tdf#114939 sfx2: notify user of non-interoperable passwords

For ODF 1.1 encryption, SHA1 is used as the start-key digest algorithm of PBKDF2. For the ODF export password-to-modify "feature", PBKDF2 is used without a start-key digest round, so the UTF-8 encoded password is directly the input. In both cases, if the user entered a password with a known problematic length, reject it and request a new one. Change-Id: Ie6510c1e668e1ed32be439ebe00354881b6ca83f
author: Michael Stahl <mstahl@redhat.com> 2018-01-12 22:30:07 +0100
committer: Michael Stahl <mstahl@redhat.com> 2018-01-12 23:31:44 +0100
commit: 9ef1734f03a008545a01fd394dd0e979bb230a0f (patch)
tree: 3183fcbf01682047978b78d7de5cea4c40ea8939 /comphelper
parent: 50382b9e9256d7361e3770daa654fb8d09448635 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx
index 9cf2fdffa0a8..13ab45f043af 100644
--- a/comphelper/source/misc/docpasswordhelper.cxx
+++ b/comphelper/source/misc/docpasswordhelper.cxx
@@ -49,6 +49,8 @@ static uno::Sequence< sal_Int8 > GeneratePBKDF2Hash( const OUString& aPassword,
     if ( !aPassword.isEmpty() && aSalt.getLength() && nCount && nHashLength )
     {
         OString aBytePass = OUStringToOString( aPassword, RTL_TEXTENCODING_UTF8 );
+        // FIXME this is subject to the SHA1-bug tdf#114939 - see also
+        // RequestPassword() in filedlghelper.cxx
         aResult.realloc( 16 );
         rtl_digest_PBKDF2( reinterpret_cast < sal_uInt8 * > ( aResult.getArray() ),
                            aResult.getLength(),
author	Michael Stahl <mstahl@redhat.com>	2018-01-12 22:30:07 +0100
committer	Michael Stahl <mstahl@redhat.com>	2018-01-12 23:31:44 +0100
commit	9ef1734f03a008545a01fd394dd0e979bb230a0f (patch)
tree	3183fcbf01682047978b78d7de5cea4c40ea8939 /comphelper
parent	50382b9e9256d7361e3770daa654fb8d09448635 (diff)