internal override bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
{
if (!base.VerifyPass(Password, EncParams, Key))
{
return(false);
}
Key.CalcKey(TStandardEncryptionKey.BlockKey, null);
byte[] DecriptedVerifier;
byte[] DecriptedVerifierHash;
using (AesManaged Engine = TEncryptionUtils.CreateEngine(EncParams))
{
using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
{
DecriptedVerifier = DecryptBytes(EncryptedVerifier, Decryptor, -1);
DecriptedVerifierHash = DecryptBytes(EncryptedVerifierHash, Decryptor, -1);
}
}
using (HashAlgorithm hasher = TEncryptionKey.CreateHasher())
{
byte[] DecriptedVerifierHash2 = hasher.ComputeHash(DecriptedVerifier);
if (!FlxUtils.CompareMem(DecriptedVerifierHash, 0, DecriptedVerifierHash2, 0, VerifierHashSizeBytes))
{
return(false);
}
}
return(true);
}
private void EncryptStream(AesManaged EncEngine, TEncryptionKey DataKey, byte[] WorkLen)
{
WorkingStream.Position = 0;
WorkingStream.Write(WorkLen, 0, WorkLen.Length);
int read;
byte[] CurrentSegment = new byte[TEncryptionUtils.AgileSegmentSize];
int SegmentNumber = 0;
while ((read = WorkingStream.Read(CurrentSegment, 0, CurrentSegment.Length)) > 0)
{
DataKey.CalcDataIV(SegmentNumber);
SegmentNumber++;
using (ICryptoTransform Encryptor = EncEngine.CreateEncryptor(DataKey.Key, DataKey.IV))
{
using (MemoryStream outms = new MemoryStream()) //will be closed by Cryptostream
{
using (CryptoStream cs = new CryptoStream(outms, Encryptor, CryptoStreamMode.Write))
{
cs.Write(CurrentSegment, 0, read);
}
WorkingStream.Position -= read;
byte[] outArr = outms.ToArray(); //ToArray works with stream closed, and cs will close the stream.
WorkingStream.Write(outArr, 0, outArr.Length);
}
}
}
}
public TXlsxCryptoStreamReader(TOle2File aDataStream, long aStreamLen, AesManaged aEncEncgine, ICryptoTransform aDecryptor, TEncryptionKey aKey)
{
DataStream = aDataStream;
FStreamLen = aStreamLen;
EncEngine = aEncEncgine;
Decryptor = aDecryptor;
CurrentSegment = new byte[SegmentSize];
Key = aKey;
}
private static Stream DecryptStream(TOle2File DataStream, TEncryptionParameters EncParams, TEncryptionKey Key)
{
DataStream.SelectStream(XlsxConsts.ContentString);
byte[] EncryptedSize = new byte[8];
DataStream.Read(EncryptedSize, EncryptedSize.Length);
AesManaged Engine = null;
ICryptoTransform Decryptor = null;
try
{
Engine = TEncryptionUtils.CreateEngine(EncParams);
if (!Key.VariableIV)
{
Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV);
}
return(new TXlsxCryptoStreamReader(DataStream, BitOps.GetCardinal(EncryptedSize, 0), Engine, Decryptor, Key));
}
catch
{
if (Engine != null)
{
((IDisposable)Engine).Dispose();
}
if (Decryptor != null)
{
Decryptor.Dispose();
}
throw;
}
}
private static void CheckPassword(TEncryptionData Encryption, TEncryptionVerifier Verifier, TEncryptionParameters EncParams, TEncryptionKey Key)
{
if (Verifier.VerifyPass(XlsConsts.EmptyExcelPassword, EncParams, Key))
{
return; //workbook password protected
}
string Password = Encryption.ReadPassword;
if (Encryption.OnPassword != null)
{
OnPasswordEventArgs ea = new OnPasswordEventArgs(Encryption.Xls);
Encryption.OnPassword(ea);
Encryption.ReadPassword = ea.Password;
Password = ea.Password;
}
if (!Verifier.VerifyPass(Password, EncParams, Key))
{
XlsMessages.ThrowException(XlsErr.ErrInvalidPassword);
}
}
private static void ReadAgileCipherParams(XmlReader xml, TEncryptionParameters EncParams, TEncryptionKey Key)
