ooxml_crypt 0.1.0

data/vendor/msoffice/msocsample.py

@@ -0,0 +1,178 @@
+# -*- coding: utf-8 -*-
+#	@file
+#	@brief MS Office Crypt DLL sample
+#	@author herumi
+#	Copyright (C) 2016 Cybozu Labs, Inc., all rights reserved.
+import os, sys
+import argparse
+from ctypes import *
+from ctypes.wintypes import LPWSTR, LPCSTR, LPVOID
+
+MSOC_OPT_TYPE_SPIN_COUNT = 1
+MSOC_OPT_TYPE_SECRET_KEY = 2
+
+def getWargv():
+	cmd = cdll.kernel32.GetCommandLineW()
+	argc = c_int(0)
+	CommandLineToArgvW = windll.shell32.CommandLineToArgvW
+	CommandLineToArgvW.restype = POINTER(LPWSTR)
+	argv = CommandLineToArgvW(cmd, byref(argc))
+	ret = []
+	for i in xrange(argc.value):
+		ret.append(argv[i])
+	return ret
+
+def wchar2ascii(w):
+	s = ''
+	for wc in w:
+		c = chr(ord(wc))
+		s += c
+	return s
+
+def putErrMsg(lib, err):
+	MSOC_getErrMessage = lib.MSOC_getErrMessage
+	MSOC_getErrMessage.restype = LPCSTR
+	print 'ERR', MSOC_getErrMessage(err)
+	os._exit(1)
+
+def _createOpt(lib):
+	opt = c_void_p(0)
+	MSOC_createOpt = lib.MSOC_createOpt
+	MSOC_createOpt.restype = LPVOID
+	opt = MSOC_createOpt()
+	if opt:
+		return opt
+	print 'ERR MSOC_createOpt()'
+	os._exit(1)
+
+def _destroyOpt(lib, opt):
+	lib.MSOC_destroyOpt(opt)
+
+def _getInt(lib, opt, optType):
+	intv = c_int(0)
+	err = lib.MSOC_getInt(byref(intv), opt, optType)
+	if err:
+		putErrMsg(lib, err)
+	return intv.value
+
+def _setInt(lib, opt, optType, v):
+	err = lib.MSOC_setInt(opt, optType, v)
+	if err:
+		putErrMsg(lib, err)
+
+def _getStr(lib, opt, optType):
+	svLen = 256
+	sv = create_string_buffer('\0' * svLen)
+	err = lib.MSOC_getStr(sv, svLen, opt, optType)
+	if err:
+		putErrMsg(lib, err)
+	return sv.value
+
+def _setStr(lib, opt, optType, s):
+	cs = c_char_p(s)
+	err = lib.MSOC_setStr(opt, optType, cs)
+	if err:
+		putErrMsg(lib, err)
+
+class Msoc:
+	def __init__(self):
+		if sys.maxsize > 2**32:
+			dll = 'bin/64/msoc.dll'
+		else:
+			dll = 'bin/msoc.dll'
+		self.lib = windll.LoadLibrary(dll)
+		self.opt = _createOpt(self.lib)
+	def __del__(self):
+		_destroyOpt(self.lib, self.opt)
+
+	def encrypt(self, outFile, inFile, ps):
+		outFileW = c_wchar_p(outFile)
+		inFileW = c_wchar_p(inFile)
+		psW = c_wchar_p(ps)
+		# permit self.opt is None
+		err = self.lib.MSOC_encrypt(outFileW, inFileW, psW, self.opt)
+		if err:
+			putErrMsg(self.lib, err)
+
+	def decrypt(self, outFile, inFile, ps):
+		if outFile:
+			outFileW = c_wchar_p(outFile)
+		else:
+			outFileW = None
+		inFileW = c_wchar_p(inFile)
+		psW = c_wchar_p(ps)
