ooxml_crypt 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +21 -0
- data/README.md +58 -0
- data/Rakefile +12 -0
- data/bin/console +15 -0
- data/bin/setup +8 -0
- data/ext/ooxml_crypt/extconf.rb +18 -0
- data/ext/ooxml_crypt/ooxml_crypt.c +27 -0
- data/ext/ooxml_crypt/ooxml_crypt.h +7 -0
- data/lib/ooxml_crypt/version.rb +5 -0
- data/lib/ooxml_crypt.rb +75 -0
- data/vendor/cybozulib/.github/workflows/main.yml +12 -0
- data/vendor/cybozulib/.gitignore +5 -0
- data/vendor/cybozulib/CMakeLists.txt +6 -0
- data/vendor/cybozulib/COPYRIGHT +27 -0
- data/vendor/cybozulib/Makefile +26 -0
- data/vendor/cybozulib/bin/libeay32.dll +0 -0
- data/vendor/cybozulib/bin/libmecab.dll +0 -0
- data/vendor/cybozulib/bin/ssleay32.dll +0 -0
- data/vendor/cybozulib/common.mk +116 -0
- data/vendor/cybozulib/common.props +25 -0
- data/vendor/cybozulib/cybozulib.sln +286 -0
- data/vendor/cybozulib/debug.props +14 -0
- data/vendor/cybozulib/include/cybozu/array.hpp +197 -0
- data/vendor/cybozulib/include/cybozu/atoi.hpp +238 -0
- data/vendor/cybozulib/include/cybozu/atomic.hpp +146 -0
- data/vendor/cybozulib/include/cybozu/base64.hpp +210 -0
- data/vendor/cybozulib/include/cybozu/benchmark.hpp +212 -0
- data/vendor/cybozulib/include/cybozu/bfd.hpp +105 -0
- data/vendor/cybozulib/include/cybozu/bit_operation.hpp +139 -0
- data/vendor/cybozulib/include/cybozu/bitvector.hpp +358 -0
- data/vendor/cybozulib/include/cybozu/condition_variable.hpp +113 -0
- data/vendor/cybozulib/include/cybozu/condition_variable_cs.hpp +74 -0
- data/vendor/cybozulib/include/cybozu/config.hpp +392 -0
- data/vendor/cybozulib/include/cybozu/critical_section.hpp +60 -0
- data/vendor/cybozulib/include/cybozu/crypto.hpp +321 -0
- data/vendor/cybozulib/include/cybozu/csucvector.hpp +624 -0
- data/vendor/cybozulib/include/cybozu/csv.hpp +294 -0
- data/vendor/cybozulib/include/cybozu/data_type.hpp +27 -0
- data/vendor/cybozulib/include/cybozu/endian.hpp +224 -0
- data/vendor/cybozulib/include/cybozu/env.hpp +63 -0
- data/vendor/cybozulib/include/cybozu/event.hpp +122 -0
- data/vendor/cybozulib/include/cybozu/exception.hpp +253 -0
- data/vendor/cybozulib/include/cybozu/file.hpp +626 -0
- data/vendor/cybozulib/include/cybozu/fmindex.hpp +291 -0
- data/vendor/cybozulib/include/cybozu/format.hpp +93 -0
- data/vendor/cybozulib/include/cybozu/frequency.hpp +264 -0
- data/vendor/cybozulib/include/cybozu/hash.hpp +67 -0
- data/vendor/cybozulib/include/cybozu/inttype.hpp +174 -0
- data/vendor/cybozulib/include/cybozu/itoa.hpp +336 -0
- data/vendor/cybozulib/include/cybozu/json.hpp +120 -0
- data/vendor/cybozulib/include/cybozu/line_stream.hpp +149 -0
- data/vendor/cybozulib/include/cybozu/link_libeay32.hpp +21 -0
- data/vendor/cybozulib/include/cybozu/link_mpir.hpp +18 -0
- data/vendor/cybozulib/include/cybozu/link_ssleay32.hpp +19 -0
- data/vendor/cybozulib/include/cybozu/log.hpp +237 -0
- data/vendor/cybozulib/include/cybozu/minixml.hpp +452 -0
- data/vendor/cybozulib/include/cybozu/mmap.hpp +143 -0
- data/vendor/cybozulib/include/cybozu/mutex.hpp +144 -0
- data/vendor/cybozulib/include/cybozu/nlp/mecab.hpp +96 -0
- data/vendor/cybozulib/include/cybozu/nlp/plsi.hpp +315 -0
- data/vendor/cybozulib/include/cybozu/nlp/random.hpp +74 -0
- data/vendor/cybozulib/include/cybozu/nlp/sparse.hpp +529 -0
- data/vendor/cybozulib/include/cybozu/nlp/svd.hpp +486 -0
- data/vendor/cybozulib/include/cybozu/nlp/tfidf.hpp +226 -0
- data/vendor/cybozulib/include/cybozu/nlp/top_score.hpp +75 -0
- data/vendor/cybozulib/include/cybozu/option.hpp +743 -0
- data/vendor/cybozulib/include/cybozu/parallel.hpp +88 -0
- data/vendor/cybozulib/include/cybozu/pcg.hpp +72 -0
- data/vendor/cybozulib/include/cybozu/process.hpp +324 -0
- data/vendor/cybozulib/include/cybozu/quit_signal_handler.hpp +66 -0
- data/vendor/cybozulib/include/cybozu/random_generator.hpp +144 -0
- data/vendor/cybozulib/include/cybozu/regex.hpp +463 -0
- data/vendor/cybozulib/include/cybozu/select8.hpp +279 -0
- data/vendor/cybozulib/include/cybozu/serializer.hpp +363 -0
- data/vendor/cybozulib/include/cybozu/sha1.hpp +209 -0
- data/vendor/cybozulib/include/cybozu/sha2.hpp +506 -0
- data/vendor/cybozulib/include/cybozu/siphash.hpp +105 -0
- data/vendor/cybozulib/include/cybozu/socket.hpp +785 -0
- data/vendor/cybozulib/include/cybozu/ssl.hpp +203 -0
- data/vendor/cybozulib/include/cybozu/stacktrace.hpp +291 -0
- data/vendor/cybozulib/include/cybozu/stream.hpp +269 -0
- data/vendor/cybozulib/include/cybozu/string.hpp +1746 -0
- data/vendor/cybozulib/include/cybozu/string_operation.hpp +365 -0
- data/vendor/cybozulib/include/cybozu/sucvector.hpp +378 -0
- data/vendor/cybozulib/include/cybozu/test.hpp +373 -0
- data/vendor/cybozulib/include/cybozu/thread.hpp +229 -0
- data/vendor/cybozulib/include/cybozu/time.hpp +281 -0
- data/vendor/cybozulib/include/cybozu/tls.hpp +115 -0
- data/vendor/cybozulib/include/cybozu/unordered_map.hpp +13 -0
- data/vendor/cybozulib/include/cybozu/unordered_set.hpp +13 -0
- data/vendor/cybozulib/include/cybozu/v128.hpp +376 -0
- data/vendor/cybozulib/include/cybozu/wavelet_matrix.hpp +345 -0
- data/vendor/cybozulib/include/cybozu/xorshift.hpp +189 -0
- data/vendor/cybozulib/include/cybozu/zlib.hpp +325 -0
- data/vendor/cybozulib/include/sais.hxx +364 -0
- data/vendor/cybozulib/misc/make_select8tbl.cpp +26 -0
- data/vendor/cybozulib/mk.bat +37 -0
- data/vendor/cybozulib/readme.md +29 -0
- data/vendor/cybozulib/release.props +12 -0
- data/vendor/cybozulib/sample/Makefile +30 -0
- data/vendor/cybozulib/sample/csucvector_smpl.cpp +42 -0
- data/vendor/cybozulib/sample/data/svd/org/test1.S +4 -0
- data/vendor/cybozulib/sample/data/svd/org/test1.U +4 -0
- data/vendor/cybozulib/sample/data/svd/org/test1.V +6 -0
- data/vendor/cybozulib/sample/data/svd/test1 +4 -0
- data/vendor/cybozulib/sample/data/svd/test2 +4 -0
- data/vendor/cybozulib/sample/desymbol.cpp +127 -0
- data/vendor/cybozulib/sample/exception_smpl.cpp +46 -0
- data/vendor/cybozulib/sample/fmindex_smpl.cpp +231 -0
- data/vendor/cybozulib/sample/log_smpl.cpp +19 -0
- data/vendor/cybozulib/sample/mecab_smpl.cpp +37 -0
- data/vendor/cybozulib/sample/option2_smpl.cpp +68 -0
- data/vendor/cybozulib/sample/option_smpl.cpp +42 -0
- data/vendor/cybozulib/sample/plsi_smpl.cpp +207 -0
- data/vendor/cybozulib/sample/proj/exception_smpl.vcproj +184 -0
- data/vendor/cybozulib/sample/proj/mecab_smpl.vcproj +184 -0
- data/vendor/cybozulib/sample/proj/ssl_smpl/ssl_smpl.vcxproj +85 -0
- data/vendor/cybozulib/sample/proj/ssl_smpl.vcproj +347 -0
- data/vendor/cybozulib/sample/proj/stacktrace_smpl/stacktrace_smpl.vcxproj +85 -0
- data/vendor/cybozulib/sample/proj/svd_smpl.vcproj +184 -0
- data/vendor/cybozulib/sample/quit_signal_handler.cpp +30 -0
- data/vendor/cybozulib/sample/serializer_smpl.cpp +196 -0
- data/vendor/cybozulib/sample/socket_smpl.cpp +82 -0
- data/vendor/cybozulib/sample/ssl_smpl.cpp +39 -0
- data/vendor/cybozulib/sample/stacktrace_smpl.cpp +52 -0
- data/vendor/cybozulib/sample/svd_bench_smpl.cpp +143 -0
- data/vendor/cybozulib/sample/svd_smpl.cpp +94 -0
- data/vendor/cybozulib/sample/wm_bench_smpl.cpp +182 -0
- data/vendor/cybozulib/sample/zlib_smpl.cpp +41 -0
- data/vendor/cybozulib/src/Makefile +8 -0
- data/vendor/cybozulib/src/base/Makefile +19 -0
- data/vendor/cybozulib/test/Makefile +12 -0
- data/vendor/cybozulib/test/base/Makefile +37 -0
- data/vendor/cybozulib/test/base/array_test.cpp +173 -0
- data/vendor/cybozulib/test/base/atoi_test.cpp +774 -0
- data/vendor/cybozulib/test/base/atomic_test.cpp +49 -0
- data/vendor/cybozulib/test/base/base64_test.cpp +113 -0
- data/vendor/cybozulib/test/base/bit_operation_test.cpp +134 -0
- data/vendor/cybozulib/test/base/bitvector_test.cpp +204 -0
- data/vendor/cybozulib/test/base/condition_variable_cs_test.cpp +92 -0
- data/vendor/cybozulib/test/base/condition_variable_test.cpp +88 -0
- data/vendor/cybozulib/test/base/config_test.cpp +236 -0
- data/vendor/cybozulib/test/base/crypto_test.cpp +122 -0
- data/vendor/cybozulib/test/base/csucvector_test.cpp +63 -0
- data/vendor/cybozulib/test/base/csv_test.cpp +182 -0
- data/vendor/cybozulib/test/base/data/a.xml +26 -0
- data/vendor/cybozulib/test/base/endian_test.cpp +56 -0
- data/vendor/cybozulib/test/base/env_test.cpp +22 -0
