mir/libreoffice
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c8481c8a43ce2544275b2d70ef29a8b0cb157732
libreoffice/package/inc/EncryptionData.hxx
Michael Stahl 9188ea83c3 tdf#114939 package,comphelper: Try both real SHA1 and StarOffice SHA1 
... when importing ODF documents.

In CreatePackageEncryptionData(), add a 3rd SHA1 password hash,
PackageSHA1CorrectEncryptionKey, to EncryptionData.

Use it in ZipPackageStream::getDataStream(), which has 3 fall-backs
for SHA1 bugs now.

Also add a CorrectSHA1DigestContext, to be used together with
PackageSHA1CorrectEncryptionKey, and rename the existing one to
StarOfficeSHA1DigestContext, to be used together with the existing
2 PackageSHA1{UTF8,MS1252}EncryptionKey.

The fallback won't be used very often anyway: for the password SHA1
to be wrong, you need a password between 52 and 55 bytes long,
and for the SHA1/1K checksum to be wrong, you need a file
smaller than 1K with compressed size mod 64 between 52 and 55;
all XML files have enough random "chaff" added to be too large.

Test that we can read both correct SHA1 and StarOffice SHA1.

Change-Id: I988fa489b5e40c7657f404f18538f637d54d28f1
2018-01-12 23:31:43 +01:00

79 lines
2.7 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* This file incorporates work covered by the following license notice:
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed
* with this work for additional information regarding copyright
* ownership. The ASF licenses this file to you under the Apache
* License, Version 2.0 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
*/
#ifndef INCLUDED_PACKAGE_INC_ENCRYPTIONDATA_HXX
#define INCLUDED_PACKAGE_INC_ENCRYPTIONDATA_HXX
#include <com/sun/star/uno/Sequence.hxx>
#include <cppuhelper/weak.hxx>
class BaseEncryptionData : public cppu::OWeakObject
{
public:
css::uno::Sequence< sal_Int8 > m_aSalt;
css::uno::Sequence< sal_Int8 > m_aInitVector;
css::uno::Sequence< sal_Int8 > m_aDigest;
sal_Int32 m_nIterationCount;
BaseEncryptionData()
: m_nIterationCount ( 0 ){}
BaseEncryptionData( const BaseEncryptionData& aData )
: cppu::OWeakObject()
, m_aSalt( aData.m_aSalt )
, m_aInitVector( aData.m_aInitVector )
, m_aDigest( aData.m_aDigest )
, m_nIterationCount( aData.m_nIterationCount )
{}
};
class EncryptionData : public BaseEncryptionData
{
public:
css::uno::Sequence < sal_Int8 > m_aKey;
sal_Int32 m_nEncAlg;
sal_Int32 m_nCheckAlg;
sal_Int32 m_nDerivedKeySize;
sal_Int32 m_nStartKeyGenID;
bool m_bTryWrongSHA1;
EncryptionData(const BaseEncryptionData& aData, const css::uno::Sequence< sal_Int8 >& aKey, sal_Int32 nEncAlg, sal_Int32 nCheckAlg, sal_Int32 nDerivedKeySize, sal_Int32 nStartKeyGenID, bool const bTryWrongSHA1)
: BaseEncryptionData( aData )
, m_aKey( aKey )
, m_nEncAlg( nEncAlg )
, m_nCheckAlg( nCheckAlg )
, m_nDerivedKeySize( nDerivedKeySize )
, m_nStartKeyGenID( nStartKeyGenID )
, m_bTryWrongSHA1(bTryWrongSHA1)
{}
EncryptionData( const EncryptionData& aData )
: BaseEncryptionData( aData )
, m_aKey( aData.m_aKey )
, m_nEncAlg( aData.m_nEncAlg )
, m_nCheckAlg( aData.m_nCheckAlg )
, m_nDerivedKeySize( aData.m_nDerivedKeySize )
, m_nStartKeyGenID( aData.m_nStartKeyGenID )
, m_bTryWrongSHA1(aData.m_bTryWrongSHA1)
{}
};
#endif
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
Reference in New Issue View Git Blame Copy Permalink