PpfFormat - read crypted files

RC4 CryptoAPI encrypting

PpfFormat - read crypted files
RC4 CryptoAPI encrypting
b8ad1797 · ElenaSubbotina · 48587f55 · b8ad1797 · b8ad1797 · b8ad1797
Commit b8ad1797 authored Jun 16, 2017 by ElenaSubbotina
22 changed files
--- a/ASCOfficeDocFile/DocDocxConverter/EncryptionHeader.cpp
+++ b/ASCOfficeDocFile/DocDocxConverter/EncryptionHeader.cpp
@@ -133,11 +133,21 @@ namespace DocFileFormat
 			pos = tStream.GetPosition();
 			
 		//------------------------------------------------------------------------------------------
-			crypt_data_aes.hashAlgorithm = CRYPT_METHOD::SHA1; //by AlgIDHash -> 0x0000 || 0x8004
-			crypt_data_aes.spinCount		= 50000;
+			switch(AlgIDHash)
+			{
+				case 0x8003: crypt_data_aes.hashAlgorithm = CRYPT_METHOD::MD5;	break;
+				case 0x0000: 
+				case 0x8004: crypt_data_aes.hashAlgorithm = CRYPT_METHOD::SHA1;	break;
+			}
+			crypt_data_aes.spinCount = 0;

 			switch(AlgID)
 			{
+			case 0x0000:
+				if (fAES)		crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::AES_ECB;
+				if (fCryptoAPI)	crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::RC4;	
+				crypt_data_aes.keySize = KeySize / 8;
+				break;
 			case 0x6801:	
 				crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::RC4;		
 				crypt_data_aes.keySize = KeySize / 8;
@@ -156,16 +166,11 @@ namespace DocFileFormat
 				break;
 			}

-			switch(ProviderType)
-			{
-			case 0x0001:	crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::RC4;		break;
-			case 0x0018:	crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::AES_ECB; break;
-			}
-
-
+			//switch(ProviderType)
+			//{
+			//	case 0x0001:	crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::RC4;		break;
+			//	case 0x0018:	crypt_data_aes.cipherAlgorithm = CRYPT_METHOD::AES_ECB; break;
+			//}
 		}
-
-		//RELEASEARRAYOBJECTS( bytes );
 	}
-
 }
--- a/ASCOfficeDocFile/DocDocxConverter/WordDocument.cpp
+++ b/ASCOfficeDocFile/DocDocxConverter/WordDocument.cpp
@@ -470,6 +470,12 @@ namespace DocFileFormat
 			delete storageOut;
 			return false;
 		}
+		//DecryptStream(Decryptor, "WordDocument", storageIn, storageOut);
+		//if (FIB->m_FibBase.fWhichTblStm)		
+		//	DecryptStream(Decryptor, "1Table", storageIn, storageOut);
+		//else
+		//	DecryptStream(Decryptor, "0Table", storageIn, storageOut);
+
 		std::list<std::string> listStream = storageIn->entries();

 		for (std::list<std::string>::iterator it = listStream.begin(); it != listStream.end(); it++)
@@ -480,13 +486,20 @@ namespace DocFileFormat
 				
 				for (std::list<std::string>::iterator it2 = list_entry.begin(); it2 != list_entry.end(); it2++)
 				{
+					//if (*it2 != "WordDocument" && std::wstring::npos == it2->find("Table"))
+					//	CopyStream( *it2, storageIn, storageOut);
 					DecryptStream(Decryptor, *it2, storageIn, storageOut);
 				}
 			}
 			else 
+			{
+				//if (*it != "WordDocument" && std::wstring::npos == it->find("Table"))
+				//	CopyStream( *it, storageIn, storageOut);
 				DecryptStream(Decryptor, *it, storageIn, storageOut);
+			}

 		}
+
 		storageOut->close();
 		delete storageOut;

@@ -508,6 +521,31 @@ namespace DocFileFormat
 		}
 		return true;
 	}
+	bool WordDocument::CopyStream (std::string streamName, POLE::Storage * storageIn, POLE::Storage * storageOut)
+	{
+		POLE::Stream *stream = new POLE::Stream(storageIn, streamName);
+		if (!stream) return false;
+
+		stream->seek(0);
+		int sz_stream = stream->size();
+		
+		POLE::Stream *streamNew = new POLE::Stream(storageOut, streamName, true, sz_stream);
+		if (!streamNew) return false;
+
+		unsigned char* data_stream = new unsigned char[sz_stream];
+		stream->read(data_stream, sz_stream);
+
+		streamNew->write(data_stream, sz_stream);
+
+		RELEASEARRAYOBJECTS(data_stream);
+
+		streamNew->flush();
+				
+		delete streamNew;
+		delete stream;
+		
+		return true;
+	}


 	bool WordDocument::DecryptStream(CRYPT::Decryptor* Decryptor, std::string streamName, POLE::Storage * storageIn, POLE::Storage * storageOut)

