ooxml_crypt 0.1.0

data/vendor/msoffice/include/standard_encryption.hpp

@@ -0,0 +1,145 @@
+#pragma once
+/**
+	@file
+	@brief MS Office 2007 Standard Encryption decoder
+	Copyright (C) 2012 Cybozu Labs, Inc., all rights reserved.
+*/
+#include "util.hpp"
+#include <cybozu/crypto.hpp>
+#include <cybozu/string.hpp>
+#include <cybozu/endian.hpp>
+
+namespace ms {
+
+/*
+	Office 2007
+	[MS-OFFCRYPTO] 2.3.2
+*/
+struct EncryptionHeader {
+	uint32_t flags;
+	uint32_t sizeExtra;
+	uint32_t algId;
+	uint32_t algIdHash;
+	uint32_t keySize;
+	uint32_t providerType;
+	uint32_t reserved1;
+	uint32_t reserved2;
+	cybozu::String16 cspName;
+	cybozu::crypto::Cipher::Name cipherName;
+	enum AlgoMode {
+		AlgoAny,
+		AlgoRC4,
+		Algo128AES,
+		Algo192AES,
+		Algo256AES
+	};
+	void analyze(const char *data, size_t dataSize)
+	{
+		if (dataSize < 32) {
+			throw cybozu::Exception("ms:EncryptionHeader:shot dataSize") << dataSize;
+		}
+		uint32_t *tbl[] = {
+			&flags, &sizeExtra, &algId, &algIdHash, &keySize, &providerType,
+			&reserved1, &reserved2
+		};
+		const size_t paraNum = 8;
+		assert(CYBOZU_NUM_OF_ARRAY(tbl) == paraNum);
+		for (size_t i = 0; i < paraNum; i++) {
+			*(tbl[i]) = cybozu::Get32bitAsLE(data + i * 4);
+		}
+		cybozu::Char16 c = cybozu::Get16bitAsLE(data + dataSize - 2);
+		if (c != 0) {
+			throw cybozu::Exception("ms:EncryptionHeader:cspName is not NULL terminated") << c;
+		}
+		cspName.assign(reinterpret_cast<const cybozu::Char16*>(data + paraNum * 4));
+		MS_ASSERT_EQUAL(sizeExtra, 0u);
+		switch (algId) {
+//		case 0x0000: cipherName = AlgoAny; break;
+//		case 0x6801: cipherName = AlgoRC4; break;
+		case 0x660e: cipherName =  cybozu::crypto::Cipher::N_AES128_ECB; break;
+		case 0x660f: cipherName =  cybozu::crypto::Cipher::N_AES192_ECB; break;
+		case 0x6610: cipherName =  cybozu::crypto::Cipher::N_AES256_ECB; break;
+		default:
+			throw cybozu::Exception("ms:EncryptionHeader:bad algId") << algId;
+		}
+		// verify keySize
+		MS_ASSERT_EQUAL(keySize, cybozu::crypto::Cipher::getSize(cipherName));
+		MS_ASSERT(algIdHash == 0u || algIdHash == 0x8004);
+		// verify providerType
+		MS_ASSERT_EQUAL(providerType, 0x18u);
+		MS_ASSERT_EQUAL(reserved2, 0u);
+	}
+	void put() const
+	{
+		printf("flags = %08x\n", flags);
+		printf("sizeExtra = %u\n", sizeExtra);
+		printf("algId = %08x\n", algId);
+		printf("algIdHash = %08x\n", algIdHash);
+		printf("keySize = %u\n", keySize);
+		printf("providerType = %08x\n", providerType);
+		printf("cspName = %s\n", cybozu::ToUtf8(cspName).c_str());
+	}
+};
+
+/*
+	[MS-OFFCRYPTO] 2.3.3
+*/
+struct EncryptionVerifier {
+	static const size_t bufSize = 16;
+	uint32_t saltSize;
+	std::string salt; // bufSize
+	std::string encryptedVerifier; // bufSize
+	uint32_t verifierHashSize;
+	std::string encryptedVerifierHash;
+
+
+	void analyze(const char *data, size_t dataSize)
+	{
+		const size_t saltSizePos = 0;
+		const size_t saltPos = saltSizePos + sizeof(saltSize);
+		const size_t encryptedVerifierPos = saltPos + bufSize;
+		const size_t verifierHashSizePos = encryptedVerifierPos + bufSize;
+		const size_t encryptedVerifierHashPos = verifierHashSizePos + sizeof(verifierHashSize);
+
+		if (dataSize < encryptedVerifierHashPos) {
+			throw cybozu::Exception("ms:EncryptionVerifier:dataSize is too small") << dataSize << encryptedVerifierHashPos;
+		}
+		saltSize = cybozu::Get32bitAsLE(data + saltSizePos);
+		MS_ASSERT_EQUAL(saltSize, 0x10u);
+		salt.assign(data + saltPos, bufSize);
+		encryptedVerifier.assign(data + encryptedVerifierPos, bufSize);
+		verifierHashSize = cybozu::Get32bitAsLE(data + verifierHashSizePos);
+		if (verifierHashSize + sizeof(verifierHashSize) > dataSize) {
+			throw cybozu::Exception("ms:EncryptionVerifier:bad verifierHashSize") << verifierHashSize << dataSize;
+		}
+		encryptedVerifierHash.assign(data + encryptedVerifierHashPos, data + dataSize);
+	}
+	/*
+		2.3.4.7
+	*/
+	std::string getEncryptionKey(const std::string& pass) const
+	{
+		cybozu::crypto::Hash::Name hashName = cybozu::crypto::Hash::N_SHA1;
+		const size_t hashSize = cybozu::crypto::Hash::getSize(hashName);
+		std::string h = hashPassword(hashName, salt, pass, 50000);
+		const std::string zero4byte(4, 0); // 0x00000000;
+		h = cybozu::crypto::Hash::digest(hashName, h + zero4byte);
+
+		std::string t(64, 0x36); // '\x36...\x36'(64 times)
+		for (size_t i = 0; i < hashSize; i++) {
+			t[i] ^= h[i];
+		}
+		h = cybozu::crypto::Hash::digest(hashName, t);
+		return h;
+	}
+	void put() const
+	{
+		printf("saltSize = %d\n", saltSize);
+		printf("salt = "); ms::dump(salt);
+		printf("encryptedVerifier = "); ms::dump(encryptedVerifier);
+		printf("verifierHashSize = %d\n", verifierHashSize);
+		printf("encryptedVerifierHash = "); ms::dump(encryptedVerifierHash);
+	}
+};
+
+} // ms

