From a226e3f277c3e5fa270e816afa5e6aac14ceb0d6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Caol=C3=A1n=20McNamara?= Date: Fri, 8 Jun 2012 10:23:44 +0100 Subject: [PATCH] Is CVE-2012-2665 fixed in LO? MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit On Thu, 2012-06-07 at 18:23 +0200, Petr Mladek wrote: > Hi Caolan, > > I am a bit confused by all the security problems. Is CVE-2012-2665 fixed > in LO-3.5? Not yet. I wanted to wait to propose any more backports until the backlog was cleared to try and avoid confusion :-) So, I'm now requesting the following three additional commits to be cherry-picked to 3-5 78f614e5fff70d4874322255cca739f430865f0a key-size acc613a3236c61c8272bde1eadca5d8bf25f98f1 tag-hierarchy 4a7164429b727bd8fd6f183950e85e6225869364 count-and-order to address CVE-2012-2665 I'd like to consider those three + the already cherry-picked 4036ee4db7b43cac9f892c2b9a2c545f0f838747 as our canonical solution to CVE-2012-2665 (78f614e5fff70d4874322255cca739f430865f0a is technically not really relevant but I reckon its easiest to bundle it into any backports while we're at it to keep things simple) C. From 4036ee4db7b43cac9f892c2b9a2c545f0f838747 Mon Sep 17 00:00:00 2001 From: Caolán McNamara Date: Wed, 30 May 2012 14:10:25 +0000 Subject: merge three base64 encoders/decoders together Conflicts: filter/source/placeware/Base64Codec.cxx package/source/manifest/Base64Codec.cxx Change-Id: Ic123c081fcf6ddcf5d61c5d5a3eab01db470014c Signed-off-by: Miklos Vajna From 78f614e5fff70d4874322255cca739f430865f0a Mon Sep 17 00:00:00 2001 From: Caolán McNamara Date: Mon, 28 May 2012 09:33:40 +0000 Subject: check key size Change-Id: Ia909b0abb3ef84a9f0a14d42379f693ae9e70812 From acc613a3236c61c8272bde1eadca5d8bf25f98f1 Mon Sep 17 00:00:00 2001 From: Caolán McNamara Date: Mon, 28 May 2012 09:35:31 +0000 Subject: unwind manifest xml parser and follow tag hierarchy model so we validate that each tag is inside the right parent Change-Id: Ibc82aeaf6b409ef2fed7de0cd8f15c164da65e53 From 4a7164429b727bd8fd6f183950e85e6225869364 Mon Sep 17 00:00:00 2001 From: Caolán McNamara Date: Mon, 28 May 2012 10:43:09 +0000 Subject: count and order of receipt of properties doesn't matter so stick imported properties into assigned slots and throw out empty ones when finished. Reuse existing ids for this between import and export. Shuffle FULLPATH to 0 as per import comment Change-Id: I516116c5327498ad043f6e2fb9bd257599ade2a2 Gbp-Pq: Name CVE-2012-2665.diff --- filter/Library_placeware.mk | 2 +- filter/source/placeware/Base64Codec.cxx | 206 ----------- filter/source/placeware/Base64Codec.hxx | 50 --- filter/source/placeware/exporter.cxx | 4 +- package/Library_package2.mk | 2 +- package/inc/PackageConstants.hxx | 24 +- package/prj/build.lst | 2 +- package/source/manifest/Base64Codec.cxx | 204 ----------- package/source/manifest/Base64Codec.hxx | 48 --- package/source/manifest/ManifestExport.cxx | 8 +- package/source/manifest/ManifestImport.cxx | 379 ++++++++++++--------- package/source/manifest/ManifestImport.hxx | 12 +- package/source/zipapi/ZipFile.cxx | 10 +- 13 files changed, 259 insertions(+), 692 deletions(-) delete mode 100644 filter/source/placeware/Base64Codec.cxx delete mode 100644 filter/source/placeware/Base64Codec.hxx delete mode 100644 package/source/manifest/Base64Codec.cxx delete mode 100644 package/source/manifest/Base64Codec.hxx diff --git a/filter/Library_placeware.mk b/filter/Library_placeware.mk index d0af3c1e20d..0471cd26cfa 100644 --- a/filter/Library_placeware.mk +++ b/filter/Library_placeware.mk @@ -34,11 +34,11 @@ $(eval $(call gb_Library_add_linked_libs,placeware,\ cppuhelper \ cppu \ sal \ + sax \ $(gb_STDLIBS) \ )) $(eval $(call gb_Library_add_exception_objects,placeware,\ - filter/source/placeware/Base64Codec \ filter/source/placeware/exporter \ filter/source/placeware/filter \ filter/source/placeware/tempfile \ diff --git a/filter/source/placeware/Base64Codec.cxx b/filter/source/placeware/Base64Codec.cxx deleted file mode 100644 index 49cfcc028c2..00000000000 --- a/filter/source/placeware/Base64Codec.cxx +++ /dev/null @@ -1,206 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#include "Base64Codec.hxx" -#include -#include -using namespace osl; -using namespace com::sun::star; -using ::rtl::OUString; -using ::rtl::OUStringBuffer; -const - sal_Char aBase64EncodeTable[] = - { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', - 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', - 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', - 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', - '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' }; - -const - sal_uInt8 aBase64DecodeTable[] = - { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0-15 - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16-31 - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 63, // 32-47 -// + / - - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 0, 0, 0, 0, 0, 0, // 48-63 -// 0 1 2 3 4 5 6 7 8 9 = - - 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 64-79 -// A B C D E F G H I J K L M N O - - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 0, 0, 0, 0, 0, // 80-95 -// P Q R S T U V W X Y Z - - 0, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 96-111 -// a b c d e f g h i j k l m n o - - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 0, 0, 0, 0, 0, // 112-127 -// p q r s t u v w x y z - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - -void ThreeByteToFourByte (const sal_uInt8* pBuffer, const sal_Int32 nStart, const sal_Int32 nFullLen, rtl::OUStringBuffer& sBuffer) -{ - sal_Int32 nLen(nFullLen - nStart); - if (nLen > 3) - nLen = 3; - if (nLen == 0) - { - return; - } - - sal_Int32 nBinaer; - switch (nLen) - { - case 1: - { - nBinaer = ((sal_uInt8)pBuffer[nStart + 0]) << 16; - } - break; - case 2: - { - nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) + - (((sal_uInt8)pBuffer[nStart + 1]) << 8); - } - break; - default: - { - nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) + - (((sal_uInt8)pBuffer[nStart + 1]) << 8) + - ((sal_uInt8)pBuffer[nStart + 2]); - } - break; - } - - sal_Unicode buf[] = { '=', '=', '=', '=' }; - - sal_uInt8 nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0000) >> 18); - buf[0] = aBase64EncodeTable [nIndex]; - - nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F000) >> 12); - buf[1] = aBase64EncodeTable [nIndex]; - if (nLen > 1) - { - nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0) >> 6); - buf[2] = aBase64EncodeTable [nIndex]; - if (nLen > 2) - { - nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F)); - buf[3] = aBase64EncodeTable [nIndex]; - } - } - sBuffer.append(buf, SAL_N_ELEMENTS(buf)); -} - -void Base64Codec::encodeBase64(rtl::OUStringBuffer& aStrBuffer, const uno::Sequence < sal_Int8 >& aPass) -{ - sal_Int32 i(0); - sal_Int32 nBufferLength(aPass.getLength()); - const sal_Int8* pBuffer = aPass.getConstArray(); - while (i < nBufferLength) - { - ThreeByteToFourByte ((const sal_uInt8*)pBuffer, i, nBufferLength, aStrBuffer); - i += 3; - } -} - -const rtl::OUString s2equal(RTL_CONSTASCII_USTRINGPARAM("==")); -const rtl::OUString s1equal(RTL_CONSTASCII_USTRINGPARAM("=")); -#if 0 -void FourByteToThreeByte (sal_uInt8* pBuffer, sal_Int32& nLength, const sal_Int32 nStart, const rtl::OUString& sString) -{ - nLength = 0; - sal_Int32 nLen (sString.getLength()); - - if (nLen != 4) - { - return; - } - - - if (sString.indexOf(s2equal) == 2) - nLength = 1; - else if (sString.indexOf(s1equal) == 3) - nLength = 2; - else - nLength = 3; - - sal_Int32 nBinaer ((aBase64DecodeTable [sString [0]] << 18) + - (aBase64DecodeTable [sString [1]] << 12) + - (aBase64DecodeTable [sString [2]] << 6) + - (aBase64DecodeTable [sString [3]])); - - sal_uInt8 OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF0000) >> 16); - pBuffer[nStart + 0] = (sal_uInt8)OneByte; - - if (nLength == 1) - return; - - OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF00) >> 8); - pBuffer[nStart + 1] = (sal_uInt8)OneByte; - - if (nLength == 2) - return; - - OneByte = static_cast< sal_uInt8 >(nBinaer & 0xFF); - pBuffer[nStart + 2] = (sal_uInt8)OneByte; -} - -void Base64Codec::decodeBase64(uno::Sequence< sal_uInt8 >& aBuffer, const rtl::OUString& sBuffer) -{ - sal_Int32 nFirstLength((sBuffer.getLength() / 4) * 3); - sal_uInt8* pBuffer = new sal_uInt8[nFirstLength]; - sal_Int32 nSecondLength(0); - sal_Int32 nLength(0); - sal_Int32 i = 0; - sal_Int32 k = 0; - while (i < sBuffer.getLength()) - { - FourByteToThreeByte (pBuffer, nLength, k, sBuffer.copy(i, 4)); - nSecondLength += nLength; - nLength = 0; - i += 4; - k += 3; - } - aBuffer = uno::Sequence(pBuffer, nSecondLength); - delete[] pBuffer; -} -#endif - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/filter/source/placeware/Base64Codec.hxx b/filter/source/placeware/Base64Codec.hxx deleted file mode 100644 index b635b1e00bb..00000000000 --- a/filter/source/placeware/Base64Codec.hxx +++ /dev/null @@ -1,50 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _BASE64_CODEC_HXX -#define _BASE64_CODEC_HXX - -#include - -namespace rtl -{ -class OUString; -class OUStringBuffer; -} - -class Base64Codec -{ -public: - static void encodeBase64(rtl::OUStringBuffer& aStrBuffer, const