[Libreoffice-commits] core.git: comphelper/source package/source sfx2/source
Mike Kaganski (via logerrit)
logerrit at kemper.freedesktop.org
Sat Jan 4 06:40:51 UTC 2020
comphelper/source/misc/docpasswordhelper.cxx | 37 ++++++++++++++++++++++++++-
package/source/xstor/owriteablestream.cxx | 8 +++--
package/source/xstor/owriteablestream.hxx | 3 +-
package/source/xstor/xstorage.cxx | 2 -
sfx2/source/appl/appopen.cxx | 12 ++++++++
5 files changed, 56 insertions(+), 6 deletions(-)
New commits:
commit dd198398b6e5c84ab1255a90ef96e6445b66a64f
Author: Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Fri Jan 3 22:40:07 2020 +0300
Commit: Mike Kaganski <mike.kaganski at collabora.com>
CommitDate: Sat Jan 4 07:40:21 2020 +0100
tdf#93389: keep encryption information for autorecovered MS formats
The autorecovery data is stored in ODF, regardless of the original
document format. When restoring, type detection generates ODF data,
which is stored in the media descriptor attached to document, even
after real filter was restored (see AutoRecovery::implts_openDocs).
If real filter is not ODF, then at the save time, it doesn't find
necessary information in encryption data, and makes not encrypted
package.
This patch adds both MS binary data, and OOXML data, to existing
ODF data for recovered password-protected documents (regardless of
their real filter).
TODO: only add required information to encryption data: pass real
filter name to DocPasswordHelper::requestAndVerifyDocPassword from
AutoRecovery::implts_openDocs.
Change-Id: I4749c5ec028ca61bddf7cd77bc5969a97b1de199
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86201
Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>
Tested-by: Mike Kaganski <mike.kaganski at collabora.com>
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index d57447580bce..1b6f323eb458 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -423,6 +423,25 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
OUString aPassword;
DocPasswordVerifierResult eResult = DocPasswordVerifierResult::WrongPassword;
+ sal_Int32 nMediaEncDataCount = rMediaEncData.getLength();
+
+ // tdf#93389: if the document is being restored from autorecovery, we need to add encryption
+ // data also for real document type.
+ // TODO: get real filter name here (from CheckPasswd_Impl), to only add necessary data
+ bool bForSalvage = false;
+ if (nMediaEncDataCount)
+ {
+ for (auto& val : rMediaEncData)
+ {
+ if (val.Name == "ForSalvage")
+ {
+ --nMediaEncDataCount; // don't consider this element below
+ val.Value >>= bForSalvage;
+ break;
+ }
+ }
+ }
+
// first, try provided default passwords
if( pbIsDefaultPassword )
*pbIsDefaultPassword = false;
@@ -449,7 +468,7 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
// try media encryption data (skip, if result is OK or ABORT)
if( eResult == DocPasswordVerifierResult::WrongPassword )
{
- if( rMediaEncData.hasElements() )
+ if (nMediaEncDataCount)
{
eResult = rVerifier.verifyEncryptionData( rMediaEncData );
if( eResult == DocPasswordVerifierResult::OK )
@@ -508,6 +527,22 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
aEncData = comphelper::concatSequences(
aEncData, OStorageHelper::CreatePackageEncryptionData(aPassword));
}
+
+ if (bForSalvage)
+ {
+ // TODO: add individual methods for different target filter, and only call what's needed
+
+ // 1. Prepare binary MS formats encryption data
+ auto aUniqueID = GenerateRandomByteSequence(16);
+ auto aEnc97Key = GenerateStd97Key(aPassword.getStr(), aUniqueID);
+ // 2. Add MS binary and OOXML encryption data to result
+ aEncData = comphelper::concatSequences(
+ aEncData, std::initializer_list<beans::NamedValue>{
+ { "STD97EncryptionKey", css::uno::Any(aEnc97Key) },
+ { "STD97UniqueID", css::uno::Any(aUniqueID) },
+ { "OOXPassword", css::uno::Any(aPassword) },
+ });
+ }
}
return (eResult == DocPasswordVerifierResult::OK) ? aEncData : uno::Sequence< beans::NamedValue >();