+		# permit self.opt is None
+		err = self.lib.MSOC_decrypt(outFileW, inFileW, psW, self.opt)
+		if err:
+			putErrMsg(self.lib, err)
+
+	def getOpt(self, optType):
+		if optType in [MSOC_OPT_TYPE_SPIN_COUNT]:
+			return _getInt(self.lib, self.opt, optType)
+		elif optType in [MSOC_OPT_TYPE_SECRET_KEY]:
+			return _getStr(self.lib, self.opt, optType)
+		else:
+			raise Exception('getOpt not support type', optType)
+
+	def setOpt(self, optType, v):
+		if optType in [MSOC_OPT_TYPE_SPIN_COUNT]:
+			return _setInt(self.lib, self.opt, optType, v)
+		elif optType in [MSOC_OPT_TYPE_SECRET_KEY]:
+			return _setStr(self.lib, self.opt, optType, v)
+		else:
+			raise Exception('setOpt not support type', optType)
+
+def main():
+	parser = argparse.ArgumentParser(description='msocsample.py')
+	sub = parser.add_subparsers(dest='mode')
+	enc = sub.add_parser('enc', help='encrypt')
+	enc.add_argument('inFile')
+	enc.add_argument('outFile')
+	enc.add_argument('ps', help='password')
+	enc.add_argument('-sc', '--spinCount', help='spinCount')
+	enc.add_argument('-sk', '--secretKey', help='secretKey')
+
+	dec = sub.add_parser('dec', help='decrypt')
+	dec.add_argument('inFile')
+	dec.add_argument('outFile')
+	dec.add_argument('ps', help='password')
+
+	opt = sub.add_parser('opt', help='view option')
+	opt.add_argument('inFile')
+	opt.add_argument('ps', help='password')
+
+	dec_sk = sub.add_parser('dec-sk', help='decrypt by secret key')
+	dec_sk.add_argument('inFile')
+	dec_sk.add_argument('outFile')
+	dec_sk.add_argument('secretKey')
+
+	argv = getWargv()
+	for pos in xrange(len(argv)):
+		if argv[pos].find('msocsample.py') >= 0:
+			argv = argv[pos + 1:]
+			break
+
+	arg = parser.parse_args(argv)
+
+	msoc = Msoc()
+
+	if getattr(arg, 'secretKey', None) and arg.secretKey:
+		secretKey = wchar2ascii(arg.secretKey)
+		msoc.setOpt(MSOC_OPT_TYPE_SECRET_KEY, secretKey)
+	if getattr(arg, 'spinCount', None) and arg.spinCount:
+		spinCount = int(wchar2ascii(arg.spinCount))
+		msoc.setOpt(MSOC_OPT_TYPE_SPIN_COUNT, spinCount)
+
+	if arg.mode == 'enc':
+		msoc.encrypt(arg.outFile, arg.inFile, arg.ps)
+	elif arg.mode == 'dec':
+		msoc.decrypt(arg.outFile, arg.inFile, arg.ps)
+	elif arg.mode == 'opt':
+		msoc.decrypt(None, arg.inFile, arg.ps)
+		print 'spinCount', msoc.getOpt(MSOC_OPT_TYPE_SPIN_COUNT)
+		print 'secretKey', msoc.getOpt(MSOC_OPT_TYPE_SECRET_KEY)
+	elif arg.mode == 'dec-sk':
+		msoc.decrypt(arg.outFile, arg.inFile, None)
+
+if __name__ == '__main__':
+	main()

