tdf#118639: store ODF encryption data for autorecovery

When saving autorecovery information, ODF is used. If the original document is password-protected, its autorecovery is also generated password-protected (since ef87ff6680f79362a431db6e7ef2f40cfc576219). But when the stored encryption data for non-ODF document does not contain "PackageSHA256UTF8EncryptionKey" value, following ZipPackage::GetEncryptionKey fails, so the whole save fails. So just generate and append ODF encryption keys where we still have user password. Reviewed-on: https://gerrit.libreoffice.org/84052 Tested-by: Jenkins Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com> (cherry picked from commit 63634738dd03cc74806ce6843c16ff5e51a371a0) Reviewed-on: https://gerrit.libreoffice.org/84133 Reviewed-by: Xisco Faulí <xiscofauli@libreoffice.org> (cherry picked from commit e569dc9824e95617d921bb8f115d243aea0125b9) Reviewed-on: https://gerrit.libreoffice.org/84232 Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> Change-Id: I776e28de784489521e4941d1075690f90c056014 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94355 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com> Reviewed-by: Andras Timar <andras.timar@collabora.com>
author: Mike Kaganski <mike.kaganski@collabora.com> 2019-11-29 13:07:57 +0300
committer: Andras Timar <andras.timar@collabora.com> 2020-05-17 12:39:01 +0200
commit: ae461458d23a8e2709c6a66d372c120cad703fd1 (patch)
tree: 6d2bf0dc3e331554f92f4c185fc3b3caf84c5ce3
parent: 21cc8a803d2bfbd0af418c7fa7569949d502f0b9 (diff)
2 files changed, 41 insertions, 8 deletions
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index 81fe3bc5268c..c20671056888 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -23,6 +23,7 @@
 
 #include <comphelper/docpasswordhelper.hxx>
 #include <comphelper/storagehelper.hxx>
+#include <comphelper/sequence.hxx>
 #include <com/sun/star/beans/PropertyValue.hpp>
 #include <com/sun/star/task/XInteractionHandler.hpp>
 #include <com/sun/star/lang/IllegalArgumentException.hpp>
@@ -366,6 +367,7 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
         bool* pbIsDefaultPassword )
 {
     css::uno::Sequence< css::beans::NamedValue > aEncData;
+    OUString aPassword;
     DocPasswordVerifierResult eResult = DocPasswordVerifierResult::WrongPassword;
 
     // first, try provided default passwords
@@ -379,8 +381,12 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
             if( !aIt->isEmpty() )
             {
                 eResult = rVerifier.verifyPassword( *aIt, aEncData );
-                if( pbIsDefaultPassword )
-                    *pbIsDefaultPassword = eResult == DocPasswordVerifierResult::OK;
+                if (eResult == DocPasswordVerifierResult::OK)
+                {
+                    aPassword = *aIt;
+                    if (pbIsDefaultPassword)
+                        *pbIsDefaultPassword = true;
+                }
             }
         }
     }
@@ -400,7 +406,11 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
     if( eResult == DocPasswordVerifierResult::WrongPassword )
     {
         if( !rMediaPassword.isEmpty() )
+        {
             eResult = rVerifier.verifyPassword( rMediaPassword, aEncData );
+            if (eResult == DocPasswordVerifierResult::OK)
+                aPassword = rMediaPassword;
+        }
     }
 
     // request a password (skip, if result is OK or ABORT)
@@ -416,6 +426,8 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
             {
                 if( !pRequest->getPassword().isEmpty() )
                     eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData );
+                if (eResult == DocPasswordVerifierResult::OK)
+                    aPassword = pRequest->getPassword();
             }
             else
             {
@@ -428,6 +440,21 @@ Sequence< sal_Int8 > DocPasswordHelper::GetXLHashAsSequence(
     {
     }
 
+    if (eResult == DocPasswordVerifierResult::OK && !aPassword.isEmpty())
+    {
+        if (std::find_if(std::cbegin(aEncData), std::cend(aEncData),
+                         [](const css::beans::NamedValue& val) {
+                             return val.Name == PACKAGE_ENCRYPTIONDATA_SHA256UTF8;
+                         })
+            == std::cend(aEncData))
+        {
+            // tdf#118639: We need ODF encryption data for autorecovery, where password
+            // will already be unavailable, so generate and append it here
+            aEncData = comphelper::concatSequences(
+                aEncData, OStorageHelper::CreatePackageEncryptionData(aPassword));
+        }
+    }
+
     return (eResult == DocPasswordVerifierResult::OK) ? aEncData : uno::Sequence< beans::NamedValue >();
 }
 
diff --git a/sfx2/source/dialog/filedlghelper.cxx b/sfx2/source/dialog/filedlghelper.cxx
index 3820ee4107c9..9d2934233d94 100644
--- a/sfx2/source/dialog/filedlghelper.cxx
+++ b/sfx2/source/dialog/filedlghelper.cxx
@@ -2673,6 +2673,8 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
     {
         if ( pPasswordRequest->getPassword().getLength() )
         {
+            css::uno::Sequence< css::beans::NamedValue > aEncryptionData;
+
             // TODO/LATER: The filters should show the password dialog themself in future
             if ( bMSType )
             {
@@ -2681,7 +2683,7 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
                 {
                     ::comphelper::SequenceAsHashMap aHashData;
                     aHashData[ OUString( "OOXPassword"  ) ] <<= pPasswordRequest->getPassword();
-                    pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( aHashData.getAsConstNamedValueList() ) ) );
+                    aEncryptionData = aHashData.getAsConstNamedValueList();
                 }
                 else
                 {
@@ -2694,7 +2696,7 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
                         aHashData[ OUString( "STD97EncryptionKey"  ) ] <<= aEncryptionKey;
                         aHashData[ OUString( "STD97UniqueID"  ) ] <<= aUniqueID;
 
-                        pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( aHashData.getAsConstNamedValueList() ) ) );
+                        aEncryptionData = aHashData.getAsConstNamedValueList();
                     }
                     else
                     {
@@ -2702,10 +2704,14 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter,
                     }
                 }
             }
-            else
-            {
-                pSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( ::comphelper::OStorageHelper::CreatePackageEncryptionData( pPasswordRequest->getPassword() ) ) ) );
-            }
+
+            // tdf#118639: We need ODF encryption data for autorecovery where password will already
+            // be unavailable, even for non-ODF documents, so append it here unconditionally
+            pSet->Put(SfxUnoAnyItem(
+                SID_ENCRYPTIONDATA,
+                uno::makeAny(comphelper::concatSequences(
+                    aEncryptionData, comphelper::OStorageHelper::CreatePackageEncryptionData(
+                                         pPasswordRequest->getPassword())))));
         }
 
         if ( pPasswordRequest->getRecommendReadOnly() )
author	Mike Kaganski <mike.kaganski@collabora.com>	2019-11-29 13:07:57 +0300
committer	Andras Timar <andras.timar@collabora.com>	2020-05-17 12:39:01 +0200
commit	ae461458d23a8e2709c6a66d372c120cad703fd1 (patch)
tree	6d2bf0dc3e331554f92f4c185fc3b3caf84c5ce3
parent	21cc8a803d2bfbd0af418c7fa7569949d502f0b9 (diff)