com::sun::star::uno::Sequence& aPass); -#if 0 - static void decodeBase64(com::sun::star::uno::Sequence& aPass, const rtl::OUString& sBuffer); -#endif -}; -#endif - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/filter/source/placeware/exporter.cxx b/filter/source/placeware/exporter.cxx index b925b655de5..a89e915a23c 100644 --- a/filter/source/placeware/exporter.cxx +++ b/filter/source/placeware/exporter.cxx @@ -39,12 +39,12 @@ #include #include #include +#include #include #include #include "exporter.hxx" -#include "Base64Codec.hxx" #include "zip.hxx" #include "tempfile.hxx" @@ -161,7 +161,7 @@ static void encodeFile( osl::File& rSourceFile, Reference< XOutputStream >& xOut nLen -= nRead; rtl::OUStringBuffer aStrBuffer; - Base64Codec::encodeBase64( aStrBuffer, aInBuffer ); + ::sax::Converter::encodeBase64(aStrBuffer, aInBuffer); sal_Int32 nCount = aStrBuffer.getLength(); diff --git a/package/Library_package2.mk b/package/Library_package2.mk index 306887ebc3b..dfce64bbf71 100644 --- a/package/Library_package2.mk +++ b/package/Library_package2.mk @@ -51,6 +51,7 @@ $(eval $(call gb_Library_add_linked_libs,package2,\ cppu \ cppuhelper \ sal \ + sax \ ucbhelper \ $(gb_STDLIBS) \ )) @@ -60,7 +61,6 @@ $(eval $(call gb_Library_use_externals,package2,\ )) $(eval $(call gb_Library_add_exception_objects,package2,\ - package/source/manifest/Base64Codec \ package/source/manifest/ManifestExport \ package/source/manifest/ManifestImport \ package/source/manifest/ManifestReader \ diff --git a/package/inc/PackageConstants.hxx b/package/inc/PackageConstants.hxx index be82010175f..7590acd951d 100644 --- a/package/inc/PackageConstants.hxx +++ b/package/inc/PackageConstants.hxx @@ -40,19 +40,19 @@ const sal_Int32 n_ConstDigestLength = 1024; const sal_Int32 n_ConstDigestDecrypt = 1056; // 1024 + 32 // the constants related to the manifest.xml entries -#define PKG_MNFST_MEDIATYPE 0 -#define PKG_MNFST_VERSION 1 -#define PKG_MNFST_FULLPATH 2 +#define PKG_MNFST_FULLPATH 0 //FullPath (Put full-path property first for MBA) +#define PKG_MNFST_VERSION 1 //Version +#define PKG_MNFST_MEDIATYPE 2 //MediaType -#define PKG_MNFST_INIVECTOR 3 -#define PKG_MNFST_SALT 4 -#define PKG_MNFST_ITERATION 5 -#define PKG_MNFST_UCOMPSIZE 6 -#define PKG_MNFST_DIGEST 7 -#define PKG_MNFST_ENCALG 8 -#define PKG_MNFST_STARTALG 9 -#define PKG_MNFST_DIGESTALG 10 -#define PKG_MNFST_DERKEYSIZE 11 +#define PKG_MNFST_INIVECTOR 3 //InitialisationVector +#define PKG_MNFST_SALT 4 //Salt +#define PKG_MNFST_ITERATION 5 //IterationCount +#define PKG_MNFST_UCOMPSIZE 6 //Size +#define PKG_MNFST_DIGEST 7 //Digest +#define PKG_MNFST_ENCALG 8 //EncryptionAlgorithm +#define PKG_MNFST_STARTALG 9 //StartKeyAlgorithm +#define PKG_MNFST_DIGESTALG 10 //DigestAlgorithm +#define PKG_MNFST_DERKEYSIZE 11 //DerivedKeySize #define PKG_SIZE_NOENCR_MNFST 3 #define PKG_SIZE_ENCR_MNFST 12 diff --git a/package/prj/build.lst b/package/prj/build.lst index e1a2c11e6e0..35b408d800c 100644 --- a/package/prj/build.lst +++ b/package/prj/build.lst @@ -1,2 +1,2 @@ -pk package : cppu cppuhelper comphelper ucbhelper sal ZLIB:zlib LIBXSLT:libxslt NULL +pk package : cppu cppuhelper comphelper ucbhelper sal ZLIB:zlib LIBXSLT:libxslt sax NULL pk package\prj nmake - all pk_prj NULL diff --git a/package/source/manifest/Base64Codec.cxx b/package/source/manifest/Base64Codec.cxx deleted file mode 100644 index 66a7f181c0f..00000000000 --- a/package/source/manifest/Base64Codec.cxx +++ /dev/null @@ -1,204 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#include "Base64Codec.hxx" -#include -#include -using namespace osl; -using namespace com::sun::star; - -using ::rtl::OUStringBuffer; - -const - sal_Char aBase64EncodeTable[] = - { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', - 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', - 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', - 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', - '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' }; - -const - sal_uInt8 aBase64DecodeTable[] = - { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0-15 - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 16-31 - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 62, 0, 0, 0, 63, // 32-47 -// + / - - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 0, 0, 0, 0, 0, 0, // 48-63 -// 0 1 2 3 4 5 6 7 8 9 = - - 0, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 64-79 -// A B C D E F G H I J K L M N O - - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 0, 0, 0, 0, 0, // 80-95 -// P Q R S T U V W X Y Z - - 0, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 96-111 -// a b c d e f g h i j k l m n o - - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 0, 0, 0, 0, 0, // 112-127 -// p q r s t u v w x y z - - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - - -void ThreeByteToFourByte (const sal_uInt8* pBuffer, const sal_Int32 nStart, const sal_Int32 nFullLen, rtl::OUStringBuffer& sBuffer) -{ - sal_Int32 nLen(nFullLen - nStart); - if (nLen > 3) - nLen = 3; - if (nLen == 0) - { - return; - } - - sal_Int32 nBinaer; - switch (nLen) - { - case 1: - { - nBinaer = ((sal_uInt8)pBuffer[nStart + 0]) << 16; - } - break; - case 2: - { - nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) + - (((sal_uInt8)pBuffer[nStart + 1]) << 8); - } - break; - default: - { - nBinaer = (((sal_uInt8)pBuffer[nStart + 0]) << 16) + - (((sal_uInt8)pBuffer[nStart + 1]) << 8) + - ((sal_uInt8)pBuffer[nStart + 2]); - } - break; - } - - sal_Unicode buf[] = { '=', '=', '=', '=' }; - - sal_uInt8 nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0000) >> 18); - buf[0] = aBase64EncodeTable [nIndex]; - - nIndex = static_cast< sal_uInt8 >((nBinaer & 0x3F000) >> 12); - buf[1] = aBase64EncodeTable [nIndex]; - if (nLen > 1) - { - nIndex = static_cast< sal_uInt8 >((nBinaer & 0xFC0) >> 6); - buf[2] = aBase64EncodeTable [nIndex]; - if (nLen > 2) - { - nIndex = static_cast< sal_uInt8 >(nBinaer & 0x3F); - buf[3] = aBase64EncodeTable [nIndex]; - } - } - sBuffer.append(buf, SAL_N_ELEMENTS(buf)); -} - -void Base64Codec::encodeBase64(rtl::OUStringBuffer& aStrBuffer, const uno::Sequence < sal_Int8 >& aPass) -{ - sal_Int32 i(0); - sal_Int32 nBufferLength(aPass.getLength()); - const sal_uInt8* pBuffer = reinterpret_cast< const sal_uInt8* >( aPass.getConstArray() ); - while (i < nBufferLength) - { - ThreeByteToFourByte (pBuffer, i, nBufferLength, aStrBuffer); - i += 3; - } -} - -const rtl::OUString s2equal(RTL_CONSTASCII_USTRINGPARAM("==")); -const rtl::OUString s1equal(RTL_CONSTASCII_USTRINGPARAM("=")); - -void FourByteToThreeByte (sal_uInt8* pBuffer, sal_Int32& nLength, const sal_Int32 nStart, const rtl::OUString& sString) -{ - nLength = 0; - sal_Int32 nLen (sString.getLength()); - - OSL_ASSERT( nLen == 4 ); - if (nLen != 4) - return; - - if (sString.indexOf(s2equal) == 2) - nLength = 1; - else if (sString.indexOf(s1equal) == 3) - nLength = 2; - else - nLength = 3; - - sal_Int32 nBinaer ((aBase64DecodeTable [sString [0]] << 18) + - (aBase64DecodeTable [sString [1]] << 12) + - (aBase64DecodeTable [sString [2]] << 6) + - (aBase64DecodeTable [sString [3]])); - - sal_uInt8 OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF0000) >> 16); - pBuffer[nStart + 0] = (sal_uInt8)OneByte; - - if (nLength == 1) - return; - - OneByte = static_cast< sal_uInt8 >((nBinaer & 0xFF00) >> 8); - pBuffer[nStart + 1] = OneByte; - - if (nLength == 2) - return; - - OneByte = static_cast< sal_uInt8 >(nBinaer & 0xFF); - pBuffer[nStart + 2] = OneByte; -} - -void Base64Codec::decodeBase64(uno::Sequence< sal_Int8 >& aBuffer, const rtl::OUString& sBuffer) -{ - sal_Int32 nFirstLength((sBuffer.getLength() / 4) * 3); - sal_uInt8* pBuffer = new sal_uInt8[nFirstLength]; - sal_Int32 nSecondLength(0); - sal_Int32 nLength(0); - sal_Int32 i = 0; - sal_Int32 k = 0; - while (i < sBuffer.getLength()) - { - FourByteToThreeByte (pBuffer, nLength, k, sBuffer.copy(i, 4)); - nSecondLength += nLength; - nLength = 0; - i += 4; - k += 3; - } - aBuffer = uno::Sequence( reinterpret_cast< sal_Int8* >( pBuffer ), nSecondLength ); - delete[] pBuffer; -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/package/source/manifest/Base64Codec.hxx b/package/source/manifest/Base64Codec.hxx deleted file mode 100644 index 60bd018c159..00000000000 --- a/package/source/manifest/Base64Codec.hxx +++ /dev/null @@ -1,48 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _BASE64_CODEC_HXX -#define _BASE64_CODEC_HXX - -#include - -namespace rtl -{ -class OUString; -class OUStringBuffer; -} - -class Base64Codec -{ -public: - static void encodeBase64(rtl::OUStringBuffer& aStrBuffer, const com::sun::star::uno::Sequence& aPass); - static void decodeBase64(com::sun::star::uno::Sequence& aPass, const rtl::OUString& sBuffer); -}; -#endif - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx index a9e9f457705..94e523458f9 100644 --- a/package/source/manifest/ManifestExport.cxx +++ b/package/source/manifest/ManifestExport.cxx @@ -37,7 +37,7 @@ #include #include -#include +#include #include #include @@ -275,7 +275,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa pNewAttrList->AddAttribute ( sChecksumTypeAttribute, sCdataAttribute, sChecksumType ); *pDigest >>= aSequence; - Base64Codec::encodeBase64( aBuffer, aSequence ); + ::sax::Converter::encodeBase64(aBuffer, aSequence); pNewAttrList->AddAttribute ( sChecksumAttribute, sCdataAttribute, aBuffer.makeStringAndClear() ); xHandler->startElement( sEncryptionDataElement , xNewAttrList); @@ -308,7 +308,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa pNewAttrList->AddAttribute ( sAlgorithmNameAttribute, sCdataAttribute, sEncAlgName ); *pVector >>= aSequence; - Base64Codec::encodeBase64 ( aBuffer, aSequence ); + ::sax::Converter::encodeBase64(aBuffer, aSequence); pNewAttrList->AddAttribute ( sInitialisationVectorAttribute, sCdataAttribute, aBuffer.makeStringAndClear() ); xHandler->ignorableWhitespace ( sWhiteSpace ); @@ -334,7 +334,7 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > xHa pNewAttrList->AddAttribute ( sIterationCountAttribute, sCdataAttribute, aBuffer.makeStringAndClear() ); *pSalt >>= aSequence; - Base64Codec::encodeBase64 ( aBuffer, aSequence ); + ::sax::Converter::encodeBase64(aBuffer, aSequence); pNewAttrList->AddAttribute ( sSaltAttribute, sCdataAttribute, aBuffer.makeStringAndClear() ); xHandler->ignorableWhitespace ( sWhiteSpace ); diff --git a/package/source/manifest/ManifestImport.cxx b/package/source/manifest/ManifestImport.cxx index 01cf6a5136c..0944d8e61a2 100644 --- a/package/source/manifest/ManifestImport.cxx +++ b/package/source/manifest/ManifestImport.cxx @@ -29,7 +29,7 @@ // MARKER( update_precomp.py ): autogen include statement, do not remove #include #include -#include +#include #include #include #include @@ -44,8 +44,7 @@ using ::rtl::OUString; // --------------------------------------------------- ManifestImport::ManifestImport( vector < Sequence < PropertyValue > > & rNewManVector ) -: nNumProperty ( 0 ) -, bIgnoreEncryptData ( sal_False ) +: bIgnoreEncryptData ( sal_False ) , nDerivedKeySize( 0 ) , rManVector ( rNewManVector ) @@ -123,177 +122,235 @@ void SAL_CALL ManifestImport::endDocument( ) { } -// --------------------------------------------------- -void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Reference< xml::sax::XAttributeList >& xAttribs ) - throw( xml::sax::SAXException, uno::RuntimeException ) +void ManifestImport::doFileEntry(StringHashMap &rConvertedAttribs) + throw( uno::RuntimeException ) { - StringHashMap aConvertedAttribs; - ::rtl::OUString aConvertedName = PushNameAndNamespaces( aName, xAttribs, aConvertedAttribs ); + aSequence.resize(PKG_SIZE_ENCR_MNFST); - if ( aConvertedName == sFileEntryElement ) + aSequence[PKG_MNFST_FULLPATH].Name = sFullPathProperty; + aSequence[PKG_MNFST_FULLPATH].Value <<= rConvertedAttribs[sFullPathAttribute]; + aSequence[PKG_MNFST_MEDIATYPE].Name = sMediaTypeProperty; + aSequence[PKG_MNFST_MEDIATYPE].Value <<= rConvertedAttribs[sMediaTypeAttribute]; + + OUString sVersion = rConvertedAttribs[sVersionAttribute]; + if ( sVersion.getLength() ) { - aSequence.realloc ( PKG_SIZE_ENCR_MNFST ); + aSequence[PKG_MNFST_VERSION].Name = sVersionProperty; + aSequence[PKG_MNFST_VERSION].Value <<= sVersion; + } - // Put full-path property first for MBA - aSequence[nNumProperty].Name = sFullPathProperty; - aSequence[nNumProperty++].Value <<= aConvertedAttribs[sFullPathAttribute]; - aSequence[nNumProperty].Name = sMediaTypeProperty; - aSequence[nNumProperty++].Value <<= aConvertedAttribs[sMediaTypeAttribute]; + OUString sSize = rConvertedAttribs[sSizeAttribute]; + if ( sSize.getLength() ) + { + sal_Int32 nSize = sSize.toInt32(); + aSequence[PKG_MNFST_UCOMPSIZE].Name = sSizeProperty; + aSequence[PKG_MNFST_UCOMPSIZE].Value <<= nSize; + } +} - OUString sVersion = aConvertedAttribs[sVersionAttribute]; - if ( sVersion.getLength() ) +void ManifestImport::doEncryptionData(StringHashMap &rConvertedAttribs) + throw( uno::RuntimeException ) +{ + // If this element exists, then this stream is encrypted and we need + // to import the initialisation vector, salt and iteration count used + nDerivedKeySize = 0; + OUString aString = rConvertedAttribs[sChecksumTypeAttribute]; + if ( !bIgnoreEncryptData ) + { + if ( aString.equals( sSHA1_1k_Name ) || aString.equals( sSHA1_1k_URL ) ) { - aSequence[nNumProperty].Name = sVersionProperty; - aSequence[nNumProperty++].Value <<= sVersion; + aSequence[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; + aSequence[PKG_MNFST_DIGESTALG].Value <<= xml::crypto::DigestID::SHA1_1K; } + else if ( aString.equals( sSHA256_1k_URL ) ) + { + aSequence[PKG_MNFST_DIGESTALG].Name = sDigestAlgProperty; + aSequence[PKG_MNFST_DIGESTALG].Value <<= xml::crypto::DigestID::SHA256_1K; + } + else + bIgnoreEncryptData = sal_True; - OUString sSize = aConvertedAttribs[sSizeAttribute]; - if ( sSize.getLength() ) + if ( !bIgnoreEncryptData ) { - sal_Int32 nSize; - nSize = sSize.toInt32(); - aSequence[nNumProperty].Name = sSizeProperty; - aSequence[nNumProperty++].Value <<= nSize; + aString = rConvertedAttribs[sChecksumAttribute]; + uno::Sequence < sal_Int8 > aDecodeBuffer; + ::sax::Converter::decodeBase64(aDecodeBuffer, aString); + aSequence[PKG_MNFST_DIGEST].Name = sDigestProperty; + aSequence[PKG_MNFST_DIGEST].Value <<= aDecodeBuffer; } } - else if ( aStack.size() > 1 ) +} + +void ManifestImport::doAlgorithm(StringHashMap &rConvertedAttribs) + throw( uno::RuntimeException ) +{ + if ( !bIgnoreEncryptData ) { - ManifestStack::reverse_iterator aIter = aStack.rbegin(); - ++aIter; + OUString aString = rConvertedAttribs[sAlgorithmNameAttribute]; + if ( aString.equals( sBlowfish_Name ) || aString.equals( sBlowfish_URL ) ) + { + aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8; + } + else if ( aString.equals( sAES256_URL ) ) + { + aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; + OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 32, "Unexpected derived key length!" ); + nDerivedKeySize = 32; + } + else if ( aString.equals( sAES192_URL ) ) + { + aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; + OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 24, "Unexpected derived key length!" ); + nDerivedKeySize = 24; + } + else if ( aString.equals( sAES128_URL ) ) + { + aSequence[PKG_MNFST_ENCALG].Name = sEncryptionAlgProperty; + aSequence[PKG_MNFST_ENCALG].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; + OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 16, "Unexpected derived key length!" ); + nDerivedKeySize = 16; + } + else + bIgnoreEncryptData = sal_True; - if ( aIter->m_aConvertedName.equals( sFileEntryElement ) ) + if ( !bIgnoreEncryptData ) { - if ( aConvertedName.equals( sEncryptionDataElement ) ) - { - // If this element exists, then this stream is encrypted and we need - // to import the initialisation vector, salt and iteration count used - nDerivedKeySize = 0; - OUString aString = aConvertedAttribs[sChecksumTypeAttribute]; - if ( !bIgnoreEncryptData ) - { - if ( aString.equals( sSHA1_1k_Name ) || aString.equals( sSHA1_1k_URL ) ) - { - aSequence[nNumProperty].Name = sDigestAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1_1K; - } - else if ( aString.equals( sSHA256_1k_URL ) ) - { - aSequence[nNumProperty].Name = sDigestAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256_1K; - } - else - bIgnoreEncryptData = sal_True; - - if ( !bIgnoreEncryptData ) - { - aString = aConvertedAttribs[sChecksumAttribute]; - uno::Sequence < sal_Int8 > aDecodeBuffer; - Base64Codec::decodeBase64( aDecodeBuffer, aString ); - aSequence[nNumProperty].Name = sDigestProperty; - aSequence[nNumProperty++].Value <<= aDecodeBuffer; - } - } - } + aString = rConvertedAttribs[sInitialisationVectorAttribute]; + uno::Sequence < sal_Int8 > aDecodeBuffer; + ::sax::Converter::decodeBase64(aDecodeBuffer, aString); + aSequence[PKG_MNFST_INIVECTOR].Name = sInitialisationVectorProperty; + aSequence[PKG_MNFST_INIVECTOR].Value <<= aDecodeBuffer; } - else if ( aIter->m_aConvertedName.equals( sEncryptionDataElement ) ) + } +} + +void ManifestImport::doKeyDerivation(StringHashMap &rConvertedAttribs) + throw( uno::RuntimeException ) +{ + if ( !bIgnoreEncryptData ) + { + OUString aString = rConvertedAttribs[sKeyDerivationNameAttribute]; + if ( aString.equals( sPBKDF2_Name ) || aString.equals( sPBKDF2_URL ) ) { - if ( aConvertedName == sAlgorithmElement ) - { - if ( !bIgnoreEncryptData ) - { - OUString aString = aConvertedAttribs[sAlgorithmNameAttribute]; - if ( aString.equals( sBlowfish_Name ) || aString.equals( sBlowfish_URL ) ) - { - aSequence[nNumProperty].Name = sEncryptionAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::BLOWFISH_CFB_8; - } - else if ( aString.equals( sAES256_URL ) ) - { - aSequence[nNumProperty].Name = sEncryptionAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; - OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 32, "Unexpected derived key length!" ); - nDerivedKeySize = 32; - } - else if ( aString.equals( sAES192_URL ) ) - { - aSequence[nNumProperty].Name = sEncryptionAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; - OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 24, "Unexpected derived key length!" ); - nDerivedKeySize = 24; - } - else if ( aString.equals( sAES128_URL ) ) - { - aSequence[nNumProperty].Name = sEncryptionAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING; - OSL_ENSURE( !nDerivedKeySize || nDerivedKeySize == 16, "Unexpected derived key length!" ); - nDerivedKeySize = 16; - } - else - bIgnoreEncryptData = sal_True; - - if ( !bIgnoreEncryptData ) - { - aString = aConvertedAttribs[sInitialisationVectorAttribute]; - uno::Sequence < sal_Int8 > aDecodeBuffer; - Base64Codec::decodeBase64 ( aDecodeBuffer, aString ); - aSequence[nNumProperty].Name = sInitialisationVectorProperty; - aSequence[nNumProperty++].Value <<= aDecodeBuffer; - } - } - } - else if ( aConvertedName == sKeyDerivationElement ) + aString = rConvertedAttribs[sSaltAttribute]; + uno::Sequence < sal_Int8 > aDecodeBuffer; + ::sax::Converter::decodeBase64(aDecodeBuffer, aString); + aSequence[PKG_MNFST_SALT].Name = sSaltProperty; + aSequence[PKG_MNFST_SALT].Value <<= aDecodeBuffer; + + aString = rConvertedAttribs[sIterationCountAttribute]; + aSequence[PKG_MNFST_ITERATION].Name = sIterationCountProperty; + aSequence[PKG_MNFST_ITERATION].Value <<= aString.toInt32(); + + aString = rConvertedAttribs[sKeySizeAttribute]; + if ( aString.getLength() ) { - if ( !bIgnoreEncryptData ) - { - OUString aString = aConvertedAttribs[sKeyDerivationNameAttribute]; - if ( aString.equals( sPBKDF2_Name ) || aString.equals( sPBKDF2_URL ) ) - { - aString = aConvertedAttribs[sSaltAttribute]; - uno::Sequence < sal_Int8 > aDecodeBuffer; - Base64Codec::decodeBase64 ( aDecodeBuffer, aString ); - aSequence[nNumProperty].Name = sSaltProperty; - aSequence[nNumProperty++].Value <<= aDecodeBuffer; - - aString = aConvertedAttribs[sIterationCountAttribute]; - aSequence[nNumProperty].Name = sIterationCountProperty; - aSequence[nNumProperty++].Value <<= aString.toInt32(); - - aString = aConvertedAttribs[sKeySizeAttribute]; - if ( aString.getLength() ) - { - sal_Int32 nKey = aString.toInt32(); - OSL_ENSURE( !nDerivedKeySize || nKey == nDerivedKeySize , "Provided derived key length differs from the expected one!" ); - nDerivedKeySize = nKey; - } - else if ( !nDerivedKeySize ) - nDerivedKeySize = 16; - else if ( nDerivedKeySize != 16 ) - OSL_ENSURE( sal_False, "Default derived key length differs from the expected one!" ); - - aSequence[nNumProperty].Name = sDerivedKeySizeProperty; - aSequence[nNumProperty++].Value <<= nDerivedKeySize; - } - else - bIgnoreEncryptData = sal_True; - } - } - else if ( aConvertedName == sStartKeyAlgElement ) - { - OUString aString = aConvertedAttribs[sStartKeyAlgNameAttribute]; - if ( aString.equals( sSHA256_URL ) ) - { - aSequence[nNumProperty].Name = sStartKeyAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA256; - } - else if ( aString.equals( sSHA1_Name ) || aString.equals( sSHA1_URL ) ) - { - aSequence[nNumProperty].Name = sStartKeyAlgProperty; - aSequence[nNumProperty++].Value <<= xml::crypto::DigestID::SHA1; - } - else - bIgnoreEncryptData = sal_True; + sal_Int32 nKey = aString.toInt32(); + OSL_ENSURE( !nDerivedKeySize || nKey == nDerivedKeySize , "Provided derived key length differs from the expected one!" ); + nDerivedKeySize = nKey; } + else if ( !nDerivedKeySize ) + nDerivedKeySize = 16; + else if ( nDerivedKeySize != 16 ) + OSL_ENSURE( sal_False, "Default derived key length differs from the expected one!" ); + + aSequence[PKG_MNFST_DERKEYSIZE].Name = sDerivedKeySizeProperty; + aSequence[PKG_MNFST_DERKEYSIZE].Value <<= nDerivedKeySize; + } + else + bIgnoreEncryptData = sal_True; + } +} + +void ManifestImport::doStartKeyAlg(StringHashMap &rConvertedAttribs) + throw( uno::RuntimeException ) +{ + OUString aString = rConvertedAttribs[sStartKeyAlgNameAttribute]; + if ( aString.equals( sSHA256_URL ) ) + { + aSequence[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; + aSequence[PKG_MNFST_STARTALG].Value <<= xml::crypto::DigestID::SHA256; + } + else if ( aString.equals( sSHA1_Name ) || aString.equals( sSHA1_URL ) ) + { + aSequence[PKG_MNFST_STARTALG].Name = sStartKeyAlgProperty; + aSequence[PKG_MNFST_STARTALG].Value <<= xml::crypto::DigestID::SHA1; + } + else + bIgnoreEncryptData = sal_True; +} + +// --------------------------------------------------- +void SAL_CALL ManifestImport::startElement( const OUString& aName, const uno::Reference< xml::sax::XAttributeList >& xAttribs ) + throw( xml::sax::SAXException, uno::RuntimeException ) +{ + StringHashMap aConvertedAttribs; + ::rtl::OUString aConvertedName = PushNameAndNamespaces( aName, xAttribs, aConvertedAttribs ); + + size_t nLevel = aStack.size(); + + assert(nLevel >= 1); + + switch (nLevel) + { + case 1: + { + if (!aConvertedName.equalsAscii(ELEMENT_MANIFEST)) //manifest:manifest + aStack.back().m_bValid = false; + break; + } + case 2: + { + if (aConvertedName == sFileEntryElement) //manifest:file-entry + doFileEntry(aConvertedAttribs); + else + aStack.back().m_bValid = false; + break; } + case 3: + { + ManifestStack::reverse_iterator aIter = aStack.rbegin(); + ++aIter; + + if (!aIter->m_bValid) + aStack.back().m_bValid = false; + else if (aConvertedName.equals(sEncryptionDataElement)) //manifest:encryption-data + doEncryptionData(aConvertedAttribs); + else + aStack.back().m_bValid = false; + break; + } + case 4: + { + ManifestStack::reverse_iterator aIter = aStack.rbegin(); + ++aIter; + + if (!aIter->m_bValid) + aStack.back().m_bValid = false; + else if (aConvertedName.equals(sAlgorithmElement)) //manifest:algorithm, + doAlgorithm(aConvertedAttribs); + else if (aConvertedName.equals(sKeyDerivationElement)) //manifest:key-derivation, + doKeyDerivation(aConvertedAttribs); + else if (aConvertedName.equals(sStartKeyAlgElement)) //manifest:start-key-generation + doStartKeyAlg(aConvertedAttribs); + else + aStack.back().m_bValid = false; + break; + } + default: + aStack.back().m_bValid = false; + break; + } +} + +namespace +{ + bool isEmpty(const com::sun::star::beans::PropertyValue &rProp) + { + return rProp.Name.isEmpty(); } } @@ -304,12 +361,16 @@ void SAL_CALL ManifestImport::endElement( const OUString& aName ) ::rtl::OUString aConvertedName = ConvertName( aName ); if ( !aStack.empty() && aStack.rbegin()->m_aConvertedName.equals( aConvertedName ) ) { - if ( aConvertedName.equals( sFileEntryElement ) ) + if ( aConvertedName.equals( sFileEntryElement ) && aStack.back().m_bValid ) { - aSequence.realloc ( nNumProperty ); + com::sun::star::beans::PropertyValue aEmpty; + aSequence.erase(std::remove_if(aSequence.begin(), aSequence.end(), + isEmpty), aSequence.end()); + bIgnoreEncryptData = sal_False; - rManVector.push_back ( aSequence ); - nNumProperty = 0; + rManVector.push_back ( aSequence.getAsConstList() ); + + aSequence.clear(); } aStack.pop_back(); diff --git a/package/source/manifest/ManifestImport.hxx b/package/source/manifest/ManifestImport.hxx index 1c646a7952a..68afefd3f14 100644 --- a/package/source/manifest/ManifestImport.hxx +++ b/package/source/manifest/ManifestImport.hxx @@ -31,6 +31,7 @@ #include // helper for implementations #include +#include #include #include @@ -46,10 +47,12 @@ struct ManifestScopeEntry { ::rtl::OUString m_aConvertedName; StringHashMap m_aNamespaces; + bool m_bValid; ManifestScopeEntry( const ::rtl::OUString& aConvertedName, const StringHashMap& aNamespaces ) : m_aConvertedName( aConvertedName ) , m_aNamespaces( aNamespaces ) + , m_bValid( true ) {} ~ManifestScopeEntry() @@ -61,8 +64,7 @@ typedef ::std::vector< ManifestScopeEntry > ManifestStack; class ManifestImport : public cppu::WeakImplHelper1 < com::sun::star::xml::sax::XDocumentHandler > { protected: - com::sun::star::uno::Sequence < com::sun::star::beans::PropertyValue > aSequence; - sal_Int16 nNumProperty; + comphelper::SequenceAsVector< com::sun::star::beans::PropertyValue > aSequence; ManifestStack aStack; sal_Bool bIgnoreEncryptData; sal_Int32 nDerivedKeySize; @@ -148,6 +150,12 @@ public: throw(::com::sun::star::xml::sax::SAXException, ::com::sun::star::uno::RuntimeException); virtual void SAL_CALL setDocumentLocator( const ::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XLocator >& xLocator ) throw(::com::sun::star::xml::sax::SAXException, ::com::sun::star::uno::RuntimeException); +private: + void doFileEntry(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException); + void doEncryptionData(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException); + void doAlgorithm(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException); + void doKeyDerivation(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException); + void doStartKeyAlg(StringHashMap &rConvertedAttribs) throw(::com::sun::star::uno::RuntimeException); }; #endif diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 16d5a006330..f154dfeda05 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -157,6 +157,12 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un try { + if (xEncryptionData->m_nDerivedKeySize < 0) + { + throw ZipIOException( ::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("Invalid derived key length!") ), + uno::Reference< XInterface >() ); + } + uno::Sequence< sal_Int8 > aDerivedKey( xEncryptionData->m_nDerivedKeySize ); if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ), aDerivedKey.getLength(), @@ -192,7 +198,7 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un uno::Reference< XInterface >() ); } } - catch( uno::Exception& ) + catch( ... ) { OSL_ENSURE( sal_False, "Can not create cipher context!" ); } @@ -699,7 +705,7 @@ sal_Bool ZipFile::readLOC( ZipEntry &rEntry ) || rEntry.nPathLen != nPathLen || !rEntry.sPath.equals( sLOCPath ); } - catch(::std::bad_alloc &) + catch(...) { bBroken = sal_True; } -- 2.30.2