rpms/openoffice.org/devel openoffice.org-3.1.0.ooo92645.oox.msxmldecryptimpl.patch, NONE, 1.1 openoffice.org.spec, 1.1950, 1.1951
Caolan McNamara
caolanm at fedoraproject.org
Fri Jun 26 10:15:22 UTC 2009
- Previous message (by thread): rpms/kdebase-workspace/devel kdebase-workspace-4.2.95-plasma-konsole.patch, NONE, 1.1 .cvsignore, 1.31, 1.32 kdebase-workspace.spec, 1.237, 1.238 sources, 1.37, 1.38 kdebase-workspace-4.2.85-plasma-konsole.patch, 1.1, NONE
- Next message (by thread): rpms/kernel/devel drm-nouveau.patch, 1.31, 1.32 kernel.spec, 1.1592, 1.1593
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: caolanm
Update of /cvs/pkgs/rpms/openoffice.org/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19989
Modified Files:
openoffice.org.spec
Added Files:
openoffice.org-3.1.0.ooo92645.oox.msxmldecryptimpl.patch
Log Message:
implement MSXML decryption specially for ajax
openoffice.org-3.1.0.ooo92645.oox.msxmldecryptimpl.patch:
--- NEW FILE openoffice.org-3.1.0.ooo92645.oox.msxmldecryptimpl.patch ---
diff -ru oox.orig/prj/build.lst oox/prj/build.lst
--- oox.orig/prj/build.lst 2009-06-25 12:29:27.000000000 +0100
+++ oox/prj/build.lst 2009-06-26 11:02:26.000000000 +0100
@@ -1,4 +1,4 @@
-oox oox : vos cppu cppuhelper comphelper sal offapi sax basegfx tools BOOST:boost NULL
+oox oox : vos cppu cppuhelper comphelper sal offapi sax basegfx tools BOOST:boost OPENSSL:openssl NULL
oox oox usr1 - all oox_mkout NULL
oox oox\prj get - all oox_prj NULL
oox oox\source\token nmake - all oox_token NULL
diff -ru oox.orig/source/core/filterdetect.cxx oox/source/core/filterdetect.cxx
--- oox.orig/source/core/filterdetect.cxx 2009-06-25 12:30:35.000000000 +0100
+++ oox/source/core/filterdetect.cxx 2009-06-26 11:01:15.000000000 +0100
@@ -37,12 +37,20 @@
#include <com/sun/star/xml/sax/XFastContextHandler.hpp>
#include <com/sun/star/xml/sax/XFastParser.hpp>
+#include <com/sun/star/io/XTempFile.hpp>
+
#include <comphelper/mediadescriptor.hxx>
#include <cppuhelper/implbase1.hxx>
#include <cppuhelper/implbase2.hxx>
+#include <rtl/digest.h>
+#include <openssl/evp.h>
+
#include "oox/helper/attributelist.hxx"
#include "oox/helper/zipstorage.hxx"
+#include "oox/helper/olestorage.hxx"
+#include "oox/helper/binaryinputstream.hxx"
+#include "oox/helper/binaryoutputstream.hxx"
#include "oox/core/fasttokenhandler.hxx"
#include "oox/core/namespaces.hxx"
#include "tokens.hxx"
@@ -317,6 +325,97 @@
{
}
+/*
+ * Derive Key
+ */
+void DeriveKey(const sal_uInt8 *pHash, sal_uInt32 cbHash, sal_uInt8 *keyDerived, sal_uInt32 cbRequiredKeyLength)
+{
+ sal_uInt8 aBuffer[64];
+
+ memset(aBuffer, 0x36, sizeof(aBuffer));
+ for (sal_uInt32 i = 0; i < cbHash; ++i)
+ aBuffer[i] ^= pHash[i];
+
+ rtlDigest aDigest;
+ rtlDigestError aError;
+
+ aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ aError = rtl_digest_update(aDigest, aBuffer, sizeof(aBuffer));
+ sal_uInt8 X1[RTL_DIGEST_LENGTH_SHA1];
+ aError = rtl_digest_get(aDigest, X1, RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+
+ memset(aBuffer, 0x5C, sizeof(aBuffer));
+ for (sal_uInt32 i = 0; i < cbHash; ++i)
+ aBuffer[i] ^= pHash[i];
+
+ aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ aError = rtl_digest_update(aDigest, aBuffer, sizeof(aBuffer));
+ sal_uInt8 X2[RTL_DIGEST_LENGTH_SHA1];
+ aError = rtl_digest_get(aDigest, X2, RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+
