Beispiel #1
0
        internal override bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            if (!base.VerifyPass(Password, EncParams, Key))
            {
                return(false);
            }

            Key.CalcKey(TStandardEncryptionKey.BlockKey, null);
            byte[] DecriptedVerifier;
            byte[] DecriptedVerifierHash;
            using (AesManaged Engine = TEncryptionUtils.CreateEngine(EncParams))
            {
                using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
                {
                    DecriptedVerifier     = DecryptBytes(EncryptedVerifier, Decryptor, -1);
                    DecriptedVerifierHash = DecryptBytes(EncryptedVerifierHash, Decryptor, -1);
                }
            }

            using (HashAlgorithm hasher = TEncryptionKey.CreateHasher())
            {
                byte[] DecriptedVerifierHash2 = hasher.ComputeHash(DecriptedVerifier);
                if (!FlxUtils.CompareMem(DecriptedVerifierHash, 0, DecriptedVerifierHash2, 0, VerifierHashSizeBytes))
                {
                    return(false);
                }
            }

            return(true);
        }
Beispiel #2
0
        private void EncryptStream(AesManaged EncEngine, TEncryptionKey DataKey, byte[] WorkLen)
        {
            WorkingStream.Position = 0;
            WorkingStream.Write(WorkLen, 0, WorkLen.Length);
            int read;

            byte[] CurrentSegment = new byte[TEncryptionUtils.AgileSegmentSize];
            int    SegmentNumber  = 0;

            while ((read = WorkingStream.Read(CurrentSegment, 0, CurrentSegment.Length)) > 0)
            {
                DataKey.CalcDataIV(SegmentNumber);
                SegmentNumber++;

                using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV))
                {
                    using (MemoryStream outms = new MemoryStream()) //will be closed by Cryptostream
                    {
                        using (CryptoStream cs = new CryptoStream(outms, Encryptor, CryptoStreamMode.Write))
                        {
                            cs.Write(CurrentSegment, 0, read);
                        }

                        WorkingStream.Position -= read;
                        byte[] outArr = outms.ToArray(); //ToArray works with stream closed, and cs will close the stream.
                        WorkingStream.Write(outArr, 0, outArr.Length);
                    }
                }
            }
        }
Beispiel #3
0
 public TXlsxCryptoStreamReader(TOle2File aDataStream, long aStreamLen, AesManaged aEncEncgine, ICryptoTransform aDecryptor, TEncryptionKey aKey)
 {
     DataStream     = aDataStream;
     FStreamLen     = aStreamLen;
     EncEngine      = aEncEncgine;
     Decryptor      = aDecryptor;
     CurrentSegment = new byte[SegmentSize];
     Key            = aKey;
 }
Beispiel #4
0
        private static Stream DecryptStream(TOle2File DataStream, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            DataStream.SelectStream(XlsxConsts.ContentString);
            byte[] EncryptedSize = new byte[8];
            DataStream.Read(EncryptedSize, EncryptedSize.Length);
            AesManaged       Engine    = null;
            ICryptoTransform Decryptor = null;

            try
            {
                Engine = TEncryptionUtils.CreateEngine(EncParams);
                if (!Key.VariableIV)
                {
                    Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV);
                }
                return(new TXlsxCryptoStreamReader(DataStream, BitOps.GetCardinal(EncryptedSize, 0), Engine, Decryptor, Key));
            }
            catch
            {
                if (Engine != null)
                {
                    ((IDisposable)Engine).Dispose();
                }
                if (Decryptor != null)
                {
                    Decryptor.Dispose();
                }
                throw;
            }
        }
Beispiel #5
0
        private static void CheckPassword(TEncryptionData Encryption, TEncryptionVerifier Verifier, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            if (Verifier.VerifyPass(XlsConsts.EmptyExcelPassword, EncParams, Key))
            {
                return; //workbook password protected
            }

            string Password = Encryption.ReadPassword;

            if (Encryption.OnPassword != null)
            {
                OnPasswordEventArgs ea = new OnPasswordEventArgs(Encryption.Xls);
                Encryption.OnPassword(ea);
                Encryption.ReadPassword = ea.Password;
                Password = ea.Password;
            }

            if (!Verifier.VerifyPass(Password, EncParams, Key))
            {
                XlsMessages.ThrowException(XlsErr.ErrInvalidPassword);
            }
        }
Beispiel #6
0
        private static void ReadAgileCipherParams(XmlReader xml, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            int SaltSize  = Convert.ToInt32(xml.GetAttribute("saltSize"), CultureInfo.InvariantCulture);
            int BlockSize = Convert.ToInt32(xml.GetAttribute("blockSize"), CultureInfo.InvariantCulture);

