tdf#118639: store ODF encryption data for autorecovery

When saving autorecovery information, ODF is used. If the original document is password-protected, its autorecovery is also generated password-protected (since ef87ff6680f79362a431db6e7ef2f40cfc576219). But when the stored encryption data for non-ODF document does not contain "PackageSHA256UTF8EncryptionKey" value, following ZipPackage::GetEncryptionKey fails, so the whole save fails. So just generate and append ODF encryption keys where we still have user password. Reviewed-on: https://gerrit.libreoffice.org/84052 Tested-by: Jenkins Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com> (cherry picked from commit 63634738dd03cc74806ce6843c16ff5e51a371a0) Reviewed-on: https://gerrit.libreoffice.org/84133 Reviewed-by: Xisco Faulí <xiscofauli@libreoffice.org> (cherry picked from commit e569dc9824e95617d921bb8f115d243aea0125b9) Reviewed-on: https://gerrit.libreoffice.org/84232 Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com> (cherry picked from commit d1450f5bddd0f108078e0dfb11c9f130175fafe7) Conflicts: comphelper/source/misc/docpasswordhelper.cxx Change-Id: I776e28de784489521e4941d1075690f90c056014
author: Mike Kaganski <mike.kaganski@collabora.com> 2019-11-29 13:07:57 +0300
committer: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2020-02-09 11:30:26 +0100
commit: b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098 (patch)
tree: 9dcc4baf8a9f7a4f26a51bb91e5d961bc2a519b9 /comphelper
parent: neon: escape broken SharePoint 2016 URIs (diff)
download: core-b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098.tar.gz
core-b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098.zip
1 files changed, 28 insertions, 2 deletions
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index 3f470520fbf5..f75997cfe440 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -426,6 +426,7 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
         bool* pbIsDefaultPassword )
 {
     css::uno::Sequence< css::beans::NamedValue > aEncData;
+    OUString aPassword;
     DocPasswordVerifierResult eResult = DocPasswordVerifierResult::WrongPassword;
 
     // first, try provided default passwords
@@ -439,8 +440,12 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
             if( !aIt->isEmpty() )
             {
                 eResult = rVerifier.verifyPassword( *aIt, aEncData );
-                if( pbIsDefaultPassword )
-                    *pbIsDefaultPassword = eResult == DocPasswordVerifierResult::OK;
+                if (eResult == DocPasswordVerifierResult::OK)
+                {
+                    aPassword = *aIt;
+                    if (pbIsDefaultPassword)
+                        *pbIsDefaultPassword = true;
+                }
             }
         }
     }
@@ -460,7 +465,11 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
     if( eResult == DocPasswordVerifierResult::WrongPassword )
     {
         if( !rMediaPassword.isEmpty() )
+        {
             eResult = rVerifier.verifyPassword( rMediaPassword, aEncData );
+            if (eResult == DocPasswordVerifierResult::OK)
+                aPassword = rMediaPassword;
+        }
     }
 
     // request a password (skip, if result is OK or ABORT)
@@ -476,6 +485,8 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
             {
                 if( !pRequest->getPassword().isEmpty() )
                     eResult = rVerifier.verifyPassword( pRequest->getPassword(), aEncData );
+                if (eResult == DocPasswordVerifierResult::OK)
+                    aPassword = pRequest->getPassword();
             }
             else
             {
@@ -488,6 +499,21 @@ OUString DocPasswordHelper::GetOoxHashAsBase64(
     {
     }
 
+    if (eResult == DocPasswordVerifierResult::OK && !aPassword.isEmpty())
+    {
+        if (std::find_if(std::cbegin(aEncData), std::cend(aEncData),
+                         [](const css::beans::NamedValue& val) {
+                             return val.Name == PACKAGE_ENCRYPTIONDATA_SHA256UTF8;
+                         })
+            == std::cend(aEncData))
+        {
+            // tdf#118639: We need ODF encryption data for autorecovery, where password
+            // will already be unavailable, so generate and append it here
+            aEncData = comphelper::concatSequences(
+                aEncData, OStorageHelper::CreatePackageEncryptionData(aPassword));
+        }
+    }
+
     return (eResult == DocPasswordVerifierResult::OK) ? aEncData : uno::Sequence< beans::NamedValue >();
 }
author	Mike Kaganski <mike.kaganski@collabora.com>	2019-11-29 13:07:57 +0300
committer	Thorsten Behrens <Thorsten.Behrens@CIB.de>	2020-02-09 11:30:26 +0100
commit	b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098 (patch)
tree	9dcc4baf8a9f7a4f26a51bb91e5d961bc2a519b9 /comphelper
parent	neon: escape broken SharePoint 2016 URIs (diff)
download	core-b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098.tar.gz core-b838986c6edfb4e5fb1e30bf47d8ad54ae2b4098.zip