{
int SaltSize = Convert.ToInt32(xml.GetAttribute("saltSize"), CultureInfo.InvariantCulture);
int BlockSize = Convert.ToInt32(xml.GetAttribute("blockSize"), CultureInfo.InvariantCulture);
Key.BlockSize = BlockSize;
if (BlockSize != 0x10)
{
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
}
int KeyBits = Convert.ToInt32(xml.GetAttribute("keyBits"), CultureInfo.InvariantCulture);
Key.KeySizeInBytes = KeyBits / 8;
switch (KeyBits)
{
case 128: EncParams.Algorithm = TEncryptionAlgorithm.AES_128; break;
case 192: EncParams.Algorithm = TEncryptionAlgorithm.AES_192; break;
case 256: EncParams.Algorithm = TEncryptionAlgorithm.AES_256; break;
default:
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
break;
}
string CipherAlgo = xml.GetAttribute("cipherAlgorithm");
if (!string.Equals(CipherAlgo, "AES", StringComparison.InvariantCulture))
{
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
}
string CipherChaining = xml.GetAttribute("cipherChaining");
switch (CipherChaining)
{
case "ChainingModeCBC": EncParams.ChainingMode = CipherMode.CBC; break;
case "ChainingModeCFB": EncParams.ChainingMode = CipherMode.CFB; break;
default:
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption); break;
}
string HashAlgorithm = xml.GetAttribute("hashAlgorithm");
if (HashAlgorithm != "SHA1" && HashAlgorithm != "SHA-1")
{
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
}
Key.Salt = Convert.FromBase64String(xml.GetAttribute("saltValue"));
if (Key.Salt == null || SaltSize != Key.Salt.Length)
{
XlsMessages.ThrowException(XlsErr.ErrNotSupportedEncryption);
}
}
internal override bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
{
if (!base.VerifyPass(Password, EncParams, Key))
{
return(false);
}
using (AesManaged Engine = TEncryptionUtils.CreateEngine(EncParams))
{
byte[] DecriptedVerifierHashInput;
Key.CalcKey(TAgileEncryptionKey.VerifierHashInputBlockKey, null);
using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
{
DecriptedVerifierHashInput = DecryptBytes(EncryptedVerifierHashInput, Decryptor, Key.Salt.Length); //this is the value padded to a blocksize multiple. We want only the Salt.Length initial bytes.
DecriptedVerifierHashInput = Key.Hash(DecriptedVerifierHashInput);
}
byte[] DecriptedVerifierHashValue;
Key.CalcKey(TAgileEncryptionKey.VerifierHashValueBlockKey, null);
using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
{
DecriptedVerifierHashValue = DecryptBytes(EncryptedVerifierHashValue, Decryptor, DecriptedVerifierHashInput.Length); //this is the 20 byte value of the hash + 12 "0" so it goes up to 32. (32 is 2*blocksize)
}
if (!FlxUtils.CompareMem(DecriptedVerifierHashValue, DecriptedVerifierHashInput))
{
return(false);
}
byte[] DecriptedKeyValue;
Key.CalcKey(TAgileEncryptionKey.VerifierKeyValueBlockKey, null);
using (ICryptoTransform Decryptor = Engine.CreateDecryptor(Key.Key, Key.IV))
{
DecriptedKeyValue = DecryptBytes(EncryptedKeyValue, Decryptor, Key.KeySizeInBytes);
}
Key.Key = DecriptedKeyValue;
}
return(true);
}
internal virtual bool VerifyPass(string Password, TEncryptionParameters EncParams, TEncryptionKey Key)
{
if (Password == null)
{
XlsMessages.ThrowException(XlsErr.ErrInvalidPassword);
}
if (Password.Length > 255)
{
XlsMessages.ThrowException(XlsErr.ErrPasswordTooLong);
}
Key.Password = Encoding.Unicode.GetBytes(Password);
Key.PreCalcKey();
return(true);
}
