diff options
| author | Michael Stahl <mstahl@redhat.com> | 2018-01-12 16:58:00 +0100 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2018-01-16 21:53:08 +0100 |
| commit | 3761e01fd16a06468009c0de1b84026b2be1dda6 (patch) | |
| tree | 7fa4c08f95808e5404716e5b0c2b9f0e007da4a2 /comphelper | |
| parent | f638d889eb7e813d4ae6fe1df25e9269c6103022 (diff) | |
tdf#114939 package,comphelper: Try both real SHA1 and StarOffice SHA1
... when importing ODF documents.
In CreatePackageEncryptionData(), add a 3rd SHA1 password hash,
PackageSHA1CorrectEncryptionKey, to EncryptionData.
Use it in ZipPackageStream::getDataStream(), which has 3 fall-backs
for SHA1 bugs now.
Also add a CorrectSHA1DigestContext, to be used together with
PackageSHA1CorrectEncryptionKey, and rename the existing one to
StarOfficeSHA1DigestContext, to be used together with the existing
2 PackageSHA1{UTF8,MS1252}EncryptionKey.
The fallback won't be used very often anyway: for the password SHA1
to be wrong, you need a password between 52 and 55 bytes long,
and for the SHA1/1K checksum to be wrong, you need a file
smaller than 1K with compressed size mod 64 between 52 and 55;
all XML files have enough random "chaff" added to be too large.
Test that we can read both correct SHA1 and StarOffice SHA1.
Change-Id: I988fa489b5e40c7657f404f18538f637d54d28f1
(cherry picked from commit 9188ea83c346fdc2f668178ae7538665a1b09c02)
Reviewed-on: https://gerrit.libreoffice.org/48001
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
Diffstat (limited to 'comphelper')
| -rw-r--r-- | comphelper/source/misc/storagehelper.cxx | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index 27e72b784e10..4551326b9b46 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -51,6 +51,7 @@ #include <ucbhelper/content.hxx> #include <comphelper/fileformat.h> +#include <comphelper/hash.hxx> #include <comphelper/processfactory.hxx> #include <comphelper/documentconstants.hxx> #include <comphelper/storagehelper.hxx> @@ -401,7 +402,8 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( // MS_1252 encoding was used for SO60 document format password encoding, // this encoding supports only a minor subset of nonascii characters, // but for compatibility reasons it has to be used for old document formats - aEncryptionData.realloc( nSha1Ind + 2 ); + aEncryptionData.realloc( nSha1Ind + 3 ); + // these are StarOffice not-quite-SHA1 aEncryptionData[nSha1Ind].Name = PACKAGE_ENCRYPTIONDATA_SHA1UTF8; aEncryptionData[nSha1Ind + 1].Name = PACKAGE_ENCRYPTIONDATA_SHA1MS1252; @@ -425,6 +427,15 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreatePackageEncryptionData( aEncryptionData[nSha1Ind+nInd].Value <<= uno::Sequence< sal_Int8 >( reinterpret_cast<sal_Int8*>(pBuffer), RTL_DIGEST_LENGTH_SHA1 ); } + + // actual SHA1 + aEncryptionData[nSha1Ind + 2].Name = PACKAGE_ENCRYPTIONDATA_SHA1CORRECT; + OString aByteStrPass = OUStringToOString(aPassword, RTL_TEXTENCODING_UTF8); + std::vector<unsigned char> const sha1(::comphelper::Hash::calculateHash( + reinterpret_cast<unsigned char const*>(aByteStrPass.getStr()), aByteStrPass.getLength(), + ::comphelper::HashType::SHA1)); + aEncryptionData[nSha1Ind + 2].Value <<= uno::Sequence<sal_Int8>( + reinterpret_cast<sal_Int8 const*>(sha1.data()), sha1.size()); } return aEncryptionData; |