data/vendor/msoffice/include/uint32vec.hpp

@@ -0,0 +1,179 @@
+#pragma once
+/**
+	Copyright (C) 2012 Cybozu Labs, Inc., all rights reserved.
+*/
+#include <cybozu/inttype.hpp>
+#include <stdio.h>
+#include <assert.h>
+#ifdef _WIN32
+	#include <winsock2.h>
+	#include <intrin.h>
+#else
+	#ifdef __linux__
+		#include <x86intrin.h>
+	#else
+		#include <emmintrin.h>
+	#endif
+#endif
+
+template<size_t size>
+struct Uint32VecT {
+};
+
+#ifdef __AVX2__
+#define UINT32VEC_USE_AVX2
+template<>
+struct Uint32VecT<8> {
+	static const int size = 8;
+	__m256i x_;
+	Uint32VecT()
+	{
+	}
+	Uint32VecT(__m256i x)
+		: x_(x)
+	{
+	}
+	Uint32VecT(uint32_t x)
+		: x_(_mm256_set1_epi32(x))
+	{
+	}
+	// m = [x7:x6:x5:x4:x3:x2:x1:x0]
+	Uint32VecT(uint32_t x7, uint32_t x6, uint32_t x5, uint32_t x4, uint32_t x3, uint32_t x2, uint32_t x1, uint32_t x0)
+		: x_(_mm256_set_epi32(x7, x6, x5, x4, x3, x2, x1, x0))
+	{
+	}
+	// m = [x7:x6:x5:x4:x3:x2:x1:x0]
+	void set(uint32_t x7, uint32_t x6, uint32_t x5, uint32_t x4, uint32_t x3, uint32_t x2, uint32_t x1, uint32_t x0)
+	{
+		x_ = _mm256_set_epi32(x7, x6, x5, x4, x3, x2, x1, x0);
+	}
+	void clear()
+	{
+		*this = _mm256_setzero_si256();
+	}
+	void put(const char *msg = 0) const
+	{
+		uint32_t v[8];
+		memcpy(&v, &x_, sizeof(v));
+		if (msg) printf("%s", msg);
+		printf("%08x:%08x:%08x:%08x", v[3], v[2], v[1], v[0]);
+		if (msg) putchar('\n');
+	}
+};
+
+inline Uint32VecT<8> operator<<(const Uint32VecT<8>& a, const int n)
+{
+	return _mm256_slli_epi32(a.x_, n);
+}
+inline Uint32VecT<8> operator>>(const Uint32VecT<8>& a, const int n)
+{
+	return _mm256_srli_epi32(a.x_, n);
+}
+
+inline Uint32VecT<8> operator+(const Uint32VecT<8>& a, const Uint32VecT<8>& b)
+{
+	return _mm256_add_epi32(a.x_, b.x_);
+}
+
+// return (~a) & b
+inline Uint32VecT<8> andn(const Uint32VecT<8>& a, const Uint32VecT<8>& b)
+{
+	return _mm256_andnot_si256(a.x_, b.x_);
+}
+
+inline Uint32VecT<8> operator|(const Uint32VecT<8>& a, const Uint32VecT<8>& b)
+{
+	return _mm256_or_si256(a.x_, b.x_);
+}
+
+inline Uint32VecT<8> operator&(const Uint32VecT<8>& a, const Uint32VecT<8>& b)
+{
+	return _mm256_and_si256(a.x_, b.x_);
+}
+
+inline Uint32VecT<8> operator^(const Uint32VecT<8>& a, const Uint32VecT<8>& b)
+{
+	return _mm256_xor_si256(a.x_, b.x_);
+}
+
+typedef Uint32VecT<8> Uint32Vec;
+
+#else
+
+template<>
+struct Uint32VecT<4> {
+	static const int size = 4;
+	__m128i x_;
+	Uint32VecT()
+	{
+	}
+	Uint32VecT(__m128i x)
+		: x_(x)
+	{
+	}
+	Uint32VecT(uint32_t x)
+		: x_(_mm_set1_epi32(x))
+	{
+	}
+	// m = [x3:x2:x1:x0]
+	Uint32VecT(uint32_t x3, uint32_t x2, uint32_t x1, uint32_t x0)
+		: x_(_mm_set_epi32(x3, x2, x1, x0))
+	{
+	}
+	// m = [x3:x2:x1:x0]
+	void set(uint32_t x3, uint32_t x2, uint32_t x1, uint32_t x0)
+	{
+		x_ = _mm_set_epi32(x3, x2, x1, x0);
+	}
+	void clear()
+	{
+		*this = _mm_setzero_si128();
+	}
+	void put(const char *msg = 0) const
+	{
+		uint32_t v[4];
+		memcpy(&v, &x_, sizeof(v));
+		if (msg) printf("%s", msg);
+		printf("%08x:%08x:%08x:%08x", v[3], v[2], v[1], v[0]);
+		if (msg) putchar('\n');
+	}
+};
+
+inline Uint32VecT<4> operator<<(const Uint32VecT<4>& a, const int n)
+{
+	return _mm_slli_epi32(a.x_, n);
+}
+inline Uint32VecT<4> operator>>(const Uint32VecT<4>& a, const int n)
+{
+	return _mm_srli_epi32(a.x_, n);
+}
+
+inline Uint32VecT<4> operator+(const Uint32VecT<4>& a, const Uint32VecT<4>& b)
+{
+	return _mm_add_epi32(a.x_, b.x_);
+}
+
+// return (~a) & b
+inline Uint32VecT<4> andn(const Uint32VecT<4>& a, const Uint32VecT<4>& b)
+{
+	return _mm_andnot_si128(a.x_, b.x_);
+}
+
+inline Uint32VecT<4> operator|(const Uint32VecT<4>& a, const Uint32VecT<4>& b)
+{
+	return _mm_or_si128(a.x_, b.x_);
+}
+
+inline Uint32VecT<4> operator&(const Uint32VecT<4>& a, const Uint32VecT<4>& b)
+{
+	return _mm_and_si128(a.x_, b.x_);
+}
+
+inline Uint32VecT<4> operator^(const Uint32VecT<4>& a, const Uint32VecT<4>& b)
+{
+	return _mm_xor_si128(a.x_, b.x_);
+}
+
+typedef Uint32VecT<4> Uint32Vec;
+#endif
+

