1dde7d3faSAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3dde7d3faSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4dde7d3faSAndrew Rist * or more contributor license agreements. See the NOTICE file
5dde7d3faSAndrew Rist * distributed with this work for additional information
6dde7d3faSAndrew Rist * regarding copyright ownership. The ASF licenses this file
7dde7d3faSAndrew Rist * to you under the Apache License, Version 2.0 (the
8dde7d3faSAndrew Rist * "License"); you may not use this file except in compliance
9dde7d3faSAndrew Rist * with the License. You may obtain a copy of the License at
10dde7d3faSAndrew Rist *
11dde7d3faSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12dde7d3faSAndrew Rist *
13dde7d3faSAndrew Rist * Unless required by applicable law or agreed to in writing,
14dde7d3faSAndrew Rist * software distributed under the License is distributed on an
15dde7d3faSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16dde7d3faSAndrew Rist * KIND, either express or implied. See the License for the
17dde7d3faSAndrew Rist * specific language governing permissions and limitations
18dde7d3faSAndrew Rist * under the License.
19dde7d3faSAndrew Rist *
20dde7d3faSAndrew Rist *************************************************************/
21dde7d3faSAndrew Rist
22dde7d3faSAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_comphelper.hxx"
26cdf0e10cSrcweir
27cdf0e10cSrcweir #include "comphelper/docpasswordhelper.hxx"
28cdf0e10cSrcweir #include <com/sun/star/task/XInteractionHandler.hpp>
29cdf0e10cSrcweir #include "comphelper/mediadescriptor.hxx"
30cdf0e10cSrcweir
31cdf0e10cSrcweir #include <osl/time.h>
32cdf0e10cSrcweir #include <rtl/digest.h>
33cdf0e10cSrcweir #include <rtl/random.h>
34cdf0e10cSrcweir
35cdf0e10cSrcweir using ::rtl::OUString;
36cdf0e10cSrcweir using ::com::sun::star::uno::Sequence;
37cdf0e10cSrcweir using ::com::sun::star::uno::Exception;
38cdf0e10cSrcweir using ::com::sun::star::uno::Reference;
39cdf0e10cSrcweir using ::com::sun::star::uno::UNO_SET_THROW;
40cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode;
41cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_ENTER;
42cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_REENTER;
43cdf0e10cSrcweir using ::com::sun::star::task::XInteractionHandler;
44cdf0e10cSrcweir using ::com::sun::star::task::XInteractionRequest;
45cdf0e10cSrcweir
46cdf0e10cSrcweir using namespace ::com::sun::star;
47cdf0e10cSrcweir
48cdf0e10cSrcweir namespace comphelper {
49cdf0e10cSrcweir
50cdf0e10cSrcweir // ============================================================================
51cdf0e10cSrcweir
GeneratePBKDF2Hash(const::rtl::OUString & aPassword,const uno::Sequence<sal_Int8> & aSalt,sal_Int32 nCount,sal_Int32 nHashLength)52cdf0e10cSrcweir static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aSalt, sal_Int32 nCount, sal_Int32 nHashLength )
53cdf0e10cSrcweir {
54cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult;
55cdf0e10cSrcweir
56*49b34792SHerbert Dürr if ( !aPassword.isEmpty() && aSalt.getLength() && nCount && nHashLength )
57cdf0e10cSrcweir {
58cdf0e10cSrcweir ::rtl::OString aBytePass = ::rtl::OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 );
59cdf0e10cSrcweir aResult.realloc( 16 );
60cdf0e10cSrcweir rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ),
61cdf0e10cSrcweir aResult.getLength(),
62cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aBytePass.getStr() ),
63cdf0e10cSrcweir aBytePass.getLength(),
64cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aSalt.getConstArray() ),
65cdf0e10cSrcweir aSalt.getLength(),
66cdf0e10cSrcweir nCount );
67cdf0e10cSrcweir }
68cdf0e10cSrcweir
69cdf0e10cSrcweir return aResult;
70cdf0e10cSrcweir }
71cdf0e10cSrcweir
72cdf0e10cSrcweir // ============================================================================
73cdf0e10cSrcweir
~IDocPasswordVerifier()74cdf0e10cSrcweir IDocPasswordVerifier::~IDocPasswordVerifier()
75cdf0e10cSrcweir {
76cdf0e10cSrcweir }
77cdf0e10cSrcweir
78cdf0e10cSrcweir // ============================================================================
GenerateNewModifyPasswordInfo(const::rtl::OUString & aPassword)79cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > DocPasswordHelper::GenerateNewModifyPasswordInfo( const ::rtl::OUString& aPassword )
80cdf0e10cSrcweir {
81cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > aResult;
82cdf0e10cSrcweir
83cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt = GenerateRandomByteSequence( 16 );
84cdf0e10cSrcweir sal_Int32 nCount = 1024;
85cdf0e10cSrcweir
86cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, 16 );
87cdf0e10cSrcweir if ( aNewHash.getLength() )
88cdf0e10cSrcweir {
89cdf0e10cSrcweir aResult.realloc( 4 );
90cdf0e10cSrcweir aResult[0].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) );
91cdf0e10cSrcweir aResult[0].Value <<= ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) );
92cdf0e10cSrcweir aResult[1].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) );
93cdf0e10cSrcweir aResult[1].Value <<= aSalt;
94cdf0e10cSrcweir aResult[2].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) );
95cdf0e10cSrcweir aResult[2].Value <<= nCount;
96cdf0e10cSrcweir aResult[3].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) );
97cdf0e10cSrcweir aResult[3].Value <<= aNewHash;
98cdf0e10cSrcweir }
99cdf0e10cSrcweir
100cdf0e10cSrcweir return aResult;
101cdf0e10cSrcweir }
102cdf0e10cSrcweir
103cdf0e10cSrcweir // ============================================================================
IsModifyPasswordCorrect(const::rtl::OUString & aPassword,const uno::Sequence<beans::PropertyValue> & aInfo)104cdf0e10cSrcweir sal_Bool DocPasswordHelper::IsModifyPasswordCorrect( const ::rtl::OUString& aPassword, const uno::Sequence< beans::PropertyValue >& aInfo )
105cdf0e10cSrcweir {
106cdf0e10cSrcweir sal_Bool bResult = sal_False;
107*49b34792SHerbert Dürr if ( !aPassword.isEmpty() && aInfo.getLength() )
108cdf0e10cSrcweir {
109cdf0e10cSrcweir ::rtl::OUString sAlgorithm;
110cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt;
111cdf0e10cSrcweir uno::Sequence< sal_Int8 > aHash;
112cdf0e10cSrcweir sal_Int32 nCount = 0;
113cdf0e10cSrcweir
114cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aInfo.getLength(); nInd++ )
115cdf0e10cSrcweir {
116cdf0e10cSrcweir if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) ) ) )
117cdf0e10cSrcweir aInfo[nInd].Value >>= sAlgorithm;
118cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) ) ) )
119cdf0e10cSrcweir aInfo[nInd].Value >>= aSalt;
120cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) ) ) )
121cdf0e10cSrcweir aInfo[nInd].Value >>= nCount;
122cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) ) ) )
123cdf0e10cSrcweir aInfo[nInd].Value >>= aHash;
124cdf0e10cSrcweir }
125cdf0e10cSrcweir
126cdf0e10cSrcweir if ( sAlgorithm.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) ) )
127cdf0e10cSrcweir && aSalt.getLength() && nCount > 0 && aHash.getLength() )