data/vendor/msoffice/msoffice12.sln

@@ -0,0 +1,31 @@
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio 2012
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "attack", "src\proj\attack\attack.vcxproj", "{40B5AD5D-5F35-4FFD-945D-022E7F1AAB31}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hash_test", "test\proj\hash\hash_test.vcxproj", "{3964602A-8554-4AB5-BB10-E4A24CFBCA4F}"
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "msoffice-crypt", "src\proj\main\msoffice-crypt.vcxproj", "{9E396E79-C168-4C40-BDE0-C9413B33C8CE}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Release|x64 = Release|x64
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{40B5AD5D-5F35-4FFD-945D-022E7F1AAB31}.Debug|x64.ActiveCfg = Debug|x64
+		{40B5AD5D-5F35-4FFD-945D-022E7F1AAB31}.Debug|x64.Build.0 = Debug|x64
+		{40B5AD5D-5F35-4FFD-945D-022E7F1AAB31}.Release|x64.ActiveCfg = Release|x64
+		{40B5AD5D-5F35-4FFD-945D-022E7F1AAB31}.Release|x64.Build.0 = Release|x64
+		{3964602A-8554-4AB5-BB10-E4A24CFBCA4F}.Debug|x64.ActiveCfg = Debug|x64
+		{3964602A-8554-4AB5-BB10-E4A24CFBCA4F}.Debug|x64.Build.0 = Debug|x64
+		{3964602A-8554-4AB5-BB10-E4A24CFBCA4F}.Release|x64.ActiveCfg = Release|x64
+		{3964602A-8554-4AB5-BB10-E4A24CFBCA4F}.Release|x64.Build.0 = Release|x64
+		{9E396E79-C168-4C40-BDE0-C9413B33C8CE}.Debug|x64.ActiveCfg = Debug|x64
+		{9E396E79-C168-4C40-BDE0-C9413B33C8CE}.Debug|x64.Build.0 = Debug|x64
+		{9E396E79-C168-4C40-BDE0-C9413B33C8CE}.Release|x64.ActiveCfg = Release|x64
+		{9E396E79-C168-4C40-BDE0-C9413B33C8CE}.Release|x64.Build.0 = Release|x64
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+EndGlobal

data/vendor/msoffice/readme.md

@@ -0,0 +1,110 @@
+# A tool/lib to encrypt/decrypt Microsoft Office Document
+
+# Environment
+
+* 64-bit Windows Visual Studio 2012 or later
+* gcc 4.6, clang 3.0 or later
+
+# How to make `bin/msoffice-crypt.exe`
+
+Linux
+```
+    mkdir work
+    git clone https://github.com/herumi/cybozulib
+    git clone https://github.com/herumi/msoffice
+    cd msoffice
+    make -j RELEASE=1
+```
+Windows
+```
+    mkdir work
+    git clone https://github.com/herumi/cybozulib
+    git clone https://github.com/herumi/msoffice
+    git clone https://github.com/herumi/cybozulib_ext # for openssl
+    cd msoffice
+    mk.bat ; or open msoffice12.sln and build
+```
+# How to use
+* Encrypt test.xlsx with a password `test`.
+```
+bin/msoffice-crypt.exe -e -p test test.xlsx enc.xlsx
+```
+* Decrypt enc.xlsx with a password `test`.
+```
+bin/msoffice-crypt.exe -d -p test enc.xlsx dec.xlsx
+```
+
