1*cdf0e10cSrcweir /*********************************************************************** 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_comphelper.hxx" 30*cdf0e10cSrcweir 31*cdf0e10cSrcweir #include "comphelper/docpasswordhelper.hxx" 32*cdf0e10cSrcweir #include <com/sun/star/task/XInteractionHandler.hpp> 33*cdf0e10cSrcweir #include "comphelper/mediadescriptor.hxx" 34*cdf0e10cSrcweir 35*cdf0e10cSrcweir #include <osl/time.h> 36*cdf0e10cSrcweir #include <rtl/digest.h> 37*cdf0e10cSrcweir #include <rtl/random.h> 38*cdf0e10cSrcweir 39*cdf0e10cSrcweir using ::rtl::OUString; 40*cdf0e10cSrcweir using ::com::sun::star::uno::Sequence; 41*cdf0e10cSrcweir using ::com::sun::star::uno::Exception; 42*cdf0e10cSrcweir using ::com::sun::star::uno::Reference; 43*cdf0e10cSrcweir using ::com::sun::star::uno::UNO_SET_THROW; 44*cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode; 45*cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_ENTER; 46*cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_REENTER; 47*cdf0e10cSrcweir using ::com::sun::star::task::XInteractionHandler; 48*cdf0e10cSrcweir using ::com::sun::star::task::XInteractionRequest; 49*cdf0e10cSrcweir 50*cdf0e10cSrcweir using namespace ::com::sun::star; 51*cdf0e10cSrcweir 52*cdf0e10cSrcweir namespace comphelper { 53*cdf0e10cSrcweir 54*cdf0e10cSrcweir // ============================================================================ 55*cdf0e10cSrcweir 56*cdf0e10cSrcweir static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aSalt, sal_Int32 nCount, sal_Int32 nHashLength ) 57*cdf0e10cSrcweir { 58*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult; 59*cdf0e10cSrcweir 60*cdf0e10cSrcweir if ( aPassword.getLength() && aSalt.getLength() && nCount && nHashLength ) 61*cdf0e10cSrcweir { 62*cdf0e10cSrcweir ::rtl::OString aBytePass = ::rtl::OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 ); 63*cdf0e10cSrcweir aResult.realloc( 16 ); 64*cdf0e10cSrcweir rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ), 65*cdf0e10cSrcweir aResult.getLength(), 66*cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aBytePass.getStr() ), 67*cdf0e10cSrcweir aBytePass.getLength(), 68*cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aSalt.getConstArray() ), 69*cdf0e10cSrcweir aSalt.getLength(), 70*cdf0e10cSrcweir nCount ); 71*cdf0e10cSrcweir } 72*cdf0e10cSrcweir 73*cdf0e10cSrcweir return aResult; 74*cdf0e10cSrcweir } 75*cdf0e10cSrcweir 76*cdf0e10cSrcweir // ============================================================================ 77*cdf0e10cSrcweir 78*cdf0e10cSrcweir IDocPasswordVerifier::~IDocPasswordVerifier() 79*cdf0e10cSrcweir { 80*cdf0e10cSrcweir } 81*cdf0e10cSrcweir 82*cdf0e10cSrcweir // ============================================================================ 83*cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > DocPasswordHelper::GenerateNewModifyPasswordInfo( const ::rtl::OUString& aPassword ) 84*cdf0e10cSrcweir { 85*cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > aResult; 86*cdf0e10cSrcweir 87*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt = GenerateRandomByteSequence( 16 ); 88*cdf0e10cSrcweir sal_Int32 nCount = 1024; 89*cdf0e10cSrcweir 90*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, 16 ); 91*cdf0e10cSrcweir if ( aNewHash.getLength() ) 92*cdf0e10cSrcweir { 93*cdf0e10cSrcweir aResult.realloc( 4 ); 94*cdf0e10cSrcweir aResult[0].