+ if (cbRequiredKeyLength > RTL_DIGEST_LENGTH_SHA1)
+ {
+ memcpy(keyDerived+RTL_DIGEST_LENGTH_SHA1, X2, cbRequiredKeyLength-RTL_DIGEST_LENGTH_SHA1);
+ cbRequiredKeyLength=RTL_DIGEST_LENGTH_SHA1;
+ }
+ memcpy(keyDerived, X1, cbRequiredKeyLength);
+}
+
+/*
+ * Generate an encryption key
+ */
+
+void GenerateEncryptionKey(sal_uInt32 SaltSize, const sal_uInt8 *Salt, const rtl::OUString &rPassword,
+ sal_uInt8 *key, sal_uInt32 cbRequiredKeyLength)
+{
+ size_t nBufferSize = (SaltSize + (rPassword.getLength() * sizeof(sal_uInt16)));
+ sal_uInt8 *pBuffer = new sal_uInt8[nBufferSize];
+
+ memcpy(pBuffer, Salt, SaltSize);
+
+ sal_uInt8 *pPasswordLoc = pBuffer+SaltSize;
+ sal_Int32 nLen = rPassword.getLength();
+ const sal_Unicode *pStr = rPassword.getStr();
+
+ for (sal_Int32 i = 0; i < nLen; ++i, ++pStr)
+ {
+ *pPasswordLoc++ = (*pStr & 0x00FF);
+ *pPasswordLoc++ = ((*pStr & 0xFF00) >> 8);
+ }
+
+ rtlDigest aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ rtlDigestError aError;
+ aError = rtl_digest_update(aDigest, pBuffer, nBufferSize);
+ delete [] pBuffer;
+ size_t nHashSize = RTL_DIGEST_LENGTH_SHA1+sizeof(sal_uInt32);
+ sal_uInt8 aHash[nHashSize];
+ aError = rtl_digest_get(aDigest, aHash+sizeof(sal_uInt32), RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+
+ for (sal_uInt32 i = 0; i < 50000; ++i)
+ {
+ aHash[0] = (i & 0x000000FF);
+ aHash[1] = (i & 0x0000FF00) >> 8;
+ aHash[2] = (i & 0x00FF0000) >> 16;
+ aHash[3] = (i & 0xFF000000) >> 24;
+ aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ aError = rtl_digest_update(aDigest, aHash, nHashSize);
+ aError = rtl_digest_get(aDigest, aHash+sizeof(sal_uInt32), RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+ }
+
+ memmove(aHash, aHash+sizeof(sal_uInt32), RTL_DIGEST_LENGTH_SHA1);
+ memset(aHash+RTL_DIGEST_LENGTH_SHA1, 0, sizeof(sal_uInt32));
+ aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ aError = rtl_digest_update(aDigest, aHash, nHashSize);
+ aError = rtl_digest_get(aDigest, aHash, RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+
+ DeriveKey(aHash, RTL_DIGEST_LENGTH_SHA1, key, cbRequiredKeyLength);
+}
+
// com.sun.star.document.XExtendedFilterDetect interface ----------------------
OUString SAL_CALL FilterDetect::detect( Sequence< PropertyValue >& lDescriptor ) throw( RuntimeException )
@@ -325,31 +424,134 @@
if( mxFactory.is() ) try
{
- Reference< XFastParser > xParser( mxFactory->createInstance(
- CREATE_OUSTRING( "com.sun.star.xml.sax.FastParser" ) ), UNO_QUERY_THROW );
-
- xParser->setFastDocumentHandler( new FilterDetectDocHandler( aFilter ) );
- xParser->setTokenHandler( new FastTokenHandler );
-
- xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/package/2006/relationships" ), NMSP_PACKAGE_RELATIONSHIPS );
- xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/officeDocument/2006/relationships" ), NMSP_RELATIONSHIPS );
- xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/package/2006/content-types" ), NMSP_CONTENT_TYPES );
-
MediaDescriptor aDescriptor( lDescriptor );
aDescriptor.addInputStream();
Reference< XInputStream > xInputStream( aDescriptor[ MediaDescriptor::PROP_INPUTSTREAM() ], UNO_QUERY_THROW );
- StorageRef xStorage( new ZipStorage( mxFactory, xInputStream ) );
+ StorageRef xZipStorage( new ZipStorage( mxFactory, xInputStream ) );
- // Parse _rels/.rels to get the target path.
- InputSource aParserInput;
- aParserInput.sSystemId = CREATE_OUSTRING( "_rels/.rels" );
- aParserInput.aInputStream = xStorage->openInputStream( aParserInput.sSystemId );
- xParser->parseStream( aParserInput );
-
- // Parse [Content_Types].xml to determine the content type of the part at the target path.
- aParserInput.sSystemId = CREATE_OUSTRING( "[Content_Types].xml" );
- aParserInput.aInputStream = xStorage->openInputStream( aParserInput.sSystemId );
- xParser->parseStream( aParserInput );
+ if (xZipStorage->isStorage())
+ {
+ Reference< XFastParser > xParser( mxFactory->createInstance(
+ CREATE_OUSTRING( "com.sun.star.xml.sax.FastParser" ) ), UNO_QUERY_THROW );
+
+ xParser->setFastDocumentHandler( new FilterDetectDocHandler( aFilter ) );
+ xParser->setTokenHandler( new FastTokenHandler );
+
+ xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/package/2006/relationships" ), NMSP_PACKAGE_RELATIONSHIPS );
+ xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/officeDocument/2006/relationships" ), NMSP_RELATIONSHIPS );
+ xParser->registerNamespace( CREATE_OUSTRING( "http://schemas.openxmlformats.org/package/2006/content-types" ), NMSP_CONTENT_TYPES );
+
+ // Parse _rels/.rels to get the target path.
+ InputSource aParserInput;
+ aParserInput.sSystemId = CREATE_OUSTRING( "_rels/.rels" );
+ aParserInput.aInputStream = xZipStorage->openInputStream( aParserInput.sSystemId );
+ xParser->parseStream( aParserInput );
+
+ // Parse [Content_Types].xml to determine the content type of the part at the target path.
+ aParserInput.sSystemId = CREATE_OUSTRING( "[Content_Types].xml" );
+ aParserInput.aInputStream = xZipStorage->openInputStream( aParserInput.sSystemId );
+ xParser->parseStream( aParserInput );
+ }
+ else
+ {
+ StorageRef xOLEStorage ( new OleStorage( mxFactory, xInputStream, false ) );
+ if (xOLEStorage->isStorage())
+ {
+ Reference< XInputStream > xEncryptionInfo = xOLEStorage->openInputStream( CREATE_OUSTRING( "EncryptionInfo") );
+ Reference< XInputStream > xEncryptedPackage = xOLEStorage->openInputStream( CREATE_OUSTRING( "EncryptedPackage") );
+ BinaryXInputStream aInfo(xEncryptionInfo, true);
+ aInfo.skip(0x00000008);
+ sal_uInt32 EncryptionHeaderSize = aInfo.readuInt32();
+ aInfo.skip(0x00000008);
+ sal_uInt32 AlgID = aInfo.readuInt32();
+ sal_uInt32 AlgIDHash = aInfo.readuInt32();
+ sal_uInt32 KeySize = aInfo.readuInt32();
+ aInfo.skip(EncryptionHeaderSize-0x00000014);
+ sal_uInt32 SaltSize = aInfo.readuInt32();
+ sal_uInt8 Salt[16];
+ aInfo.readMemory(Salt, 16);
+ sal_uInt8 EncryptedVerifier[16];
+ aInfo.readMemory(EncryptedVerifier, 16);
+ sal_uInt32 VerifierHashSize = aInfo.readuInt32();
+ sal_uInt8 EncryptedVerifierHash[32];
+ aInfo.readMemory(EncryptedVerifierHash, 32);
+
+ bool bCorrectPassword = false;
+ //aes128 && sha1 && expected hash size
+ bool bImplemented = ((AlgID == 0x0000660E) && (AlgIDHash == 0x00008004) && (VerifierHashSize == 0x14));
+
+ if (bImplemented)
+ {
+ sal_uInt8 cbRequiredKeyLength = KeySize/8;
+ sal_uInt8 *key = new sal_uInt8[cbRequiredKeyLength];
+ //VelvetSweatshop is the default .xlsx "protection" password, so out-of-the-box we should
+ //be able to open those immediately. For other passwords we need to pass down that data, or query
+ //for it, however its normall done, to here.
+ //Unlike other formats, we can't really detect what's inside this wrapper until *after*
+ //decryption
+ GenerateEncryptionKey(SaltSize, Salt, CREATE_OUSTRING("VelvetSweatshop"), key, cbRequiredKeyLength);
+
+ EVP_CIPHER_CTX aes_ctx;
+ int outlen=0;
+
+ EVP_CIPHER_CTX_init(&aes_ctx);
+ EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_ecb(), NULL, key, NULL);
+ EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
+ sal_uInt8 Verifier[16]= {0};
+ /*int*/ EVP_DecryptUpdate(&aes_ctx, Verifier, &outlen, EncryptedVerifier, sizeof(EncryptedVerifier));
+ EVP_CIPHER_CTX_cleanup(&aes_ctx);
+
+ EVP_CIPHER_CTX_init(&aes_ctx);
+ EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_ecb(), NULL, key, NULL);
+ EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
+ sal_uInt8 VerifierHash[32] = {0};
+ /*int*/ EVP_DecryptUpdate(&aes_ctx, VerifierHash, &outlen, EncryptedVerifierHash, sizeof(EncryptedVerifierHash));
+ EVP_CIPHER_CTX_cleanup(&aes_ctx);
+
+ rtlDigest aDigest = rtl_digest_create(rtl_Digest_AlgorithmSHA1);
+ rtlDigestError aError = rtl_digest_update(aDigest, Verifier, sizeof(Verifier));
+ sal_uInt8 sha1Hash[RTL_DIGEST_LENGTH_SHA1];
+ aError = rtl_digest_get(aDigest, sha1Hash, RTL_DIGEST_LENGTH_SHA1);
+ rtl_digest_destroy(aDigest);
+
+ bCorrectPassword = memcmp(sha1Hash, VerifierHash, RTL_DIGEST_LENGTH_SHA1) == 0;
+
+ if (bCorrectPassword)
+ {
+ Reference<XTempFile> xTemp(
+ mxFactory->createInstance(CREATE_OUSTRING("com.sun.star.io.TempFile")),
+ UNO_QUERY_THROW);
+ BinaryXInputStream aEncryptedPackage(xEncryptedPackage, true);
+ BinaryXOutputStream aDecryptedPackage(xTemp->getOutputStream(), true);
+
+ EVP_CIPHER_CTX_init(&aes_ctx);
+ EVP_DecryptInit_ex(&aes_ctx, EVP_aes_128_ecb(), NULL, key, NULL);
+ EVP_CIPHER_CTX_set_padding(&aes_ctx, 0);
+
+ sal_uInt8 inbuf[1024];
+ sal_uInt8 outbuf[1024];
+ sal_Int32 inlen;
+ aEncryptedPackage.skip(sizeof(sal_uInt64)); /*decrypted size*/
+ while ((inlen = aEncryptedPackage.readMemory(inbuf, sizeof(inbuf))))
+ {
+ /*int*/ EVP_DecryptUpdate(&aes_ctx, outbuf, &outlen, inbuf, inlen);
+ aDecryptedPackage.writeMemory(outbuf, outlen);
+ }
+ EVP_DecryptFinal_ex(&aes_ctx, outbuf, &outlen);
+ aDecryptedPackage.writeMemory(outbuf, outlen);
+
+ EVP_CIPHER_CTX_cleanup(&aes_ctx);
+ delete [] key;
+
+ aDecryptedPackage.seekToStart();
+ xTemp->getOutputStream()->flush();
+ aDescriptor[ MediaDescriptor::PROP_INPUTSTREAM() ] <<= xTemp;
+ aDescriptor >> lDescriptor;
+ aFilter = detect( lDescriptor );
+ }
+ }
+ }
+ }
}
catch ( const Exception& )
{
diff -ru oox.orig/util/makefile.mk oox/util/makefile.mk
--- oox.orig/util/makefile.mk 2009-06-25 12:30:40.000000000 +0100
+++ oox/util/makefile.mk 2009-06-25 16:35:08.000000000 +0100
@@ -73,7 +73,8 @@
$(RTLLIB) \
$(SALLIB) \
$(BASEGFXLIB) \
- $(SAXLIB)
+ $(SAXLIB) \
+ $(OPENSSLLIB)
SHL1DEF= $(MISC)$/$(SHL1TARGET).def
SHL1LIBS= $(LIB1TARGET)
Index: openoffice.org.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openoffice.org/devel/openoffice.org.spec,v
retrieving revision 1.1950
retrieving revision 1.1951
diff -u -p -r1.1950 -r1.1951
--- openoffice.org.spec 22 Jun 2009 16:26:45 -0000 1.1950
+++ openoffice.org.spec 26 Jun 2009 10:14:50 -0000 1.1951
@@ -1,6 +1,6 @@
%define oootag OOO310
%define ooomilestone 13
-%define rh_rpm_release 3
+%define rh_rpm_release 4
# rhbz#465664 jar-repacking breaks help by reordering META-INF/MANIFEST.MF
%define __jar_repack %{nil}
@@ -151,6 +151,7 @@ Patch73: openoffice.org-2.0.0.ooo46270.s
Patch74: openoffice.org-3.1.0.ooo102920.i18npool.utf16bustage.patch
Patch75: workspace.aw073.patch
Patch76: openoffice.org-3.1.1.ooo102932.sw.mailmerge.busted-integer-conversion.patch
+Patch77: openoffice.org-3.1.0.ooo92645.oox.msxmldecryptimpl.patch
%define python_py_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(0)")
%define instdir %{_libdir}
@@ -1659,6 +1660,7 @@ cat %{PATCH11} >> svtools/source/dialogs
%patch74 -p0 -b .ooo102920.i18npool.utf16bustage.patch
%patch75 -p0 -b .workspace.aw073.patch
%patch76 -p0 -b .ooo102932.sw.mailmerge.busted-integer-conversion.patch
+%patch77 -p0 -b .ooo92645.oox.msxmldecryptimpl.patch
%build
echo build start time is `date`, diskspace: `df -h . | tail -n 1`
@@ -4172,6 +4174,11 @@ fi
unopkg list --shared > /dev/null 2>&1 || :
%changelog
+* Fri Jun 26 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-13.4
+- implement MSXML decryption, no querying for passwords though, so
+ only currently opens "protected" .xlsx documents which are
+ encrypted with excels default password
+
* Mon Jun 22 2009 Caolán McNamara <caolanm at redhat.com> - 1:3.1.1-13.3
- add hunspell-ko for Korean
- Resolves: rhbz#506545: openoffice.org-3.1.0.ooo102920.i18npool.utf16bustage.patch
- Previous message (by thread): rpms/kdebase-workspace/devel kdebase-workspace-4.2.95-plasma-konsole.patch, NONE, 1.1 .cvsignore, 1.31, 1.32 kdebase-workspace.spec, 1.237, 1.238 sources, 1.37, 1.38 kdebase-workspace-4.2.85-plasma-konsole.patch, 1.1, NONE
- Next message (by thread): rpms/kernel/devel drm-nouveau.patch, 1.31, 1.32 kernel.spec, 1.1592, 1.1593
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list