diff options
| author | Michael Stahl <michael.stahl@allotropia.de> | 2023-12-08 21:16:31 +0100 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2023-12-11 20:46:40 +0100 |
| commit | f0fda7ad2236f478fea396a23d4f982e5fc37e68 (patch) | |
| tree | e6b0afbeb4874453aeb572c6e21240220667a36d /package/source/zipapi | |
| parent | 4bba7fbc22f13d579e57b36e8c8e302d987e01f0 (diff) | |
tdf#105844 offapi,package,sfx2,xmlsecurity: add AEAD w/ AES GCM
... and use it in the new experimental ODF encryption mode.
https://www.w3.org/TR/xmlenc-core1/#sec-AES-GCM
Unfortunately it turned out that NSS PK11_CipherOp() does not work with
CKM_AES_GCM because it is initialized with "context->multi = PR_FALSE"
in sftk_CryptInit(), so the one-step functions PK11_Encrypt() and
PK11_Decrypt() have to be used.
NSS 3.52 also changed a parameter struct definition - see
https://fedoraproject.org/wiki/Changes/NssGCMParams - which is not a
problem for RHEL or SUSE system NSS since those are rebased, but it
is likely a problem for less well maintained Ubuntu LTS, so use
the old struct definition which evidently still works with NSS 3.94.
NSS 3.52 also added a new PK11_AEADOp() API but it looks like this
doesn't support incremental encryption either.
Change-Id: Ibd4a672db74b65b1218926ba35ff8d2f70444c7e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160505
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'package/source/zipapi')
| -rw-r--r-- | package/source/zipapi/XUnbufferedStream.cxx | 1 | ||||
| -rw-r--r-- | package/source/zipapi/ZipFile.cxx | 6 |
2 files changed, 6 insertions, 1 deletions
diff --git a/package/source/zipapi/XUnbufferedStream.cxx b/package/source/zipapi/XUnbufferedStream.cxx index e3c31d5fca1c..bd2cf4d72d72 100644 --- a/package/source/zipapi/XUnbufferedStream.cxx +++ b/package/source/zipapi/XUnbufferedStream.cxx @@ -93,6 +93,7 @@ XUnbufferedStream::XUnbufferedStream( if ( bMustDecrypt ) { m_xCipherContext = ZipFile::StaticGetCipher( xContext, rData, false ); + // this is only relevant when padding is used mnBlockSize = ( rData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING ? 16 : 1 ); } diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 59bdcf8de891..f700b2722a71 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -187,7 +187,8 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un throw ZipIOException("Can not create derived key!" ); } - if ( xEncryptionData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING ) + if (xEncryptionData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING + || xEncryptionData->m_nEncAlg == xml::crypto::CipherID::AES_GCM_W3C) { uno::Reference< uno::XComponentContext > xContext = xArgContext; if ( !xContext.is() ) @@ -450,6 +451,9 @@ void CheckSequence( const uno::Sequence< sal_Int8 >& aSequence ) bool ZipFile::StaticHasValidPassword( const uno::Reference< uno::XComponentContext >& rxContext, const Sequence< sal_Int8 > &aReadBuffer, const ::rtl::Reference< EncryptionData > &rData ) { + if (rData->m_nEncAlg == xml::crypto::CipherID::AES_GCM_W3C) + return true; /*TODO fails because of tag*/ + if ( !rData.is() || !rData->m_aKey.hasElements() ) return false; |