--- a/ASCOfficeDocFile/DocDocxConverter/WordDocument.h
+++ b/ASCOfficeDocFile/DocDocxConverter/WordDocument.h
@@ -103,6 +103,7 @@ namespace DocFileFormat
 	private:
 		bool DecryptOfficeFile	(CRYPT::Decryptor* Decryptor);
 		bool DecryptStream		(CRYPT::Decryptor* Decryptor, std::string streamName, POLE::Storage * storageIn, POLE::Storage * storageOut);
+		bool CopyStream			(std::string streamName, POLE::Storage * storageIn, POLE::Storage * storageOut);

 		inline StructuredStorageReader* GetStorage() const
 		{

--- a/ASCOfficePPTFile/PPTFormatLib/PPTFormatLib.cpp
+++ b/ASCOfficePPTFile/PPTFormatLib/PPTFormatLib.cpp
@@ -36,6 +36,7 @@
 #include "./Reader/PPTFileReader.h"
 #include "./PPTXWriter/Converter.h"

+#include "../../../Common/OfficeFileErrorDescription.h"
 #include "../../../OfficeUtils/src/OfficeUtils.h"

 #ifndef READMODE
@@ -51,31 +52,70 @@ COfficePPTFile::~COfficePPTFile()
    CloseFile();
 }

-bool COfficePPTFile::OpenFile(std::wstring sFileName)
+long COfficePPTFile::OpenFile(const std::wstring & sFileName, const std::wstring & password)
 {
 	CloseFile();
 	
    POLE::Storage *pStgFrom = new POLE::Storage(sFileName.c_str());
-	if (pStgFrom == NULL) return FALSE;
+	if (pStgFrom == NULL) return AVS_ERROR_FILEFORMAT;
 	
-	pStgFrom->open(false,false);
+	pStgFrom->open(false, false);

 	m_pReader = new CPPTFileReader(pStgFrom, m_strTempDirectory);
-    ((CPPTFileReader*)m_pReader)->m_oDocumentInfo.m_strFileDirectory = GetDirectory(sFileName.c_str());
-	
-	if	(!((CPPTFileReader*)m_pReader)->IsPowerPoint()) 
+	CPPTFileReader* pptReader = (CPPTFileReader*)m_pReader;	
+    
+	pptReader->m_oDocumentInfo.m_strFileDirectory= GetDirectory(sFileName.c_str());
+		
+	if	(pptReader->IsPowerPoint() == false) 
 	{ 
-		CPPTFileReader* r = (CPPTFileReader*)m_pReader;	RELEASEOBJECT(r);
+		RELEASEOBJECT(pptReader);
 		m_pReader = NULL;
-		return FALSE; 
+		return AVS_ERROR_FILEFORMAT; 
 	} 

-	((CPPTFileReader*)m_pReader)->ReadPersistDirectory(); 
-	((CPPTFileReader*)m_pReader)->ReadSlideList();
+	if (pptReader->ReadPersistDirectory() == false) 
+		return AVS_ERROR_FILEFORMAT; 
+

-	m_Status = READMODE;
+	if (pptReader->IsEncrypted())
+	{
+		CEncryptionHeader *pEncryptionHeader =  pptReader->GetEncryptionHeader();
+		if (password.empty()) return AVS_ERROR_DRM;
+
+		if (pEncryptionHeader->bStandard)
+		{
+			CRYPT::RC4Decryptor Decryptor(pEncryptionHeader->crypt_data_rc4, password, 1);
+
+			if (Decryptor.IsVerify() == false) 
+			{
+				return AVS_ERROR_PASSWORD;
+			}			
+			if (DecryptOfficeFile(&Decryptor) == false)	return AVS_ERROR_DRM;
+			
+			return OpenFile(m_sTempDecryptFileName, L"");
+		}
+		else
+		{
+			CRYPT::ECMADecryptor Decryptor;
+
+			Decryptor.SetCryptData(pEncryptionHeader->crypt_data_aes);
+
+			if (Decryptor.SetPassword(password) == false)
+			{
+				return AVS_ERROR_PASSWORD;
+			}
+			if (DecryptOfficeFile(&Decryptor) == false)	return AVS_ERROR_DRM;
+
+			return OpenFile(m_sTempDecryptFileName, L"");
+		}
+	}
+	else
+	{	
+		pptReader->ReadSlideList();
+		m_Status = READMODE;
+	}

-	return TRUE;
+	return S_OK;
 }
 bool COfficePPTFile::CloseFile()
 {
@@ -86,29 +126,28 @@ bool COfficePPTFile::CloseFile()
 	return S_OK;
 }

-HRESULT COfficePPTFile::LoadFromFile(std::wstring sSrcFileName, std::wstring sDstPath)
+HRESULT COfficePPTFile::LoadFromFile(std::wstring sSrcFileName, std::wstring sDstPath, std::wstring password)
 {
-    if (m_strTempDirectory.length() < 1)
+    if (m_strTempDirectory.empty())
    {
        m_strTempDirectory = NSDirectory::GetTempPath();
    }