128cdf0e10cSrcweir {
129cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, aHash.getLength() );
130cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aNewHash.getLength() && nInd < aHash.getLength() && aNewHash[nInd] == aHash[nInd]; nInd ++ )
131cdf0e10cSrcweir {
132cdf0e10cSrcweir if ( nInd == aNewHash.getLength() - 1 && nInd == aHash.getLength() - 1 )
133cdf0e10cSrcweir bResult = sal_True;
134cdf0e10cSrcweir }
135cdf0e10cSrcweir }
136cdf0e10cSrcweir }
137cdf0e10cSrcweir
138cdf0e10cSrcweir return bResult;
139cdf0e10cSrcweir }
140cdf0e10cSrcweir
141cdf0e10cSrcweir // ============================================================================
GetWordHashAsUINT32(const::rtl::OUString & aUString)142cdf0e10cSrcweir sal_uInt32 DocPasswordHelper::GetWordHashAsUINT32(
143cdf0e10cSrcweir const ::rtl::OUString& aUString )
144cdf0e10cSrcweir {
145cdf0e10cSrcweir static sal_uInt16 pInitialCode[] = {
146cdf0e10cSrcweir 0xE1F0, // 1
147cdf0e10cSrcweir 0x1D0F, // 2
148cdf0e10cSrcweir 0xCC9C, // 3
149cdf0e10cSrcweir 0x84C0, // 4
150cdf0e10cSrcweir 0x110C, // 5
151cdf0e10cSrcweir 0x0E10, // 6
152cdf0e10cSrcweir 0xF1CE, // 7
153cdf0e10cSrcweir 0x313E, // 8
154cdf0e10cSrcweir 0x1872, // 9
155cdf0e10cSrcweir 0xE139, // 10
156cdf0e10cSrcweir 0xD40F, // 11
157cdf0e10cSrcweir 0x84F9, // 12
158cdf0e10cSrcweir 0x280C, // 13
159cdf0e10cSrcweir 0xA96A, // 14
160cdf0e10cSrcweir 0x4EC3 // 15
161cdf0e10cSrcweir };
162cdf0e10cSrcweir
163cdf0e10cSrcweir static sal_uInt16 pEncryptionMatrix[15][7] = {
164cdf0e10cSrcweir { 0xAEFC, 0x4DD9, 0x9BB2, 0x2745, 0x4E8A, 0x9D14, 0x2A09}, // last-14
165cdf0e10cSrcweir { 0x7B61, 0xF6C2, 0xFDA5, 0xEB6B, 0xC6F7, 0x9DCF, 0x2BBF}, // last-13
166cdf0e10cSrcweir { 0x4563, 0x8AC6, 0x05AD, 0x0B5A, 0x16B4, 0x2D68, 0x5AD0}, // last-12
167cdf0e10cSrcweir { 0x0375, 0x06EA, 0x0DD4, 0x1BA8, 0x3750, 0x6EA0, 0xDD40}, // last-11
168cdf0e10cSrcweir { 0xD849, 0xA0B3, 0x5147, 0xA28E, 0x553D, 0xAA7A, 0x44D5}, // last-10
169cdf0e10cSrcweir { 0x6F45, 0xDE8A, 0xAD35, 0x4A4B, 0x9496, 0x390D, 0x721A}, // last-9
170cdf0e10cSrcweir { 0xEB23, 0xC667, 0x9CEF, 0x29FF, 0x53FE, 0xA7FC, 0x5FD9}, // last-8
171cdf0e10cSrcweir { 0x47D3, 0x8FA6, 0x8FA6, 0x1EDA, 0x3DB4, 0x7B68, 0xF6D0}, // last-7
172cdf0e10cSrcweir { 0xB861, 0x60E3, 0xC1C6, 0x93AD, 0x377B, 0x6EF6, 0xDDEC}, // last-6
173cdf0e10cSrcweir { 0x45A0, 0x8B40, 0x06A1, 0x0D42, 0x1A84, 0x3508, 0x6A10}, // last-5
174cdf0e10cSrcweir { 0xAA51, 0x4483, 0x8906, 0x022D, 0x045A, 0x08B4, 0x1168}, // last-4
175cdf0e10cSrcweir { 0x76B4, 0xED68, 0xCAF1, 0x85C3, 0x1BA7, 0x374E, 0x6E9C}, // last-3
176cdf0e10cSrcweir { 0x3730, 0x6E60, 0xDCC0, 0xA9A1, 0x4363, 0x86C6, 0x1DAD}, // last-2
177cdf0e10cSrcweir { 0x3331, 0x6662, 0xCCC4, 0x89A9, 0x0373, 0x06E6, 0x0DCC}, // last-1
178cdf0e10cSrcweir { 0x1021, 0x2042, 0x4084, 0x8108, 0x1231, 0x2462, 0x48C4} // last
179cdf0e10cSrcweir };
180cdf0e10cSrcweir
181cdf0e10cSrcweir sal_uInt32 nResult = 0;
182cdf0e10cSrcweir sal_uInt32 nLen = aUString.getLength();
183cdf0e10cSrcweir
184cdf0e10cSrcweir if ( nLen )
185cdf0e10cSrcweir {
186cdf0e10cSrcweir if ( nLen > 15 )
187cdf0e10cSrcweir nLen = 15;
188cdf0e10cSrcweir
189cdf0e10cSrcweir sal_uInt16 nHighResult = pInitialCode[nLen - 1];
190cdf0e10cSrcweir sal_uInt16 nLowResult = 0;
191cdf0e10cSrcweir
192cdf0e10cSrcweir const sal_Unicode* pStr = aUString.getStr();
193cdf0e10cSrcweir for ( sal_uInt32 nInd = 0; nInd < nLen; nInd++ )
194cdf0e10cSrcweir {
195cdf0e10cSrcweir // NO Encoding during conversion!
196cdf0e10cSrcweir // The specification says that the low byte should be used in case it is not NULL
197cdf0e10cSrcweir char nHighChar = (char)( pStr[nInd] >> 8 );
198cdf0e10cSrcweir char nLowChar = (char)( pStr[nInd] & 0xFF );
199cdf0e10cSrcweir char nChar = nLowChar ? nLowChar : nHighChar;
200cdf0e10cSrcweir
201cdf0e10cSrcweir for ( int nMatrixInd = 0; nMatrixInd < 7; ++nMatrixInd )
202cdf0e10cSrcweir {
203cdf0e10cSrcweir if ( ( nChar & ( 1 << nMatrixInd ) ) != 0 )
204cdf0e10cSrcweir nHighResult = nHighResult ^ pEncryptionMatrix[15 - nLen + nInd][nMatrixInd];
205cdf0e10cSrcweir }
206cdf0e10cSrcweir
207cdf0e10cSrcweir nLowResult = ( ( ( nLowResult >> 14 ) & 0x0001 ) | ( ( nLowResult << 1 ) & 0x7FFF ) ) ^ nChar;
208cdf0e10cSrcweir }
209cdf0e10cSrcweir
210cdf0e10cSrcweir nLowResult = (sal_uInt16)( ( ( ( nLowResult >> 14 ) & 0x001 ) | ( ( nLowResult << 1 ) & 0x7FF ) ) ^ nLen ^ 0xCE4B );
211cdf0e10cSrcweir
212cdf0e10cSrcweir nResult = ( nHighResult << 16 ) | nLowResult;
213cdf0e10cSrcweir }
214cdf0e10cSrcweir
215cdf0e10cSrcweir return nResult;
216cdf0e10cSrcweir }
217cdf0e10cSrcweir
218cdf0e10cSrcweir // ============================================================================
GetWordHashAsSequence(const::rtl::OUString & aUString)219cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetWordHashAsSequence(
220cdf0e10cSrcweir const ::rtl::OUString& aUString )
221cdf0e10cSrcweir {
222cdf0e10cSrcweir sal_uInt32 nHash = GetWordHashAsUINT32( aUString );
223cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 4 );
224cdf0e10cSrcweir aResult[0] = ( nHash >> 24 );
225cdf0e10cSrcweir aResult[1] = ( ( nHash >> 16 ) & 0xFF );
226cdf0e10cSrcweir aResult[2] = ( ( nHash >> 8 ) & 0xFF );
227cdf0e10cSrcweir aResult[3] = ( nHash & 0xFF );
228cdf0e10cSrcweir
229cdf0e10cSrcweir return aResult;
230cdf0e10cSrcweir }
231cdf0e10cSrcweir
232cdf0e10cSrcweir // ============================================================================
GetXLHashAsUINT16(const::rtl::OUString & aUString,rtl_TextEncoding nEnc)233cdf0e10cSrcweir sal_uInt16 DocPasswordHelper::GetXLHashAsUINT16(
234cdf0e10cSrcweir const ::rtl::OUString& aUString,
235cdf0e10cSrcweir rtl_TextEncoding nEnc )
236cdf0e10cSrcweir {
237cdf0e10cSrcweir sal_uInt16 nResult = 0;
238cdf0e10cSrcweir
239cdf0e10cSrcweir ::rtl::OString aString = ::rtl::OUStringToOString( aUString, nEnc );
240cdf0e10cSrcweir
241*49b34792SHerbert Dürr if ( !aString.isEmpty() && aString.getLength() <= SAL_MAX_UINT16 )
242cdf0e10cSrcweir {
243cdf0e10cSrcweir for ( sal_Int32 nInd = aString.getLength() - 1; nInd >= 0; nInd-- )
244cdf0e10cSrcweir {
245cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF );
246cdf0e10cSrcweir nResult ^= aString.getStr()[nInd];
247cdf0e10cSrcweir }
248cdf0e10cSrcweir
249cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF );
250cdf0e10cSrcweir nResult ^= ( 0x8000 | ( 'N' << 8 ) | 'K' );
251cdf0e10cSrcweir nResult ^= aString.getLength();
252cdf0e10cSrcweir }
253cdf0e10cSrcweir
254cdf0e10cSrcweir return nResult;
255cdf0e10cSrcweir }
256cdf0e10cSrcweir
257cdf0e10cSrcweir // ============================================================================
