ECMA-376 Standard Encryption standardDecrypt decrypt the CFB file format with ECMA-376 standard encryption.
(encryptionInfoBuf, encryptedPackageBuf []byte, opts *Options)
| 234 | |
| 235 | // standardDecrypt decrypt the CFB file format with ECMA-376 standard encryption. |
| 236 | func standardDecrypt(encryptionInfoBuf, encryptedPackageBuf []byte, opts *Options) ([]byte, error) { |
| 237 | encryptionHeaderSize := binary.LittleEndian.Uint32(encryptionInfoBuf[8:12]) |
| 238 | block := encryptionInfoBuf[12 : 12+encryptionHeaderSize] |
| 239 | header := StandardEncryptionHeader{ |
| 240 | Flags: binary.LittleEndian.Uint32(block[:4]), |
| 241 | SizeExtra: binary.LittleEndian.Uint32(block[4:8]), |
| 242 | AlgID: binary.LittleEndian.Uint32(block[8:12]), |
| 243 | AlgIDHash: binary.LittleEndian.Uint32(block[12:16]), |
| 244 | KeySize: binary.LittleEndian.Uint32(block[16:20]), |
| 245 | ProviderType: binary.LittleEndian.Uint32(block[20:24]), |
| 246 | Reserved1: binary.LittleEndian.Uint32(block[24:28]), |
| 247 | Reserved2: binary.LittleEndian.Uint32(block[28:32]), |
| 248 | CspName: string(block[32:]), |
| 249 | } |
| 250 | block = encryptionInfoBuf[12+encryptionHeaderSize:] |
| 251 | algIDMap := map[uint32]string{ |
| 252 | 0x0000660E: "AES-128", |
| 253 | 0x0000660F: "AES-192", |
| 254 | 0x00006610: "AES-256", |
| 255 | } |
| 256 | algorithm := "AES" |
| 257 | _, ok := algIDMap[header.AlgID] |
| 258 | if !ok { |
| 259 | algorithm = "RC4" |
| 260 | } |
| 261 | verifier := standardEncryptionVerifier(algorithm, block) |
| 262 | secretKey, err := standardConvertPasswdToKey(header, verifier, opts) |
| 263 | if err != nil { |
| 264 | return nil, err |
| 265 | } |
| 266 | // decrypted data |
| 267 | x := encryptedPackageBuf[8:] |
| 268 | blob, err := aes.NewCipher(secretKey) |
| 269 | if err != nil { |
| 270 | return nil, err |
| 271 | } |
| 272 | decrypted := make([]byte, len(x)) |
| 273 | size := 16 |
| 274 | for bs, be := 0, size; bs < len(x); bs, be = bs+size, be+size { |
| 275 | blob.Decrypt(decrypted[bs:be], x[bs:be]) |
| 276 | } |
| 277 | return decrypted, err |
| 278 | } |
| 279 | |
| 280 | // standardEncryptionVerifier extract ECMA-376 standard encryption verifier. |
| 281 | func standardEncryptionVerifier(algorithm string, blob []byte) StandardEncryptionVerifier { |