- data/vendor/cybozulib/test/base/event_test.cpp +41 -0
- data/vendor/cybozulib/test/base/file_test.cpp +233 -0
- data/vendor/cybozulib/test/base/fmindex_test.cpp +118 -0
- data/vendor/cybozulib/test/base/format_test.cpp +12 -0
- data/vendor/cybozulib/test/base/frequency_test.cpp +104 -0
- data/vendor/cybozulib/test/base/itoa_test.cpp +522 -0
- data/vendor/cybozulib/test/base/line_stream_test.cpp +208 -0
- data/vendor/cybozulib/test/base/mecab_test.cpp +41 -0
- data/vendor/cybozulib/test/base/minixml_test.cpp +103 -0
- data/vendor/cybozulib/test/base/mmap_test.cpp +15 -0
- data/vendor/cybozulib/test/base/option_test.cpp +487 -0
- data/vendor/cybozulib/test/base/parallel_test.cpp +48 -0
- data/vendor/cybozulib/test/base/proj/array_test/array_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/atoi_test/atoi_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/atomic_test/atomic_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/base64_test/base64_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/condition_variable_cs_test/condition_variable_cs_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/condition_variable_test/condition_variable_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/config_test/config_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/csv_test/csv_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/endian_test/endian_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/env_test/env_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/event_test/event_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/file_test/file_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/itoa_test/itoa_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/mecab_test/mecab_test.vcxproj +88 -0
- data/vendor/cybozulib/test/base/proj/minixml_test/minixml_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/mmap_test/mmap_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/serializer_test/serializer_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/sha1_test/sha1_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/stream_test/stream_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/string_operation_test/string_operation_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/string_test/string_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/thread_test/thread_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/time_test/time_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/tls_test/tls_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/proj/zlib_test/zlib_test.vcxproj +86 -0
- data/vendor/cybozulib/test/base/random_generator_test.cpp +28 -0
- data/vendor/cybozulib/test/base/regex_test.cpp +74 -0
- data/vendor/cybozulib/test/base/serializer_test.cpp +483 -0
- data/vendor/cybozulib/test/base/sha1_test.cpp +61 -0
- data/vendor/cybozulib/test/base/sha2_test.cpp +191 -0
- data/vendor/cybozulib/test/base/siphash_test.cpp +33 -0
- data/vendor/cybozulib/test/base/socket_test.cpp +76 -0
- data/vendor/cybozulib/test/base/stream_test.cpp +101 -0
- data/vendor/cybozulib/test/base/string_operation_test.cpp +340 -0
- data/vendor/cybozulib/test/base/string_test.cpp +1705 -0
- data/vendor/cybozulib/test/base/sucvector_test.cpp +312 -0
- data/vendor/cybozulib/test/base/thread_test.cpp +62 -0
- data/vendor/cybozulib/test/base/time_test.cpp +164 -0
- data/vendor/cybozulib/test/base/tls_test.cpp +50 -0
- data/vendor/cybozulib/test/base/wavelet_matrix_test.cpp +145 -0
- data/vendor/cybozulib/test/base/zlib_test.cpp +371 -0
- data/vendor/cybozulib/test/nlp/Makefile +27 -0
- data/vendor/cybozulib/test/nlp/proj/random_test.vcproj +184 -0
- data/vendor/cybozulib/test/nlp/proj/sparse_test.vcproj +184 -0
- data/vendor/cybozulib/test/nlp/proj/svd_test.vcproj +184 -0
- data/vendor/cybozulib/test/nlp/random_test.cpp +62 -0
- data/vendor/cybozulib/test/nlp/sparse_test.cpp +347 -0
- data/vendor/cybozulib/test/nlp/svd_test.cpp +234 -0
- data/vendor/cybozulib/test/nlp/top_score_test.cpp +40 -0
- data/vendor/cybozulib/tool/create_vcproj.py +186 -0
- data/vendor/cybozulib/tool/vcproj_tmpl.py +185 -0
- data/vendor/msoffice/COPYRIGHT +27 -0
