From 28c31ba12567f66ccb6a334fd21af10880f4a33b Mon Sep 17 00:00:00 2001 From: László Németh Date: Thu, 5 May 2022 12:04:47 +0200 Subject: tdf#128744 sw DOCX: unprotect change tracking with verification MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Unprotect change tracking only by password verification instead of 1) unprotecting without the password or 2) rejecting the correct password. I.e. now 1) clicking on Record changes icon of Track Changes toolbar or Edit->Track Changes->Record asks for a password, and 2) Unprotect Record changes on Security page of File->Properties... accepts the correct password with disabling record changes. Show also "Invalid password!" dialog disabling Record Changes by its icon or menu option, like Properties... dialog window does, if the password is invalid. Note: Still allow to unprotect OpenDocument export of a protected OOXML import document, because that doesn't contain the original password info, only a dummy RedlinePassword. (OpenDocument exports protect Track Changes with the simple RedlineProtectionKey configuration setting, so it's not possible to map the OOXML password info to OpenDocument without extending this.) Follow-up to commit d416250f4f1766e2d596ea3feef6a94b7adf29f4 "tdf#106843 DOCX: forbid disabling protected Record Changes". See also commit bfd7730f4cf002a79dc9c02c23286850fee3f12a "tdf#89383 DOCX import: fix permission for editing". Change-Id: Iafcf4a6b551a7e8485d4311aee889c2522526d71 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/133894 Tested-by: Jenkins Reviewed-by: László Németh --- comphelper/source/misc/docpasswordhelper.cxx | 57 ++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) (limited to 'comphelper') diff --git a/comphelper/source/misc/docpasswordhelper.cxx b/comphelper/source/misc/docpasswordhelper.cxx index e894b0d77bb7..5edb3949c977 100644 --- a/comphelper/source/misc/docpasswordhelper.cxx +++ b/comphelper/source/misc/docpasswordhelper.cxx @@ -137,6 +137,63 @@ DocPasswordHelper::GenerateNewModifyPasswordInfoOOXML(std::u16string_view aPassw } +uno::Sequence< beans::PropertyValue > DocPasswordHelper::ConvertPasswordInfo( const uno::Sequence< beans::PropertyValue >& aInfo ) +{ + uno::Sequence< beans::PropertyValue > aResult; + OUString sAlgorithm, sHash, sSalt, sCount; + sal_Int32 nAlgorithm = 0; + + for ( const auto & prop : aInfo ) + { + if ( prop.Name == "cryptAlgorithmSid" ) + { + prop.Value >>= sAlgorithm; + nAlgorithm = sAlgorithm.toInt32(); + } + else if ( prop.Name == "salt" ) + prop.Value >>= sSalt; + else if ( prop.Name == "cryptSpinCount" ) + prop.Value >>= sCount; + else if ( prop.Name == "hash" ) + prop.Value >>= sHash; + } + + if (nAlgorithm == 1) + sAlgorithm = "MD2"; + else if (nAlgorithm == 2) + sAlgorithm = "MD4"; + else if (nAlgorithm == 3) + sAlgorithm = "MD5"; + else if (nAlgorithm == 4) + sAlgorithm = "SHA-1"; + else if (nAlgorithm == 5) + sAlgorithm = "MAC"; + else if (nAlgorithm == 6) + sAlgorithm = "RIPEMD"; + else if (nAlgorithm == 7) + sAlgorithm = "RIPEMD-160"; + else if (nAlgorithm == 9) + sAlgorithm = "HMAC"; + else if (nAlgorithm == 12) + sAlgorithm = "SHA-256"; + else if (nAlgorithm == 13) + sAlgorithm = "SHA-384"; + else if (nAlgorithm == 14) + sAlgorithm = "SHA-512"; + + if ( !sCount.isEmpty() ) + { + sal_Int32 nCount = sCount.toInt32(); + aResult = { comphelper::makePropertyValue("algorithm-name", sAlgorithm), + comphelper::makePropertyValue("salt", sSalt), + comphelper::makePropertyValue("iteration-count", nCount), + comphelper::makePropertyValue("hash", sHash) }; + } + + return aResult; +} + + bool DocPasswordHelper::IsModifyPasswordCorrect( std::u16string_view aPassword, const uno::Sequence< beans::PropertyValue >& aInfo ) { bool bResult = false; -- cgit