-    bool bRes = OpenFile(sSrcFileName);
-	if (!bRes)
+    long nResult = OpenFile(sSrcFileName, password);
+	if (nResult != S_OK)
    {
 		CloseFile();
 		m_Status = NULLMODE;
-		return S_FALSE;
+		return nResult;
 	}
 	if (!((CPPTFileReader*)m_pReader)->m_oDocumentInfo.m_arUsers.empty())
 	{
-		NSPresentationEditor::CPPTXWriter	oPPTXWriter;
+		NSPresentationEditor::CPPTXWriter oPPTXWriter;
        oPPTXWriter.m_strTempDirectory = sDstPath;
 		
 		
 		oPPTXWriter.CreateFile(((CPPTFileReader*)m_pReader)->m_oDocumentInfo.m_arUsers[0]);	
 		oPPTXWriter.CloseFile();
-
 	}
 	return S_OK;
 }
@@ -122,3 +161,94 @@ std::wstring COfficePPTFile::GetDirectory(std::wstring strFileName)
 	}
 	return strFileName;
 }
+
+bool COfficePPTFile::DecryptOfficeFile(CRYPT::Decryptor* Decryptor)
+{
+	if (!m_pReader) return false;
+	CPPTFileReader* pptReader = (CPPTFileReader*)(m_pReader);
+
+	if (m_strTempDirectory.empty())
+	{
+        m_strTempDirectory = NSFile::CFileBinary::GetTempPath();
+	}
+	m_sTempDecryptFileName	= m_strTempDirectory + FILE_SEPARATOR_STR + L"~tempFile.ppt";
+	
+	POLE::Storage *storageIn	= pptReader->m_pPowerPointStg;
+	POLE::Storage *storageOut	= new POLE::Storage(m_sTempDecryptFileName.c_str());
+
+	if (!storageOut || !storageIn) return false;
+	
+	if (!storageOut->open(true, true))
+	{
+		delete storageOut;
+		return false;
+	}
+	std::list<std::string> listStream = storageIn->entries();
+
+	for (std::list<std::string>::iterator it = listStream.begin(); it != listStream.end(); it++)
+	{
+		if (storageIn->isDirectory(*it)) 
+		{
+			std::list<std::string> list_entry = storageIn->GetAllStreams(*it);
+			
+			for (std::list<std::string>::iterator it2 = list_entry.begin(); it2 != list_entry.end(); it2++)
+			{
+				DecryptStream(Decryptor, *it2, storageIn, storageOut);
+			}
+		}
+		else 
+			DecryptStream(Decryptor, *it, storageIn, storageOut);
+
+	}
+	storageOut->close();
+	delete storageOut;
+
+	return true;
+}
+
+
+bool COfficePPTFile::DecryptStream(CRYPT::Decryptor* Decryptor, std::string streamName, POLE::Storage * storageIn, POLE::Storage * storageOut)
+{
+	POLE::Stream *stream = new POLE::Stream(storageIn, streamName);
+	if (!stream) return false;
+
+	stream->seek(0);
+	int sz_stream = stream->size();
+	
+	POLE::Stream *streamNew = new POLE::Stream(storageOut, streamName, true, sz_stream);
+	if (!streamNew) return false;
+
+	unsigned char* data_stream = new unsigned char[sz_stream];
+	stream->read(data_stream, sz_stream);
+
+	unsigned char* data_store = NULL;
+	int sz_data_store = 0;
+	
+	//if ("WordDocument" == streamName)
+	//{
+	//	sz_data_store = 68;
+	//	data_store = new unsigned char[sz_data_store];
+	//}
+	
+	if (data_store)
+		memcpy(data_store, data_stream, sz_data_store);
+
+	Decryptor->Decrypt((char*)data_stream, sz_stream, 0);
+	
+	if (data_store)
+		memcpy(data_stream, data_store, sz_data_store);
+
+	streamNew->write(data_stream, sz_stream);
+
+	RELEASEARRAYOBJECTS(data_store);
+	RELEASEARRAYOBJECTS(data_stream);
+
+	streamNew->flush();
+			
+	delete streamNew;
+	delete stream;
+	
+	return true;
+}
+
+
--- a/ASCOfficePPTFile/PPTFormatLib/PPTFormatLib.h
+++ b/ASCOfficePPTFile/PPTFormatLib/PPTFormatLib.h
@@ -35,31 +35,26 @@

 #include <vector>

+namespace CRYPT
+{
+	class Decryptor;
+}
+
+namespace POLE
+{
+	class Storage;
+}
+
 class COfficePPTFile 
 {
 public:
    COfficePPTFile()
 	{
-		m_strTempDirectory = L"";
 		m_pReader = NULL;
 		m_Status = 0;
-
 	}
-
    ~COfficePPTFile();

-private:
-
-	int m_Status;
-
-	void* m_pReader;
-
-    std::vector<std::wstring> m_arUserSources;
-
-    std::wstring m_strTempDirectory;
-	
-public:
-
    HRESULT put_TempDirectory(std::wstring sDir)
 	{
 		m_strTempDirectory = sDir;
@@ -71,13 +66,22 @@ public:
 		return m_strTempDirectory;
 	}

-    HRESULT LoadFromFile(std::wstring sSrcFileName, std::wstring sDstPath);
+    HRESULT LoadFromFile(std::wstring sSrcFileName, std::wstring sDstPath, std::wstring password);

 private:
-    bool OpenFile(std::wstring sFileName);

+	int							m_Status;
+	void*						m_pReader;
+    std::vector<std::wstring>	m_arUserSources;
+    std::wstring				m_strTempDirectory;
+	std::wstring				m_sTempDecryptFileName;
+	
+    long OpenFile(const std::wstring & fileName, const std::wstring & password);
    bool CloseFile();

-    std::wstring GetDirectory(std::wstring strFileName);
+	bool DecryptOfficeFile	(CRYPT::Decryptor* Decryptor);
+	bool DecryptStream		(CRYPT::Decryptor* Decryptor, std::string streamName, POLE::Storage* storageIn, POLE::Storage* storageOut);
+	
+	std::wstring GetDirectory(std::wstring strFileName);
 };

--- a/ASCOfficePPTFile/PPTFormatLib/Reader/ClassesAtom.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/ClassesAtom.h
@@ -42,15 +42,16 @@ public:
 	DWORD m_nOffsetPersistDirectory;  
 	                          
 	DWORD m_nDocumentRef; 
+	DWORD m_nEncryptRef;
 	DWORD m_nMaxPersistWritten;

-public:
 	CUserEdit()
 	{
-		m_nOffsetLastEdit = 0;
-		m_nOffsetPersistDirectory = 0;
-		m_nDocumentRef = 0;
-		m_nMaxPersistWritten = 0;
+		m_nOffsetLastEdit			= 0;
+		m_nOffsetPersistDirectory	= 0;
+		m_nDocumentRef				= 0;
+		m_nMaxPersistWritten		= 0;
+		m_nEncryptRef				= 0;
 	}
 	~CUserEdit()
 	{
@@ -62,15 +63,17 @@ public:
 		m_nOffsetPersistDirectory	= oSrc.m_nOffsetPersistDirectory;
 		m_nDocumentRef				= oSrc.m_nDocumentRef;
 		m_nMaxPersistWritten		= oSrc.m_nMaxPersistWritten;
+		m_nEncryptRef				= oSrc.m_nEncryptRef;
 		return (*this);
 	}

 	void FromAtom(CRecordUserEditAtom* pAtom)
 	{
-		m_nOffsetLastEdit = pAtom->m_nOffsetLastEdit;
-		m_nOffsetPersistDirectory = pAtom->m_nOffsetPersistDirectory;
-		m_nDocumentRef = pAtom->m_nOffsetDocPersistIdRef;
-		m_nMaxPersistWritten = pAtom->m_nPersistIdSeed;
+		m_nOffsetLastEdit			= pAtom->m_nOffsetLastEdit;
+		m_nOffsetPersistDirectory	= pAtom->m_nOffsetPersistDirectory;
+		m_nDocumentRef				= pAtom->m_nOffsetDocPersistIdRef;
+		m_nMaxPersistWritten		= pAtom->m_nPersistIdSeed;
+		m_nEncryptRef				= pAtom->m_nEncryptSessionPersistIdRef;
 	}
 }; 

@@ -79,10 +82,8 @@ class CCurrentUser
 public:
 	bool			m_bIsEncrypt;  
 	DWORD			m_nOffsetToCurrentEdit;
+	std::wstring	m_sName;

-	std::wstring	m_strName;
-
-public:
 	CCurrentUser()
 	{
 		m_bIsEncrypt			= false;
@@ -96,20 +97,16 @@ public:
 	{
 		m_bIsEncrypt			= oSrc.m_bIsEncrypt;
 		m_nOffsetToCurrentEdit	= oSrc.m_nOffsetToCurrentEdit;
-		m_strName				= oSrc.m_strName;
+		m_sName					= oSrc.m_sName;
 		return (*this);
 	}

 	void FromAtom(CRecordCurrentUserAtom* pAtom)
 	{
-		m_bIsEncrypt			= (NO_ENCRYPT == pAtom->m_nToken);
+		m_bIsEncrypt			= (ENCRYPT == pAtom->m_nToken);
+		
 		m_nOffsetToCurrentEdit	= pAtom->m_nOffsetToCurEdit;
-		m_strName				= pAtom->m_strUNICODEUserName;
-	}
-
-    std::wstring ToString()
-	{
-        return L"";
+		m_sName					= pAtom->m_strUNICODEUserName;
 	}
 };


--- a/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfo.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfo.h
@@ -41,11 +41,8 @@ public:
    std::wstring					m_strFileDirectory;
 	std::map<int, std::wstring>		m_mapStoreImageFile;

-public:
-
 	CPPTDocumentInfo() : m_oCurrentUser(), m_arUsers() 
 	{
-		m_strFileDirectory = _T("");
 	}