- data/vendor/msoffice/Makefile +29 -0
- data/vendor/msoffice/bin/64/msoc.dll +0 -0
- data/vendor/msoffice/bin/64/msocsample.exe +0 -0
- data/vendor/msoffice/bin/64/msoffice-crypt.exe +0 -0
- data/vendor/msoffice/bin/msoc.dll +0 -0
- data/vendor/msoffice/bin/msocsample.exe +0 -0
- data/vendor/msoffice/bin/msoffice-crypt.exe +0 -0
- data/vendor/msoffice/common.mk +71 -0
- data/vendor/msoffice/common.props +26 -0
- data/vendor/msoffice/debug.props +14 -0
- data/vendor/msoffice/include/attack.hpp +211 -0
- data/vendor/msoffice/include/cfb.hpp +777 -0
- data/vendor/msoffice/include/crypto_util.hpp +450 -0
- data/vendor/msoffice/include/custom_sha1.hpp +342 -0
- data/vendor/msoffice/include/decode.hpp +240 -0
- data/vendor/msoffice/include/encode.hpp +221 -0
- data/vendor/msoffice/include/make_dataspace.hpp +316 -0
- data/vendor/msoffice/include/msoc.h +129 -0
- data/vendor/msoffice/include/resource.hpp +7 -0
- data/vendor/msoffice/include/standard_encryption.hpp +145 -0
- data/vendor/msoffice/include/uint32vec.hpp +179 -0
- data/vendor/msoffice/include/util.hpp +212 -0
- data/vendor/msoffice/lib/.emptydir +0 -0
- data/vendor/msoffice/misc/decrypt-xls.vbs +46 -0
- data/vendor/msoffice/mk.bat +1 -0
- data/vendor/msoffice/mkdll.bat +3 -0
- data/vendor/msoffice/msoc.def +13 -0
- data/vendor/msoffice/msocsample.py +178 -0
- data/vendor/msoffice/msoffice12.sln +31 -0
- data/vendor/msoffice/readme.md +110 -0
- data/vendor/msoffice/release.props +28 -0
- data/vendor/msoffice/src/Makefile +19 -0
- data/vendor/msoffice/src/attack.cpp +124 -0
- data/vendor/msoffice/src/cfb_test.cpp +77 -0
- data/vendor/msoffice/src/minisample.c +54 -0
- data/vendor/msoffice/src/msocdll.cpp +276 -0
- data/vendor/msoffice/src/msocsample.c +136 -0
- data/vendor/msoffice/src/msoffice-crypt.cpp +219 -0
- data/vendor/msoffice/src/proj/attack/attack.vcxproj +88 -0
- data/vendor/msoffice/src/proj/main/msoffice-crypt.vcxproj +88 -0
- data/vendor/msoffice/src/sha1.cpp +234 -0
- data/vendor/msoffice/test/Makefile +20 -0
- data/vendor/msoffice/test/cfb_test.cpp +74 -0
- data/vendor/msoffice/test/hash_test.cpp +59 -0
- data/vendor/msoffice/test/proj/cfb/cfb_test.vcxproj +90 -0
- data/vendor/msoffice/test/proj/hash/hash_test.vcxproj +90 -0
- data/vendor/msoffice/test/sampl.bat +8 -0
- data/vendor/msoffice/test_all.py +46 -0
- data/vendor/update +4 -0
- metadata +351 -0
@@ -0,0 +1,450 @@
|
|
1
|
+
#pragma once
|
2
|
+
/**
|
3
|
+
@file
|
4
|
+
Copyright (C) 2012 Cybozu Labs, Inc., all rights reserved.
|
5
|
+
*/
|
6
|
+
#include "util.hpp"
|
7
|
+
#include <cybozu/crypto.hpp>
|
8
|
+
#include <cybozu/stream.hpp>
|
9
|
+
#include <cybozu/string.hpp>
|
10
|
+
#include <cybozu/minixml.hpp>
|
11
|
+
#include <cybozu/endian.hpp>
|
12
|
+
#include "custom_sha1.hpp"
|
13
|
+
//#define DEBUG_CLK
|
14
|
+
|
15
|
+
#ifdef DEBUG_CLK
|
16
|
+
#define XBYAK_NO_OP_NAMES
|
17
|
+
#include <xbyak/xbyak_util.h>
|
18
|
+
#endif
|
19
|
+
|
20
|
+
namespace ms {
|
21
|
+
|
22
|
+
// [OFFCRYPTO] 2.3.4.13 encryptedVerifierHashInput step 2
|
23
|
+
static const std::string blkKey_VerifierHashInput("\xfe" "\xa7" "\xd2" "\x76" "\x3b" "\x4b" "\x9e" "\x79", 8);
|
24
|
+
// [OFFCRYPTO] 2.3.4.13 encryptedVerifierHashValue step 2
|
25
|
+
static const std::string blkKey_encryptedVerifierHashValue("\xd7" "\xaa" "\x0f" "\x6d" "\x30" "\x61" "\x34" "\x4e", 8);
|
26
|
+
// [OFFCRYPTO] 2.3.4.13 encryptedKeyValue step 2
|
27
|
+
static const std::string blkKey_encryptedKeyValue("\x14" "\x6e" "\x0b" "\xe7" "\xab" "\xac" "\xd0" "\xd6", 8);
|
28
|
+
// [OFFCRYPTO] 2.3.4.14 DataIntegrity Generation step 3
|
29
|
+
static const std::string blkKey_dataIntegrity1("\x5f" "\xb2" "\xad" "\x01" "\x0c" "\xb9" "\xe1" "\xf6", 8);
|
30
|
+
// [OFFCRYPTO] 2.3.4.14 DataIntegrity Generation step 6
|
31
|
+
static const std::string blkKey_dataIntegrity2("\xa0" "\x67" "\x7f" "\x02" "\xb2" "\x2c" "\x84" "\x33", 8);
|
32
|
+
|
33
|
+
inline void normalizeKey(std::string& key, size_t keySize)
|
34
|
+
{
|
35
|
+
key.resize(keySize, char(0x36));
|
36
|
+
}
|
37
|
+
|
38
|
+
#ifdef DEBUG_CLK
|
39
|
+
Xbyak::util::Clock clk;
|
40
|
+