data/vendor/msoffice/include/util.hpp

@@ -0,0 +1,212 @@
+#pragma once
+/**
+	@file
+	@brief MS Office encryption util
+	Copyright (C) 2012 Cybozu Labs, Inc., all rights reserved.
+*/
+#include <string>
+#include <cybozu/atoi.hpp>
+#include <cybozu/itoa.hpp>
+#include <cybozu/base64.hpp>
+#include <cybozu/exception.hpp>
+#include <cybozu/string.hpp>
+#include <stdarg.h>
+
+namespace ms {
+
+enum Format {
+	fZip, // not encrypted(maybe)
+	fCfb, // encrypted(maybe)
+	fUnknown
+};
+
+inline int& debugInstance()
+{
+	static int debug;
+	return debug;
+}
+
+inline void setDebug(int level)
+{
+	debugInstance() = level;
+}
+
+inline bool& putSecretKeyInstance()
+{
+	static bool putSecretKey;
+	return putSecretKey;
+}
+
+inline bool isDebug(int level = 1) { return debugInstance() > level; }
+
+inline void dprintf(const char *format, ...)
+{
+	if (!isDebug()) return;
+	va_list args;
+	va_start(args, format);
+#ifdef __GNUC__
+	#pragma GCC diagnostic push
+	#pragma GCC diagnostic ignored "-Wformat-nonliteral"
+#endif
+	vprintf(format, args);
+#ifdef __GNUC__
+	#pragma GCC diagnostic pop
+#endif
+	va_end(args);
+}
+
+template<class T>
+T getBlockNum(T size, T block)
+{
+	return (size + block - 1) / block;
+}
+/*
+	round up size to multiple of block
+*/
+template<class T>
+T RoundUp(T size, T block)
+{
+	return getBlockNum(size, block) * block;
+}
+
+inline void dump(const void *p, size_t size, bool putColon = true)
+{
+	const uint8_t *str = reinterpret_cast<const uint8_t*>(p);
+	for (size_t i = 0; i < size; i++) {
+		printf("%02X", (unsigned char)str[i]);
+		if (putColon) putchar(':');
+	}
+	printf("\n");
+}
+
+inline void dump(const std::string& str, bool putColon = true)
+{
+	dump(str.c_str(), str.size(), putColon);
+}
+
+inline void dump16(const std::string& str, size_t size = size_t(-1))
+{
+	if (size > str.size()) size = str.size();
+	for (size_t i = 0; i < size; i++) {
+		printf("%02X ", (unsigned char)str[i]);
+		if ((i % 16) == 15) putchar('\n');
+	}
+	printf("\n");
+}
+
+inline void saveFile(const std::string& file, const std::string& str)
+{
+	cybozu::File f(file, std::ios::out);
+	f.write(str.c_str(), str.size());
+}
+
+inline std::string fromHex(const std::string& hex, bool skipColon = false)
+{
+	const size_t n = hex.size();
+	if (!skipColon && n & 1) throw cybozu::Exception("ms:fromhex:odd length") << n;
+	std::string ret;
+	for (size_t i = 0; i < n; i += 2) {
+		if (skipColon && hex[i] == ':') {
+			i++;
+			if (i == n) break;
+		}
+		unsigned char c = cybozu::hextoi(&hex[i], 2);
+		ret += (char)c;
+	}
+	return ret;
