Hi Bernard, Malte,
As Malte has correctly written, normally the basic library should be
encrypted using the algorithm, that is used by document ( at least a
library with known password should be stored in this way ).
There is a special case, when a document with existing encrypted basic
library is stored with another encryption algorithm. If the library
still was not decrypted at this point, the target document would contain
the basic library encrypted with an original algorithm. In other words,
the encrypted stream is transferred from original document to the target
one without decryption.
The reason for this decision was that we could not introduce a new UI
for OOo3.4 at those time. So there were following possible solutions:
either transfer the encrypted stream to the target document as it is
done now, or throw it away. The last solution looked not nice ( although
quite legal, especially when storing from ODF1.2 to ODF1.1 format ), so
the first one was taken.
Thinking about it one more time, there looks to be an open question. In
case an original OOo3.2 document created by OOo3.4 contains an encrypted
library, the library would be encrypted with AES algorithm. If later
this document is stored in ODF1.1 format without providing the password
to the encrypted library, the result document would contain a stream
encrypted with AES algorithm. It would not be possible to decrypt the
stream using OOo3.3, although OOo3.4 would of course have no problem.
Hope that helps.
Best regards,
Mikhail.
On 04/23/2011 02:18 PM, Malte Timmermann wrote:
Hi Bernard,
all streams in an ODF package are encrypted with the same algorithms /
same implementation. So yes, same for macros.
You can check the used algorithm by looking into manfifest.xml, see
algorithm-name.
Malte.
Bernard Marcelly wrote, On 22.04.2011 14:07:
Hi,
I read this message :
<http://blogs.sun.com/GullFOSS/entry/aes_encryption_for_openoffice_org>
and then :
[allfeatures] changed/cws mav60 : Improve ODF1.2 encryption supporte in OOo.
<http://openoffice.org/projects/www/lists/allfeatures/archive/2011-03/message/2>
Does it also apply to the encryption method for password-protected Basic
libraries ?
Answer may be obvious for the designer, but it should be clearly indicated.
Issue 117562 does not test this aspect, also.
Regards
Bernard
--
-----------------------------------------------------------------
To unsubscribe send email to dev-unsubscr...@framework.openoffice.org
For additional commands send email to sy...@framework.openoffice.org
with Subject: help
