|
|
1458e3 |
From 96b088a62174a70441ebe959495756e9d86203a2 Mon Sep 17 00:00:00 2001
|
|
|
1458e3 |
From: Stephan Bergmann <sbergman@redhat.com>
|
|
|
1458e3 |
Date: Thu, 24 Sep 2020 14:51:16 +0200
|
|
|
1458e3 |
Subject: [PATCH] Fix endianness issues in OOX crypto routines
|
|
|
1458e3 |
|
|
|
1458e3 |
...without which CppunitTest_sw_ooxmlencryption failed on (big-endian) s390x:
|
|
|
1458e3 |
|
|
|
1458e3 |
* The 32-bit segment counter in AgileEngine::de-/encrypt apparently needs to be
|
|
|
1458e3 |
stored in LSB format (at least, if it is, CppunitTest_sw_ooxmlencryption
|
|
|
1458e3 |
ultimately succeeded, whereas otherwise it failed).
|
|
|
1458e3 |
|
|
|
1458e3 |
* The UTF-16 string in Standard2007Engine::calculateEncryptionKey apparently
|
|
|
1458e3 |
needs to be in LSB format (at least, if it is, CppunitTest_sw_ooxmlencryption
|
|
|
1458e3 |
ultimately succeeded, whereas otherwise it failed).
|
|
|
1458e3 |
|
|
|
1458e3 |
* The various 32-bit values in the EncryptionStandardHeader and
|
|
|
1458e3 |
EncryptionVerifierAES data structures apparently need to be written out in LSB
|
|
|
1458e3 |
format in Standard2007Engine::writeEncryptionInfo, given that they are always
|
|
|
1458e3 |
read in LSB format in Standard2007Engine::readEncryptionInfo.
|
|
|
1458e3 |
|
|
|
1458e3 |
Change-Id: I3a1efbfe324b1bbd539b88dc5d40bb44f9676ffa
|
|
|
1458e3 |
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103315
|
|
|
1458e3 |
Tested-by: Jenkins
|
|
|
1458e3 |
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
|
1458e3 |
(cherry picked from commit 646a69757b928aeaf6e0d0d41c4b30c02803a3a3)
|
|
|
1458e3 |
---
|
|
|
1458e3 |
oox/source/crypto/AgileEngine.cxx | 16 +++++++++-----
|
|
|
1458e3 |
oox/source/crypto/Standard2007Engine.cxx | 28 +++++++++++++++++-------
|
|
|
1458e3 |
2 files changed, 30 insertions(+), 14 deletions(-)
|
|
|
1458e3 |
|
|
|
1458e3 |
diff --git a/oox/source/crypto/AgileEngine.cxx b/oox/source/crypto/AgileEngine.cxx
|
|
|
1458e3 |
index 7c2a0e9c93d2..0fc972bf2ca5 100644
|
|
|
1458e3 |
--- a/oox/source/crypto/AgileEngine.cxx
|
|
|
1458e3 |
+++ b/oox/source/crypto/AgileEngine.cxx
|
|
|
1458e3 |
@@ -457,9 +457,11 @@ bool AgileEngine::decrypt(BinaryXInputStream& aInputStream,
|
|
|
1458e3 |
|
|
|
1458e3 |
while ((inputLength = aInputStream.readMemory(inputBuffer.data(), inputBuffer.size())) > 0)
|
|
|
1458e3 |
{
|
|
|
1458e3 |
- sal_uInt8* segmentBegin = reinterpret_cast<sal_uInt8*>(&segment);
|
|
|
1458e3 |
- sal_uInt8* segmentEnd = segmentBegin + sizeof(segment);
|
|
|
1458e3 |
- std::copy(segmentBegin, segmentEnd, saltWithBlockKey.begin() + saltSize);
|
|
|
1458e3 |
+ auto p = saltWithBlockKey.begin() + saltSize;
|
|
|
1458e3 |
+ p[0] = segment & 0xFF;
|
|
|
1458e3 |
+ p[1] = (segment >> 8) & 0xFF;
|
|
|
1458e3 |
+ p[2] = (segment >> 16) & 0xFF;
|
|
|
1458e3 |
+ p[3] = segment >> 24;
|
|
|
1458e3 |
|
|
|
1458e3 |
hashCalc(hash, saltWithBlockKey, mInfo.hashAlgorithm);
|
|
|
1458e3 |
|
|
|
1458e3 |
@@ -800,9 +802,11 @@ void AgileEngine::encrypt(css::uno::Reference<css::io::XInputStream> & rxInputS
|
|
|
1458e3 |
inputLength : oox::core::roundUp(inputLength, sal_uInt32(mInfo.blockSize));
|
|
|
1458e3 |
|
|
|
1458e3 |
// Update Key
|
|
|
1458e3 |
- sal_uInt8* segmentBegin = reinterpret_cast<sal_uInt8*>(&nSegment);
|
|
|
1458e3 |
- sal_uInt8* segmentEnd = segmentBegin + nSegmentByteSize;
|
|
|
1458e3 |
- std::copy(segmentBegin, segmentEnd, saltWithBlockKey.begin() + saltSize);
|
|
|
1458e3 |
+ auto p = saltWithBlockKey.begin() + saltSize;
|
|
|
1458e3 |
+ p[0] = nSegment & 0xFF;
|
|
|
1458e3 |
+ p[1] = (nSegment >> 8) & 0xFF;
|
|
|
1458e3 |
+ p[2] = (nSegment >> 16) & 0xFF;
|
|
|
1458e3 |
+ p[3] = nSegment >> 24;
|
|
|
1458e3 |
|
|
|
1458e3 |
hashCalc(hash, saltWithBlockKey, mInfo.hashAlgorithm);
|
|
|
1458e3 |
|
|
|
1458e3 |
diff --git a/oox/source/crypto/Standard2007Engine.cxx b/oox/source/crypto/Standard2007Engine.cxx
|
|
|
1458e3 |
index 38c4e03baf15..e96fc8f841f2 100644
|
|
|
1458e3 |
--- a/oox/source/crypto/Standard2007Engine.cxx
|
|
|
1458e3 |
+++ b/oox/source/crypto/Standard2007Engine.cxx
|
|
|
1458e3 |
@@ -79,12 +79,12 @@ bool Standard2007Engine::calculateEncryptionKey(const OUString& rPassword)
|
|
|
1458e3 |
std::vector<sal_uInt8> initialData(saltSize + passwordByteLength);
|
|
|
1458e3 |
std::copy(saltArray, saltArray + saltSize, initialData.begin());
|
|
|
1458e3 |
|
|
|
1458e3 |
- const sal_uInt8* passwordByteArray = reinterpret_cast<const sal_uInt8*>(rPassword.getStr());
|
|
|
1458e3 |
-
|
|
|
1458e3 |
- std::copy(
|
|
|
1458e3 |
- passwordByteArray,
|
|
|
1458e3 |
- passwordByteArray + passwordByteLength,
|
|
|
1458e3 |
- initialData.begin() + saltSize);
|
|
|
1458e3 |
+ auto p = initialData.begin() + saltSize;
|
|
|
1458e3 |
+ for (sal_Int32 i = 0; i != rPassword.getLength(); ++i) {
|
|
|
1458e3 |
+ auto c = rPassword[i];
|
|
|
1458e3 |
+ *p++ = c & 0xFF;
|
|
|
1458e3 |
+ *p++ = c >> 8;
|
|
|
1458e3 |
+ }
|
|
|
1458e3 |
|
|
|
1458e3 |
// use "hash" vector for result of sha1 hashing
|
|
|
1458e3 |
// calculate SHA1 hash of initialData
|
|
|
1458e3 |
@@ -223,11 +223,23 @@ void Standard2007Engine::writeEncryptionInfo(BinaryXOutputStream& rStream)
|
|
|
1458e3 |
sal_uInt32 headerSize = encryptionHeaderSize + cspNameSize;
|
|
|
1458e3 |
rStream.WriteUInt32(headerSize);
|
|
|
1458e3 |
|
|
|
1458e3 |
- rStream.writeMemory(&mInfo.header, encryptionHeaderSize);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.flags);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.sizeExtra);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.algId);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.algIdHash);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.keyBits);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.providedType);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.reserved1);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.header.reserved2);
|
|
|
1458e3 |
rStream.writeUnicodeArray(lclCspName);
|
|
|
1458e3 |
rStream.WriteUInt16(0);
|
|
|
1458e3 |
|
|
|
1458e3 |
- rStream.writeMemory(&mInfo.verifier, sizeof(msfilter::EncryptionVerifierAES));
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.verifier.saltSize);
|
|
|
1458e3 |
+ rStream.writeMemory(&mInfo.verifier.salt, sizeof mInfo.verifier.salt);
|
|
|
1458e3 |
+ rStream.writeMemory(&mInfo.verifier.encryptedVerifier, sizeof mInfo.verifier.encryptedVerifier);
|
|
|
1458e3 |
+ rStream.WriteUInt32(mInfo.verifier.encryptedVerifierHashSize);
|
|
|
1458e3 |
+ rStream.writeMemory(
|
|
|
1458e3 |
+ &mInfo.verifier.encryptedVerifierHash, sizeof mInfo.verifier.encryptedVerifierHash);
|
|
|
1458e3 |
}
|
|
|
1458e3 |
|
|
|
1458e3 |
void Standard2007Engine::encrypt(css::uno::Reference<css::io::XInputStream> & rxInputStream,
|
|
|
1458e3 |
--
|
|
|
1458e3 |
2.33.1
|
|
|
1458e3 |
|