package/source/manifest/ManifestDefines.hxx | 9 ++++++---
package/source/manifest/ManifestImport.cxx | 25 ++++++++++++++++++++++---
package/source/manifest/ManifestImport.hxx | 1 +
package/source/zippackage/ZipPackage.cxx | 12 ++++++++++++
4 files changed, 41 insertions(+), 6 deletions(-)
New commits:
commit b955e86071e91c7f6d0047f383f225881db7b417
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Jan 10 20:28:41 2024 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sat Jan 20 17:38:48 2024 +0100
tdf#105844 package: ODF wholesome encryption: use package version
... to init the Version property.
The problem is that the outer storage loaded from a wholesome ODF
encrypted document doesn't have a Version, because it doesn't (directly)
contain a document and has no "/" file-entry.
Extract the root element's package version attribute and use it.
The Storage API doesn't distinguish much between the package version and
the root document's (i.e. root folder's) version.
Change-Id: I0fd5f999e9adee674d73fc542402512d0e204897
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161897
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit f1117fbfcd931d4ea2fccfb56f154aa6186d384b)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161865
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/package/source/manifest/ManifestImport.cxx
b/package/source/manifest/ManifestImport.cxx
index 0218ac07a5d2..77f795efdc59 100644
--- a/package/source/manifest/ManifestImport.cxx
+++ b/package/source/manifest/ManifestImport.cxx
@@ -327,6 +327,7 @@ void SAL_CALL ManifestImport::startElement( const OUString&
aName, const uno::Re
switch (nLevel) {
case 1: {
+ m_PackageVersion = aConvertedAttribs[ATTRIBUTE_VERSION];
if (aConvertedName != ELEMENT_MANIFEST) //manifest:manifest
aStack.back().m_bValid = false;
break;
@@ -451,6 +452,18 @@ void SAL_CALL ManifestImport::endElement( const OUString&
aName )
return;
if ( aConvertedName == ELEMENT_FILE_ENTRY && aStack.back().m_bValid ) {
+ // required for wholesome encryption: if there is no document and hence
+ // no file-entry with a version attribute, send the package's version
+ // with the first file-entry.
+ // (note: the only case when a valid ODF document has no "/" entry with
+ // a version is when it is ODF 1.0/1.1 and then it doesn't have the
+ // package version either)
+ if (rManVector.empty() && !m_PackageVersion.isEmpty()
+ && !aSequence[PKG_MNFST_VERSION].Value.hasValue())
+ {
+ aSequence[PKG_MNFST_VERSION].Name = u"Version"_ustr;
+ aSequence[PKG_MNFST_VERSION].Value <<= m_PackageVersion;
+ }
// the first entry gets KeyInfo element if any, for PGP encryption
if (!bIgnoreEncryptData && !aKeys.empty() && rManVector.empty())
{
diff --git a/package/source/manifest/ManifestImport.hxx
b/package/source/manifest/ManifestImport.hxx
index fd86e02e4f5a..883f1de62387 100644
--- a/package/source/manifest/ManifestImport.hxx
+++ b/package/source/manifest/ManifestImport.hxx
@@ -61,6 +61,7 @@ class ManifestImport final : public cppu::WeakImplHelper <
css::xml::sax::XDocum
bool bPgpEncryption;
sal_Int32 nDerivedKeySize;
::std::vector < css::uno::Sequence < css::beans::PropertyValue > > &
rManVector;
+ OUString m_PackageVersion; // on root element
OUString PushNameAndNamespaces( const OUString& aName,
diff --git a/package/source/zippackage/ZipPackage.cxx
b/package/source/zippackage/ZipPackage.cxx
index 02f7cf71e8af..c4de219f80de 100644
--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -171,6 +171,7 @@ void ZipPackage::parseManifest()
return;
bool bManifestParsed = false;
+ ::std::optional<OUString> oFirstVersion;
static constexpr OUString sMeta (u"META-INF"_ustr);
if ( m_xRootFolder->hasByName( sMeta ) )
{
@@ -216,7 +217,13 @@ void ZipPackage::parseManifest()
if ( rValue.Name == sPropFullPath )
rValue.Value >>= sPath;
else if ( rValue.Name == sPropVersion )
+ {
rValue.Value >>= sVersion;
+ if (!oFirstVersion)
+ {
+ oFirstVersion.emplace(sVersion);
+ }
+ }
else if ( rValue.Name == sPropMediaType )
rValue.Value >>= sMediaType;
else if ( rValue.Name == sPropSalt )
@@ -457,6 +464,11 @@ void ZipPackage::parseManifest()
{
// accept only types that look similar to own mediatypes
m_xRootFolder->SetMediaType( aPackageMediatype );
+ // also set version explicitly
+ if (oFirstVersion && m_xRootFolder->GetVersion().isEmpty())
+ {
+ m_xRootFolder->SetVersion(*oFirstVersion);
+ }
// if there is an encrypted inner package, there is no root
// document, because instead there is a package, and it is not
// an error
commit 8f5c108297fb4816318172f4c7240438f956bb60
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Fri Jan 5 21:43:19 2024 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Sat Jan 20 17:38:35 2024 +0100
tdf#105844 package: ManifestImport: handle argon2 attributes in ...