+* Other options
+```
+usage:msoffice-crypt.exe [opt] input output
+  -h : show this message
+  -p password in only ascii
+  -encMode 0:use AES128(default), 1: use AES256 for encoding
+  -ph8 password in utf8 hex. ex. 68656C6C6F for 'hello'
+  -ph16 password in utf16 hex. ex. u3042u3044u3046 for 'aiu' in hiragana
+  -k (experimental) secret key in hex. ex. 0123456789ABCDEF0123456789ABCDEF
+  -by (experimental) extract secret key from this file
+  -e encode
+  -d decode
+  -c spin count
+  -psk print secret key
+  -v print debug info
+  -vv print debug info and save binary data
+```
+# Return code
+
+* 0 success
+* 1 not support formart
+* 2 already encrypted with -e or decrypted with -d
+* 3 bad password with -d
+
+# Support format
+
+Office 2010 or later Office Document format which suffix is pptx, docx, xlsx.
+
+# DLL for Windows
+* msoc.dll (Microsoft Office Crypto)
+
+* [msoc.dll](https://github.com/herumi/msoffice/raw/master/bin/msoc.dll)
+* [msoc.h](https://github.com/herumi/msoffice/blob/master/include/msoc.h)
+
+* Encrypt `inFile` with `pass` and make `outFile`.
+```
+MSOC_encrypt(outFile, inFile, pass, NULL);
+```
+* Decrypt `inFile` with `pass` and make `outFile`.
+```
+MSOC_decrypt(outFile, inFile, pass, NULL);
+```
+## Remark
+The type of `inFile`, `outFile` and `pass` are `const wchar_t*`(UTF-16 string).
+See [Csample code](https://github.com/herumi/msoffice/blob/master/src/msocsample.c)
+and [Python sample code](https://github.com/herumi/msoffice/blob/master/bin/msocsample.py).
+
+# lib for Linux
+* libmsoc.lib
+
+* Encrypt `inFile` with `pass` and make `outFile`.
+```
+MSOC_encryptA(outFile, inFile, pass, NULL);
+```
+* Decrypt `inFile` with `pass` and make `outFile`.
+```
+MSOC_decryptA(outFile, inFile, pass, NULL);
+```
+## Remark
+The type of `inFile`, `outFile` and `pass` are `const char*`(ascii string).
+See [mini C sample code](https://github.com/herumi/msoffice/blob/master/src/minisample.c).
+
+# License
+BSD 3-Clause License
+
+Copyright (c) 2015 Cybozu Labs, Inc. All rights reserved.
+
+# References
+
+* Compound File Binary File Format(v20120328)
+[[MS-CFB]](http://msdn.microsoft.com/en-us/library/dd942138.aspx)
+* Office Document Cryptography Structure Specification(v20120412)
+[[MS-OFFCRYPTO]](http://msdn.microsoft.com/en-us/library/cc313071.aspx)
+* CODE BLUE 2015 [[Backdoors with the MS Office file encryption master key and a proposal for a reliable file format]](http://www.slideshare.net/herumi/backdoors-with-the-ms-office-file-encryption-master-key-and-a-proposal-for-a-reliable-file-format)