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) ); 95*cdf0e10cSrcweir aResult[0].Value <<= ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) ); 96*cdf0e10cSrcweir aResult[1].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) ); 97*cdf0e10cSrcweir aResult[1].Value <<= aSalt; 98*cdf0e10cSrcweir aResult[2].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) ); 99*cdf0e10cSrcweir aResult[2].Value <<= nCount; 100*cdf0e10cSrcweir aResult[3].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) ); 101*cdf0e10cSrcweir aResult[3].Value <<= aNewHash; 102*cdf0e10cSrcweir } 103*cdf0e10cSrcweir 104*cdf0e10cSrcweir return aResult; 105*cdf0e10cSrcweir } 106*cdf0e10cSrcweir 107*cdf0e10cSrcweir // ============================================================================ 108*cdf0e10cSrcweir sal_Bool DocPasswordHelper::IsModifyPasswordCorrect( const ::rtl::OUString& aPassword, const uno::Sequence< beans::PropertyValue >& aInfo ) 109*cdf0e10cSrcweir { 110*cdf0e10cSrcweir sal_Bool bResult = sal_False; 111*cdf0e10cSrcweir if ( aPassword.getLength() && aInfo.getLength() ) 112*cdf0e10cSrcweir { 113*cdf0e10cSrcweir ::rtl::OUString sAlgorithm; 114*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt; 115*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aHash; 116*cdf0e10cSrcweir sal_Int32 nCount = 0; 117*cdf0e10cSrcweir 118*cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aInfo.getLength(); nInd++ ) 119*cdf0e10cSrcweir { 120*cdf0e10cSrcweir if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) ) ) ) 121*cdf0e10cSrcweir aInfo[nInd].Value >>= sAlgorithm; 122*cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) ) ) ) 123*cdf0e10cSrcweir aInfo[nInd].Value >>= aSalt; 124*cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) ) ) ) 125*cdf0e10cSrcweir aInfo[nInd].Value >>= nCount; 126*cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) ) ) ) 127*cdf0e10cSrcweir aInfo[nInd].Value >>= aHash; 128*cdf0e10cSrcweir } 129*cdf0e10cSrcweir 130*cdf0e10cSrcweir if ( sAlgorithm.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) ) ) 131*cdf0e10cSrcweir && aSalt.getLength() && nCount > 0 && aHash.getLength() ) 132*cdf0e10cSrcweir { 133*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, aHash.getLength() ); 134*cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aNewHash.getLength() && nInd < aHash.getLength() && aNewHash[nInd] == aHash[nInd]; nInd ++ ) 135*cdf0e10cSrcweir { 136*cdf0e10cSrcweir if ( nInd == aNewHash.getLength() - 1 && nInd == aHash.getLength() - 1 ) 137*cdf0e10cSrcweir bResult = sal_True; 138*cdf0e10cSrcweir } 139*cdf0e10cSrcweir } 140*cdf0e10cSrcweir } 141*cdf0e10cSrcweir 142*cdf0e10cSrcweir return bResult; 143*cdf0e10cSrcweir } 144*cdf0e10cSrcweir 145*cdf0e10cSrcweir // ============================================================================ 146*cdf0e10cSrcweir sal_uInt32 DocPasswordHelper::GetWordHashAsUINT32( 147*cdf0e10cSrcweir const ::rtl::OUString& aUString ) 148*cdf0e10cSrcweir { 149*cdf0e10cSrcweir static sal_uInt16 pInitialCode[] = { 150*cdf0e10cSrcweir 0xE1F0, // 1 151*cdf0e10cSrcweir 0x1D0F, // 2 152*cdf0e10cSrcweir 0xCC9C, // 3 153*cdf0e10cSrcweir 0x84C0, // 4 154*cdf0e10cSrcweir 0x110C, // 5 155*cdf0e10cSrcweir 0x0E10, // 6 156*cdf0e10cSrcweir 0xF1CE, // 7 157*cdf0e10cSrcweir 