... standard namespace too.
Change-Id: I46804795da2009dfd8bb95b9286933728a132e5b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161785
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit bac43054e2997235ce98432bc9cb6c434120e4b2)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161764
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/package/source/manifest/ManifestDefines.hxx
b/package/source/manifest/ManifestDefines.hxx
index dbe7b985b8c0..c2f5e2778a30 100644
--- a/package/source/manifest/ManifestDefines.hxx
+++ b/package/source/manifest/ManifestDefines.hxx
@@ -70,9 +70,12 @@ inline constexpr OUString ELEMENT_KEY_DERIVATION =
u"manifest:key-derivation"_us
inline constexpr OUString ATTRIBUTE_KEY_DERIVATION_NAME =
u"manifest:key-derivation-name"_ustr;
inline constexpr OUString ATTRIBUTE_SALT = u"manifest:salt"_ustr;
inline constexpr OUString ATTRIBUTE_ITERATION_COUNT =
u"manifest:iteration-count"_ustr;
-inline constexpr OUString ATTRIBUTE_ARGON2_T_LO=
u"loext:argon2-iterations"_ustr;
-inline constexpr OUString ATTRIBUTE_ARGON2_M_LO= u"loext:argon2-memory"_ustr;
-inline constexpr OUString ATTRIBUTE_ARGON2_P_LO= u"loext:argon2-lanes"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_T =
u"manifest:argon2-iterations"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_M = u"manifest:argon2-memory"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_P = u"manifest:argon2-lanes"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_T_LO =
u"loext:argon2-iterations"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_M_LO = u"loext:argon2-memory"_ustr;
+inline constexpr OUString ATTRIBUTE_ARGON2_P_LO = u"loext:argon2-lanes"_ustr;
/// OFFICE-3708: wrong URL cited in ODF 1.2 and used since OOo 3.4 beta
inline constexpr OUString SHA256_URL_ODF12 =
u"http://www.w3.org/2000/09/xmldsig#sha256"_ustr;
diff --git a/package/source/manifest/ManifestImport.cxx
b/package/source/manifest/ManifestImport.cxx
index f6f4ce36f4a2..0218ac07a5d2 100644
--- a/package/source/manifest/ManifestImport.cxx
+++ b/package/source/manifest/ManifestImport.cxx
@@ -242,11 +242,17 @@ void ManifestImport::doKeyDerivation(StringHashMap
&rConvertedAttribs)
{
aSequence[PKG_MNFST_KDF].Value <<= xml::crypto::KDFID::Argon2id;
- aString = rConvertedAttribs[ATTRIBUTE_ARGON2_T_LO];
+ aString = rConvertedAttribs.find(ATTRIBUTE_ARGON2_T) !=
rConvertedAttribs.end()
+ ? rConvertedAttribs[ATTRIBUTE_ARGON2_T]
+ : rConvertedAttribs[ATTRIBUTE_ARGON2_T_LO];
sal_Int32 const t(aString.toInt32());
- aString = rConvertedAttribs[ATTRIBUTE_ARGON2_M_LO];
+ aString = rConvertedAttribs.find(ATTRIBUTE_ARGON2_M) !=
rConvertedAttribs.end()
+ ? rConvertedAttribs[ATTRIBUTE_ARGON2_M]
+ : rConvertedAttribs[ATTRIBUTE_ARGON2_M_LO];
sal_Int32 const m(aString.toInt32());
- aString = rConvertedAttribs[ATTRIBUTE_ARGON2_P_LO];
+ aString = rConvertedAttribs.find(ATTRIBUTE_ARGON2_P) !=
rConvertedAttribs.end()
+ ? rConvertedAttribs[ATTRIBUTE_ARGON2_P]
+ : rConvertedAttribs[ATTRIBUTE_ARGON2_P_LO];
sal_Int32 const p(aString.toInt32());
if (0 < t && 0 < m && 0 < p)
{
