Kaydet (Commit) 6db3aeb6 authored tarafından Tomaž Vajngerl's avatar Tomaž Vajngerl Kaydeden (comit) Tomaž Vajngerl

CryptoTools: add HMAC, move crypto impl. details to CryptoImpl

Change-Id: I8edb24ee5d9595ef54bd49526b631baf8a7415b1
Reviewed-on: https://gerrit.libreoffice.org/56970
Tested-by: Jenkins
Reviewed-by: 's avatarTomaž Vajngerl <quikee@gmail.com>
üst 0d0bf413
......@@ -21,26 +21,41 @@
#define INCLUDED_OOX_CRYPTO_CRYPTTOOLS_HXX
#include <config_oox.h>
#if USE_TLS_OPENSSL
#include <openssl/evp.h>
#include <openssl/sha.h>
#endif // USE_TLS_OPENSSL
#if USE_TLS_NSS
#include <nss.h>
#include <pk11pub.h>
#include <sechash.h>
#endif // USE_TLS_NSS
#include <oox/dllapi.h>
#include <sal/types.h>
#include <vector>
#include <sal/types.h>
#include <memory>
namespace oox {
namespace core {
class Crypto
/** Rounds up the input to the nearest multiple
*
* For example:
* input 1, multiple 16 = 16
* input 16, multiple 16 = 16
* input 17, multiple 16 = 32
* input 31, multiple 16 = 32
*/
template<typename T>
T roundUp(T input, T multiple)
{
if (input % multiple == 0)
return input;
return ((input / multiple) * multiple) + multiple;
}
enum class CryptoHashType
{
SHA1,
SHA256,
SHA512
};
struct CryptoImpl;
class OOX_DLLPUBLIC Crypto
{
public:
enum CryptoType
......@@ -52,47 +67,24 @@ public:
};
protected:
#if USE_TLS_OPENSSL
EVP_CIPHER_CTX mContext;
#endif
#if USE_TLS_NSS
PK11Context* mContext;
SECItem* mSecParam;
PK11SymKey* mSymKey;
#endif
#if USE_TLS_OPENSSL
const EVP_CIPHER* getCipher(CryptoType type);
#endif
#if USE_TLS_NSS
void setupContext(
std::vector<sal_uInt8>& key,
std::vector<sal_uInt8>& iv,
CryptoType type,
CK_ATTRIBUTE_TYPE operation);
#endif
std::unique_ptr<CryptoImpl> mpImpl;
protected:
Crypto();
public:
virtual ~Crypto();
virtual sal_uInt32 update(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0) = 0;
};
class Decrypt : public Crypto
class OOX_DLLPUBLIC Decrypt : public Crypto
{
public:
Decrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
virtual sal_uInt32 update(
sal_uInt32 update(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0) override;
sal_uInt32 inputLength = 0);
static sal_uInt32 aes128ecb(
......@@ -102,17 +94,27 @@ public:
};
class Encrypt : public Crypto
class OOX_DLLPUBLIC Encrypt : public Crypto
{
public:
Encrypt(std::vector<sal_uInt8>& key, std::vector<sal_uInt8>& iv, CryptoType type);
virtual sal_uInt32 update(
sal_uInt32 update(
std::vector<sal_uInt8>& output,
std::vector<sal_uInt8>& input,
sal_uInt32 inputLength = 0) override;
sal_uInt32 inputLength = 0);
};
class OOX_DLLPUBLIC CryptoHash : public Crypto
{
sal_Int32 mnHashSize;
public:
CryptoHash(std::vector<sal_uInt8>& rKey, CryptoHashType eType);
bool update(std::vector<sal_uInt8>& rInput, sal_uInt32 nInputLength = 0);
std::vector<sal_uInt8> finalize();
};
} // namespace core
} // namespace oox
......
