svl/source/misc/PasswordHelper.cxx

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /*
   3  * This file is part of the LibreOffice project.
   4  *
   5  * This Source Code Form is subject to the terms of the Mozilla Public
   6  * License, v. 2.0. If a copy of the MPL was not distributed with this
   7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
   8  *
   9  * This file incorporates work covered by the following license notice:
  10  *
  11  *   Licensed to the Apache Software Foundation (ASF) under one or more
  12  *   contributor license agreements. See the NOTICE file distributed
  13  *   with this work for additional information regarding copyright
  14  *   ownership. The ASF licenses this file to you under the Apache
  15  *   License, Version 2.0 (the "License"); you may not use this file
  16  *   except in compliance with the License. You may obtain a copy of
  17  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
  18  */
  19
  20
  21 #include <svl/PasswordHelper.hxx>
  22 #include <comphelper/hash.hxx>
  23 #include <rtl/digest.h>
  24 #include <memory>
  25
  26 using namespace com::sun::star;
  27
  28 void SvPasswordHelper::GetHashPasswordSHA256(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view rPassword)
  29 {
  30     OString const tmp(OUStringToOString(rPassword, RTL_TEXTENCODING_UTF8));
  31     ::std::vector<unsigned char> const hash(::comphelper::Hash::calculateHash(
  32         reinterpret_cast<unsigned char const*>(tmp.getStr()), tmp.getLength(),
  33         ::comphelper::HashType::SHA256));
  34     rPassHash.realloc(hash.size());
  35     ::std::copy(hash.begin(), hash.end(), rPassHash.getArray());
  36     rtl_secureZeroMemory(const_cast<char *>(tmp.getStr()), tmp.getLength());
  37 }
  38
  39 void SvPasswordHelper::GetHashPasswordSHA1UTF8(uno::Sequence<sal_Int8>& rPassHash, std::u16string_view rPassword)
  40 {
  41     OString const tmp(OUStringToOString(rPassword, RTL_TEXTENCODING_UTF8));
  42     ::std::vector<unsigned char> const hash(::comphelper::Hash::calculateHash(
  43         reinterpret_cast<unsigned char const*>(tmp.getStr()), tmp.getLength(),
  44         ::comphelper::HashType::SHA1));
  45     rPassHash.realloc(hash.size());
  46     ::std::copy(hash.begin(), hash.end(), rPassHash.getArray());
  47     rtl_secureZeroMemory(const_cast<char *>(tmp.getStr()), tmp.getLength());
  48 }
  49
  50 void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, const char* pPass, sal_uInt32 nLen)
  51 {
  52     rPassHash.realloc(RTL_DIGEST_LENGTH_SHA1);
  53
  54     rtlDigestError aError = rtl_digest_SHA1 (pPass, nLen, reinterpret_cast<sal_uInt8*>(rPassHash.getArray()), rPassHash.getLength());
  55     if (aError != rtl_Digest_E_None)
  56     {
  57         rPassHash.realloc(0);
  58     }
  59 }
  60
  61 void SvPasswordHelper::GetHashPasswordLittleEndian(uno::Sequence<sal_Int8>& rPassHash, const OUString& sPass)
  62 {
  63     sal_Int32 nSize(sPass.getLength());
  64     std::unique_ptr<char[]> pCharBuffer(new char[nSize * sizeof(sal_Unicode)]);
  65
  66     for (sal_Int32 i = 0; i < nSize; ++i)
  67     {
  68         sal_Unicode ch(sPass[ i ]);
  69         pCharBuffer[2 * i] = static_cast< char >(ch & 0xFF);
  70         pCharBuffer[2 * i + 1] = static_cast< char >(ch >> 8);
  71     }
  72
  73     GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
  74     rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
  75 }
  76
  77 void SvPasswordHelper::GetHashPasswordBigEndian(uno::Sequence<sal_Int8>& rPassHash, const OUString& sPass)
  78 {
  79     sal_Int32 nSize(sPass.getLength());
  80     std::unique_ptr<char[]> pCharBuffer(new char[nSize * sizeof(sal_Unicode)]);
  81
  82     for (sal_Int32 i = 0; i < nSize; ++i)
  83     {
  84         sal_Unicode ch(sPass[ i ]);
  85         pCharBuffer[2 * i] = static_cast< char >(ch >> 8);
  86         pCharBuffer[2 * i + 1] = static_cast< char >(ch & 0xFF);
  87     }
  88
  89     GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
  90     rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
  91 }
  92
  93 void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, const OUString& sPass)
  94 {
  95     GetHashPasswordLittleEndian(rPassHash, sPass);
  96 }
  97
  98 bool SvPasswordHelper::CompareHashPassword(const uno::Sequence<sal_Int8>& rOldPassHash, const OUString& sNewPass)
  99 {
 100     bool bResult = false;
 101
 102     if (rOldPassHash.getLength() == RTL_DIGEST_LENGTH_SHA1)
 103     {
 104         uno::Sequence<sal_Int8> aNewPass(RTL_DIGEST_LENGTH_SHA1);
 105         GetHashPasswordSHA1UTF8(aNewPass, sNewPass);
 106         if (aNewPass == rOldPassHash)
 107         {
 108             bResult = true;
 109         }
 110         else
 111         {
 112             GetHashPasswordLittleEndian(aNewPass, sNewPass);
 113             if (aNewPass == rOldPassHash)
 114                 bResult = true;
 115             else
 116             {
 117                 GetHashPasswordBigEndian(aNewPass, sNewPass);
 118                 bResult = (aNewPass == rOldPassHash);
 119             }
 120         }
 121     }
 122     else if (rOldPassHash.getLength() == 32)
 123     {
 124         uno::Sequence<sal_Int8> aNewPass;
 125         GetHashPasswordSHA256(aNewPass, sNewPass);
 126         bResult = aNewPass == rOldPassHash;
 127     }
 128
 129     return bResult;
 130 }
 131
 132 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */