[Libreoffice-bugs] [Bug 107007] PDF export uses insecure RC4-128 encryption
bugzilla-daemon at bugs.documentfoundation.org
bugzilla-daemon at bugs.documentfoundation.org
Wed Mar 10 20:02:34 UTC 2021
https://bugs.documentfoundation.org/show_bug.cgi?id=107007
--- Comment #5 from Hans Deragon <hans at deragon.biz> ---
Still RC4 as of version 7.1.1.2.
$ pdfinfo -opw abc lo.pdf | fgrep Encrypted
Encrypted: yes (print:yes copy:yes change:yes addNotes:yes algorithm:RC4)
Version: 7.1.1.2 / LibreOffice Community
Build ID: 10(Build:2)
CPU threads: 4; OS: Linux 5.4; UI render: default; VCL: gtk3
Locale: en-CA (en_CA.UTF-8); UI: en-US
Ubuntu package version: 1:7.1.1~rc2-0ubuntu0.20.04.1~lo1
Calc: threaded
Workaround on Linux to encrypt a PDF in AES-256:
qpdf --encrypt <user-password> <owner-password> 256 -- "${DECRYPTED_PDF}"
"${ENCRYPTED_PDF}"
Would be nice that LibreOffice detect that qpdf is available and use it to
encrypt in AES-256 instead of relying on its library.
Also, LibreOffice does not report what algorithm is being used. A warning
should be shown that a very week algorithm is being used.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20210310/3a3e5d14/attachment.htm>
More information about the Libreoffice-bugs
mailing list