......@@ -16,6 +16,20 @@ $(eval $(call gb_CppunitTest_add_exception_objects,oox_crypto,\
$(eval $(call gb_CppunitTest_use_sdk_api,oox_crypto))
ifeq ($(TLS),OPENSSL)
$(eval $(call gb_CppunitTest_externals,oox_crypto,\
openssl \
openssl_headers \
))
else
ifeq ($(TLS),NSS)
$(eval $(call gb_CppunitTest_use_externals,oox_crypto,\
plc4 \
nss3 \
))
endif
endif
$(eval $(call gb_CppunitTest_use_libraries,oox_crypto,\
basegfx \
comphelper \
......@@ -68,6 +82,7 @@ $(eval $(call gb_CppunitTest_use_components,oox_crypto,\
unotools/util/utl \
uui/util/uui \
vcl/vcl.common \
sax/source/expatwrap/expwrap \
))
......
......@@ -15,6 +15,7 @@
#include <tools/stream.hxx>
#include <unotools/streamwrap.hxx>
#include <oox/crypto/CryptTools.hxx>
#include <oox/crypto/Standard2007Engine.hxx>
#include <oox/helper/binaryinputstream.hxx>
#include <oox/helper/binaryoutputstream.hxx>
......@@ -24,13 +25,77 @@ using namespace css;
class CryptoTest : public CppUnit::TestFixture
{
public:
void testCryptoHash();
void testRoundUp();
void testStandard2007();
CPPUNIT_TEST_SUITE(CryptoTest);
CPPUNIT_TEST(testCryptoHash);
CPPUNIT_TEST(testRoundUp);
CPPUNIT_TEST(testStandard2007);
CPPUNIT_TEST_SUITE_END();
};
namespace
{
std::string toString(std::vector<sal_uInt8> const& aInput)
{
std::stringstream aStream;
for (auto const& aValue : aInput)
{
aStream << std::setw(2) << std::setfill('0') << std::hex << static_cast<int>(aValue);
}
return aStream.str();
}
}
void CryptoTest::testCryptoHash()
{
// Check examples from Wikipedia (https://en.wikipedia.org/wiki/HMAC)
OString aContentString("The quick brown fox jumps over the lazy dog");
std::vector<sal_uInt8> aContent(aContentString.getStr(),
aContentString.getStr() + aContentString.getLength());
std::vector<sal_uInt8> aKey = { 'k', 'e', 'y' };
{
oox::core::CryptoHash aCryptoHash(aKey, oox::core::CryptoHashType::SHA1);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(std::string("de7c9b85b8b78aa6bc8a7a36f70a90701c9db4d9"),
toString(aHash));
}
{
oox::core::CryptoHash aCryptoHash(aKey, oox::core::CryptoHashType::SHA256);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("f7bc83f430538424b13298e6aa6fb143ef4d59a14946175997479dbc2d1a3cd8"),
toString(aHash));
}
{
oox::core::CryptoHash aCryptoHash(aKey, oox::core::CryptoHashType::SHA512);
aCryptoHash.update(aContent);
std::vector<sal_uInt8> aHash = aCryptoHash.finalize();
CPPUNIT_ASSERT_EQUAL(
std::string("b42af09057bac1e2d41708e48a902e09b5ff7f12ab428a4fe86653c73dd248fb82f948a549"
"f7b791a5b41915ee4d1ec3935357e4e2317250d0372afa2ebeeb3a"),
toString(aHash));
}
}
void CryptoTest::testRoundUp()
{
CPPUNIT_ASSERT_EQUAL(16, oox::core::roundUp(16, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::core::roundUp(32, 16));
CPPUNIT_ASSERT_EQUAL(64, oox::core::roundUp(64, 16));
CPPUNIT_ASSERT_EQUAL(16, oox::core::roundUp(01, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::core::roundUp(17, 16));
CPPUNIT_ASSERT_EQUAL(32, oox::core::roundUp(31, 16));
}
void CryptoTest::testStandard2007()
{
oox::core::Standard2007Engine aEngine;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment