797af5f17
commit 5b5cb4188e
6 changed files with 59 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
OfficeCryptReader/source/CryptTransform.cpp
View File

@ -488,8 +488,10 @@ void ECMADecryptor::Decrypt(char* data , const size_t size, const unsigned long
}
}
}
bool ECMADecryptor::IsDataIntegrity(unsigned char* data, int size)
bool ECMADecryptor::CheckDataIntegrity(unsigned char* data, int size)
{
if (cryptData.bAgile == false) return true;
_buf pBlockKey ((unsigned char*)encrKeyValueBlockKey, 8);
_buf pBlockHmacKey ((unsigned char*)encrDataIntegritySaltBlockKey, 8);
_buf pBlockHmacValue((unsigned char*)encrDataIntegrityHmacValueBlockKey, 8);
@ -522,7 +524,7 @@ bool ECMADecryptor::IsDataIntegrity(unsigned char* data, int size)
std::string sData((char*)data, size);
_buf hmac = Hmac(salt, cryptData.hashAlgorithm, sData);
return (hmac == expected);
}
void ECMADecryptor::Decrypt(unsigned char* data_ptr, int data_size, unsigned char*& data_out)
@ -540,8 +542,6 @@ void ECMADecryptor::Decrypt(unsigned char* data_ptr, int data_size, unsigned ch
if (cryptData.bAgile)
{
bool isDataIntegrity = IsDataIntegrity(data_ptr, data_size);
_buf pBlockKey ((unsigned char*)encrKeyValueBlockKey, 8);
_buf pDataSalt (cryptData.dataSaltValue);
_buf pKeyValue (cryptData.encryptedKeyValue);
@ -603,6 +603,7 @@ void ECMADecryptor::Decrypt(unsigned char* data_ptr, int data_size, unsigned ch
DecryptCipher(hashKey, empty, pInp, pOut, cryptData.cipherAlgorithm);
}
}
//-----------------------------------------------------------------------------------------------------------
ECMAEncryptor::ECMAEncryptor()
{
@ -622,6 +623,7 @@ void ECMAEncryptor::GetCryptData(_ecmaCryptData &data)
{
data = cryptData;
}
void ECMAEncryptor::UpdateDataIntegrity(unsigned char* data, int size)
{
if (cryptData.bAgile == false) return;
@ -636,31 +638,32 @@ void ECMAEncryptor::UpdateDataIntegrity(unsigned char* data, int size)
_buf pDataSalt (cryptData.dataSaltValue);
_buf pKeyValue (cryptData.encryptedKeyValue);
_buf pEncHmacKey (cryptData.encryptedHmacKey);
_buf pEncHmacValue (cryptData.encryptedHmacValue);
_buf agileKey = GenerateAgileKey( pSalt, pPassword, pBlockKey, cryptData.keySize, cryptData.spinCount, cryptData.hashAlgorithm);
_buf secretKey;
DecryptCipher( agileKey, pSalt, pKeyValue, secretKey, cryptData.cipherAlgorithm);
//----
_buf iv1 = HashAppend(pDataSalt, pBlockHmacKey, cryptData.hashAlgorithm);
CorrectHashSize(iv1, cryptData.blockSize, 0x36);
_buf iv2 = HashAppend(pDataSalt, pBlockHmacValue, cryptData.hashAlgorithm);
CorrectHashSize(iv2, cryptData.blockSize, 0x36);
_buf salt;
DecryptCipher(secretKey, iv1, pEncHmacKey, salt, cryptData.cipherAlgorithm);
_buf expected;
DecryptCipher(secretKey, iv2, pEncHmacValue, expected, cryptData.cipherAlgorithm);
//----
std::string sData((char*)data, size);
_buf hmac = Hmac(salt, cryptData.hashAlgorithm, sData);
//return (hmac == expected);
_buf hmac = Hmac(pSalt, cryptData.hashAlgorithm, sData);
_buf pEncHmacKey;
EncryptCipher(secretKey, iv1, pSalt, pEncHmacKey, cryptData.cipherAlgorithm);
_buf pEncHmacValue;
EncryptCipher(secretKey, iv2, hmac, pEncHmacValue, cryptData.cipherAlgorithm);
cryptData.encryptedHmacKey = std::string((char*)pEncHmacKey.ptr, pEncHmacKey.size);
cryptData.encryptedHmacValue = std::string((char*)pEncHmacValue.ptr, pEncHmacValue.size);
}
int ECMAEncryptor::Encrypt(unsigned char* data_inp_ptr, int size, unsigned char*& data_out_ptr)
{
data_out_ptr = NULL;

5
OfficeCryptReader/source/CryptTransform.h
View File

@ -133,11 +133,12 @@ public:
virtual bool SetPassword (std::wstring password);
virtual bool IsVerify();
bool CheckDataIntegrity(unsigned char* data, int size);
void SetCryptData(_ecmaCryptData &data);
private:
bool IsDataIntegrity(unsigned char* data, int size);
std::wstring password;
_ecmaCryptData cryptData;
bool bVerify;

55
OfficeCryptReader/source/ECMACryptFile.cpp
View File

@ -575,6 +575,9 @@ bool ECMACryptFile::EncryptOfficeFile(std::wstring file_name_inp, std::wstring f
{
unsigned char* data_out2 = NULL;
decryptor.Decrypt(data_out, lengthData, data_out2);
bool bDataIntegrity = decryptor.CheckDataIntegrity(data_out, lengthData);
NSFile::CFileBinary test;
test.CreateFileW(file_name_out + L"-back.oox");
@ -586,8 +589,10 @@ bool ECMACryptFile::EncryptOfficeFile(std::wstring file_name_inp, std::wstring f
return true;
}
bool ECMACryptFile::DecryptOfficeFile(std::wstring file_name_inp, std::wstring file_name_out, std::wstring password)
bool ECMACryptFile::DecryptOfficeFile(std::wstring file_name_inp, std::wstring file_name_out, std::wstring password, bool & bDataIntegrity)
{
bDataIntegrity = false;
POLE::Storage *pStorage = new POLE::Storage(file_name_inp.c_str());
if (!pStorage)return false;
@ -597,45 +602,10 @@ bool ECMACryptFile::DecryptOfficeFile(std::wstring file_name_inp, std::wstring f
delete pStorage;
return false;
}
_ecmaCryptData cryptData;
//-------------------------------------------------------------------------------------------
_ecmaCryptData cryptData;
bool result = false;
//------------------------------------------------------------------------
//{
// std::wstring f = file_name_out + L"-1.docx";
// POLE::Storage *pStorage1 = new POLE::Storage(f.c_str());
// pStorage1->open(true, true);
// POLE::Stream *pStrIn = new POLE::Stream(pStorage, "EncryptionInfo");
// POLE::uint64 sz = pStrIn->size();
// POLE::Stream *pStrOut = new POLE::Stream(pStorage1, "EncryptionInfo", true, sz);
// BYTE *d = new BYTE [sz];
// pStrIn->read(d, sz);
// pStrOut->write(d, sz);
// delete d;
// pStrOut->flush();
// delete pStrOut;
// delete pStrIn;
// pStrIn = new POLE::Stream(pStorage, "EncryptedPackage");
// sz = pStrIn->size();
// pStrOut = new POLE::Stream(pStorage1, "EncryptedPackage", true, sz);
// d = new BYTE [sz];
// pStrIn->read(d, sz);
// pStrOut->write(d, sz);
// delete d;
// pStrOut->flush();
// delete pStrOut;
// delete pStrIn;
// pStorage1->close();
// delete pStorage1;
//}
//----------------------------------------------------------------------------
POLE::Stream *pStream = new POLE::Stream(pStorage, "EncryptionInfo");
if (pStream)
@ -747,8 +717,6 @@ bool ECMACryptFile::DecryptOfficeFile(std::wstring file_name_inp, std::wstring f
lengthData = *((_UINT64*)data);
decryptor.Decrypt(data, readTrue, data_out);//todoo сделать покусочное чтение декриптование
delete pStream;
delete []data;
if (data_out)
{
@ -760,11 +728,16 @@ bool ECMACryptFile::DecryptOfficeFile(std::wstring file_name_inp, std::wstring f
delete []data_out;
result = true;
}
bDataIntegrity = decryptor.CheckDataIntegrity(data, readTrue);
delete pStream;
delete []data;
}
//-------------------------------------------------------------------
delete pStorage;
cryptDataGlobal = cryptData;
cryptDataGlobal = cryptData; // for encrypt like sample
return result;
}

2
OfficeCryptReader/source/ECMACryptFile.h
View File

@ -37,7 +37,7 @@
class ECMACryptFile
{
public:
bool DecryptOfficeFile(std::wstring file_name_inp, std::wstring file_name_out, std::wstring password);
bool DecryptOfficeFile(std::wstring file_name_inp, std::wstring file_name_out, std::wstring password, bool & bDataIntegrity);
bool EncryptOfficeFile(std::wstring file_name_inp, std::wstring file_name_out, std::wstring password);
struct _refComponent