Ms office 2010 Encrypted File (Agile Encryption) opening
-
Wednesday, January 25, 2012 6:04 AM
hi.
I'm working on ms office 2010 opening encrypted file.
I do not understand the open algorithm clearly, but I will show my procedure and questions.
If somebody know the currect things, please explain me very specific.
I want to make encryptedVerifierHashInput value.
Here is my sample tags -
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption"xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><keyData saltSize="16" blockSize="16" keyBits="128" hashSize="20" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC"hashAlgorithm="SHA1" saltValue="cIJbDY9n789Oo5XBSU0lxA=="/><dataIntegrity encryptedHmacKey="PqcXib+YmedKn67o0D/FeH+d/gWAucPIiRpCagUnRXs="encryptedHmacValue="kl0wXelJ5a3hztABvshT1sahO5K6AbM2muv6Wzw3EUU="/><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="128" hashSize="20" cipherAlgorithm="AES"cipherChaining="ChainingModeCBC"hashAlgorithm="SHA1" saltValue="lS+abMy38y58Ktf53+SBCA=="encryptedVerifierHashInput="oSRgauy9ilU9+t+nJD1xjA=="encryptedVerifierHashValue="xzY+E5Grj3/sZTAJZdiuE67wWbJRnUV8/TQIterZ7xs=" encryptedKeyValue="54ECzuGmskUQjPwcDyzh8A=="/></keyEncryptor></keyEncryptors></encryption>Office Documents cryptography structure specification(2.3.4.11) says
H0 = H(salt + Password).
To make the salt value we use base64decoding function.
That means
Salt = base64decodingfunction(saltValue).
Q1. In the sample tags, there are two saltvalues which are "cIJbDY9n789Oo5XBSU0lxA==" and "lS+abMy38y58Ktf53+SBCA==". Which one is right value to make salt?
Q2. 2.3.4.11(encryptions key generation) says
Hfinal = H(Hn + block_key).
I'm wondering if Hfinal is same with keysalt(2.3.4.12 Initialization vector generation)?
Hfinal = keysalt?
All Replies
-
Wednesday, January 25, 2012 1:16 PMModerator
Hi sTppp,
Thank you for your question. A colleague will contact you to work on this issue.
In the meantime, you may find these references helpful:
http://blogs.msdn.com/b/openspecification/archive/2009/05/08/dominic-salemno.aspx
http://blogs.msdn.com/b/david_leblanc/archive/tags/office+crypto/
Regards,
Mark Miller
Escalation Engineer
US-CSS DSC PROTOCOL TEAM -
Wednesday, January 25, 2012 4:27 PMModerator
Hi sTppp, please take a look at the following thread and let me know if it answers your question as well.
Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team- Proposed As Answer by JCurryMicrosoft Employee, Moderator Wednesday, January 25, 2012 4:27 PM
-
Thursday, January 26, 2012 2:09 AM
Hi JCurry,
Thank you for your reply.
I've already read the thread.
Q1
You said
"You need to decrypt EncryptedVerifierHashInput and feed it through the Hash algorithm. Then decrypt EncryptedVerifierHashValue using steps 1a-c again with the 2nd block key (0xd7, 0xaa, …) and compare that value."
That means
if decrypted EncryptedVerifierHashInput and decrypted EncryptedVerifierHashValue are same, is the password verified?
Q2. 2.3.4.11(encryptions key generation) says
Hfinal = H(Hn + block_key).
I'm wondering if Hfinal is same with keysalt(2.3.4.12 Initialization vector generation)?
Hfinal = keysalt?
Please, reply my questions very specific with example.
Thank you.
Have a great day.
sTppp
-
Tuesday, February 07, 2012 5:16 PMModerator
Hi Tppp, the answers to your questions are contained in the aforementioned thread. Please read through it in more detail. You might also find the following resources helpful…
http://blogs.msdn.com/b/david_leblanc/archive/2009/01/06/ms-offcrypto-examples.aspx
http://blogs.msdn.com/b/david_leblanc/archive/2009/01/13/ms-offcrypto-example-update.aspx
http://offcrypto.codeplex.com/
http://blogs.msdn.com/b/openspecification/archive/2009/05/08/dominic-salemno.aspx
http://www.ietf.org/rfc/rfc4634.txt
http://www.rfc-editor.org/rfc/rfc2898.txt
An update to the MS-OFFCRYPTO project on codeplex should be posted within the next few weeks that includes an agile decryption solution. The Open Specifications forums are here to provide support for the protocol documentation set. We do not provide examples, source code, or direct support with the implementation of any protocol. Please review the documentation and let me know if you have any further questions.
Josh Curry (jcurry) | Escalation Engineer | Open Specifications Support Team
- Edited by JCurryMicrosoft Employee, Moderator Tuesday, February 07, 2012 5:17 PM
- Proposed As Answer by JCurryMicrosoft Employee, Moderator Tuesday, February 07, 2012 5:18 PM
- Marked As Answer by Nam Ka - MSFTOwner Friday, December 07, 2012 5:03 PM