            Key.BlockSize = BlockSize;
            if (BlockSize != 0x10)
            {
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
            }

            int KeyBits = Convert.ToInt32(xml.GetAttribute("keyBits"), CultureInfo.InvariantCulture);

            Key.KeySizeInBytes = KeyBits / 8;

            switch (KeyBits)
            {
            case 128: EncParams.Algorithm = TEncryptionAlgorithm.AES_128; break;

            case 192: EncParams.Algorithm = TEncryptionAlgorithm.AES_192; break;

            case 256: EncParams.Algorithm = TEncryptionAlgorithm.AES_256; break;

            default:
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
                break;
            }
            string CipherAlgo = xml.GetAttribute("cipherAlgorithm");

            if (!string.Equals(CipherAlgo, "AES", StringComparison.InvariantCulture))
            {
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
            }

            string CipherChaining = xml.GetAttribute("cipherChaining");

            switch (CipherChaining)
            {
            case "ChainingModeCBC": EncParams.ChainingMode = CipherMode.CBC; break;

            case "ChainingModeCFB": EncParams.ChainingMode = CipherMode.CFB; break;

            default:
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption); break;
            }

            string HashAlgorithm = xml.GetAttribute("hashAlgorithm");

            if (HashAlgorithm != "SHA1" && HashAlgorithm != "SHA-1")
            {
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
            }

            Key.Salt = Convert.FromBase64String(xml.GetAttribute("saltValue"));
            if (Key.Salt == null || SaltSize != Key.Salt.Length)
            {
                XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
            }
        }
Beispiel #7
0
        internal override bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            if (!base.VerifyPass(Password, EncParams, Key))
            {
                return(false);
            }

            using (AesManaged Engine = TEncryptionUtils.CreateEngine(EncParams))
            {
                byte[] DecriptedVerifierHashInput;
                Key.CalcKey(TAgileEncryptionKey.VerifierHashInputBlockKey, null);
                using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
                {
                    DecriptedVerifierHashInput = DecryptBytes(EncryptedVerifierHashInput, Decryptor, Key.Salt.Length); //this is the value padded to a blocksize multiple. We want only the Salt.Length initial bytes.
                    DecriptedVerifierHashInput = Key.Hash(DecriptedVerifierHashInput);
                }

                byte[] DecriptedVerifierHashValue;
                Key.CalcKey(TAgileEncryptionKey.VerifierHashValueBlockKey, null);
                using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
                {
                    DecriptedVerifierHashValue = DecryptBytes(EncryptedVerifierHashValue, Decryptor, DecriptedVerifierHashInput.Length); //this is the 20 byte value of the hash + 12 "0" so it goes up to 32. (32 is 2*blocksize)
                }

                if (!FlxUtils.CompareMem(DecriptedVerifierHashValue, DecriptedVerifierHashInput))
                {
                    return(false);
                }

                byte[] DecriptedKeyValue;
                Key.CalcKey(TAgileEncryptionKey.VerifierKeyValueBlockKey, null);
                using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
                {
                    DecriptedKeyValue = DecryptBytes(EncryptedKeyValue, Decryptor, Key.KeySizeInBytes);
                }

                Key.Key = DecriptedKeyValue;
            }

            return(true);
        }
Beispiel #8
0
        internal virtual bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
        {
            if (Password == null)
            {
                XlsMessages.ThrowException(XlsErr.ErrInvalidPassword);
            }
            if (Password.Length > 255)
            {
                XlsMessages.ThrowException(XlsErr.ErrPasswordTooLong);
            }

            Key.Password = Encoding.Unicode.GetBytes(Password);
            Key.PreCalcKey();

            return(true);
        }