summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Stahl <mstahl@redhat.com>2018-01-11 15:55:25 +0100
committerMichael Stahl <mstahl@redhat.com>2018-01-12 23:31:43 +0100
commit0b7c3b7d9fa71f59eed75c3e80e5e12245c5e1c5 (patch)
tree2f29a16b67ce118c5eb7ab3579c469e2cf0915cf
parent42e90b44ee9de1c5e0b324e492949ff6f345461b (diff)
tdf#114939 officecfg,sfx2: always use AES/SHA256 in ODF 1.2
The setting ODFVER_012_EXT_COMPAT "1.2 Extended (compatibility mode)" no longer has an effect on the encryption algorithms. API CHANGE: Remove the configuration settings: Office.Common.Save.ODF.UseSHA1InODF12 Office.Common.Save.ODF.UseBlowfishInODF12 Rationale: * Every release since 2012, from LO >= 3.4 and AOO >= 3.4, can read AES/SHA256 encrypted files. * SHA1 is broken anyway * tdf#114939 causes SHA1 interop issues Retain SHA1/Blowfish only for ODF 1.1 export. Change-Id: I007511d4830a90121e38bf5bb4534df5695621e9
-rw-r--r--officecfg/registry/schema/org/openoffice/Office/Common.xcs15
-rw-r--r--sfx2/source/doc/objstor.cxx15
2 files changed, 3 insertions, 27 deletions
diff --git a/officecfg/registry/schema/org/openoffice/Office/Common.xcs b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
index 2884179d0800..2901733cabc0 100644
--- a/officecfg/registry/schema/org/openoffice/Office/Common.xcs
+++ b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
@@ -2409,21 +2409,6 @@
</constraints>
<value>3</value>
</prop>
- <prop oor:name="UseSHA1InODF12" oor:type="xs:boolean" oor:nillable="false">
- <info>
- <desc>Specifies whether SHA1 algorithm instead of SHA256 should be
- used in ODF12 for StartKey and Checksum generation during
- encryption.</desc>
- </info>
- <value>false</value>
- </prop>
- <prop oor:name="UseBlowfishInODF12" oor:type="xs:boolean" oor:nillable="false">
- <info>
- <desc>Specifies whether Blowfish algorithm instead of AES should be
- used in ODF12 for encryption.</desc>
- </info>
- <value>false</value>
- </prop>
</group>
</group>
<group oor:name="Load">
diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx
index 44f6f1556f75..3bac7ae20b97 100644
--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -362,15 +362,10 @@ void SfxObjectShell::SetupStorage( const uno::Reference< embed::XStorage >& xSto
}
SvtSaveOptions::ODFDefaultVersion nDefVersion = SvtSaveOptions::ODFVER_012;
- bool bUseSHA1InODF12 = false;
- bool bUseBlowfishInODF12 = false;
-
if (!utl::ConfigManager::IsFuzzing())
{
SvtSaveOptions aSaveOpt;
nDefVersion = aSaveOpt.GetODFDefaultVersion();
- bUseSHA1InODF12 = officecfg::Office::Common::Save::ODF::UseSHA1InODF12::get();
- bUseBlowfishInODF12 = officecfg::Office::Common::Save::ODF::UseBlowfishInODF12::get();
}
// the default values, that should be used for ODF1.1 and older formats
@@ -392,13 +387,9 @@ void SfxObjectShell::SetupStorage( const uno::Reference< embed::XStorage >& xSto
{
}
- if ( !bUseSHA1InODF12 && nDefVersion != SvtSaveOptions::ODFVER_012_EXT_COMPAT )
- {
- aEncryptionAlgs[0].Value <<= xml::crypto::DigestID::SHA256;
- aEncryptionAlgs[2].Value <<= xml::crypto::DigestID::SHA256_1K;
- }
- if ( !bUseBlowfishInODF12 && nDefVersion != SvtSaveOptions::ODFVER_012_EXT_COMPAT )
- aEncryptionAlgs[1].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+ aEncryptionAlgs[0].Value <<= xml::crypto::DigestID::SHA256;
+ aEncryptionAlgs[2].Value <<= xml::crypto::DigestID::SHA256_1K;
+ aEncryptionAlgs[1].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
}
try