[Libreoffice-commits] core.git: Branch 'libreoffice-6-1' - package/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Tue Aug 28 15:08:39 UTC 2018
package/source/zipapi/ZipFile.cxx | 75 +++++++++++++++++---------------------
1 file changed, 34 insertions(+), 41 deletions(-)
New commits:
commit 2b5ff36afab8888cdbc879ae2f34903ede190c04
Author: Stephan Bergmann <sbergman at redhat.com>
AuthorDate: Thu Aug 23 16:55:40 2018 +0200
Commit: Caolán McNamara <caolanm at redhat.com>
CommitDate: Tue Aug 28 17:08:16 2018 +0200
Related rhbz#1618703: Properly handle failure encoding zip file
...when e.g. FIPS mode makes ZipFile::StaticGetCipher fail by throwing an
exception which would be caught by ZipPackageStream::saveChild (in
package/source/zippackage/ZipPackageStream.cxx) alright (and translated into
bSuccess = false), if ZipFile::StaticGetCipher didn't unhelpfully swallow and
ignore all exceptions in an outer try-catch.
Change-Id: I14376128515df1dd4bdac921edd8ab94cc9b7617
Reviewed-on: https://gerrit.libreoffice.org/59514
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman at redhat.com>
(cherry picked from commit 3cc6d3611ac8cbbfb9803f3a084d02edde470ad3)
Reviewed-on: https://gerrit.libreoffice.org/59569
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx
index 1ef81bf582a5..8126ebba305b 100644
--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -162,54 +162,47 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un
{
uno::Reference< xml::crypto::XCipherContext > xResult;
- try
+ if (xEncryptionData->m_nDerivedKeySize < 0)
{
- if (xEncryptionData->m_nDerivedKeySize < 0)
- {
- throw ZipIOException("Invalid derived key length!" );
- }
+ throw ZipIOException("Invalid derived key length!" );
+ }
- uno::Sequence< sal_Int8 > aDerivedKey( xEncryptionData->m_nDerivedKeySize );
- if ( !xEncryptionData->m_nIterationCount &&
- xEncryptionData->m_nDerivedKeySize == xEncryptionData->m_aKey.getLength() )
- {
- // gpg4libre: no need to derive key, m_aKey is already
- // usable as symmetric session key
- aDerivedKey = xEncryptionData->m_aKey;
- }
- else if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ),
- aDerivedKey.getLength(),
- reinterpret_cast< const sal_uInt8 * > (xEncryptionData->m_aKey.getConstArray() ),
- xEncryptionData->m_aKey.getLength(),
- reinterpret_cast< const sal_uInt8 * > ( xEncryptionData->m_aSalt.getConstArray() ),
- xEncryptionData->m_aSalt.getLength(),
- xEncryptionData->m_nIterationCount ) )
- {
- throw ZipIOException("Can not create derived key!" );
- }
+ uno::Sequence< sal_Int8 > aDerivedKey( xEncryptionData->m_nDerivedKeySize );
+ if ( !xEncryptionData->m_nIterationCount &&
+ xEncryptionData->m_nDerivedKeySize == xEncryptionData->m_aKey.getLength() )
+ {
+ // gpg4libre: no need to derive key, m_aKey is already
+ // usable as symmetric session key
+ aDerivedKey = xEncryptionData->m_aKey;
+ }
+ else if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ),
+ aDerivedKey.getLength(),
+ reinterpret_cast< const sal_uInt8 * > (xEncryptionData->m_aKey.getConstArray() ),
+ xEncryptionData->m_aKey.getLength(),
+ reinterpret_cast< const sal_uInt8 * > ( xEncryptionData->m_aSalt.getConstArray() ),
+ xEncryptionData->m_aSalt.getLength(),
+ xEncryptionData->m_nIterationCount ) )
+ {
+ throw ZipIOException("Can not create derived key!" );
+ }
- if ( xEncryptionData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING )
- {
- uno::Reference< uno::XComponentContext > xContext = xArgContext;
- if ( !xContext.is() )
- xContext = comphelper::getProcessComponentContext();
+ if ( xEncryptionData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING )
+ {
+ uno::Reference< uno::XComponentContext > xContext = xArgContext;
+ if ( !xContext.is() )
+ xContext = comphelper::getProcessComponentContext();
- uno::Reference< xml::crypto::XNSSInitializer > xCipherContextSupplier = xml::crypto::NSSInitializer::create( xContext );
+ uno::Reference< xml::crypto::XNSSInitializer > xCipherContextSupplier = xml::crypto::NSSInitializer::create( xContext );
- xResult = xCipherContextSupplier->getCipherContext( xEncryptionData->m_nEncAlg, aDerivedKey, xEncryptionData->m_aInitVector, bEncrypt, uno::Sequence< beans::NamedValue >() );
- }
- else if ( xEncryptionData->m_nEncAlg == xml::crypto::CipherID::BLOWFISH_CFB_8 )
- {
- xResult = BlowfishCFB8CipherContext::Create( aDerivedKey, xEncryptionData->m_aInitVector, bEncrypt );
- }
- else
- {
- throw ZipIOException("Unknown cipher algorithm is requested!" );
- }
+ xResult = xCipherContextSupplier->getCipherContext( xEncryptionData->m_nEncAlg, aDerivedKey, xEncryptionData->m_aInitVector, bEncrypt, uno::Sequence< beans::NamedValue >() );
}
- catch( ... )
+ else if ( xEncryptionData->m_nEncAlg == xml::crypto::CipherID::BLOWFISH_CFB_8 )
+ {
+ xResult = BlowfishCFB8CipherContext::Create( aDerivedKey, xEncryptionData->m_aInitVector, bEncrypt );
+ }
+ else
{
- OSL_ENSURE( false, "Can not create cipher context!" );
+ throw ZipIOException("Unknown cipher algorithm is requested!" );
}
return xResult;
More information about the Libreoffice-commits
mailing list