 	~CPPTDocumentInfo()
@@ -66,7 +63,7 @@ public:
 		} 
 	}

-    void ReadFromStream(CRecordCurrentUserAtom* pCurrentUser, POLE::Stream* pStream, std::wstring strFolderMem)
+    bool ReadFromStream(CRecordCurrentUserAtom* pCurrentUser, POLE::Stream* pStream, std::wstring strFolderMem)
 	{
 		m_oCurrentUser.FromAtom(pCurrentUser);

@@ -86,13 +83,15 @@ public:
 			oUserAtom.ReadFromStream(oHeader, pStream);

 			CPPTUserInfo* pInfo			= new CPPTUserInfo();
+			
 			pInfo->m_strFileDirectory	= m_strFileDirectory;
+			pInfo->m_bEncrypt			= m_oCurrentUser.m_bIsEncrypt;
           
-			bool bRes = pInfo->ReadFromStream(&oUserAtom, pStream, strFolderMem);
+			bool bResult = pInfo->ReadFromStream(&oUserAtom, pStream, strFolderMem);

 			offsetToEdit = pInfo->m_oUser.m_nOffsetLastEdit;
 			
-			if (!bRes)
+			if (bResult == false)
 			{
 				delete pInfo;
 				continue;
@@ -105,11 +104,13 @@ public:

 			pInfo = NULL;
 		}
-		// теперь нужно у всех сделать FromDocument...или только для ПОСЛЕДНЕГО пользователя ??? (остальные то  не нужны)
-		//for (int i = 0; i < m_arUsers.size(); ++i)
-		if (m_arUsers.size() > 0)
+		if (m_arUsers.empty() == false)
 		{
-			m_arUsers[0]->FromDocument();
+			if (m_arUsers[0]->m_bEncrypt == false)
+			{
+				m_arUsers[0]->FromDocument();
+			}
 		}
+		return true;
 	}
 };
--- a/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfoOneUser.cpp
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfoOneUser.cpp
@@ -132,6 +132,7 @@ bool CPPTUserInfo::ReadFromStream(CRecordUserEditAtom* pUser, POLE::Stream* pStr
 {
 	m_oUser.FromAtom(pUser);

+//--------------------------------------------------------------------------------------------------
 	SRecordHeader oHeader;
 	CRecordUserEditAtom oUserAtom;

@@ -147,8 +148,24 @@ bool CPPTUserInfo::ReadFromStream(CRecordUserEditAtom* pUser, POLE::Stream* pStr
 	CRecordPersistDirectoryAtom oPersist;
 	oPersist.ReadFromStream(oHeader, pStream);
 	oPersist.ToMap(&m_mapOffsetInPIDs);
+//--------------------------------------------------------------------------------------------------
+	std::map<DWORD, DWORD>::iterator pPair = m_mapOffsetInPIDs.find(m_oUser.m_nEncryptRef);

-	std::map<DWORD, DWORD>::iterator pPair = m_mapOffsetInPIDs.find(m_oUser.m_nDocumentRef);
+	if (pPair != m_mapOffsetInPIDs.end())
+	{
+		StreamUtils::StreamSeek(pPair->second, pStream);
+		oHeader.ReadFromStream(pStream);
+
+		if (RECORD_TYPE_DOCUMENT_ENCRYPTION_ATOM  == oHeader.RecType)
+		{
+			m_bEncrypt = true;
+			m_oEncryptionHeader.ReadFromStream(oHeader, pStream);
+			
+			return true;
+		}
+	}
+//--------------------------------------------------------------------------------------------------
+	pPair = m_mapOffsetInPIDs.find(m_oUser.m_nDocumentRef);

 	if (pPair == m_mapOffsetInPIDs.end())
        return false;
@@ -158,7 +175,7 @@ bool CPPTUserInfo::ReadFromStream(CRecordUserEditAtom* pUser, POLE::Stream* pStr

 	if (RECORD_TYPE_DOCUMENT != oHeader.RecType)
 	{
-        return false;
+		return false;
 	}

 	m_oDocument.ReadFromStream(oHeader, pStream);

--- a/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfoOneUser.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/PPTDocumentInfoOneUser.h
@@ -34,6 +34,7 @@

 #include "../Records/Animations/AnimationTypes.h"
 #include "../Records/ExObjListContainer.h"
+#include "../Records/CryptSession10Container.h"

 #include "SlideInfo.h"

@@ -46,6 +47,9 @@ public:
 	CUserEdit										m_oUser;
 	std::map<DWORD, DWORD>							m_mapOffsetInPIDs;
 	CRecordDocument									m_oDocument;
+	
+	CEncryptionHeader								m_oEncryptionHeader;
+	bool											m_bEncrypt;

 	std::map<DWORD, CRecordSlide*>					m_mapSlides;
 	std::map<DWORD, CRecordSlide*>					m_mapMasters;

--- a/ASCOfficePPTFile/PPTFormatLib/Reader/PPTFileDefines.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/PPTFileDefines.h
@@ -196,7 +196,8 @@ typedef BYTE BOOL1;
 #define		RECORD_TYPE_COMMENT2000SUMMARYATOM				12005

 // Records ~12050 seem to be related to Document Encryption
-#define		RECORD_TYPE_DOCUMENT_ENCRYPTION_ATOM			12052
+#define		RECORD_TYPE_DOCUMENT_ENCRYPTION_ATOM			0x2F14
+

 //records greater then 0xF000 belong to with Microsoft Office Drawing format also known as Escher
 #define		RECORD_TYPE_ESCHER_DGG_CONTAINER							0xF000
@@ -251,6 +252,7 @@ typedef BYTE BOOL1;
 #define		RECORD_PROG_BINARY_TAG										0x138A	//	RT_ProgBinaryTag					SlideProgTagsContainer-DocProgTagsContainer-ShapeProgTagsContainer
 #define		RECORD_TEXT_MASTER_STYLE10_ATOM								0x0FB2	//	RT_TextMasterStyle10Atom			TextMasterStyle10Atom 

+
 static std::string GetRecordName(DWORD dwType)
 {
 	std::string strName = ("Unknown");

--- a/ASCOfficePPTFile/PPTFormatLib/Reader/PPTFileReader.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Reader/PPTFileReader.h
@@ -31,6 +31,7 @@
 */
 #pragma once

+#include "../../../ASCOfficeXlsFile2/source/XlsFormat/Crypt/Decryptor.h"
 #include "../../../DesktopEditor/common/Directory.h"
 #include "../Records/Drawing/ArtBlip.h"

@@ -45,6 +46,8 @@

 #define PP97_DUALSTORAGE		"PP97_DUALSTORAGE"

+#define ENCRYPTION_STREAM		"EncryptedSummary" 
+
 class CPPTFileReader
 {
 public: 
@@ -63,12 +66,12 @@ public:
 				
 		if ( ReadCurrentUser(pStm) ) 
 		{
-			m_bIsPPTFile = TRUE; 
+			m_bIsPPTFile = true; 
 		}
 		else
 		{
 			RELEASEOBJECT(pStm);
-			
+		
 			std::string stream_name = std::string(PP97_DUALSTORAGE) + std::string("/") + std::string(CURRENT_USER_STREAM);
 			pStm = new POLE::Stream( m_pPowerPointStg, stream_name);
 			
@@ -78,7 +81,7 @@ public:
 			m_bDualStorage = true;
 			if ( ReadCurrentUser(pStm))
 			{
-				m_bIsPPTFile = TRUE; 
+				m_bIsPPTFile = true; 
 			}
 		}
 		
@@ -106,19 +109,31 @@ public:
 	{ 
 		return m_bIsPPTFile;
 	} 
+    bool IsEncrypted()
+	{
+		if (m_oDocumentInfo.m_arUsers.empty()) 
+			return m_oDocumentInfo.m_oCurrentUser.m_bIsEncrypt; //wps не выставляет флаг!

-	void ReadPersistDirectory()
+		return &m_oDocumentInfo.m_arUsers[0]->m_bEncrypt;
+	}
+	CEncryptionHeader* GetEncryptionHeader()
 	{
-        bool bRes = SavePictures();	
-		// нужно вызывать РОВНО один раз...
-		m_oDocumentInfo.ReadFromStream(&m_oCurrentUser, GetDocStream(), m_strMemoryForder);
+		if (m_oDocumentInfo.m_arUsers.empty()) return NULL;
+
+		return &m_oDocumentInfo.m_arUsers[0]->m_oEncryptionHeader;
+	}
+	bool ReadPersistDirectory()
+	{
+	// нужно вызывать РОВНО один раз...
+        bool bRes = SavePictures();
+
+		return m_oDocumentInfo.ReadFromStream(&m_oCurrentUser, GetDocStream(), m_strMemoryForder);
 	}

 	void ReadSlideList()
 	{
 		if (m_oDocumentInfo.m_arUsers.size() > 0)
 		{
-
 			DWORD nPID = m_oDocumentInfo.m_arUsers[0]->m_oUser.m_nDocumentRef;
 			std::map<DWORD, DWORD>::iterator pPair = m_oDocumentInfo.m_arUsers[0]->m_mapOffsetInPIDs.find(nPID);

@@ -142,8 +157,7 @@ protected:
 		{ 
 			m_oCurrentUser.ReadFromStream(oHeader, pStm);
 			
-			isPP = (m_oCurrentUser.m_nSize == 0x00000014 && (m_oCurrentUser.m_nToken == NO_ENCRYPT) && 
-								(m_oCurrentUser.m_nLenUserName <= 255)); 
+			isPP = (m_oCurrentUser.m_nSize == 0x00000014 && (m_oCurrentUser.m_nLenUserName <= 255)); 
 		} 
 
 		return isPP; 
@@ -195,7 +209,7 @@ protected:

 //  удаление картинок при завершении программы

-		while (TRUE)
+		while (true)
 		{
            if (oHeader.ReadFromStream(pStream) == false )
 			{
@@ -209,7 +223,7 @@ protected:
 			art_blip.ReadFromStream(oHeader, pStream);