data/vendor/msoffice/release.props

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ImportGroup Label="PropertySheets" />
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup />
+  <ItemDefinitionGroup>
+    <ClCompile>
+      <InlineFunctionExpansion>AnySuitable</InlineFunctionExpansion>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup>
+    <ClCompile>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup>
+    <ClCompile>
+      <FavorSizeOrSpeed>Speed</FavorSizeOrSpeed>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup>
+    <ClCompile>
+      <OmitFramePointers>true</OmitFramePointers>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+    </ClCompile>
+  </ItemDefinitionGroup>
+  <ItemGroup />
+</Project>

data/vendor/msoffice/src/Makefile

@@ -0,0 +1,19 @@
+include ../common.mk
+
+TARGET=$(TEST_FILE)
+
+SRC=msoffice-crypt.cpp attack.cpp
+
+all: $(TARGET) $(SRC)
+
+test: $(TARGET)
+	@$(SAMPLE_TEST)
+
+$(OBJDIR):
+	@$(MKDIR) $(OBJDIR)
+
+clean:
+	$(CLEAN)
+
+-include $(DEPEND_FILE)
+

data/vendor/msoffice/src/attack.cpp

@@ -0,0 +1,124 @@
+/**
+	Copyright (C) 2012 Cybozu Labs, Inc., all rights reserved.
+*/
+#include <stdio.h>
+#include <stdlib.h>
+#include <string>
+#include <locale>
+#include <fstream>
+#include <cybozu/mmap.hpp>
+#include <cybozu/file.hpp>
+#include <cybozu/atoi.hpp>
+#include <cybozu/option.hpp>
+#include "cfb.hpp"
+#include "attack.hpp"
+#include "make_dataspace.hpp"
+
+struct Option {
+	typedef std::vector<std::string> StrVec;
+	std::string encFile;
+	std::string charSet;
+	StrVec passSet;
+	size_t threadNum;
+	size_t passLen;
+	void trim(std::string& str) const
+	{
+		const size_t size = str.size();
+		if (size == 0) return;
+		const char c = str[size - 1];
+		if (c == '\n' || c == '\r') str.resize(size - 1);
+	}
+	void toUtf8(std::string& str) const
+	{
+		const size_t size = str.size();
+		std::string out(size * 2, '\0');
+		for (size_t i = 0; i < size; i++) {
+			out[i * 2] = str[i];
+		}
+		str.swap(out);
+	}
+	static inline bool lessByLength(const std::string& rhs, const std::string& lhs)
+	{
+		if (rhs.size() < lhs.size()) return true;
+		if (rhs.size() > lhs.size()) return false;
+		return rhs < lhs;
+	}
+	Option(int argc, const char *const argv[])
+	{
+		cybozu::Option opt;
+		std::string charSetFile;
+		std::string dicFile;
+		bool debug;
+		opt.appendOpt(&charSetFile, "", "cf", "char set file");
+		opt.appendOpt(&threadNum, 4, "t", "thread num");
+		opt.appendOpt(&dicFile, "", "d", "dictionary file");
+		opt.appendOpt(&passLen, 0, "l", "length of pass");
+		opt.appendBoolOpt(&debug, "v", "verbose message");
+		opt.appendHelp("h");
+		opt.appendParam(&encFile, "encrypted file");
+		if (!opt.parse(argc, argv)) {
+			opt.usage();
+			exit(1);
+		}
+		if (debug) ms::setDebug(2);
+		if (charSetFile.empty()) {
+			charSet = "abcdefghijklmnopqrstuvwxyz"
+			          "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+					  "0123456789-_";
+		} else {
+			std::ifstream ifs(charSetFile.c_str(), std::ios::binary);
+			if (!std::getline(ifs, charSet)) {
+				fprintf(stderr, "can't read char set file [%s]\n", charSetFile.c_str());
+				exit(1);
+			}
+			trim(charSet);
+		}
+		if (!dicFile.empty()) {
+			std::ifstream ifs(dicFile.c_str(), std::ios::binary);
+			std::string line;
+			while (std::getline(ifs, line)) {
+				trim(line);
+				toUtf8(line);
+				passSet.push_back(line);
+			}
+			if (passSet.empty()) {
+				fprintf(stderr, "can't read dicFile [%s]\n", dicFile.c_str());
+				exit(1);
+			}
+			std::sort(passSet.begin(), passSet.end(), &lessByLength);
+		}
+		if (ms::isDebug()) {
+			opt.put();
+		}
+	}
+};
+
+int main(int argc, char *argv[])
+	try
+{
+#ifdef SHA1_USE_SIMD
+	printf("use simd x %d\n", Uint32Vec::size);
+#endif
+	const Option opt(argc, argv);
+	cybozu::Mmap m(opt.encFile);
+	const char *data = m.get();
+	if (m.size() > 0xffffffff) {
+		throw cybozu::Exception("ms:encode:m.size") << m.size();
+	}
+	const uint32_t dataSize = static_cast<uint32_t>(m.size());
+	const ms::Format format = ms::DetectFormat(data, dataSize);
+
+	if (format == ms::fZip) {
+		printf("already decrypted\n");
+		return 2;
+	}
+	if (!opt.passSet.empty()) {
+		ms::Attack attack(data, dataSize, opt.threadNum, opt.passSet);
+	}
+	if (opt.passLen) {
+		ms::Attack attack(data, dataSize, opt.passLen);
+	}
+} catch (std::exception& e) {
+	printf("exception:%s\n", e.what());
+	return 1;
+}

