1*dde7d3faSAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*dde7d3faSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*dde7d3faSAndrew Rist * or more contributor license agreements. See the NOTICE file 5*dde7d3faSAndrew Rist * distributed with this work for additional information 6*dde7d3faSAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*dde7d3faSAndrew Rist * to you under the Apache License, Version 2.0 (the 8*dde7d3faSAndrew Rist * "License"); you may not use this file except in compliance 9*dde7d3faSAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*dde7d3faSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*dde7d3faSAndrew Rist * Unless required by applicable law or agreed to in writing, 14*dde7d3faSAndrew Rist * software distributed under the License is distributed on an 15*dde7d3faSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*dde7d3faSAndrew Rist * KIND, either express or implied. See the License for the 17*dde7d3faSAndrew Rist * specific language governing permissions and limitations 18*dde7d3faSAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*dde7d3faSAndrew Rist *************************************************************/ 21*dde7d3faSAndrew Rist 22*dde7d3faSAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_comphelper.hxx" 26cdf0e10cSrcweir 27cdf0e10cSrcweir #include "comphelper/docpasswordhelper.hxx" 28cdf0e10cSrcweir #include <com/sun/star/task/XInteractionHandler.hpp> 29cdf0e10cSrcweir #include "comphelper/mediadescriptor.hxx" 30cdf0e10cSrcweir 31cdf0e10cSrcweir #include <osl/time.h> 32cdf0e10cSrcweir #include <rtl/digest.h> 33cdf0e10cSrcweir #include <rtl/random.h> 34cdf0e10cSrcweir 35cdf0e10cSrcweir using ::rtl::OUString; 36cdf0e10cSrcweir using ::com::sun::star::uno::Sequence; 37cdf0e10cSrcweir using ::com::sun::star::uno::Exception; 38cdf0e10cSrcweir using ::com::sun::star::uno::Reference; 39cdf0e10cSrcweir using ::com::sun::star::uno::UNO_SET_THROW; 40cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode; 41cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_ENTER; 42cdf0e10cSrcweir using ::com::sun::star::task::PasswordRequestMode_PASSWORD_REENTER; 43cdf0e10cSrcweir using ::com::sun::star::task::XInteractionHandler; 44cdf0e10cSrcweir using ::com::sun::star::task::XInteractionRequest; 45cdf0e10cSrcweir 46cdf0e10cSrcweir using namespace ::com::sun::star; 47cdf0e10cSrcweir 48cdf0e10cSrcweir namespace comphelper { 49cdf0e10cSrcweir 50cdf0e10cSrcweir // ============================================================================ 51cdf0e10cSrcweir 52cdf0e10cSrcweir static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aSalt, sal_Int32 nCount, sal_Int32 nHashLength ) 53cdf0e10cSrcweir { 54cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult; 55cdf0e10cSrcweir 56cdf0e10cSrcweir if ( aPassword.getLength() && aSalt.getLength() && nCount && nHashLength ) 57cdf0e10cSrcweir { 58cdf0e10cSrcweir ::rtl::OString aBytePass = ::rtl::OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 ); 59cdf0e10cSrcweir aResult.realloc( 16 ); 