0x313E, // 8 158*cdf0e10cSrcweir 0x1872, // 9 159*cdf0e10cSrcweir 0xE139, // 10 160*cdf0e10cSrcweir 0xD40F, // 11 161*cdf0e10cSrcweir 0x84F9, // 12 162*cdf0e10cSrcweir 0x280C, // 13 163*cdf0e10cSrcweir 0xA96A, // 14 164*cdf0e10cSrcweir 0x4EC3 // 15 165*cdf0e10cSrcweir }; 166*cdf0e10cSrcweir 167*cdf0e10cSrcweir static sal_uInt16 pEncryptionMatrix[15][7] = { 168*cdf0e10cSrcweir { 0xAEFC, 0x4DD9, 0x9BB2, 0x2745, 0x4E8A, 0x9D14, 0x2A09}, // last-14 169*cdf0e10cSrcweir { 0x7B61, 0xF6C2, 0xFDA5, 0xEB6B, 0xC6F7, 0x9DCF, 0x2BBF}, // last-13 170*cdf0e10cSrcweir { 0x4563, 0x8AC6, 0x05AD, 0x0B5A, 0x16B4, 0x2D68, 0x5AD0}, // last-12 171*cdf0e10cSrcweir { 0x0375, 0x06EA, 0x0DD4, 0x1BA8, 0x3750, 0x6EA0, 0xDD40}, // last-11 172*cdf0e10cSrcweir { 0xD849, 0xA0B3, 0x5147, 0xA28E, 0x553D, 0xAA7A, 0x44D5}, // last-10 173*cdf0e10cSrcweir { 0x6F45, 0xDE8A, 0xAD35, 0x4A4B, 0x9496, 0x390D, 0x721A}, // last-9 174*cdf0e10cSrcweir { 0xEB23, 0xC667, 0x9CEF, 0x29FF, 0x53FE, 0xA7FC, 0x5FD9}, // last-8 175*cdf0e10cSrcweir { 0x47D3, 0x8FA6, 0x8FA6, 0x1EDA, 0x3DB4, 0x7B68, 0xF6D0}, // last-7 176*cdf0e10cSrcweir { 0xB861, 0x60E3, 0xC1C6, 0x93AD, 0x377B, 0x6EF6, 0xDDEC}, // last-6 177*cdf0e10cSrcweir { 0x45A0, 0x8B40, 0x06A1, 0x0D42, 0x1A84, 0x3508, 0x6A10}, // last-5 178*cdf0e10cSrcweir { 0xAA51, 0x4483, 0x8906, 0x022D, 0x045A, 0x08B4, 0x1168}, // last-4 179*cdf0e10cSrcweir { 0x76B4, 0xED68, 0xCAF1, 0x85C3, 0x1BA7, 0x374E, 0x6E9C}, // last-3 180*cdf0e10cSrcweir { 0x3730, 0x6E60, 0xDCC0, 0xA9A1, 0x4363, 0x86C6, 0x1DAD}, // last-2 181*cdf0e10cSrcweir { 0x3331, 0x6662, 0xCCC4, 0x89A9, 0x0373, 0x06E6, 0x0DCC}, // last-1 182*cdf0e10cSrcweir { 0x1021, 0x2042, 0x4084, 0x8108, 0x1231, 0x2462, 0x48C4} // last 183*cdf0e10cSrcweir }; 184*cdf0e10cSrcweir 185*cdf0e10cSrcweir sal_uInt32 nResult = 0; 186*cdf0e10cSrcweir sal_uInt32 nLen = aUString.getLength(); 187*cdf0e10cSrcweir 188*cdf0e10cSrcweir if ( nLen ) 189*cdf0e10cSrcweir { 190*cdf0e10cSrcweir if ( nLen > 15 ) 191*cdf0e10cSrcweir nLen = 15; 192*cdf0e10cSrcweir 193*cdf0e10cSrcweir sal_uInt16 nHighResult = pInitialCode[nLen - 1]; 194*cdf0e10cSrcweir sal_uInt16 nLowResult = 0; 195*cdf0e10cSrcweir 196*cdf0e10cSrcweir const sal_Unicode* pStr = aUString.getStr(); 197*cdf0e10cSrcweir for ( sal_uInt32 nInd = 0; nInd < nLen; nInd++ ) 198*cdf0e10cSrcweir { 199*cdf0e10cSrcweir // NO Encoding during conversion! 200*cdf0e10cSrcweir // The specification says that the low byte should be used in case it is not NULL 201*cdf0e10cSrcweir char nHighChar = (char)( pStr[nInd] >> 8 ); 202*cdf0e10cSrcweir char nLowChar = (char)( pStr[nInd] & 0xFF ); 203*cdf0e10cSrcweir char nChar = nLowChar ? nLowChar : nHighChar; 204*cdf0e10cSrcweir 205*cdf0e10cSrcweir for ( int nMatrixInd = 0; nMatrixInd < 7; ++nMatrixInd ) 206*cdf0e10cSrcweir { 207*cdf0e10cSrcweir if ( ( nChar & ( 1 << nMatrixInd ) ) != 0 ) 208*cdf0e10cSrcweir nHighResult = nHighResult ^ pEncryptionMatrix[15 - nLen + nInd][nMatrixInd]; 209*cdf0e10cSrcweir } 210*cdf0e10cSrcweir 211*cdf0e10cSrcweir nLowResult = ( ( ( nLowResult >> 14 ) & 0x0001 ) | ( ( nLowResult << 1 ) & 0x7FFF ) ) ^ nChar; 212*cdf0e10cSrcweir } 213*cdf0e10cSrcweir 214*cdf0e10cSrcweir nLowResult = (sal_uInt16)( ( ( ( nLowResult >> 14 ) & 0x001 ) | ( ( nLowResult << 1 ) & 0x7FF ) ) ^ nLen ^ 0xCE4B ); 215*cdf0e10cSrcweir 216*cdf0e10cSrcweir nResult = ( nHighResult << 16 ) | nLowResult; 217*cdf0e10cSrcweir } 218*cdf0e10cSrcweir 219*cdf0e10cSrcweir return nResult; 220*cdf0e10cSrcweir } 221*cdf0e10cSrcweir 222*cdf0e10cSrcweir // ============================================================================ 223*cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetWordHashAsSequence( 224*cdf0e10cSrcweir const ::rtl::OUString& aUString ) 225*cdf0e10cSrcweir { 226*cdf0e10cSrcweir sal_uInt32 nHash = GetWordHashAsUINT32( aUString ); 227*cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 4 ); 228*cdf0e10cSrcweir aResult[0] = ( nHash >> 24 ); 229*cdf0e10cSrcweir aResult[1] = ( ( nHash >> 16 ) & 0xFF ); 230*cdf0e10cSrcweir aResult[2] = ( ( nHash >> 8 ) & 0xFF ); 231*cdf0e10cSrcweir aResult[3] = ( nHash & 0xFF ); 232*cdf0e10cSrcweir 233*cdf0e10cSrcweir return aResult; 234*cdf0e10cSrcweir } 235*cdf0e10cSrcweir 236*cdf0e10cSrcweir // ============================================================================ 237*cdf0e10cSrcweir sal_uInt16 DocPasswordHelper::GetXLHashAsUINT16( 238*cdf0e10cSrcweir const ::rtl::OUString& aUString, 239*cdf0e10cSrcweir rtl_TextEncoding nEnc ) 240*cdf0e10cSrcweir { 241*cdf0e10cSrcweir sal_uInt16 nResult = 0; 242*cdf0e10cSrcweir 243*cdf0e10cSrcweir ::rtl::OString aString = ::rtl::OUStringToOString( aUString, nEnc ); 244*cdf0e10cSrcweir 245*cdf0e10cSrcweir if ( aString.getLength() && aString.getLength() <= SAL_MAX_UINT16 ) 246*cdf0e10cSrcweir { 247*cdf0e10cSrcweir for ( sal_Int32 nInd = aString.getLength() - 1; nInd >= 0; nInd-- ) 248*cdf0e10cSrcweir { 249*cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF ); 250*cdf0e10cSrcweir nResult ^= aString.getStr()[nInd]; 251*cdf0e10cSrcweir } 252*cdf0e10cSrcweir 253*cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF ); 254*cdf0e10cSrcweir nResult ^= ( 0x8000 | ( 'N' << 8 ) | 'K' ); 255*cdf0e10cSrcweir nResult ^= aString.getLength(); 256*cdf0e10cSrcweir } 257*cdf0e10cSrcweir 258*cdf0e10cSrcweir return nResult; 259*cdf0e10cSrcweir } 260*cdf0e10cSrcweir 261*cdf0e10cSrcweir // ============================================================================ 262*cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( 263*cdf0e10cSrcweir const ::rtl::OUString& aUString, 264*cdf0e10cSrcweir rtl_TextEncoding nEnc ) 265*cdf0e10cSrcweir { 266*cdf0e10cSrcweir sal_uInt16 nHash = GetXLHashAsUINT16( aUString, nEnc ); 267*cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 2 ); 268*cdf0e10cSrcweir aResult[0] = ( nHash >> 8 ); 269*cdf0e10cSrcweir aResult[1] = ( nHash & 0xFF ); 270*cdf0e10cSrcweir 271*cdf0e10cSrcweir return aResult; 272*cdf0e10cSrcweir } 273*cdf0e10cSrcweir 274*cdf0e10cSrcweir // ============================================================================ 275*cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateRandomByteSequence( sal_Int32 nLength ) 276*cdf0e10cSrcweir { 277*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult( nLength ); 278*cdf0e10cSrcweir 279*cdf0e10cSrcweir TimeValue aTime; 280*cdf0e10cSrcweir osl_getSystemTime( &aTime ); 281*cdf0e10cSrcweir rtlRandomPool aRandomPool = rtl_random_createPool (); 282*cdf0e10cSrcweir rtl_random_addBytes ( aRandomPool, &aTime, 8 ); 283*cdf0e10cSrcweir rtl_random_getBytes ( aRandomPool, aResult.getArray(), nLength ); 284*cdf0e10cSrcweir rtl_random_destroyPool ( aRandomPool ); 285*cdf0e10cSrcweir 286*cdf0e10cSrcweir return aResult; 287*cdf0e10cSrcweir } 288*cdf0e10cSrcweir 289*cdf0e10cSrcweir 290*cdf0e10cSrcweir // ============================================================================ 291*cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aDocId ) 292*cdf0e10cSrcweir { 293*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey; 294*cdf0e10cSrcweir if ( aPassword.getLength() && aDocId.getLength() == 16 ) 295*cdf0e10cSrcweir { 296*cdf0e10cSrcweir sal_uInt16 pPassData[16]; 297*cdf0e10cSrcweir rtl_zeroMemory( pPassData, sizeof(pPassData) ); 298*cdf0e10cSrcweir 299*cdf0e10cSrcweir sal_Int32 nPassLen = ::std::min< sal_Int32 >( aPassword.getLength(), 15 ); 300*cdf0e10cSrcweir rtl_copyMemory( pPassData, aPassword.getStr(), nPassLen * sizeof(pPassData[0]) ); 301*cdf0e10cSrcweir 302*cdf0e10cSrcweir aResultKey = GenerateStd97Key( pPassData, aDocId ); 303*cdf0e10cSrcweir } 304*cdf0e10cSrcweir 305*cdf0e10cSrcweir return aResultKey; 306*cdf0e10cSrcweir } 307*cdf0e10cSrcweir 308*cdf0e10cSrcweir // ============================================================================ 309*cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const uno::Sequence< sal_Int8 >& aDocId ) 310*cdf0e10cSrcweir { 311*cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey; 312*cdf0e10cSrcweir if ( pPassData[0] && aDocId.getLength() == 16 ) 313*cdf0e10cSrcweir { 314*cdf0e10cSrcweir sal_uInt8 pKeyData[64]; 315*cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) ); 316*cdf0e10cSrcweir 317*cdf0e10cSrcweir sal_Int32 nInd = 0; 318*cdf0e10cSrcweir 319*cdf0e10cSrcweir // Fill PassData into KeyData. 320*cdf0e10cSrcweir for ( nInd = 0; nInd < 16 && pPassData[nInd]; nInd++) 321*cdf0e10cSrcweir { 322*cdf0e10cSrcweir pKeyData[2*nInd] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 0) & 0xff ); 323*cdf0e10cSrcweir pKeyData[2*nInd + 1] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 8) & 0xff ); 324*cdf0e10cSrcweir } 325*cdf0e10cSrcweir 326*cdf0e10cSrcweir pKeyData[2*nInd] = 0x80; 327*cdf0e10cSrcweir pKeyData[56] = sal::static_int_cast< sal_uInt8 >( nInd << 4 ); 328*cdf0e10cSrcweir 329*cdf0e10cSrcweir // Fill raw digest of KeyData into KeyData. 330*cdf0e10cSrcweir rtlDigest hDigest = rtl_digest_create ( rtl_Digest_AlgorithmMD5 ); 331*cdf0e10cSrcweir (void)rtl_digest_updateMD5 ( 332*cdf0e10cSrcweir hDigest, pKeyData, sizeof(pKeyData)); 333*cdf0e10cSrcweir (void)rtl_digest_rawMD5 ( 334*cdf0e10cSrcweir hDigest, pKeyData, RTL_DIGEST_LENGTH_MD5); 335*cdf0e10cSrcweir 336*cdf0e10cSrcweir // Update digest with KeyData and Unique. 337*cdf0e10cSrcweir for ( nInd = 0; nInd < 16; nInd++ ) 338*cdf0e10cSrcweir { 339*cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, pKeyData, 5 ); 340*cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, (const sal_uInt8*)aDocId.getConstArray(), aDocId.getLength() ); 341*cdf0e10cSrcweir } 342*cdf0e10cSrcweir 343*cdf0e10cSrcweir // Update digest with padding. 344*cdf0e10cSrcweir pKeyData[16] = 0x80; 345*cdf0e10cSrcweir rtl_zeroMemory( pKeyData + 17, sizeof(pKeyData) - 17 ); 346*cdf0e10cSrcweir pKeyData[56] = 0x80; 347*cdf0e10cSrcweir pKeyData[57] = 0x0a; 348*cdf0e10cSrcweir 349*cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, &(pKeyData[16]), sizeof(pKeyData) - 16 ); 350*cdf0e10cSrcweir 351*cdf0e10cSrcweir // Fill raw digest of above updates 352*cdf0e10cSrcweir aResultKey.realloc( RTL_DIGEST_LENGTH_MD5 ); 353*cdf0e10cSrcweir rtl_digest_rawMD5 ( hDigest, (sal_uInt8*)aResultKey.getArray(), aResultKey.getLength() ); 354*cdf0e10cSrcweir 355*cdf0e10cSrcweir // Erase KeyData array and leave. 