data/vendor/msoffice/src/cfb_test.cpp

@@ -0,0 +1,77 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string>
+#include <locale>
+#include <fstream>
+#include <cybozu/mmap.hpp>
+#include "cfb.hpp"
+
+
+void usage()
+{
+	fprintf(stderr, "cfb_test -f <inFile>\n");
+	exit(1);
+}
+
+std::string toAscii(const cybozu::String16& str)
+{
+	std::string ret;
+	if (cybozu::ConvertUtf16ToUtf8(&ret, str)) {
+		return ret;
+	}
+	return "";
+}
+
+void run(const std::string& inFile)
+{
+	cybozu::Mmap m(inFile);
+	if (m.size() > 0xffffffff) {
+		fprintf(stderr, "too large file size %lld\n", m.size());
+		exit(1);
+	}
+	const uint32_t mSize = static_cast<uint32_t>(m.size());
+	ms::cfb::CompoundFile cfb(m.get(), mSize);
+	cfb.put();
+	const char nameTbl[][128] = {
+		"EncryptedPackage",
+		"EncryptionInfo",
+	};
+	const ms::cfb::DirectoryEntryVec& dirs = cfb.dirs;
+	for (size_t i = 0; i < dirs.size(); i++) {
+		const ms::cfb::DirectoryEntry& dir = dirs[i];
+		for (size_t j = 0; j < CYBOZU_NUM_OF_ARRAY(nameTbl); j++) {
+			std::string asc = toAscii(dir.directoryEntryName);
+			if (asc == nameTbl[j]) {
+printf("save %s\n", nameTbl[j]);
+				std::ofstream ofs(nameTbl[j], std::ios::binary);
+				ofs.write((const char*)&dir.data[0], (size_t)dir.streamSize);
+			}
+		}
+	}
+}
+
+int main(int argc, char *argv[])
+try
+{
+	std::locale::global(std::locale(""));
+
+	argc--, argv++;
+	std::string inFile;
+	while (argc > 0) {
+		if (argc > 1 && strcmp(*argv, "-f") == 0) {
+			argc--, argv++;
+			inFile = *argv;
+		} else
+		{
+			usage();
+		}
+		argc--, argv++;
+	}
+	if (inFile.empty()) {
+		usage();
+	}
+	run(inFile);
+} catch (std::exception& e) {
+	fprintf(stderr, "exception:%s\n", e.what());
+	return 1;
+}

data/vendor/msoffice/src/minisample.c

@@ -0,0 +1,54 @@
+/**
+	@file
+	@brief mini MS Office Crypt DLL sample
+	@author herumi
+	Copyright (C) 2016 Cybozu Labs, Inc., all rights reserved.
+*/
+#include "msoc.h"
+#include <stdio.h>
+#include <string.h>
+
+void usage()
+{
+	const char *s =
+	"how to use\n"
+	"minisample enc <inFile> <outFile> <pass>\n"
+	"minisample dec <inFile> <outFile> <pass>\n";
+	printf("%s", s);
+	exit(1);
+}
+
+int main(int argc, char **argv)
+{
+	int err = 0;
+	const char *mode = NULL;
+	const char *inFile = NULL;
+	const char *outFile = NULL;
+	const char *pass = NULL;
+
+	argc--, argv++;
+	if (argc != 4) {
+		usage();
+	}
+	mode = argv[0];
+	inFile = argv[1];
+	outFile = argv[2];
+	pass = argv[3];
+	printf("enc in=%s, out=%s, pass=%s\n", inFile, outFile, pass);
+
+	if (strcmp(mode, "enc") == 0) {
+		err = MSOC_encryptA(outFile, inFile, pass, NULL);
+	} else if (strcmp(mode, "dec") == 0) {
+		err = MSOC_decryptA(outFile, inFile, pass, NULL);
+	} else {
+		printf("base mode=%s\n", mode);
+		usage();
+	}
+	if (err != MSOC_NOERR) {
+		printf("ERR %s\n", MSOC_getErrMessage(err));
+		return 1;
+	} else {
+		puts("ok");
+	}
+	return 0;
+}