struct XXX {
|
41
|
+
~XXX()
|
42
|
+
{
|
43
|
+
printf("%.1f Mclk\n", clk.getClock() / double(clk.getCount()) * 1e-6);
|
44
|
+
}
|
45
|
+
} xxx;
|
46
|
+
#endif
|
47
|
+
|
48
|
+
// #define USE_CUSTOM_SHA1
|
49
|
+
|
50
|
+
inline std::string hashPassword(cybozu::crypto::Hash::Name name, const std::string& salt, const std::string& pass, int spinCount)
|
51
|
+
{
|
52
|
+
#ifdef USE_CUSTOM_SHA1
|
53
|
+
if (name != cybozu::crypto::Hash::N_SHA1) {
|
54
|
+
throw cybozu::Exception("hashPassword") << "not support" << cybozu::crypto::Hash::getName(name);
|
55
|
+
}
|
56
|
+
#endif
|
57
|
+
cybozu::crypto::Hash s(name);
|
58
|
+
std::string h = s.digest(salt + pass);
|
59
|
+
#ifdef DEBUG_CLK
|
60
|
+
clk.begin();
|
61
|
+
#endif
|
62
|
+
#ifdef USE_CUSTOM_SHA1
|
63
|
+
assert(h.size() == 20);
|
64
|
+
CustomSha1::digest(&h[0], spinCount);
|
65
|
+
#else
|
66
|
+
for (int i = 0; i < spinCount; i++) {
|
67
|
+
char iter[4];
|
68
|
+
cybozu::Set32bitAsLE(iter, i);
|
69
|
+
s.update(iter, sizeof(iter));
|
70
|
+
s.digest(&h[0], &h[0], h.size());
|
71
|
+
}
|
72
|
+
#endif
|
73
|
+
#ifdef DEBUG_CLK
|
74
|
+
clk.end();
|
75
|
+
#endif
|
76
|
+
return h;
|
77
|
+
}
|
78
|
+
|
79
|
+
#ifdef SHA1_USE_SIMD
|
80
|
+
template<int n>
|
81
|
+
inline void sha1PasswordX(std::string out[n], const std::string& salt, const std::string pass[n], int spinCount)
|
82
|
+
{
|
83
|
+
for (int i = 0; i < n; i++) {
|
84
|
+
out[i] = cybozu::crypto::Hash::digest(cybozu::crypto::Hash::N_SHA1, salt + pass[i]);
|
85
|
+
}
|
86
|
+
CustomSha1::digestX<n>(out, spinCount);
|
87
|
+
}
|
88
|
+
#endif
|
89
|
+
|
90
|
+
/*
|
91
|
+
[MS-OFFCRYPTO] 2.3.4.10
|
92
|
+
*/
|
93
|
+
struct CipherParam {
|
94
|
+
cybozu::crypto::Cipher::Name cipherName;
|
95
|
+
std::string cipherNameStr;
|
96
|
+
size_t saltSize;
|
97
|
+
size_t blockSize;
|
98
|
+
size_t keyBits;
|
99
|
+
|
100
|
+
cybozu::crypto::Hash::Name hashName;
|
101
|
+
std::string hashNameStr;
|
102
|
+
int hashSize;
|
103
|
+
std::string saltValue;
|
104
|
+
|
105
|
+
CipherParam()
|
106
|
+
: saltSize(0)
|
107
|
+
, blockSize(0)
|
108
|
+
, keyBits(0)
|
109
|
+
, hashSize(0)
|
110
|
+
{
|
111
|
+
}
|
112
|
+
void put() const
|
113
|
+
{
|
114
|
+
printf("cipherName = %s\n", cipherNameStr.c_str());
|
115
|
+
printf("saltSize = %d\n", (int)saltSize);
|
116
|
+
printf("blockSize = %d\n", (int)blockSize);
|
117
|
+
printf("keyBits = %d\n", (int)keyBits);
|
118
|
+
printf("hashName = %s\n", hashNameStr.c_str());
|
119
|
+
printf("hashSize = %d\n", hashSize);
|
120
|
+
printf("saltValue = "); dump(saltValue, false);
|
121
|
+
}
|
122
|
+
explicit CipherParam(const cybozu::minixml::Node *node)
|
123
|
+
{
|
124
|
+
setByXml(node);
|
125
|
+
}
|
126
|
+
void setByXml(const cybozu::minixml::Node *node)
|
127
|
+
{
|
128
|
+
saltSize = cybozu::atoi(node->attr["saltSize"]);
|
129
|
+
blockSize = cybozu::atoi(node->attr["blockSize"]);
|
130
|
+
keyBits = cybozu::atoi(node->attr["keyBits"]);
|
131
|
+
hashSize = cybozu::atoi(node->attr["hashSize"]);
|
132
|
+
saltValue = dec64(node->attr["saltValue"]);
|
133
|
+
|
134
|
+
if (saltSize < 1 || saltSize > 65536) {
|
135
|
+
throw cybozu::Exception("ms:CipherParam:saltSize") << saltSize;
|
136
|
+
}
|
137
|
+
if (blockSize < 2 || blockSize > 4096 || (blockSize & 1)) {
|
138
|
+
throw cybozu::Exception("ms:CipherParam:blockSize") << blockSize;
|
139
|
+
}
|
140
|
+
const std::string& chaining = node->attr["cipherChaining"];
|
141
|
+
cipherNameStr = node->attr["cipherAlgorithm"];
|
142
|
+
|
143
|
+
if (cipherNameStr == "AES" && keyBits == 128 && chaining == "ChainingModeCBC") {
|
144
|
+
cipherName = cybozu::crypto::Cipher::N_AES128_CBC;
|
145
|
+
} else if (cipherNameStr == "AES" && keyBits == 256 && chaining == "ChainingModeCBC") {
|
146
|
+
cipherName = cybozu::crypto::Cipher::N_AES256_CBC;
|
147
|
+
} else {
|
148
|
+
throw cybozu::Exception("ms:CipherParam:cipherNameStr") << cipherNameStr << keyBits << chaining;
|
149
|
+
}
|
150
|
+
hashNameStr = node->attr["hashAlgorithm"];
|
151
|
+
|
152
|
+
if (hashNameStr == "SHA1" && hashSize == 20) {
|
153
|
+
hashName = cybozu::crypto::Hash::N_SHA1;
|
154
|
+
} else if (hashNameStr == "SHA256" && hashSize == 32) {
|
155
|
+
hashName = cybozu::crypto::Hash::N_SHA256;
|
156
|
+
} else if (hashNameStr == "SHA384" && hashSize == 48) {
|
157
|
+
hashName = cybozu::crypto::Hash::N_SHA384;
|
158
|
+
} else if (hashNameStr == "SHA512" && hashSize == 64) {
|
159
|
+
hashName = cybozu::crypto::Hash::N_SHA512;
|
160
|
+
} else {
|
161
|
+
throw cybozu::Exception("ms:CipherParam:hashNameStr") << hashNameStr << hashSize;
|
162
|
+
}
|
163
|
+
}
|
164
|
+
void setByName(cybozu::crypto::Cipher::Name cipherName, cybozu::crypto::Hash::Name hashName)
|
165
|
+
{
|
166
|
+
this->cipherName = cipherName;
|
167
|
+
this->hashName = hashName;
|
168
|
+
|
169
|
+
switch (cipherName) {
|
170
|
+
case cybozu::crypto::Cipher::N_AES128_CBC:
|
171
|
+
saltSize = 16;
|
172
|
+
blockSize = 16;
|
173
|
+
keyBits = 128;
|
174
|
+
cipherNameStr = "AES";
|
175
|
+
break;
|
176
|
+
case cybozu::crypto::Cipher::N_AES256_CBC:
|
177
|
+
saltSize = 16;
|
178
|
+
blockSize = 16;
|
179
|
+
keyBits = 256;
|
180
|
+
cipherNameStr = "AES";
|
181
|
+
break;
|
182
|
+
default:
|
183
|
+
throw cybozu::Exception("ms:CipherParam:not support cipherName") << cipherName;
|
184
|
+
}
|
185
|
+
if (saltSize == 0 || saltSize > 65536) throw cybozu::Exception("ms:CipherParam:setByName:bad saltSize") << saltSize;
|
186
|
+
|
187
|
+
switch (hashName) {
|
188
|
+
case cybozu::crypto::Hash::N_SHA1:
|
189
|
+
hashSize = 20;
|
190
|
+
hashNameStr = "SHA1";
|
191
|
+
break;
|
192
|
+
case cybozu::crypto::Hash::N_SHA256:
|
193
|
+
hashSize = 32;
|
194
|
+
hashNameStr = "SHA256";
|
195
|
+
break;
|
196
|
+
case cybozu::crypto::Hash::N_SHA384:
|
197
|
+
hashSize = 48;
|
198
|
+
hashNameStr = "SHA384";
|
199
|
+
break;
|
200
|
+
case cybozu::crypto::Hash::N_SHA512:
|
201
|
+
hashSize = 64;
|
202
|
+
hashNameStr = "SHA512";
|
203
|
+
break;
|
204
|
+
default:
|
205
|
+
throw cybozu::Exception("ms:CipherParam:setByName:not support hash") << hashName;
|
206
|
+
}
|
207
|
+
}
|
208
|
+
};
|
209
|
+
|
210
|
+
} // ms
|
211
|
+
|
212
|
+
#include "standard_encryption.hpp"
|
213
|
+
|
214
|
+
namespace ms {
|
215
|
+
|
216
|
+
#ifdef __GNUC__ // defined in sys/sysmacros.h
|
217
|
+
#undef major
|
218
|
+
#undef minor
|
219
|
+
#endif
|
220
|
+
struct EncryptionInfo {
|
221
|
+
int spinCount;
|
222
|
+
uint16_t major;
|
223
|
+
uint16_t minor;
|
224
|
+
cybozu::MiniXml xml;
|
225
|
+
CipherParam keyData;
|
226
|
+
std::string encryptedHmacKey;
|
227
|
+
std::string encryptedHmacValue;
|
228
|
+
CipherParam encryptedKey;
|
229
|
+
std::string encryptedVerifierHashInput;
|
230
|
+
std::string encryptedVerifierHashValue;
|
231
|
+
std::string encryptedKeyValue;
|
232
|
+
// for LibreOffice
|
233
|
+
bool isStandardEncryption;
|
234
|
+
EncryptionHeader seHeader;
|
235
|
+
EncryptionVerifier seVerifier;
|
236
|
+
|
237
|
+
EncryptionInfo()
|
238
|
+
: spinCount(0)
|
239
|
+
, major(0)
|
240
|
+
, minor(0)
|
241
|
+
, isStandardEncryption(false)
|
242
|
+
{
|
243
|
+
}
|
244
|
+
explicit EncryptionInfo(const std::string& data)
|
245
|
+
: spinCount(0)
|
246
|
+
, major(0)
|
247
|
+
, minor(0)
|
248
|
+
, isStandardEncryption(false)
|
249
|
+
{
|
250
|
+
if (data.size() < 8) {
|
251
|
+
throw cybozu::Exception("ms:EncryptionInfo:data.size") << data.size();
|
252
|
+
}
|
253
|
+
const char *p = &data[0];
|
254
|
+
major = cybozu::Get16bitAsLE(p + 0);
|
255
|
+
minor = cybozu::Get16bitAsLE(p + 2);
|
256
|
+
// [MS-OFFCRYPTO] 2.3.4.10
|
257
|
+
if (major == 4 && minor == 4) {
|
258
|
+
setAgileEncryptionInfo(data);
|
259
|
+
return;
|
260
|
+
}
|
261
|
+
if ((major == 3 || major == 4) && minor == 2) {
|
262
|
+
setStandardEncryptionInfo(data);
|
263
|
+
isStandardEncryption = true;
|
264
|
+
return;
|
265
|
+
}
|
266
|
+
throw cybozu::Exception("ms:EncryptionInfo:not support version") << major << minor;
|
267
|
+
}
|
268
|
+
void put() const
|
269
|
+
{
|
270
|
+
if (!isDebug(0)) return;
|
271
|
+
printf("major = %d\n", major);
|
272
|
+
printf("minor = %d\n", minor);
|
273
|
+
printf("isStandardEncryption = %d\n", isStandardEncryption);
|
274
|
+
if (isStandardEncryption) {
|
275
|
+
seHeader.put();
|
276
|
+
seVerifier.put();
|
277
|
+
} else {
|
278
|
+
printf("spinCount = %d\n", spinCount);
|
279
|
+
puts("keyData");
|
280
|
+
keyData.put();
|
281
|
+
printf("encryptedHmacKey = "); dump(encryptedHmacKey, false);
|
282
|
+
printf("encryptedHmacValue = "); dump(encryptedHmacValue, false);
|
283
|
+
puts("encryptedKey");
|
284
|
+
encryptedKey.put();
|
285
|
+
printf("encryptedVerifierHashInput = "); dump(encryptedVerifierHashInput, false);
|
286
|
+
printf("encryptedVerifierHashValue = "); dump(encryptedVerifierHashValue, false);
|
287
|
+
printf("encryptedKeyValue = "); dump(encryptedKeyValue, false);
|
288
|
+
}
|
289
|
+
}
|
290
|
+
|
291
|
+
void setStandardEncryptionInfo(const std::string& data)
|
292
|
+
{
|
293
|
+
const size_t encryptionHeaderSizePos = 8;
|
294
|
+
size_t dataSize = data.size();
|
295
|
+
const char *p = data.c_str();
|
296
|
+
if (dataSize < encryptionHeaderSizePos + 4) {
|
297
|
+
throw cybozu::Exception("ms:StandardEncryption2007Info:bad data size") << dataSize;
|
298
|
+
}
|
299
|
+
const uint32_t encryptionHeaderSize = cybozu::Get32bitAsLE(p + encryptionHeaderSizePos);
|
300
|
+
if (encryptionHeaderSize > dataSize) {
|
301
|
+
throw cybozu::Exception("ms:setStandardEncryptionInfo:bad size") << encryptionHeaderSize << dataSize;
|
302
|
+
}
|
303
|
+
p += encryptionHeaderSizePos + 4;
|
304
|
+
dataSize -= encryptionHeaderSizePos + 4;
|
305
|
+
seHeader.analyze(p, encryptionHeaderSize);
|
306
|
+
seHeader.put();
|
307
|
+
|
308
|
+
p += encryptionHeaderSize;
|
309
|
+
dataSize -= encryptionHeaderSize;
|
310
|
+
printf("dataSize=%u\n", (uint32_t)dataSize);
|
311
|
+
seVerifier.analyze(p, dataSize);
|
312
|
+
seVerifier.put();
|
313
|
+
}
|
314
|
+
|
315
|
+
void setAgileEncryptionInfo(const std::string& data)
|
316
|
+
{
|
317
|
+
const char *p = &data[0];
|
318
|
+
const uint32_t reserved = cybozu::Get32bitAsLE(p + 4);
|
319
|
+
MS_ASSERT_EQUAL(reserved, 0x40u);
|
320
|
+
xml.parse(p + 8, p + data.size());
|
321
|
+
|
322
|
+
// keyData
|
323
|
+
const cybozu::minixml::Node *keyDataNode = xml.get().getFirstTagByName("keyData");
|
324
|
+
if (keyDataNode == 0) throw cybozu::Exception("ms:EncryptionInfo:no keyData");
|
325
|
+
keyData.setByXml(keyDataNode);
|
326
|
+
// dataIntegrity
|
327
|
+
const cybozu::minixml::Node *dataIntegrity = xml.get().getFirstTagByName("dataIntegrity");
|
328
|
+
if (dataIntegrity == 0) throw cybozu::Exception("ms:EncryptionInfo:no dataIntegrity");
|
329
|
+
encryptedHmacKey = dec64(dataIntegrity->attr["encryptedHmacKey"]);
|
330
|
+
encryptedHmacValue = dec64(dataIntegrity->attr["encryptedHmacValue"]);
|
331
|
+
|
332
|
+
// keyEncryptor
|
333
|
+
const cybozu::minixml::Node *encryptedKeyNode = xml.get().getFirstTagByName("p:encryptedKey");
|
334
|
+
if (encryptedKeyNode == 0) throw cybozu::Exception("ms:EncryptionInfo:no p:encryptedKey");
|
335
|
+
encryptedKey.setByXml(encryptedKeyNode);
|
336
|
+
spinCount = cybozu::atoi(encryptedKeyNode->attr["spinCount"]);
|
337
|
+
encryptedVerifierHashInput = dec64(encryptedKeyNode->attr["encryptedVerifierHashInput"]);
|
338
|
+
encryptedVerifierHashValue = dec64(encryptedKeyNode->attr["encryptedVerifierHashValue"]);
|
339
|
+
encryptedKeyValue = dec64(encryptedKeyNode->attr["encryptedKeyValue"]);
|
340
|
+
}
|
341
|
+
std::string addHeader(const std::string& xmlStr) const
|
342
|
+
{
|
343
|
+
char buf[8];
|
344
|
+
const uint16_t major = 4;
|
345
|
+
const uint16_t minor = 4;
|
346
|
+
const uint32_t reserved = 0x40u;
|
347
|
+
cybozu::Set16bitAsLE(buf + 0, major);
|
348
|
+
cybozu::Set16bitAsLE(buf + 2, minor);
|
349
|
+
cybozu::Set32bitAsLE(buf + 4, reserved);
|
350
|
+
return std::string(buf, sizeof(buf)) + xmlStr;
|
351
|
+
}
|
352
|
+
std::string toXml(bool isOffice2013 = false) const
|
353
|
+
{
|
354
|
+
char buf[2048];
|
355
|
+
CYBOZU_SNPRINTF(buf, sizeof(buf),
|
356
|
+
"<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n"
|
357
|
+
"<encryption xmlns=\"http://schemas.microsoft.com/office/2006/encryption\""
|
358
|
+
" xmlns:p=\"http://schemas.microsoft.com/office/2006/keyEncryptor/password\""