+}
+
+inline std::string hex(const std::string& str)
+{
+	const size_t n = str.size();
+	std::string ret;
+	ret.reserve(n * 2);
+	for (size_t i = 0; i < n; i++) {
+		ret += cybozu::itohex(static_cast<uint8_t>(str[i]));
+	}
+	return ret;
+}
+
+inline bool dumpDiff(const std::string& x, const std::string& y)
+{
+	printf("dumpDiff %d %d\n", (int)x.size(), (int)y.size());
+	int ccc = 0;
+	for (int i = 0; i < (int)std::min(x.size(), y.size()); i++) {
+		char c = x[i];
+		char d = y[i];
+		if (c != d) {
+			printf("%8d(0x%x) %02x %02x\n", i, i, (uint8_t)c, (uint8_t)d);
+			ccc++;
+			if (ccc == 100) break;
+		}
+	}
+	if (ccc == 0) printf("no diff\n");
+	return ccc == 0;
+}
+
+inline std::string dec64(const std::string& str)
+{
+	std::string ret;
+	cybozu::StringInputStream is(str);
+	cybozu::StringOutputStream os(ret);
+	cybozu::DecodeFromBase64(os, is);
+	return ret;
+}
+
+inline std::string enc64(const std::string& str)
+{
+	std::string ret;
+	cybozu::StringInputStream is(str);
+	cybozu::StringOutputStream os(ret);
+	cybozu::EncodeToBase64(os, is, 128, cybozu::base64::noEndLine);
+	return ret;
+}
+
+inline void validate(bool isOK, const char *msg, const char *file, int line)
+{
+	if (!isOK) {
+		throw cybozu::Exception("ms:cfb:validate") << msg << file << line;
+	}
+}
+
+template<class L, class R>
+void validateEqual(const L& a, const R& b, const char *pa, const char *pb, const char *file, int line)
+{
+	if (a != b) {
+		throw cybozu::Exception("ms:cfb:validateEqual") << pa << a << pb << b << file << line;
+	}
+}
+
+inline std::string toHex(const char *p, size_t size)
+{
+	std::string ret;
+	for (size_t i = 0; i < size; i++) {
+		cybozu::itohex(ret, static_cast<uint8_t>(p[i]), false);
+	}
+	return ret;
+}
+
+inline Format DetectFormat(const char *data, size_t dataSize)
+{
+	if (dataSize < 8) throw cybozu::Exception("ms:detectFormat:too small") << dataSize;
+	if (memcmp(data, "PK\x03\x04", 4) == 0) return fZip;
+	if (memcmp(data, "\xd0\xcf\x11\xe0\xa1\xb1\x1a\xe1", 8) == 0) return fCfb;
+	throw cybozu::Exception("ms:DetectFormat:unknown format") << hex(std::string(data, 8));
+}
+
+inline std::string Char16toChar8(const cybozu::String16& w)
+{
+	std::string s;
+	for (size_t i = 0; i < w.size(); i++) {
+		cybozu::Char16 c = w[i];
+		s += char(c & 0xff);
+		s += char(c >> 8);
+	}
+	return s;
+}
+
+#define MS_ASSERT(x) ms::validate((x), #x, __FILE__, __LINE__)
+#define MS_ASSERT_EQUAL(x, y) ms::validateEqual((x), (y), #x, #y, __FILE__, __LINE__)
+#define PUT(x) printf(#x "=%s(%d)\n", ms::hex(x).c_str(), (int)x.size())
+
+} // ms

