package/Library_package2.mk | 4 ++++ package/source/zippackage/ZipPackage.cxx | 5 ++++- sfx2/source/doc/docfile.cxx | 17 +++++++++++++++-- 3 files changed, 23 insertions(+), 3 deletions(-)
New commits: commit 5303dde8a7c2c09b7104f2c099f879d9273438cb Author: Michael Stahl <michael.st...@allotropia.de> AuthorDate: Thu Dec 14 12:08:20 2023 +0100 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Fri Dec 15 10:50:12 2023 +0100 tdf#105844 package: increase PBKDF2 iterations for wholesome ODF encryption The government recommends 600k iterations. Change-Id: I8d4137ca8a08c2b3ac0e7724de1c87c2117ec7c4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160768 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.st...@allotropia.de> (cherry picked from commit c6c51663479fa036f70b182b5892a23235bbde5f) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160796 diff --git a/package/Library_package2.mk b/package/Library_package2.mk index c78786632555..6f29bf002a6b 100644 --- a/package/Library_package2.mk +++ b/package/Library_package2.mk @@ -24,6 +24,10 @@ $(eval $(call gb_Library_add_defs,package2,\ $(eval $(call gb_Library_set_precompiled_header,package2,package/inc/pch/precompiled_package2)) +$(eval $(call gb_Library_use_custom_headers,package2,\ + officecfg/registry \ +)) + $(eval $(call gb_Library_use_libraries,package2,\ comphelper \ cppu \ diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx index 8fb6c27876ab..54b8099e38d1 100644 --- a/package/source/zippackage/ZipPackage.cxx +++ b/package/source/zippackage/ZipPackage.cxx @@ -41,6 +41,7 @@ #include <com/sun/star/io/XSeekable.hpp> #include <com/sun/star/lang/WrappedTargetRuntimeException.hpp> #include <com/sun/star/container/XNameContainer.hpp> +#include <officecfg/Office/Common.hxx> #include <comphelper/fileurl.hxx> #include <comphelper/processfactory.hxx> #include <ucbhelper/content.hxx> @@ -1308,7 +1309,9 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() // for encrypted streams RandomPool aRandomPool; - sal_Int32 const nPBKDF2IterationCount = 100000; + // if there is only one KDF invocation, increase the safety margin + sal_Int32 const nPBKDF2IterationCount = + officecfg::Office::Common::Misc::ExperimentalMode::get() ? 600000 : 100000; // call saveContents ( it will recursively save sub-directories m_xRootFolder->saveContents("", aManList, aZipOut, GetEncryptionKey(), bIsGpgEncrypt ? 0 : nPBKDF2IterationCount, aRandomPool.get()); commit f738ef21a660d6ef736aeab538a5fe063666f2f1 Author: Michael Stahl <michael.st...@allotropia.de> AuthorDate: Thu Dec 14 12:30:30 2023 +0100 Commit: Michael Stahl <michael.st...@allotropia.de> CommitDate: Fri Dec 15 10:50:02 2023 +0100 tdf#105844 sfx2: add another consistency check SfxMedium::TryEncryptedInnerPackage() checks same mimetype of inner and outer package for ODF wholesome encryption. Change-Id: I8a5ef463c5f604a59573fb0f9e15453f22d867d6 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160767 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.st...@allotropia.de> (cherry picked from commit 1d2218690382374f3962de014b151dbac84a1446) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160795 diff --git a/sfx2/source/doc/docfile.cxx b/sfx2/source/doc/docfile.cxx index d75e25e530c3..422fa98ac360 100644 --- a/sfx2/source/doc/docfile.cxx +++ b/sfx2/source/doc/docfile.cxx @@ -30,6 +30,7 @@ #include <com/sun/star/task/XStatusIndicator.hpp> #include <com/sun/star/uno/Reference.h> #include <com/sun/star/ucb/XContent.hpp> +#include <com/sun/star/beans/XPropertySet.hpp> #include <com/sun/star/container/XChild.hpp> #include <com/sun/star/document/XDocumentRevisionListPersistence.hpp> #include <com/sun/star/document/LockedDocumentRequest.hpp> @@ -1721,7 +1722,8 @@ SfxMedium::TryEncryptedInnerPackage(uno::Reference<embed::XStorage> const xStora xDecryptedInnerPackage = xStorage->openStreamElement( "encrypted-package", embed::ElementModes::READ | embed::ElementModes::NOCREATE); - assert(xDecryptedInnerPackage.is()); // just for testing? not if wrong pwd + // either this throws due to wrong password or IO error, or returns stream + assert(xDecryptedInnerPackage.is()); // need a seekable stream => copy Reference<uno::XComponentContext> const xContext(::comphelper::getProcessComponentContext()); uno::Reference<io::XStream> const xDecryptedInnerPackageStream( @@ -1739,11 +1741,22 @@ SfxMedium::TryEncryptedInnerPackage(uno::Reference<embed::XStorage> const xStora SAL_DE BUG("AAA tempfile " << xTempFile->getResourceName()); uno::Reference<io::XSeekable>(xDecryptedInnerPackageStream, uno::UNO_QUERY_THROW)->seek(0); #endif - // create storage, if this succeeds assume password is correct + // create inner storage; opening the stream should have already verified + // the password so any failure here is probably due to a bug xRet = ::comphelper::OStorageHelper::GetStorageOfFormatFromStream( PACKAGE_STORAGE_FORMAT_STRING, xDecryptedInnerPackageStream, embed::ElementModes::READWRITE, xContext, false); assert(xRet.is()); + // consistency check: outer and inner package must have same mimetype + OUString const outerMediaType(uno::Reference<beans::XPropertySet>(pImpl->xStorage, + uno::UNO_QUERY_THROW)->getPropertyValue("MediaType").get<OUString>()); + OUString const innerMediaType(uno::Reference<beans::XPropertySet>(xRet, + uno::UNO_QUERY_THROW)->getPropertyValue("MediaType").get<OUString>()); + if (outerMediaType.isEmpty() || outerMediaType != innerMediaType) + { + throw io::WrongFormatException("MediaType inconsistent in encrypted ODF package"); + } + // success: pImpl->m_bODFWholesomeEncryption = true; pImpl->m_xODFDecryptedInnerPackageStream = xDecryptedInnerPackageStream; pImpl->m_xODFEncryptedOuterStorage = xStorage;