 		}
-		return TRUE;
+		return true;
 	}
 
 private: 
@@ -217,11 +231,11 @@ private:
 	CRecordCurrentUserAtom		m_oCurrentUser; 
 	POLE::Stream *				m_pDocStream; 
 	POLE::Stream *				m_pPictureStream; 
-	POLE::Storage*				m_pPowerPointStg; 
-    bool						m_bIsPPTFile;
+
+	bool						m_bIsPPTFile;

 public:	
-	// для картинок
+	POLE::Storage*				m_pPowerPointStg; 
    std::wstring				m_strMemoryForder;

    std::vector<bool>			m_arLoadImageFlags;

--- a/ASCOfficePPTFile/PPTFormatLib/Records/CurrentUserAtom.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Records/CurrentUserAtom.h
@@ -54,8 +54,7 @@ public:

 	DWORD m_nRelVersion;  // 0x00000008 or 0x00000009

-public:
-	
+
 	CRecordCurrentUserAtom() : m_nToken(0)
 	{
 		m_nRelVersion = m_nDocFileVersion = m_nMinorVersion = m_nMajorVersion = m_nLenUserName = m_nOffsetToCurEdit = 0;

--- a/ASCOfficePPTFile/PPTFormatLib/Records/ExCDAudioContainer.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Records/ExCDAudioContainer.h
@@ -40,8 +40,6 @@ public:
 	double				m_dStartTime;
 	double				m_dEndTime;

-public:
-	
 	CRecordExCDAudioContainer()
 	{
 		m_dStartTime	= 0;

--- a/ASCOfficePPTFile/PPTFormatLib/Records/UserEditAtom.h
+++ b/ASCOfficePPTFile/PPTFormatLib/Records/UserEditAtom.h
@@ -49,12 +49,15 @@ public:

 	DWORD m_nPersistIdSeed;				// for next

+	DWORD m_nEncryptSessionPersistIdRef;
+
 	USHORT m_nLastView;

 public:
 	
 	CRecordUserEditAtom()
 	{
+		m_nEncryptSessionPersistIdRef = 0;
 	}

 	~CRecordUserEditAtom()
@@ -67,36 +70,39 @@ public:
 		
 		m_nLastSlideIdRef = StreamUtils::ReadDWORD(pStream);

-		m_nVersion = StreamUtils::ReadWORD(pStream);
+		m_nVersion		= StreamUtils::ReadWORD(pStream);
 		m_nMinorVersion = StreamUtils::ReadBYTE(pStream);
 		m_nMajorVersion = StreamUtils::ReadBYTE(pStream);

-		m_nOffsetLastEdit = StreamUtils::ReadDWORD(pStream);
-		m_nOffsetPersistDirectory = StreamUtils::ReadDWORD(pStream);
-		m_nOffsetDocPersistIdRef = StreamUtils::ReadDWORD(pStream);
+		m_nOffsetLastEdit				= StreamUtils::ReadDWORD(pStream);
+		m_nOffsetPersistDirectory		= StreamUtils::ReadDWORD(pStream);
+		m_nOffsetDocPersistIdRef		= StreamUtils::ReadDWORD(pStream);
+
+		m_nPersistIdSeed				= StreamUtils::ReadDWORD(pStream);
+		m_nLastView						= StreamUtils::ReadWORD(pStream);

-		m_nPersistIdSeed = StreamUtils::ReadDWORD(pStream);
-		m_nLastView = StreamUtils::ReadWORD(pStream);
+		StreamUtils::StreamSkip(2, pStream);

-		StreamUtils::StreamSkip(m_oHeader.RecLen - 22, pStream);
+		if (m_oHeader.RecLen > 28)
+		{
+			m_nEncryptSessionPersistIdRef	= StreamUtils::ReadDWORD(pStream);
+		}
 	}

 	CRecordUserEditAtom& operator =(const CRecordUserEditAtom& oSrc)
 	{
-		m_nLastSlideIdRef = oSrc.m_nLastSlideIdRef;
-
-		m_nVersion = oSrc.m_nVersion;
-		m_nMinorVersion = oSrc.m_nMinorVersion;
-		m_nMajorVersion = oSrc.m_nMajorVersion;
-
-		m_nOffsetLastEdit = oSrc.m_nOffsetLastEdit;
-
-		m_nOffsetPersistDirectory = oSrc.m_nOffsetPersistDirectory;
-
-		m_nOffsetDocPersistIdRef = oSrc.m_nOffsetDocPersistIdRef;
-		m_nPersistIdSeed = oSrc.m_nPersistIdSeed;
-
-		m_nLastView = oSrc.m_nLastView;
+		m_nLastSlideIdRef				= oSrc.m_nLastSlideIdRef;
+
+		m_nVersion						= oSrc.m_nVersion;
+		m_nMinorVersion					= oSrc.m_nMinorVersion;
+		m_nMajorVersion					= oSrc.m_nMajorVersion;
+
+		m_nOffsetLastEdit				= oSrc.m_nOffsetLastEdit;
+		m_nOffsetPersistDirectory		= oSrc.m_nOffsetPersistDirectory;
+		m_nOffsetDocPersistIdRef		= oSrc.m_nOffsetDocPersistIdRef;
+		m_nPersistIdSeed				= oSrc.m_nPersistIdSeed;
+		m_nLastView						= oSrc.m_nLastView;
+		m_nEncryptSessionPersistIdRef	= oSrc.m_nEncryptSessionPersistIdRef;
 		return (*this);
 	}
 };
\ No newline at end of file
--- a/ASCOfficePPTFile/PPTFormatLib/Win32/PPTFormatLib.vcproj
+++ b/ASCOfficePPTFile/PPTFormatLib/Win32/PPTFormatLib.vcproj
@@ -542,6 +542,10 @@
 				RelativePath="..\Records\ColorSchemeAtom.h"
 				>
 			</File>
+			<File
+				RelativePath="..\Records\CryptSession10Container.h"
+				>
+			</File>
 			<File
 				RelativePath="..\Records\CString.h"
 				>

--- a/ASCOfficePPTFile/PptFormatTest/PptFormatTest.cpp
+++ b/ASCOfficePPTFile/PptFormatTest/PptFormatTest.cpp
@@ -60,7 +60,7 @@ int _tmain(int argc, _TCHAR* argv[])
 	
 	pptFile.put_TempDirectory(tempPath);

-	HRESULT hRes = pptFile.LoadFromFile(sSrcPpt, dstTempPath);
+	HRESULT hRes = pptFile.LoadFromFile(sSrcPpt, dstTempPath, L"password");
 	
 	if (hRes == S_OK)
 	{

--- a/ASCOfficePPTFile/PptFormatTest/PptFormatTest.sln
+++ b/ASCOfficePPTFile/PptFormatTest/PptFormatTest.sln
--- a/Common/3dParty/cryptopp/arc4.h
+++ b/Common/3dParty/cryptopp/arc4.h
@@ -41,7 +41,7 @@ protected:
 	void UncheckedSetKey(const byte *key, unsigned int length, const NameValuePairs &params);
 	virtual unsigned int GetDefaultDiscardBytes() const {return 0;}

-    FixedSizeSecBlock<byte, 256> m_state;
+    FixedSizeSecBlock<byte, 512> m_state;
    byte m_x, m_y;
 };


--- a/Common/DocxFormat/Source/SystemUtility/File.h
+++ b/Common/DocxFormat/Source/SystemUtility/File.h
@@ -382,7 +382,7 @@ namespace StreamUtils

        pData[lLen] = 0;

-        std::string str(pData);
+        std::string str(pData, lLen);

        delete[] pData;
        return str;

--- a/OfficeCryptReader/source/CryptTransform.cpp
+++ b/OfficeCryptReader/source/CryptTransform.cpp
--- a/OfficeCryptReader/source/CryptTransform.h
+++ b/OfficeCryptReader/source/CryptTransform.h
@@ -40,6 +40,7 @@ namespace CRYPT_METHOD
 {
 	enum _hashAlgorithm
 	{
+		MD5,
 		SHA1,
 		SHA224,
 		SHA256,
@@ -125,7 +126,7 @@ class ECMADecryptor : public Decryptor
 {
 public:
 	ECMADecryptor();
-	virtual ~ECMADecryptor(){}
+	virtual ~ECMADecryptor();

 	void Decrypt (unsigned char* data, int  size, unsigned char*& data_out);
 	

--- a/X2tConverter/src/ASCConverters.cpp
+++ b/X2tConverter/src/ASCConverters.cpp
@@ -874,7 +874,7 @@ namespace NExtractTools
       COfficePPTFile pptFile;

       pptFile.put_TempDirectory(sTemp);
-       return S_OK == pptFile.LoadFromFile(sFrom, sTo) ? 0 : AVS_FILEUTILS_ERROR_CONVERT;
+	   return S_OK == pptFile.LoadFromFile(sFrom, sTo, params.getPassword()) ? 0 : AVS_FILEUTILS_ERROR_CONVERT;
   }
 	// ppt -> pptt
 	int ppt2pptt (const std::wstring &sFrom, const std::wstring &sTo, const std::wstring &sTemp, InputParams& params)
@@ -905,7 +905,7 @@ namespace NExtractTools

       pptFile.put_TempDirectory(sTemp);

-       if ( pptFile.LoadFromFile(sFrom, sTempUnpackedPPTX) != S_OK) return AVS_FILEUTILS_ERROR_CONVERT;
+       if ( pptFile.LoadFromFile(sFrom, sTempUnpackedPPTX, params.getPassword()) != S_OK) return AVS_FILEUTILS_ERROR_CONVERT;

       // convert unzipped pptx to unzipped pptt
       CPPTXFile *pptx_file = new CPPTXFile(NULL, NULL, NULL, NULL);