GetXLHashAsSequence(const::rtl::OUString & aUString,rtl_TextEncoding nEnc)258cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
259cdf0e10cSrcweir const ::rtl::OUString& aUString,
260cdf0e10cSrcweir rtl_TextEncoding nEnc )
261cdf0e10cSrcweir {
262cdf0e10cSrcweir sal_uInt16 nHash = GetXLHashAsUINT16( aUString, nEnc );
263cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 2 );
264cdf0e10cSrcweir aResult[0] = ( nHash >> 8 );
265cdf0e10cSrcweir aResult[1] = ( nHash & 0xFF );
266cdf0e10cSrcweir
267cdf0e10cSrcweir return aResult;
268cdf0e10cSrcweir }
269cdf0e10cSrcweir
270cdf0e10cSrcweir // ============================================================================
GenerateRandomByteSequence(sal_Int32 nLength)271cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateRandomByteSequence( sal_Int32 nLength )
272cdf0e10cSrcweir {
273cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult( nLength );
274cdf0e10cSrcweir
275cdf0e10cSrcweir TimeValue aTime;
276cdf0e10cSrcweir osl_getSystemTime( &aTime );
277cdf0e10cSrcweir rtlRandomPool aRandomPool = rtl_random_createPool ();
278cdf0e10cSrcweir rtl_random_addBytes ( aRandomPool, &aTime, 8 );
279cdf0e10cSrcweir rtl_random_getBytes ( aRandomPool, aResult.getArray(), nLength );
280cdf0e10cSrcweir rtl_random_destroyPool ( aRandomPool );
281cdf0e10cSrcweir
282cdf0e10cSrcweir return aResult;
283cdf0e10cSrcweir }
284cdf0e10cSrcweir
285cdf0e10cSrcweir
286cdf0e10cSrcweir // ============================================================================
GenerateStd97Key(const::rtl::OUString & aPassword,const uno::Sequence<sal_Int8> & aDocId)287cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aDocId )
288cdf0e10cSrcweir {
289cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey;
290*49b34792SHerbert Dürr if ( !aPassword.isEmpty() && aDocId.getLength() == 16 )
291cdf0e10cSrcweir {
292cdf0e10cSrcweir sal_uInt16 pPassData[16];
293cdf0e10cSrcweir rtl_zeroMemory( pPassData, sizeof(pPassData) );
294cdf0e10cSrcweir
295cdf0e10cSrcweir sal_Int32 nPassLen = ::std::min< sal_Int32 >( aPassword.getLength(), 15 );
296cdf0e10cSrcweir rtl_copyMemory( pPassData, aPassword.getStr(), nPassLen * sizeof(pPassData[0]) );
297cdf0e10cSrcweir
298cdf0e10cSrcweir aResultKey = GenerateStd97Key( pPassData, aDocId );
299cdf0e10cSrcweir }
300cdf0e10cSrcweir
301cdf0e10cSrcweir return aResultKey;
302cdf0e10cSrcweir }
303cdf0e10cSrcweir
304cdf0e10cSrcweir // ============================================================================
GenerateStd97Key(const sal_uInt16 pPassData[16],const uno::Sequence<sal_Int8> & aDocId)305cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const uno::Sequence< sal_Int8 >& aDocId )
306cdf0e10cSrcweir {
307cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey;
308cdf0e10cSrcweir if ( pPassData[0] && aDocId.getLength() == 16 )
309cdf0e10cSrcweir {
310cdf0e10cSrcweir sal_uInt8 pKeyData[64];
311cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) );
312cdf0e10cSrcweir
313cdf0e10cSrcweir sal_Int32 nInd = 0;
314cdf0e10cSrcweir
315cdf0e10cSrcweir // Fill PassData into KeyData.
