diff options
| author | Michael Stahl <michael.stahl@allotropia.de> | 2023-12-14 12:08:20 +0100 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2023-12-14 18:32:25 +0100 |
| commit | c6c51663479fa036f70b182b5892a23235bbde5f (patch) | |
| tree | fc65db4153b73b8bc3e4c533e8d598ecf2be62b0 /package | |
| parent | 1d2218690382374f3962de014b151dbac84a1446 (diff) | |
tdf#105844 package: increase PBKDF2 iterations for wholesome ODF encryption
The government recommends 600k iterations.
Change-Id: I8d4137ca8a08c2b3ac0e7724de1c87c2117ec7c4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160768
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'package')
| -rw-r--r-- | package/Library_package2.mk | 4 | ||||
| -rw-r--r-- | package/source/zippackage/ZipPackage.cxx | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/package/Library_package2.mk b/package/Library_package2.mk index c78786632555..6f29bf002a6b 100644 --- a/package/Library_package2.mk +++ b/package/Library_package2.mk @@ -24,6 +24,10 @@ $(eval $(call gb_Library_add_defs,package2,\ $(eval $(call gb_Library_set_precompiled_header,package2,package/inc/pch/precompiled_package2)) +$(eval $(call gb_Library_use_custom_headers,package2,\ + officecfg/registry \ +)) + $(eval $(call gb_Library_use_libraries,package2,\ comphelper \ cppu \ diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx index 8fb6c27876ab..54b8099e38d1 100644 --- a/package/source/zippackage/ZipPackage.cxx +++ b/package/source/zippackage/ZipPackage.cxx @@ -41,6 +41,7 @@ #include <com/sun/star/io/XSeekable.hpp> #include <com/sun/star/lang/WrappedTargetRuntimeException.hpp> #include <com/sun/star/container/XNameContainer.hpp> +#include <officecfg/Office/Common.hxx> #include <comphelper/fileurl.hxx> #include <comphelper/processfactory.hxx> #include <ucbhelper/content.hxx> @@ -1308,7 +1309,9 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() // for encrypted streams RandomPool aRandomPool; - sal_Int32 const nPBKDF2IterationCount = 100000; + // if there is only one KDF invocation, increase the safety margin + sal_Int32 const nPBKDF2IterationCount = + officecfg::Office::Common::Misc::ExperimentalMode::get() ? 600000 : 100000; // call saveContents ( it will recursively save sub-directories m_xRootFolder->saveContents("", aManList, aZipOut, GetEncryptionKey(), bIsGpgEncrypt ? 0 : nPBKDF2IterationCount, aRandomPool.get()); |