diff options
| author | Michael Stahl <mstahl@redhat.com> | 2018-01-12 22:30:07 +0100 |
|---|---|---|
| committer | Michael Stahl <mstahl@redhat.com> | 2018-01-12 23:31:44 +0100 |
| commit | 9ef1734f03a008545a01fd394dd0e979bb230a0f (patch) | |
| tree | 3183fcbf01682047978b78d7de5cea4c40ea8939 /sfx2 | |
| parent | 50382b9e9256d7361e3770daa654fb8d09448635 (diff) | |
tdf#114939 sfx2: notify user of non-interoperable passwords
For ODF 1.1 encryption, SHA1 is used as the start-key digest algorithm
of PBKDF2.
For the ODF export password-to-modify "feature", PBKDF2 is used
without a start-key digest round, so the UTF-8 encoded password
is directly the input.
In both cases, if the user entered a password with a known problematic
length, reject it and request a new one.
Change-Id: Ie6510c1e668e1ed32be439ebe00354881b6ca83f
Diffstat (limited to 'sfx2')
| -rw-r--r-- | sfx2/source/dialog/filedlghelper.cxx | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/sfx2/source/dialog/filedlghelper.cxx b/sfx2/source/dialog/filedlghelper.cxx index 9871ab45cc3e..f19ea1488b63 100644 --- a/sfx2/source/dialog/filedlghelper.cxx +++ b/sfx2/source/dialog/filedlghelper.cxx @@ -60,6 +60,7 @@ #include <vcl/msgbox.hxx> #include <vcl/mnemonic.hxx> #include <unotools/pathoptions.hxx> +#include <unotools/saveopt.hxx> #include <unotools/securityoptions.hxx> #include <svl/itemset.hxx> #include <svl/eitem.hxx> @@ -2668,7 +2669,25 @@ ErrCode RequestPassword(const std::shared_ptr<const SfxFilter>& pCurrentFilter, ::rtl::Reference< ::comphelper::DocPasswordRequest > pPasswordRequest( new ::comphelper::DocPasswordRequest( eType, css::task::PasswordRequestMode_PASSWORD_CREATE, aURL, bool( pCurrentFilter->GetFilterFlags() & SfxFilterFlags::PASSWORDTOMODIFY ) ) ); uno::Reference< css::task::XInteractionRequest > rRequest( pPasswordRequest.get() ); - xInteractionHandler->handle( rRequest ); + do { + xInteractionHandler->handle( rRequest ); + if (pPasswordRequest->isPassword() && !bMSType) + { + OString const utf8Pwd(OUStringToOString(pPasswordRequest->getPassword(), RTL_TEXTENCODING_UTF8)); + OString const utf8Ptm(OUStringToOString(pPasswordRequest->getPasswordToModify(), RTL_TEXTENCODING_UTF8)); + if (!(52 <= utf8Pwd.getLength() && utf8Pwd.getLength() <= 55 + && SvtSaveOptions().GetODFDefaultVersion() < SvtSaveOptions::ODFVER_012) + && !(52 <= utf8Ptm.getLength() && utf8Ptm.getLength() <= 55)) + { + break; + } + ScopedVclPtrInstance<MessBox>(Application::GetDefDialogParent(), + MessBoxStyle::Ok, 0, "Password length", + "The password you have entered causes interoperability issues. Please enter a password that is shorter than 52 bytes, or longer than 55 bytes." + )->Execute(); + + } + } while (true); if ( pPasswordRequest->isPassword() ) { if ( pPasswordRequest->getPassword().getLength() ) |