package: ODF export: fix position of manifest:start-key-generation child

META-INF/manifest.xml[8,137]:  Error: element "manifest:start-key-generation" was found where no element may occur

The problem is that in the schema, manifest:start-key-generation
precedes key-derivation but LO writes it in swapped order.

This is apparently a workaround for a bug in OOo < 3.2 ODF import and
specific to ODF >= 1.2 because the element didn't exist in ODF 1.1; as
it turns out we don't care about OOo < 3.4 being able to load encrypted
ODF 1.2 documents anway since commit
0b7c3b7d9fa71f59eed75c3e80e5e12245c5e1c5 "tdf#114939 officecfg,sfx2:
always use AES/SHA256 in ODF 1.2".

Change-Id: I3b62e3eba719f13e39fb24bf9792f764b24ccaeb
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94413
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>

1 files changed, 40 insertions, 42 deletions

diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx
index fefb1aa7c1e9..1546b7dbb3c7 100644
--- a/package/source/manifest/ManifestExport.cxx
+++ b/package/source/manifest/ManifestExport.cxx
@@ -452,48 +452,6 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con
             xHandler->ignorableWhitespace ( sWhiteSpace );
             xHandler->endElement( sAlgorithmElement );
 
-            // ==== Key Derivation
-            pNewAttrList = new ::comphelper::AttributeList;
-            xNewAttrList = pNewAttrList;
-
-            if ( pKeyInfoProperty )
-            {
-                pNewAttrList->AddAttribute ( sKeyDerivationNameAttribute,
-                                             sCdataAttribute,
-                                             sPGP_Name );
-                // no start-key-generation needed, our session key has
-                // max size already
-                bStoreStartKeyGeneration = false;
-            }
-            else
-            {
-                pNewAttrList->AddAttribute ( sKeyDerivationNameAttribute,
-                                             sCdataAttribute,
-                                             sPBKDF2_Name );
-
-                if ( bStoreStartKeyGeneration )
-                {
-                    aBuffer.append( nDerivedKeySize );
-                    pNewAttrList->AddAttribute ( sKeySizeAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
-                }
-
-                sal_Int32 nCount = 0;
-                *pIterationCount >>= nCount;
-                aBuffer.append (nCount);
-                pNewAttrList->AddAttribute ( sIterationCountAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
-
-                *pSalt >>= aSequence;
-                ::comphelper::Base64::encode(aBuffer, aSequence);
-                pNewAttrList->AddAttribute ( sSaltAttribute, sCdataAttribute, aBuffer.makeStringAndClear() );
-            }
-
-            xHandler->ignorableWhitespace ( sWhiteSpace );
-            xHandler->startElement( sKeyDerivationElement , xNewAttrList);
-            xHandler->ignorableWhitespace ( sWhiteSpace );
-            xHandler->endElement( sKeyDerivationElement );
-
-            // we have to store start-key-generation element as the last one to workaround the parsing problem
-            // in OOo3.1 and older versions
             if ( bStoreStartKeyGeneration )
             {
                 // ==== Start Key Generation
@@ -528,6 +486,46 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con
                 xHandler->endElement( sStartKeyGenerationElement );
             }
 
+            // ==== Key Derivation
+            pNewAttrList = new ::comphelper::AttributeList;
+            xNewAttrList = pNewAttrList;
+
+            if (pKeyInfoProperty)
+            {
+                pNewAttrList->AddAttribute(sKeyDerivationNameAttribute,
+                                           sCdataAttribute,
+                                           sPGP_Name);
+                // no start-key-generation needed, our session key has
+                // max size already
+                bStoreStartKeyGeneration = false;
+            }
+            else
+            {
+                pNewAttrList->AddAttribute(sKeyDerivationNameAttribute,
+                                           sCdataAttribute,
+                                           sPBKDF2_Name);
+
+                if (bStoreStartKeyGeneration)
+                {
+                    aBuffer.append(nDerivedKeySize);
+                    pNewAttrList->AddAttribute(sKeySizeAttribute, sCdataAttribute, aBuffer.makeStringAndClear());
+                }
+
+                sal_Int32 nCount = 0;
+                *pIterationCount >>= nCount;
+                aBuffer.append(nCount);
+                pNewAttrList->AddAttribute(sIterationCountAttribute, sCdataAttribute, aBuffer.makeStringAndClear());
+
+                *pSalt >>= aSequence;
+                ::comphelper::Base64::encode(aBuffer, aSequence);
+                pNewAttrList->AddAttribute(sSaltAttribute, sCdataAttribute, aBuffer.makeStringAndClear());
+            }
+
+            xHandler->ignorableWhitespace(sWhiteSpace);
+            xHandler->startElement(sKeyDerivationElement, xNewAttrList);
+            xHandler->ignorableWhitespace(sWhiteSpace);
+            xHandler->endElement(sKeyDerivationElement);
+
             xHandler->ignorableWhitespace ( sWhiteSpace );
             xHandler->endElement( sEncryptionDataElement );
         }