316cdf0e10cSrcweir for ( nInd = 0; nInd < 16 && pPassData[nInd]; nInd++)
317cdf0e10cSrcweir {
318cdf0e10cSrcweir pKeyData[2*nInd] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 0) & 0xff );
319cdf0e10cSrcweir pKeyData[2*nInd + 1] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 8) & 0xff );
320cdf0e10cSrcweir }
321cdf0e10cSrcweir
322cdf0e10cSrcweir pKeyData[2*nInd] = 0x80;
323cdf0e10cSrcweir pKeyData[56] = sal::static_int_cast< sal_uInt8 >( nInd << 4 );
324cdf0e10cSrcweir
325cdf0e10cSrcweir // Fill raw digest of KeyData into KeyData.
326cdf0e10cSrcweir rtlDigest hDigest = rtl_digest_create ( rtl_Digest_AlgorithmMD5 );
327cdf0e10cSrcweir (void)rtl_digest_updateMD5 (
328cdf0e10cSrcweir hDigest, pKeyData, sizeof(pKeyData));
329cdf0e10cSrcweir (void)rtl_digest_rawMD5 (
330cdf0e10cSrcweir hDigest, pKeyData, RTL_DIGEST_LENGTH_MD5);
331cdf0e10cSrcweir
332cdf0e10cSrcweir // Update digest with KeyData and Unique.
333cdf0e10cSrcweir for ( nInd = 0; nInd < 16; nInd++ )
334cdf0e10cSrcweir {
335cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, pKeyData, 5 );
336cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, (const sal_uInt8*)aDocId.getConstArray(), aDocId.getLength() );
337cdf0e10cSrcweir }
338cdf0e10cSrcweir
339cdf0e10cSrcweir // Update digest with padding.
340cdf0e10cSrcweir pKeyData[16] = 0x80;
341cdf0e10cSrcweir rtl_zeroMemory( pKeyData + 17, sizeof(pKeyData) - 17 );
342cdf0e10cSrcweir pKeyData[56] = 0x80;
343cdf0e10cSrcweir pKeyData[57] = 0x0a;
344cdf0e10cSrcweir
345cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, &(pKeyData[16]), sizeof(pKeyData) - 16 );
346cdf0e10cSrcweir
347cdf0e10cSrcweir // Fill raw digest of above updates
348cdf0e10cSrcweir aResultKey.realloc( RTL_DIGEST_LENGTH_MD5 );
349cdf0e10cSrcweir rtl_digest_rawMD5 ( hDigest, (sal_uInt8*)aResultKey.getArray(), aResultKey.getLength() );
350cdf0e10cSrcweir
351cdf0e10cSrcweir // Erase KeyData array and leave.
352cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) );
353cdf0e10cSrcweir }
354cdf0e10cSrcweir
355cdf0e10cSrcweir return aResultKey;
356cdf0e10cSrcweir }
357cdf0e10cSrcweir
358cdf0e10cSrcweir // ============================================================================
359cdf0e10cSrcweir
requestAndVerifyDocPassword(IDocPasswordVerifier & rVerifier,const::com::sun::star::uno::Sequence<::com::sun::star::beans::NamedValue> & rMediaEncData,const OUString & rMediaPassword,const Reference<XInteractionHandler> & rxInteractHandler,const OUString & rDocumentName,DocPasswordRequestType eRequestType,const::std::vector<OUString> * pDefaultPasswords,bool * pbIsDefaultPassword)360cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword(
361cdf0e10cSrcweir IDocPasswordVerifier& rVerifier,
362cdf0e10cSrcweir const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& rMediaEncData,
363cdf0e10cSrcweir const OUString& rMediaPassword,
364cdf0e10cSrcweir const Reference< XInteractionHandler >& rxInteractHandler,
365cdf0e10cSrcweir const OUString& rDocumentName,
366cdf0e10cSrcweir DocPasswordRequestType eRequestType,
367cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords,
368cdf0e10cSrcweir bool* pbIsDefaultPassword )
369cdf0e10cSrcweir {
370cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > aEncData;
371cdf0e10cSrcweir DocPasswordVerifierResult eResult = DocPasswordVerifierResult_WRONG_PASSWORD;
372cdf0e10cSrcweir
373cdf0e10cSrcweir // first, try provided default passwords
374cdf0e10cSrcweir if( pbIsDefaultPassword )
375cdf0e10cSrcweir *pbIsDefaultPassword = false;
376cdf0e10cSrcweir if( pDefaultPasswords )
377cdf0e10cSrcweir {
378cdf0e10cSrcweir for( ::std::vector< OUString >::const_iterator aIt = pDefaultPasswords->begin(), aEnd = pDefaultPasswords->end(); (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && (aIt != aEnd); ++aIt )
379cdf0e10cSrcweir {
380*49b34792SHerbert Dürr OSL_ENSURE( !aIt->isEmpty(), "DocPasswordHelper::requestAndVerifyDocPassword - unexpected empty default password" );
381*49b34792SHerbert Dürr if( !aIt->isEmpty() )
382cdf0e10cSrcweir {
383cdf0e10cSrcweir eResult = rVerifier.verifyPassword( *aIt, aEncData );
384cdf0e10cSrcweir if( pbIsDefaultPassword )
385cdf0e10cSrcweir *pbIsDefaultPassword = eResult == DocPasswordVerifierResult_OK;
386cdf0e10cSrcweir }
387cdf0e10cSrcweir }
388cdf0e10cSrcweir }
389cdf0e10cSrcweir
390cdf0e10cSrcweir // try media encryption data (skip, if result is OK or ABORT)
391cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
392cdf0e10cSrcweir {
393cdf0e10cSrcweir if( rMediaEncData.getLength() > 0 )
394cdf0e10cSrcweir {
395cdf0e10cSrcweir eResult = rVerifier.verifyEncryptionData( rMediaEncData );
396cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_OK )
397cdf0e10cSrcweir aEncData = rMediaEncData;
398cdf0e10cSrcweir }
399cdf0e10cSrcweir }
400cdf0e10cSrcweir
401cdf0e10cSrcweir // try media password (skip, if result is OK or ABORT)
402cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
403cdf0e10cSrcweir {
404*49b34792SHerbert Dürr if( !rMediaPassword.isEmpty() )
405cdf0e10cSrcweir eResult = rVerifier.verifyPassword( rMediaPassword, aEncData );
406cdf0e10cSrcweir }
407cdf0e10cSrcweir
408cdf0e10cSrcweir // request a password (skip, if result is OK or ABORT)
409cdf0e10cSrcweir if( (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && rxInteractHandler.is() ) try
410cdf0e10cSrcweir {
411cdf0e10cSrcweir PasswordRequestMode eRequestMode = PasswordRequestMode_PASSWORD_ENTER;
412cdf0e10cSrcweir while( eResult == DocPasswordVerifierResult_WRONG_PASSWORD )
413cdf0e10cSrcweir {
414cdf0e10cSrcweir DocPasswordRequest* pRequest = new DocPasswordRequest( eRequestType, eRequestMode, rDocumentName );
415cdf0e10cSrcweir Reference< XInteractionRequest > xRequest( pRequest );
416cdf0e10cSrcweir rxInteractHandler->handle( xRequest );
417cdf0e10cSrcweir if( pRequest->isPassword() )
418cdf0e10cSrcweir {
419*49b34792SHerbert Dürr if( !pRequest->getPassword().isEmpty() )
420cdf0e10cSrcweir eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData );
421cdf0e10cSrcweir }
422cdf0e10cSrcweir else
423cdf0e10cSrcweir {
424cdf0e10cSrcweir eResult = DocPasswordVerifierResult_ABORT;
425cdf0e10cSrcweir }
426cdf0e10cSrcweir eRequestMode = PasswordRequestMode_PASSWORD_REENTER;
427cdf0e10cSrcweir }
428cdf0e10cSrcweir }
429cdf0e10cSrcweir catch( Exception& )
430cdf0e10cSrcweir {
431cdf0e10cSrcweir }
432cdf0e10cSrcweir
433cdf0e10cSrcweir return (eResult == DocPasswordVerifierResult_OK) ? aEncData : uno::Sequence< beans::NamedValue >();
434cdf0e10cSrcweir }
435cdf0e10cSrcweir
requestAndVerifyDocPassword(IDocPasswordVerifier & rVerifier,MediaDescriptor & rMediaDesc,DocPasswordRequestType eRequestType,const::std::vector<OUString> * pDefaultPasswords)436cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword(
437cdf0e10cSrcweir IDocPasswordVerifier& rVerifier,
438cdf0e10cSrcweir MediaDescriptor& rMediaDesc,
439cdf0e10cSrcweir DocPasswordRequestType eRequestType,
440cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords )
441cdf0e10cSrcweir {
442cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aMediaEncData = rMediaDesc.getUnpackedValueOrDefault(
443cdf0e10cSrcweir MediaDescriptor::PROP_ENCRYPTIONDATA(), uno::Sequence< beans::NamedValue >() );
444cdf0e10cSrcweir OUString aMediaPassword = rMediaDesc.getUnpackedValueOrDefault(
445cdf0e10cSrcweir MediaDescriptor::PROP_PASSWORD(), OUString() );
446cdf0e10cSrcweir Reference< XInteractionHandler > xInteractHandler = rMediaDesc.getUnpackedValueOrDefault(
447cdf0e10cSrcweir MediaDescriptor::PROP_INTERACTIONHANDLER(), Reference< XInteractionHandler >() );
448cdf0e10cSrcweir OUString aDocumentName = rMediaDesc.getUnpackedValueOrDefault(
449cdf0e10cSrcweir MediaDescriptor::PROP_URL(), OUString() );
450cdf0e10cSrcweir
451cdf0e10cSrcweir bool bIsDefaultPassword = false;
452cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aEncryptionData = requestAndVerifyDocPassword(
453cdf0e10cSrcweir rVerifier, aMediaEncData, aMediaPassword, xInteractHandler, aDocumentName, eRequestType, pDefaultPasswords, &bIsDefaultPassword );
454cdf0e10cSrcweir
455cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_PASSWORD() );
456cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_ENCRYPTIONDATA() );
457cdf0e10cSrcweir
458cdf0e10cSrcweir // insert valid password into media descriptor (but not a default password)
459cdf0e10cSrcweir if( (aEncryptionData.getLength() > 0) && !bIsDefaultPassword )
460cdf0e10cSrcweir rMediaDesc[ MediaDescriptor::PROP_ENCRYPTIONDATA() ] <<= aEncryptionData;
461cdf0e10cSrcweir
462cdf0e10cSrcweir return aEncryptionData;
463cdf0e10cSrcweir }
464cdf0e10cSrcweir
465cdf0e10cSrcweir // ============================================================================
466cdf0e10cSrcweir
467cdf0e10cSrcweir } // namespace comphelper
468cdf0e10cSrcweir
469