data/vendor/msoffice/misc/decrypt-xls.vbs

@@ -0,0 +1,46 @@
+
+' decrypt Excel file with password
+
+Option Explicit
+Dim g_fs
+set g_fs = wscript.createObject("scripting.fileSystemObject")
+
+ParseAndRun wscript.arguments
+wscript.quit
+
+sub ParseAndRun(args)
+	Dim pass, inName, outName
+	if args.unnamed.Count <> 3 then
+		wscript.echo "decrypt-xls.vbs pass inName outFileName"
+		wscript.quit
+	end if
+	pass = args.unnamed(0)
+	inName = g_fs.getAbsolutePathName(args.unnamed(1))
+	outName = g_fs.getAbsolutePathName(args.unnamed(2))
+
+	Dim suf
+	suf = lcase(g_fs.getExtensionName(inName))
+	if suf <> "xls" and suf <> "xlsx" then
+		wscript.echo "bad suffix=" & suf
+		wscript.quit
+	end if
+
+	decryptExcel inName, outName, pass
+end sub
+
+sub decryptExcel(inName, outName, pass)
+	on error resume next
+
+	Dim app
+	set app = createObject("Excel.application")
+	app.Application.DisplayAlerts = False
+	app.Visible = False
+
+	Dim wb
+	set wb = app.Workbooks.open(inName, , , , pass)
+	wb.SaveAs outName, , ""
+	app.quit
+	if err.number <> 0 then
+		wscript.echo "ERR:" & err.number & " desc:" & err.description
+	end if
+end sub

data/vendor/msoffice/mk.bat

@@ -0,0 +1 @@
+cl /MT /Ox /EHsc src\msoffice-crypt.cpp -I .\include -I ..\cybozulib\include -I ..\cybozulib_ext\include -DNOMINMAX -DNDEBUG /Febin\msoffice-crypt.exe /link /LIBPATH:..\cybozulib_ext\lib"

data/vendor/msoffice/mkdll.bat

@@ -0,0 +1,3 @@
+set OPT=/Ox /EHsc /W3 -I .\include -I ..\cybozulib\include -I ..\cybozulib_ext\include -DNOMINMAX -DNDEBUG
+cl /LD src\msocdll.cpp msoc.def %OPT% /Febin\msoc.dll /link /LIBPATH:..\cybozulib_ext\lib
+cl /MT src\msocsample.c %OPT% /Febin\msocsample.exe /link /LIBPATH:bin

data/vendor/msoffice/msoc.def

@@ -0,0 +1,13 @@
+LIBRARY msoc
+EXPORTS
+	MSOC_getErrMessage
+	MSOC_encrypt
+	MSOC_decrypt
+	MSOC_encryptA
+	MSOC_decryptA
+	MSOC_createOpt
+	MSOC_destroyOpt
+	MSOC_getInt
+	MSOC_setInt
+	MSOC_getStr
+	MSOC_setStr