Project Description
This project demonstrates the techniques documented in MS-OFFCRYPTO.

The code presented here is for demonstration purposes only. While the code has been written to be robust, it has not been tested to production quality, and some shortcuts may have been taken because the code is not intended for general use. You are welcome to use the code for any purpose you like, but you should review it and test it carefully before using it for any production purpose.

This project currently consists of:

1) ExtractStream.cpp - many of the techniques rely on isolating a stream from a compound file. This application can extract streams, even if there are unprintable characters in the stream name. It can also be used to list the streams and storages.

2) OoxmlEncrypt.cs - a C# project that demonstrates how to correctly verify an entire EncryptionInfo stream, and check that the password matches. The code only works for ECMA-376 Document Encryption - the older RC4 encryption will be handled in another project, which is TBD at the moment. This is written in C# because the original code was written in C++, and by using a different language, we can ensure that language and library-specific assumptions are taken into account.

3) ManagedRC4 - A wrapper over CAPI RC4 needed by the other RC4 encryption projects.

4) CapiRC4Encrypt - a C# project that demonstrates how to correctly verify the encryption info header and verify the password for CAPI RC4 encryption, which is the default for PowerPoint encryption of .ppt files, and is an option on Word and Excel files.

5) Legacy RC4 - another C# project that demonstrates how to verify a legacy encryption header and verify the password. Note - completing this entailed a minor bug fix to ManagedRC4 - if you grab this project, please get that one as well.

Note - the ManagedRC4 project has just been updated to make some of the behavior underlying CryptDeriveKey explicit. This should help facilitate porting to crypto libraries other than CAPI (including CNG).

4/9/2009 - Just updated ExtractStream to get it to pull out the encryption header directly from a PowerPoint file, as it is a bit of a pain to find the correct offset. I've also updated the CapiRC4Encrypt project to deal correctly with the fact that there is now (as of Office 2007 SP2) a major version of 4. previously, we enforced major version of 2 or 3 only.

11/22/2012 - added a C# project that demonstrates reading and writing version4 encrypted Office documents, and a test application to read an existing encrypted OpenXml file and dump out various information.

To get all the files, go to the Releases tab.

Last edited Nov 22, 2012 at 8:26 PM by DrTusk, version 9