Resolves: rhbz#1013844 fdo#47482 encrypted OOo 1.0 docs cannot be reopened

Workaround for the encrypted OpenOffice.org 1.0 documents generated by Libreoffice <= 3.6 with the new encryption format and using SHA256, but missing a specified startkey of SHA256 Change-Id: Ib1acc4441b5adc6721cb3cde7a1191aa978e9a1b (cherry picked from commit 11ad93f4ba84f190c908e92a2c960f7a9fa800c0) Reviewed-on: https://gerrit.libreoffice.org/6107 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Miklos Vajna <vmiklos@collabora.co.uk>
author: Caolán McNamara <caolanm@redhat.com> 2013-10-02 11:38:22 +0100
committer: Miklos Vajna <vmiklos@collabora.co.uk> 2013-10-03 08:57:34 +0000
commit: ac848787f90cf247fab29e98bc406b1237d14b84 (patch)
tree: 1f4781a91c29da121fc9e93a726281f7bc4fd90a
parent: 395b860fe19b786a096a2533a09d0c45c11ed8b4 (diff)
3 files changed, 39 insertions, 5 deletions
diff --git a/package/source/zippackage/ZipPackageStream.cxx b/package/source/zippackage/ZipPackageStream.cxx
index 88afb2a3366a..62df374af2cb 100644
--- a/package/source/zippackage/ZipPackageStream.cxx
+++ b/package/source/zippackage/ZipPackageStream.cxx
@@ -550,13 +550,37 @@ uno::Reference< io::XInputStream > SAL_CALL ZipPackageStream::getDataStream()
         {
             xResult = rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(), bIsEncrypted, rZipPackage.GetSharedMutexRef() );
         }
-        catch( packages::WrongPasswordException& )
+        catch( const packages::WrongPasswordException& )
         {
-            // workaround for the encrypted documents generated with the old OOo1.x bug.
-            if ( rZipPackage.GetStartKeyGenID() == xml::crypto::DigestID::SHA1 && !m_bUseWinEncoding )
+            if ( rZipPackage.GetStartKeyGenID() == xml::crypto::DigestID::SHA1 )
             {
-                xResult = rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData( true ), bIsEncrypted, rZipPackage.GetSharedMutexRef() );
-                m_bUseWinEncoding = true;
+                try
+                {
+                    // rhbz#1013844 / fdo#47482 workaround for the encrypted
+                    // OpenOffice.org 1.0 documents generated by Libreoffice <=
+                    // 3.6 with the new encryption format and using SHA256, but
+                    // missing a specified startkey of SHA256
+
+                    // force SHA256 and see if that works
+                    m_nImportedStartKeyAlgorithm = xml::crypto::DigestID::SHA256;
+                    xResult = rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData(), bIsEncrypted, rZipPackage.GetSharedMutexRef() );
+                    return xResult;
+                }
+                catch (const packages::WrongPasswordException&)
+                {
+                    // if that didn't work, restore to SHA1 and trundle through the *other* earlier
+                    // bug fix
+                    m_nImportedStartKeyAlgorithm = xml::crypto::DigestID::SHA1;
+                }
+
+                // workaround for the encrypted documents generated with the old OOo1.x bug.
+                if ( !m_bUseWinEncoding )
+                {
+                    xResult = rZipPackage.getZipFile().getDataStream( aEntry, GetEncryptionData( true ), bIsEncrypted, rZipPackage.GetSharedMutexRef() );
+                    m_bUseWinEncoding = true;
+                }
+                else
+                    throw;
             }
             else
                 throw;
diff --git a/sc/qa/unit/data/ods/passwordWrongSHA.ods b/sc/qa/unit/data/ods/passwordWrongSHA.ods
new file mode 100644
index 000000000000..b8a0e80dc675
--- /dev/null
+++ b/sc/qa/unit/data/ods/passwordWrongSHA.ods
diff --git a/sc/qa/unit/subsequent_filters-test.cxx b/sc/qa/unit/subsequent_filters-test.cxx
index b6918ce5342e..193ad83cf78b 100644
--- a/sc/qa/unit/subsequent_filters-test.cxx
+++ b/sc/qa/unit/subsequent_filters-test.cxx
@@ -158,6 +158,7 @@ public:
     //misc tests unrelated to the import filters
     void testPasswordNew();
     void testPasswordOld();
+    void testPasswordWrongSHA();
 
     //test shape import
     void testControlImport();
@@ -219,6 +220,7 @@ public:
     //disable testPassword on MacOSX due to problems with libsqlite3
     //also crashes on DragonFly due to problems with nss/nspr headers
 #if !defined(MACOSX) && !defined(DRAGONFLY) && !defined(WNT)
+    CPPUNIT_TEST(testPasswordWrongSHA);
     CPPUNIT_TEST(testPasswordOld);
     CPPUNIT_TEST(testPasswordNew);
 #endif
@@ -1309,6 +1311,14 @@ void ScFiltersTest::testPasswordOld()
     testPassword_Impl(aFileNameBase);
 }
 
+void ScFiltersTest::testPasswordWrongSHA()
+{
+    //tests opening a file wrongly using the new password algorithm
+    //in a sxc with the key algorithm missing
+    const OUString aFileNameBase("passwordWrongSHA.");
+    testPassword_Impl(aFileNameBase);
+}
+
 void ScFiltersTest::testControlImport()
 {
     const rtl::OUString aFileNameBase(RTL_CONSTASCII_USTRINGPARAM("singlecontrol."));
author	Caolán McNamara <caolanm@redhat.com>	2013-10-02 11:38:22 +0100
committer	Miklos Vajna <vmiklos@collabora.co.uk>	2013-10-03 08:57:34 +0000
commit	ac848787f90cf247fab29e98bc406b1237d14b84 (patch)
tree	1f4781a91c29da121fc9e93a726281f7bc4fd90a
parent	395b860fe19b786a096a2533a09d0c45c11ed8b4 (diff)