|
359
|
+
// " xmlns:c=\"http://schemas.microsoft.com/office/2006/keyEncryptor/certificate\""
|
360
|
+
"%s"
|
361
|
+
">"
|
362
|
+
"<keyData saltSize=\"%d\" blockSize=\"%d\" keyBits=\"%d\" hashSize=\"%d\""
|
363
|
+
" cipherAlgorithm=\"%s\" cipherChaining=\"ChainingModeCBC\" hashAlgorithm=\"%s\""
|
364
|
+
" saltValue=\"%s\"/>"
|
365
|
+
"<dataIntegrity encryptedHmacKey=\"%s\""
|
366
|
+
" encryptedHmacValue=\"%s\"/><keyEncryptors>"
|
367
|
+
"<keyEncryptor uri=\"http://schemas.microsoft.com/office/2006/keyEncryptor/password\">"
|
368
|
+
"<p:encryptedKey spinCount=\"%d\" saltSize=\"%d\" blockSize=\"%d\" keyBits=\"%d\" hashSize=\"%d\""
|
369
|
+
" cipherAlgorithm=\"%s\" cipherChaining=\"ChainingModeCBC\" hashAlgorithm=\"%s\""
|
370
|
+
" saltValue=\"%s\""
|
371
|
+
" encryptedVerifierHashInput=\"%s\""
|
372
|
+
" encryptedVerifierHashValue=\"%s\""
|
373
|
+
" encryptedKeyValue=\"%s\"/></keyEncryptor></keyEncryptors></encryption>",
|
374
|
+
isOffice2013 ? " xmlns:c=\"http://schemas.microsoft.com/office/2006/keyEncryptor/certificate\"" : "",
|
375
|
+
int(keyData.saltSize), int(keyData.blockSize), int(keyData.keyBits), int(keyData.hashSize),
|
376
|
+
keyData.cipherNameStr.c_str(), keyData.hashNameStr.c_str(),
|
377
|
+
enc64(keyData.saltValue).c_str(),
|
378
|
+
enc64(encryptedHmacKey).c_str(),
|
379
|
+
enc64(encryptedHmacValue).c_str(),
|
380
|
+
spinCount,
|
381
|
+
int(encryptedKey.saltSize), int(encryptedKey.blockSize), int(encryptedKey.keyBits), int(encryptedKey.hashSize),
|
382
|
+
encryptedKey.cipherNameStr.c_str(), encryptedKey.hashNameStr.c_str(),
|
383
|
+
enc64(encryptedKey.saltValue).c_str(),
|
384
|
+
enc64(encryptedVerifierHashInput).c_str(),
|
385
|
+
enc64(encryptedVerifierHashValue).c_str(),
|
386
|
+
enc64(encryptedKeyValue).c_str()
|
387
|
+
);
|
388
|
+
return buf;
|
389
|
+
}
|
390
|
+
};
|
391
|
+
|
392
|
+
inline std::string cipher(cybozu::crypto::Cipher::Name name, const char *msg, size_t msgLen, const std::string& key, const std::string& iv, cybozu::crypto::Cipher::Mode mode)
|
393
|
+
{
|
394
|
+
cybozu::crypto::Cipher cipher(name);
|
395
|
+
cipher.setup(mode, key, iv);
|
396
|
+
|
397
|
+
std::string ret;
|
398
|
+
ret.resize(msgLen + 128/* margin */);
|
399
|
+
|
400
|
+
const size_t roundMsgLen = msgLen & ~15;
|
401
|
+
|
402
|
+
if (roundMsgLen > 0) {
|
403
|
+
int writeSize = cipher.update(&ret[0], msg, (int)roundMsgLen);
|
404
|
+
if (writeSize < 0) {
|
405
|
+
throw cybozu::Exception("ms:cipher:update");
|
406
|
+
}
|
407
|
+
}
|
408
|
+
const int remainSize = int(msgLen - roundMsgLen);
|
409
|
+
if (remainSize > 0) {
|
410
|
+
std::string remain(msg + roundMsgLen, remainSize);
|
411
|
+
remain.resize(16);
|
412
|
+
int writeSize = cipher.update(&ret[roundMsgLen], &remain[0], 16);
|
413
|
+
if (writeSize < 0) {
|
414
|
+
throw cybozu::Exception("ms:cipher:update:remain");
|
415
|
+
}
|
416
|
+
ret.resize(roundMsgLen + 16);
|
417
|
+
} else {
|
418
|
+
ret.resize(msgLen);
|
419
|
+
}
|
420
|
+
return ret;
|
421
|
+
}
|
422
|
+
|
423
|
+
inline std::string cipher(cybozu::crypto::Cipher::Name name, const std::string& msg, const std::string& key, const std::string& iv, cybozu::crypto::Cipher::Mode mode)
|
424
|
+
{
|
425
|
+
return cipher(name, msg.c_str(), msg.size(), key, iv, mode);
|
426
|
+
}
|
427
|
+
|
428
|
+
inline std::string generateIv(const CipherParam& param, const std::string& blockKey, const std::string& salt)
|
429
|
+
{
|
430
|
+
std::string ret;
|
431
|
+
if (blockKey.empty()) {
|
432
|
+
ret = salt;
|
433
|
+
} else {
|
434
|
+
ret = cybozu::crypto::Hash::digest(param.hashName, salt + blockKey);
|
435
|
+
}
|
436
|
+
normalizeKey(ret, param.blockSize);
|
437
|
+
return ret;
|
438
|
+
}
|
439
|
+
|
440
|
+
/*
|
441
|
+
[MS-OFFCRYPTO] 2.3.4.11
|
442
|
+
*/
|
443
|
+
inline std::string generateKey(const CipherParam& param, const std::string& hash, const std::string& blockKey)
|
444
|
+
{
|
445
|
+
std::string ret = cybozu::crypto::Hash::digest(param.hashName, hash + blockKey);
|
446
|
+
normalizeKey(ret, param.keyBits / 8);
|
447
|
+
return ret;
|
448
|
+
}
|
449
|
+
|
450
|
+
} // ms
|