diff options
| author | Michael Stahl <mstahl@redhat.com> | 2018-01-12 22:30:07 +0100 |
|---|---|---|
| committer | Michael Stahl <mstahl@redhat.com> | 2018-01-12 23:31:44 +0100 |
| commit | 9ef1734f03a008545a01fd394dd0e979bb230a0f (patch) | |
| tree | 3183fcbf01682047978b78d7de5cea4c40ea8939 /comphelper | |
| parent | tdf#114939 package: change ODF 1.1 export to use real SHA1 (diff) | |
| download | core-9ef1734f03a008545a01fd394dd0e979bb230a0f.tar.gz core-9ef1734f03a008545a01fd394dd0e979bb230a0f.zip | |
tdf#114939 sfx2: notify user of non-interoperable passwords
For ODF 1.1 encryption, SHA1 is used as the start-key digest algorithm
of PBKDF2.
For the ODF export password-to-modify "feature", PBKDF2 is used
without a start-key digest round, so the UTF-8 encoded password
is directly the input.
In both cases, if the user entered a password with a known problematic
length, reject it and request a new one.
Change-Id: Ie6510c1e668e1ed32be439ebe00354881b6ca83f
Diffstat (limited to 'comphelper')
| -rw-r--r-- | comphelper/source/misc/docpasswordhelper.cxx | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx index 9cf2fdffa0a8..13ab45f043af 100644 --- a/comphelper/source/misc/docpasswordhelper.cxx +++ b/comphelper/source/misc/docpasswordhelper.cxx @@ -49,6 +49,8 @@ static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const OUString& aPassword, if ( !aPassword.isEmpty() && aSalt.getLength() && nCount && nHashLength ) { OString aBytePass = OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 ); + // FIXME this is subject to the SHA1-bug tdf#114939 - see also + // RequestPassword() in filedlghelper.cxx aResult.realloc( 16 ); rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ), aResult.getLength(), |