diff --git a/package/source/xstor/owriteablestream.cxx b/package/source/xstor/owriteablestream.cxx
index a781dc4bdac9..d953887748cd 100644
--- a/package/source/xstor/owriteablestream.cxx
+++ b/package/source/xstor/owriteablestream.cxx
@@ -82,9 +82,11 @@ struct WSInternalData_Impl
namespace package
{
-bool PackageEncryptionDatasEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 )
+bool PackageEncryptionDataLessOrEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 )
{
- bool bResult = !aHash1.empty() && aHash1.size() == aHash2.size();
+ // tdf#93389: aHash2 may contain more than in aHash1, if it contains also data for other package
+ // formats (as in case of autorecovery)
+ bool bResult = !aHash1.empty() && aHash1.size() <= aHash2.size();
for ( ::comphelper::SequenceAsHashMap::const_iterator aIter = aHash1.begin();
bResult && aIter != aHash1.end();
++aIter )
@@ -1144,7 +1146,7 @@ uno::Reference< io::XStream > OWriteStream_Impl::GetStream( sal_Int32 nStreamMod
if ( m_bHasCachedEncryptionData )
{
- if ( !::package::PackageEncryptionDatasEqual( m_aEncryptionData, aEncryptionData ) )
+ if ( !::package::PackageEncryptionDataLessOrEqual( m_aEncryptionData, aEncryptionData ) )
throw packages::WrongPasswordException();
// the correct key must be set already
diff --git a/package/source/xstor/owriteablestream.hxx b/package/source/xstor/owriteablestream.hxx
index 818aec0b7942..718aea3ac77f 100644
--- a/package/source/xstor/owriteablestream.hxx
+++ b/package/source/xstor/owriteablestream.hxx
@@ -55,7 +55,8 @@ namespace com { namespace sun { namespace star { namespace uno {
} } } }
namespace package {
- bool PackageEncryptionDatasEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 );
+ // all data in aHash1 is contained in aHash2
+ bool PackageEncryptionDataLessOrEqual( const ::comphelper::SequenceAsHashMap& aHash1, const ::comphelper::SequenceAsHashMap& aHash2 );
}
struct WSInternalData_Impl;
diff --git a/package/source/xstor/xstorage.cxx b/package/source/xstor/xstorage.cxx
index 6a5b62a6edd2..3da6d24f55e7 100644
--- a/package/source/xstor/xstorage.cxx
+++ b/package/source/xstor/xstorage.cxx
@@ -859,7 +859,7 @@ void OStorage_Impl::CopyStorageElement( SotElement_Impl* pElement,
TOOLS_INFO_EXCEPTION("package.xstor", "No Encryption");
}
- if (bHasCommonEncryptionData && ::package::PackageEncryptionDatasEqual(pElement->m_xStream->GetCachedEncryptionData(), aCommonEncryptionData))
+ if (bHasCommonEncryptionData && ::package::PackageEncryptionDataLessOrEqual(pElement->m_xStream->GetCachedEncryptionData(), aCommonEncryptionData))
{
// If the stream can be opened with the common storage password
// it must be stored with the common storage password as well
diff --git a/sfx2/source/appl/appopen.cxx b/sfx2/source/appl/appopen.cxx
index 66a3a26fc825..357e9e8033f4 100644
--- a/sfx2/source/appl/appopen.cxx
+++ b/sfx2/source/appl/appopen.cxx
@@ -234,6 +234,18 @@ ErrCode CheckPasswd_Impl
if ( !aEncryptionData.hasElements() && aGpgProperties.hasElements() )
aEncryptionData = ::comphelper::DocPasswordHelper::decryptGpgSession(aGpgProperties);
+ // tdf#93389: if recoverying a document, encryption data should contain
+ // entries for the real filter, not only for recovery ODF, to keep it
+ // encrypted. Pass this in encryption data.
+ // TODO: pass here the real filter (from AutoRecovery::implts_openDocs)
+ // to marshal this to requestAndVerifyDocPassword
+ if (pSet->GetItemState(SID_DOC_SALVAGE, false) == SfxItemState::SET)
+ {
+ aEncryptionData = comphelper::concatSequences(
+ aEncryptionData, std::initializer_list<beans::NamedValue>{
+ { "ForSalvage", css::uno::Any(true) } });
+ }
+
SfxDocPasswordVerifier aVerifier( xStorage );
aEncryptionData = ::comphelper::DocPasswordHelper::requestAndVerifyDocPassword(
aVerifier, aEncryptionData, aPassword, xInteractionHandler, pFile->GetOrigURL(), comphelper::DocPasswordRequestType::Standard );
More information about the Libreoffice-commits
mailing list