356*cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) ); 357*cdf0e10cSrcweir } 358*cdf0e10cSrcweir 359*cdf0e10cSrcweir return aResultKey; 360*cdf0e10cSrcweir } 361*cdf0e10cSrcweir 362*cdf0e10cSrcweir // ============================================================================ 363*cdf0e10cSrcweir 364*cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword( 365*cdf0e10cSrcweir IDocPasswordVerifier& rVerifier, 366*cdf0e10cSrcweir const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& rMediaEncData, 367*cdf0e10cSrcweir const OUString& rMediaPassword, 368*cdf0e10cSrcweir const Reference< XInteractionHandler >& rxInteractHandler, 369*cdf0e10cSrcweir const OUString& rDocumentName, 370*cdf0e10cSrcweir DocPasswordRequestType eRequestType, 371*cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords, 372*cdf0e10cSrcweir bool* pbIsDefaultPassword ) 373*cdf0e10cSrcweir { 374*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > aEncData; 375*cdf0e10cSrcweir DocPasswordVerifierResult eResult = DocPasswordVerifierResult_WRONG_PASSWORD; 376*cdf0e10cSrcweir 377*cdf0e10cSrcweir // first, try provided default passwords 378*cdf0e10cSrcweir if( pbIsDefaultPassword ) 379*cdf0e10cSrcweir *pbIsDefaultPassword = false; 380*cdf0e10cSrcweir if( pDefaultPasswords ) 381*cdf0e10cSrcweir { 382*cdf0e10cSrcweir for( ::std::vector< OUString >::const_iterator aIt = pDefaultPasswords->begin(), aEnd = pDefaultPasswords->end(); (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && (aIt != aEnd); ++aIt ) 383*cdf0e10cSrcweir { 384*cdf0e10cSrcweir OSL_ENSURE( aIt->getLength() > 0, "DocPasswordHelper::requestAndVerifyDocPassword - unexpected empty default password" ); 385*cdf0e10cSrcweir if( aIt->getLength() > 0 ) 386*cdf0e10cSrcweir { 387*cdf0e10cSrcweir eResult = rVerifier.verifyPassword( *aIt, aEncData ); 388*cdf0e10cSrcweir if( pbIsDefaultPassword ) 389*cdf0e10cSrcweir *pbIsDefaultPassword = eResult == DocPasswordVerifierResult_OK; 390*cdf0e10cSrcweir } 391*cdf0e10cSrcweir } 392*cdf0e10cSrcweir } 393*cdf0e10cSrcweir 394*cdf0e10cSrcweir // try media encryption data (skip, if result is OK or ABORT) 395*cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 396*cdf0e10cSrcweir { 397*cdf0e10cSrcweir if( rMediaEncData.getLength() > 0 ) 398*cdf0e10cSrcweir { 399*cdf0e10cSrcweir eResult = rVerifier.verifyEncryptionData( rMediaEncData ); 400*cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_OK ) 401*cdf0e10cSrcweir aEncData = rMediaEncData; 402*cdf0e10cSrcweir } 403*cdf0e10cSrcweir } 404*cdf0e10cSrcweir 405*cdf0e10cSrcweir // try media password (skip, if result is OK or ABORT) 406*cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 407*cdf0e10cSrcweir { 408*cdf0e10cSrcweir if( rMediaPassword.getLength() > 0 ) 409*cdf0e10cSrcweir eResult = rVerifier.verifyPassword( rMediaPassword, aEncData ); 410*cdf0e10cSrcweir } 411*cdf0e10cSrcweir 412*cdf0e10cSrcweir // request a password (skip, if result is OK or ABORT) 413*cdf0e10cSrcweir if( (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && rxInteractHandler.is() ) try 414*cdf0e10cSrcweir { 