60cdf0e10cSrcweir rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ), 61cdf0e10cSrcweir aResult.getLength(), 62cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aBytePass.getStr() ), 63cdf0e10cSrcweir aBytePass.getLength(), 64cdf0e10cSrcweir reinterpret_cast < const sal_uInt8 * > ( aSalt.getConstArray() ), 65cdf0e10cSrcweir aSalt.getLength(), 66cdf0e10cSrcweir nCount ); 67cdf0e10cSrcweir } 68cdf0e10cSrcweir 69cdf0e10cSrcweir return aResult; 70cdf0e10cSrcweir } 71cdf0e10cSrcweir 72cdf0e10cSrcweir // ============================================================================ 73cdf0e10cSrcweir 74cdf0e10cSrcweir IDocPasswordVerifier::~IDocPasswordVerifier() 75cdf0e10cSrcweir { 76cdf0e10cSrcweir } 77cdf0e10cSrcweir 78cdf0e10cSrcweir // ============================================================================ 79cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > DocPasswordHelper::GenerateNewModifyPasswordInfo( const ::rtl::OUString& aPassword ) 80cdf0e10cSrcweir { 81cdf0e10cSrcweir uno::Sequence< beans::PropertyValue > aResult; 82cdf0e10cSrcweir 83cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt = GenerateRandomByteSequence( 16 ); 84cdf0e10cSrcweir sal_Int32 nCount = 1024; 85cdf0e10cSrcweir 86cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, 16 ); 87cdf0e10cSrcweir if ( aNewHash.getLength() ) 88cdf0e10cSrcweir { 89cdf0e10cSrcweir aResult.realloc( 4 ); 90cdf0e10cSrcweir aResult[0].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) ); 91cdf0e10cSrcweir aResult[0].Value <<= ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) ); 92cdf0e10cSrcweir aResult[1].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) ); 93cdf0e10cSrcweir aResult[1].Value <<= aSalt; 94cdf0e10cSrcweir aResult[2].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) ); 95cdf0e10cSrcweir aResult[2].Value <<= nCount; 96cdf0e10cSrcweir aResult[3].Name = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) ); 97cdf0e10cSrcweir aResult[3].Value <<= aNewHash; 98cdf0e10cSrcweir } 99cdf0e10cSrcweir 100cdf0e10cSrcweir return aResult; 101cdf0e10cSrcweir } 102cdf0e10cSrcweir 103cdf0e10cSrcweir // ============================================================================ 104cdf0e10cSrcweir sal_Bool DocPasswordHelper::IsModifyPasswordCorrect( const ::rtl::OUString& aPassword, const uno::Sequence< beans::PropertyValue >& aInfo ) 105cdf0e10cSrcweir { 106cdf0e10cSrcweir sal_Bool bResult = sal_False; 107cdf0e10cSrcweir if ( aPassword.getLength() && aInfo.getLength() ) 108cdf0e10cSrcweir { 109cdf0e10cSrcweir ::rtl::OUString sAlgorithm; 110cdf0e10cSrcweir uno::Sequence< sal_Int8 > aSalt; 111cdf0e10cSrcweir uno::Sequence< sal_Int8 > aHash; 112cdf0e10cSrcweir sal_Int32 nCount = 0; 113cdf0e10cSrcweir 114cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aInfo.getLength(); nInd++ ) 115cdf0e10cSrcweir { 116cdf0e10cSrcweir if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "algorithm-name" ) ) ) ) 117cdf0e10cSrcweir aInfo[nInd].Value >>= sAlgorithm; 118cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "salt" ) ) ) ) 119cdf0e10cSrcweir aInfo[nInd].Value >>= aSalt; 120cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "iteration-count" ) ) ) ) 121cdf0e10cSrcweir aInfo[nInd].Value >>= nCount; 122cdf0e10cSrcweir else if ( aInfo[nInd].Name.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "hash" ) ) ) ) 123cdf0e10cSrcweir aInfo[nInd].Value >>= aHash; 124cdf0e10cSrcweir } 125cdf0e10cSrcweir 126cdf0e10cSrcweir if ( sAlgorithm.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "PBKDF2" ) ) ) 127cdf0e10cSrcweir && aSalt.getLength() && nCount > 0 && aHash.getLength() ) 128cdf0e10cSrcweir { 129cdf0e10cSrcweir uno::Sequence< sal_Int8 > aNewHash = GeneratePBKDF2Hash( aPassword, aSalt, nCount, aHash.getLength() ); 130cdf0e10cSrcweir for ( sal_Int32 nInd = 0; nInd < aNewHash.getLength() && nInd < aHash.getLength() && aNewHash[nInd] == aHash[nInd]; nInd ++ ) 131cdf0e10cSrcweir { 132cdf0e10cSrcweir if ( nInd == aNewHash.getLength() - 1 && nInd == aHash.getLength() - 1 ) 133cdf0e10cSrcweir bResult = sal_True; 134cdf0e10cSrcweir } 135cdf0e10cSrcweir } 136cdf0e10cSrcweir } 137cdf0e10cSrcweir 138cdf0e10cSrcweir return bResult; 139cdf0e10cSrcweir } 140cdf0e10cSrcweir 141cdf0e10cSrcweir // ============================================================================ 142cdf0e10cSrcweir sal_uInt32 DocPasswordHelper::GetWordHashAsUINT32( 143cdf0e10cSrcweir const ::rtl::OUString& aUString ) 144cdf0e10cSrcweir { 145cdf0e10cSrcweir static sal_uInt16 pInitialCode[] = { 146cdf0e10cSrcweir 0xE1F0, // 1 147cdf0e10cSrcweir 0x1D0F, // 2 148cdf0e10cSrcweir 0xCC9C, // 3 149cdf0e10cSrcweir 0x84C0, // 4 150cdf0e10cSrcweir 0x110C, // 5 151cdf0e10cSrcweir 0x0E10, // 6 152cdf0e10cSrcweir 0xF1CE, // 7 153cdf0e10cSrcweir 0x313E, // 8 154cdf0e10cSrcweir 0x1872, // 9 155cdf0e10cSrcweir 0xE139, // 10 156cdf0e10cSrcweir 0xD40F, // 11 157cdf0e10cSrcweir 0x84F9, // 12 158cdf0e10cSrcweir 0x280C, // 13 159cdf0e10cSrcweir 0xA96A, // 14 160cdf0e10cSrcweir 0x4EC3 // 15 161cdf0e10cSrcweir }; 162cdf0e10cSrcweir 163cdf0e10cSrcweir static sal_uInt16 pEncryptionMatrix[15][7] = { 164cdf0e10cSrcweir { 0xAEFC, 0x4DD9, 0x9BB2, 0x2745, 0x4E8A, 0x9D14, 0x2A09}, // last-14 165cdf0e10cSrcweir { 0x7B61, 0xF6C2, 0xFDA5, 0xEB6B, 0xC6F7, 0x9DCF, 0x2BBF}, // last-13 166cdf0e10cSrcweir { 0x4563, 0x8AC6, 0x05AD, 0x0B5A, 0x16B4, 0x2D68, 0x5AD0}, // last-12 167cdf0e10cSrcweir { 0x0375, 0x06EA, 0x0DD4, 0x1BA8, 0x3750, 0x6EA0, 0xDD40}, // last-11 168cdf0e10cSrcweir { 0xD849, 0xA0B3, 0x5147, 0xA28E, 0x553D, 0xAA7A, 0x44D5}, // last-10 169cdf0e10cSrcweir { 0x6F45, 0xDE8A, 0xAD35, 0x4A4B, 0x9496, 0x390D, 0x721A}, // last-9 170cdf0e10cSrcweir { 0xEB23, 0xC667, 0x9CEF, 0x29FF, 0x53FE, 0xA7FC, 0x5FD9}, // last-8 171cdf0e10cSrcweir { 0x47D3, 0x8FA6, 0x8FA6, 0x1EDA, 0x3DB4, 0x7B68, 0xF6D0}, // last-7 172cdf0e10cSrcweir { 0xB861, 0x60E3, 0xC1C6, 0x93AD, 0x377B, 0x6EF6, 0xDDEC}, // last-6 173cdf0e10cSrcweir { 0x45A0, 0x8B40, 0x06A1, 0x0D42, 0x1A84, 0x3508, 0x6A10}, // last-5 174cdf0e10cSrcweir { 0xAA51, 0x4483, 0x8906, 0x022D, 0x045A, 0x08B4, 0x1168}, // last-4 175cdf0e10cSrcweir { 0x76B4, 0xED68, 0xCAF1, 0x85C3, 0x1BA7, 0x374E, 0x6E9C}, // last-3 176cdf0e10cSrcweir { 0x3730, 0x6E60, 0xDCC0, 0xA9A1, 0x4363, 0x86C6, 0x1DAD}, // last-2 177cdf0e10cSrcweir { 0x3331, 0x6662, 0xCCC4, 0x89A9, 0x0373, 0x06E6, 0x0DCC}, // last-1 178cdf0e10cSrcweir { 0x1021, 0x2042, 0x4084, 0x8108, 0x1231, 0x2462, 0x48C4} // last 179cdf0e10cSrcweir }; 180cdf0e10cSrcweir 181cdf0e10cSrcweir sal_uInt32 nResult = 0; 182cdf0e10cSrcweir sal_uInt32 nLen = aUString.getLength(); 183cdf0e10cSrcweir 184cdf0e10cSrcweir if ( nLen ) 185cdf0e10cSrcweir { 186cdf0e10cSrcweir if ( nLen > 15 ) 187cdf0e10cSrcweir nLen = 15; 188cdf0e10cSrcweir 189cdf0e10cSrcweir sal_uInt16 nHighResult = pInitialCode[nLen - 1]; 190cdf0e10cSrcweir sal_uInt16 nLowResult = 0; 191cdf0e10cSrcweir 192cdf0e10cSrcweir const sal_Unicode* pStr = aUString.getStr(); 193cdf0e10cSrcweir for ( sal_uInt32 nInd = 0; nInd < nLen; nInd++ ) 194cdf0e10cSrcweir { 195cdf0e10cSrcweir // NO Encoding during conversion! 196cdf0e10cSrcweir // The specification says that the low byte should be used in case it is not NULL 197cdf0e10cSrcweir char nHighChar = (char)( pStr[nInd] >> 8 ); 198cdf0e10cSrcweir char nLowChar = (char)( pStr[nInd] & 0xFF ); 199cdf0e10cSrcweir char nChar = nLowChar ? nLowChar : nHighChar; 200cdf0e10cSrcweir 201cdf0e10cSrcweir for ( int nMatrixInd = 0; nMatrixInd < 7; ++nMatrixInd ) 202cdf0e10cSrcweir { 203cdf0e10cSrcweir if ( ( nChar & ( 1 << nMatrixInd ) ) != 0 ) 204cdf0e10cSrcweir nHighResult = nHighResult ^ pEncryptionMatrix[15 - nLen + nInd][nMatrixInd]; 205cdf0e10cSrcweir } 206cdf0e10cSrcweir 207cdf0e10cSrcweir nLowResult = ( ( ( nLowResult >> 14 ) & 0x0001 ) | ( ( nLowResult << 1 ) & 0x7FFF ) ) ^ nChar; 208cdf0e10cSrcweir } 209cdf0e10cSrcweir 210cdf0e10cSrcweir nLowResult = (sal_uInt16)( ( ( ( nLowResult >> 14 ) & 0x001 ) | ( ( nLowResult << 1 ) & 0x7FF ) ) ^ nLen ^ 0xCE4B ); 211cdf0e10cSrcweir 212cdf0e10cSrcweir nResult = ( nHighResult << 16 ) | nLowResult; 213cdf0e10cSrcweir } 214cdf0e10cSrcweir 215cdf0e10cSrcweir return nResult; 216cdf0e10cSrcweir } 217cdf0e10cSrcweir 218cdf0e10cSrcweir // ============================================================================ 219cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetWordHashAsSequence( 220cdf0e10cSrcweir const ::rtl::OUString& aUString ) 221cdf0e10cSrcweir { 222cdf0e10cSrcweir sal_uInt32 nHash = GetWordHashAsUINT32( aUString ); 223cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 4 ); 224cdf0e10cSrcweir aResult[0] = ( nHash >> 24 ); 225cdf0e10cSrcweir aResult[1] = ( ( nHash >> 16 ) & 0xFF ); 226cdf0e10cSrcweir aResult[2] = ( ( nHash >> 8 ) & 0xFF ); 227cdf0e10cSrcweir aResult[3] = ( nHash & 0xFF ); 228cdf0e10cSrcweir 229cdf0e10cSrcweir return aResult; 230cdf0e10cSrcweir } 231cdf0e10cSrcweir 232cdf0e10cSrcweir // ============================================================================ 233cdf0e10cSrcweir sal_uInt16 DocPasswordHelper::GetXLHashAsUINT16( 234cdf0e10cSrcweir const ::rtl::OUString& aUString, 235cdf0e10cSrcweir rtl_TextEncoding nEnc ) 236cdf0e10cSrcweir { 237cdf0e10cSrcweir sal_uInt16 nResult = 0; 238cdf0e10cSrcweir 239cdf0e10cSrcweir ::rtl::OString aString = ::rtl::OUStringToOString( aUString, nEnc ); 240cdf0e10cSrcweir 241cdf0e10cSrcweir if ( aString.getLength() && aString.getLength() <= SAL_MAX_UINT16 ) 242cdf0e10cSrcweir { 243cdf0e10cSrcweir for ( sal_Int32 nInd = aString.getLength() - 1; nInd >= 0; nInd-- ) 244cdf0e10cSrcweir { 245cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF ); 246cdf0e10cSrcweir nResult ^= aString.getStr()[nInd]; 247cdf0e10cSrcweir } 248cdf0e10cSrcweir 249cdf0e10cSrcweir nResult = ( ( nResult >> 14 ) & 0x01 ) | ( ( nResult << 1 ) & 0x7FFF ); 250cdf0e10cSrcweir nResult ^= ( 0x8000 | ( 'N' << 8 ) | 'K' ); 251cdf0e10cSrcweir nResult ^= aString.getLength(); 252cdf0e10cSrcweir } 253cdf0e10cSrcweir 254cdf0e10cSrcweir return nResult; 255cdf0e10cSrcweir } 256cdf0e10cSrcweir 257cdf0e10cSrcweir // ============================================================================ 258cdf0e10cSrcweir Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence( 259cdf0e10cSrcweir const ::rtl::OUString& aUString, 260cdf0e10cSrcweir rtl_TextEncoding nEnc ) 261cdf0e10cSrcweir { 262cdf0e10cSrcweir sal_uInt16 nHash = GetXLHashAsUINT16( aUString, nEnc ); 263cdf0e10cSrcweir Sequence< sal_Int8 > aResult( 2 ); 264cdf0e10cSrcweir aResult[0] = ( nHash >> 8 ); 265cdf0e10cSrcweir aResult[1] = ( nHash & 0xFF ); 266cdf0e10cSrcweir 267cdf0e10cSrcweir return aResult; 268cdf0e10cSrcweir } 269cdf0e10cSrcweir 270cdf0e10cSrcweir // ============================================================================ 271cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateRandomByteSequence( sal_Int32 nLength ) 272cdf0e10cSrcweir { 273cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResult( nLength ); 274cdf0e10cSrcweir 275cdf0e10cSrcweir TimeValue aTime; 276cdf0e10cSrcweir osl_getSystemTime( &aTime ); 277cdf0e10cSrcweir rtlRandomPool aRandomPool = rtl_random_createPool (); 278cdf0e10cSrcweir rtl_random_addBytes ( aRandomPool, &aTime, 8 ); 279cdf0e10cSrcweir rtl_random_getBytes ( aRandomPool, aResult.getArray(), nLength ); 280cdf0e10cSrcweir rtl_random_destroyPool ( aRandomPool ); 281cdf0e10cSrcweir 282cdf0e10cSrcweir return aResult; 283cdf0e10cSrcweir } 284cdf0e10cSrcweir 285cdf0e10cSrcweir 286cdf0e10cSrcweir // ============================================================================ 287cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const ::rtl::OUString& aPassword, const uno::Sequence< sal_Int8 >& aDocId ) 288cdf0e10cSrcweir { 289cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey; 290cdf0e10cSrcweir if ( aPassword.getLength() && aDocId.getLength() == 16 ) 291cdf0e10cSrcweir { 292cdf0e10cSrcweir sal_uInt16 pPassData[16]; 293cdf0e10cSrcweir rtl_zeroMemory( pPassData, sizeof(pPassData) ); 294cdf0e10cSrcweir 295cdf0e10cSrcweir sal_Int32 nPassLen = ::std::min< sal_Int32 >( aPassword.getLength(), 15 ); 296cdf0e10cSrcweir rtl_copyMemory( pPassData, aPassword.getStr(), nPassLen * sizeof(pPassData[0]) ); 297cdf0e10cSrcweir 298cdf0e10cSrcweir aResultKey = GenerateStd97Key( pPassData, aDocId ); 299cdf0e10cSrcweir } 300cdf0e10cSrcweir 301cdf0e10cSrcweir return aResultKey; 302cdf0e10cSrcweir } 303cdf0e10cSrcweir 304cdf0e10cSrcweir // ============================================================================ 305cdf0e10cSrcweir /*static*/ uno::Sequence< sal_Int8 > DocPasswordHelper::GenerateStd97Key( const sal_uInt16 pPassData[16], const uno::Sequence< sal_Int8 >& aDocId ) 306cdf0e10cSrcweir { 307cdf0e10cSrcweir uno::Sequence< sal_Int8 > aResultKey; 308cdf0e10cSrcweir if ( pPassData[0] && aDocId.getLength() == 16 ) 309cdf0e10cSrcweir { 310cdf0e10cSrcweir sal_uInt8 pKeyData[64]; 311cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) ); 312cdf0e10cSrcweir 313cdf0e10cSrcweir sal_Int32 nInd = 0; 314cdf0e10cSrcweir 315cdf0e10cSrcweir // Fill PassData into KeyData. 316cdf0e10cSrcweir for ( nInd = 0; nInd < 16 && pPassData[nInd]; nInd++) 317cdf0e10cSrcweir { 318cdf0e10cSrcweir pKeyData[2*nInd] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 0) & 0xff ); 319cdf0e10cSrcweir pKeyData[2*nInd + 1] = sal::static_int_cast< sal_uInt8 >( (pPassData[nInd] >> 8) & 0xff ); 320cdf0e10cSrcweir } 321cdf0e10cSrcweir 322cdf0e10cSrcweir pKeyData[2*nInd] = 0x80; 323cdf0e10cSrcweir pKeyData[56] = sal::static_int_cast< sal_uInt8 >( nInd << 4 ); 324cdf0e10cSrcweir 325cdf0e10cSrcweir // Fill raw digest of KeyData into KeyData. 326cdf0e10cSrcweir rtlDigest hDigest = rtl_digest_create ( rtl_Digest_AlgorithmMD5 ); 327cdf0e10cSrcweir (void)rtl_digest_updateMD5 ( 328cdf0e10cSrcweir hDigest, pKeyData, sizeof(pKeyData)); 329cdf0e10cSrcweir (void)rtl_digest_rawMD5 ( 330cdf0e10cSrcweir hDigest, pKeyData, RTL_DIGEST_LENGTH_MD5); 331cdf0e10cSrcweir 332cdf0e10cSrcweir // Update digest with KeyData and Unique. 333cdf0e10cSrcweir for ( nInd = 0; nInd < 16; nInd++ ) 334cdf0e10cSrcweir { 335cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, pKeyData, 5 ); 336cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, (const sal_uInt8*)aDocId.getConstArray(), aDocId.getLength() ); 337cdf0e10cSrcweir } 338cdf0e10cSrcweir 339cdf0e10cSrcweir // Update digest with padding. 340cdf0e10cSrcweir pKeyData[16] = 0x80; 341cdf0e10cSrcweir rtl_zeroMemory( pKeyData + 17, sizeof(pKeyData) - 17 ); 342cdf0e10cSrcweir pKeyData[56] = 0x80; 343cdf0e10cSrcweir pKeyData[57] = 0x0a; 344cdf0e10cSrcweir 345cdf0e10cSrcweir rtl_digest_updateMD5( hDigest, &(pKeyData[16]), sizeof(pKeyData) - 16 ); 346cdf0e10cSrcweir 347cdf0e10cSrcweir // Fill raw digest of above updates 348cdf0e10cSrcweir aResultKey.realloc( RTL_DIGEST_LENGTH_MD5 ); 349cdf0e10cSrcweir rtl_digest_rawMD5 ( hDigest, (sal_uInt8*)aResultKey.getArray(), aResultKey.getLength() ); 350cdf0e10cSrcweir 351cdf0e10cSrcweir // Erase KeyData array and leave. 352cdf0e10cSrcweir rtl_zeroMemory( pKeyData, sizeof(pKeyData) ); 353cdf0e10cSrcweir } 354cdf0e10cSrcweir 355cdf0e10cSrcweir return aResultKey; 356cdf0e10cSrcweir } 357cdf0e10cSrcweir 358cdf0e10cSrcweir // ============================================================================ 359cdf0e10cSrcweir 360cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword( 361cdf0e10cSrcweir IDocPasswordVerifier& rVerifier, 362cdf0e10cSrcweir const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& rMediaEncData, 363cdf0e10cSrcweir const OUString& rMediaPassword, 364cdf0e10cSrcweir const Reference< XInteractionHandler >& rxInteractHandler, 365cdf0e10cSrcweir const OUString& rDocumentName, 366cdf0e10cSrcweir DocPasswordRequestType eRequestType, 367cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords, 368cdf0e10cSrcweir bool* pbIsDefaultPassword ) 369cdf0e10cSrcweir { 370cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > aEncData; 371cdf0e10cSrcweir DocPasswordVerifierResult eResult = DocPasswordVerifierResult_WRONG_PASSWORD; 372cdf0e10cSrcweir 373cdf0e10cSrcweir // first, try provided default passwords 374cdf0e10cSrcweir if( pbIsDefaultPassword ) 375cdf0e10cSrcweir *pbIsDefaultPassword = false; 376cdf0e10cSrcweir if( pDefaultPasswords ) 377cdf0e10cSrcweir { 378cdf0e10cSrcweir for( ::std::vector< OUString >::const_iterator aIt = pDefaultPasswords->begin(), aEnd = pDefaultPasswords->end(); (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && (aIt != aEnd); ++aIt ) 379cdf0e10cSrcweir { 380cdf0e10cSrcweir OSL_ENSURE( aIt->getLength() > 0, "DocPasswordHelper::requestAndVerifyDocPassword - unexpected empty default password" ); 381cdf0e10cSrcweir if( aIt->getLength() > 0 ) 382cdf0e10cSrcweir { 383cdf0e10cSrcweir eResult = rVerifier.verifyPassword( *aIt, aEncData ); 384cdf0e10cSrcweir if( pbIsDefaultPassword ) 385cdf0e10cSrcweir *pbIsDefaultPassword = eResult == DocPasswordVerifierResult_OK; 386cdf0e10cSrcweir } 387cdf0e10cSrcweir } 388cdf0e10cSrcweir } 389cdf0e10cSrcweir 390cdf0e10cSrcweir // try media encryption data (skip, if result is OK or ABORT) 391cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 392cdf0e10cSrcweir { 393cdf0e10cSrcweir if( rMediaEncData.getLength() > 0 ) 394cdf0e10cSrcweir { 395cdf0e10cSrcweir eResult = rVerifier.verifyEncryptionData( rMediaEncData ); 396cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_OK ) 397cdf0e10cSrcweir aEncData = rMediaEncData; 398cdf0e10cSrcweir } 399cdf0e10cSrcweir } 400cdf0e10cSrcweir 401cdf0e10cSrcweir // try media password (skip, if result is OK or ABORT) 402cdf0e10cSrcweir if( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 403cdf0e10cSrcweir { 404cdf0e10cSrcweir if( rMediaPassword.getLength() > 0 ) 405cdf0e10cSrcweir eResult = rVerifier.verifyPassword( rMediaPassword, aEncData ); 406cdf0e10cSrcweir } 407cdf0e10cSrcweir 408cdf0e10cSrcweir // request a password (skip, if result is OK or ABORT) 409cdf0e10cSrcweir if( (eResult == DocPasswordVerifierResult_WRONG_PASSWORD) && rxInteractHandler.is() ) try 410cdf0e10cSrcweir { 411cdf0e10cSrcweir PasswordRequestMode eRequestMode = PasswordRequestMode_PASSWORD_ENTER; 412cdf0e10cSrcweir while( eResult == DocPasswordVerifierResult_WRONG_PASSWORD ) 413cdf0e10cSrcweir { 414cdf0e10cSrcweir DocPasswordRequest* pRequest = new DocPasswordRequest( eRequestType, eRequestMode, rDocumentName ); 415cdf0e10cSrcweir Reference< XInteractionRequest > xRequest( pRequest ); 416cdf0e10cSrcweir rxInteractHandler->handle( xRequest ); 417cdf0e10cSrcweir if( pRequest->isPassword() ) 418cdf0e10cSrcweir { 419cdf0e10cSrcweir if( pRequest->getPassword().getLength() > 0 ) 420cdf0e10cSrcweir eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData ); 421cdf0e10cSrcweir } 422cdf0e10cSrcweir else 423cdf0e10cSrcweir { 424cdf0e10cSrcweir eResult = DocPasswordVerifierResult_ABORT; 425cdf0e10cSrcweir } 426cdf0e10cSrcweir eRequestMode = PasswordRequestMode_PASSWORD_REENTER; 427cdf0e10cSrcweir } 428cdf0e10cSrcweir } 429cdf0e10cSrcweir catch( Exception& ) 430cdf0e10cSrcweir { 431cdf0e10cSrcweir } 432cdf0e10cSrcweir 433cdf0e10cSrcweir return (eResult == DocPasswordVerifierResult_OK) ? aEncData : uno::Sequence< beans::NamedValue >(); 434cdf0e10cSrcweir } 435cdf0e10cSrcweir 436cdf0e10cSrcweir /*static*/ ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue > DocPasswordHelper::requestAndVerifyDocPassword( 437cdf0e10cSrcweir IDocPasswordVerifier& rVerifier, 438cdf0e10cSrcweir MediaDescriptor& rMediaDesc, 439cdf0e10cSrcweir DocPasswordRequestType eRequestType, 440cdf0e10cSrcweir const ::std::vector< OUString >* pDefaultPasswords ) 441cdf0e10cSrcweir { 442cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aMediaEncData = rMediaDesc.getUnpackedValueOrDefault( 443cdf0e10cSrcweir MediaDescriptor::PROP_ENCRYPTIONDATA(), uno::Sequence< beans::NamedValue >() ); 444cdf0e10cSrcweir OUString aMediaPassword = rMediaDesc.getUnpackedValueOrDefault( 445cdf0e10cSrcweir MediaDescriptor::PROP_PASSWORD(), OUString() ); 446cdf0e10cSrcweir Reference< XInteractionHandler > xInteractHandler = rMediaDesc.getUnpackedValueOrDefault( 447cdf0e10cSrcweir MediaDescriptor::PROP_INTERACTIONHANDLER(), Reference< XInteractionHandler >() ); 448cdf0e10cSrcweir OUString aDocumentName = rMediaDesc.getUnpackedValueOrDefault( 449cdf0e10cSrcweir MediaDescriptor::PROP_URL(), OUString() ); 450cdf0e10cSrcweir 451cdf0e10cSrcweir bool bIsDefaultPassword = false; 452cdf0e10cSrcweir uno::Sequence< beans::NamedValue > aEncryptionData = requestAndVerifyDocPassword( 453cdf0e10cSrcweir rVerifier, aMediaEncData, aMediaPassword, xInteractHandler, aDocumentName, eRequestType, pDefaultPasswords, &bIsDefaultPassword ); 454cdf0e10cSrcweir 455cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_PASSWORD() ); 456cdf0e10cSrcweir rMediaDesc.erase( MediaDescriptor::PROP_ENCRYPTIONDATA() ); 457cdf0e10cSrcweir 458cdf0e10cSrcweir // insert valid password into media descriptor (but not a default password) 459cdf0e10cSrcweir if( (aEncryptionData.getLength() > 0) && !bIsDefaultPassword ) 460cdf0e10cSrcweir rMediaDesc[ MediaDescriptor::PROP_ENCRYPTIONDATA() ] <<= aEncryptionData; 461cdf0e10cSrcweir 462cdf0e10cSrcweir return aEncryptionData; 463cdf0e10cSrcweir } 464cdf0e10cSrcweir 465cdf0e10cSrcweir // ============================================================================ 466cdf0e10cSrcweir 467cdf0e10cSrcweir } // namespace comphelper 468cdf0e10cSrcweir 469