415*cdf0e10cSrcweir PasswordRequestMode eRequestMode = PasswordRequestMode_PASSWORD_ENTER; 416*cdf0e10cSrcweir while( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 417*cdf0e10cSrcweir { 418*cdf0e10cSrcweir DocPasswordRequest* pRequest = new DocPasswordRequest( eRequestType, eRequestMode, rDocumentName ); 419*cdf0e10cSrcweir Reference< XInteractionRequest > xRequest( pRequest ); 420*cdf0e10cSrcweir rxInteractHandler->handle( xRequest ); 421*cdf0e10cSrcweir if( pRequest->isPassword() ) 422*cdf0e10cSrcweir { 423*cdf0e10cSrcweir if( pRequest->getPassword().getLength() > 0 ) 424*cdf0e10cSrcweir eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData ); 425*cdf0e10cSrcweir } 426*cdf0e10cSrcweir else 427*cdf0e10cSrcweir { 428*cdf0e10cSrcweir eResult = DocPasswordVerifierResult_ABORT; 429*cdf0e10cSrcweir } 430*cdf0e10cSrcweir eRequestMode = PasswordRequestMode_PASSWORD_REENTER; 431*cdf0e10cSrcweir } 432*cdf0e10cSrcweir } 433*cdf0e10cSrcweir catch( Exception& ) 434*cdf0e10cSrcweir { 435*cdf0e10cSrcweir } 436*cdf0e10cSrcweir 437*cdf0e10cSrcweir return (eResult == DocPasswordVerifierResult_OK) ? aEncData : uno::Sequence< beans::NamedValue >(); 438*cdf0e10cSrcweir } 439*cdf0e10cSrcweir 440*cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword( 441*cdf0e10cSrcweir IDocPasswordVerifier& rVerifier, 442*cdf0e10cSrcweir MediaDescriptor& rMediaDesc, 443*cdf0e10cSrcweir DocPasswordRequestType eRequestType, 444*cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords ) 445*cdf0e10cSrcweir { 446*cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aMediaEncData = rMediaDesc.getUnpackedValueOrDefault( 447*cdf0e10cSrcweir MediaDescriptor::PROP_ENCRYPTIONDATA(), uno::Sequence< beans::NamedValue >() ); 448*cdf0e10cSrcweir OUString aMediaPassword = rMediaDesc.getUnpackedValueOrDefault( 449*cdf0e10cSrcweir MediaDescriptor::PROP_PASSWORD(), OUString() ); 450*cdf0e10cSrcweir Reference< XInteractionHandler > xInteractHandler = rMediaDesc.getUnpackedValueOrDefault( 451*cdf0e10cSrcweir MediaDescriptor::PROP_INTERACTIONHANDLER(), Reference< XInteractionHandler >() ); 452*cdf0e10cSrcweir OUString aDocumentName = rMediaDesc.getUnpackedValueOrDefault( 453*cdf0e10cSrcweir MediaDescriptor::PROP_URL(), OUString() ); 454*cdf0e10cSrcweir 455*cdf0e10cSrcweir bool bIsDefaultPassword = false; 456*cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aEncryptionData = requestAndVerifyDocPassword( 457*cdf0e10cSrcweir rVerifier, aMediaEncData, aMediaPassword, xInteractHandler, aDocumentName, eRequestType, pDefaultPasswords, &bIsDefaultPassword ); 458*cdf0e10cSrcweir 459*cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_PASSWORD() ); 460*cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_ENCRYPTIONDATA() ); 461*cdf0e10cSrcweir 462*cdf0e10cSrcweir // insert valid password into media descriptor (but not a default password) 463*cdf0e10cSrcweir if( (aEncryptionData.getLength() > 0) && !bIsDefaultPassword ) 464*cdf0e10cSrcweir rMediaDesc[ MediaDescriptor::PROP_ENCRYPTIONDATA() ] <<= aEncryptionData; 465*cdf0e10cSrcweir 466*cdf0e10cSrcweir return aEncryptionData; 467*cdf0e10cSrcweir } 468*cdf0e10cSrcweir 469*cdf0e10cSrcweir // ============================================================================ 470*cdf0e10cSrcweir 471*cdf0e10cSrcweir } // namespace comphelper 472*cdf0e10cSrcweir 473