From 062ac27d7052bcdf0bdd5db978e041d4c614fd6b Mon Sep 17 00:00:00 2001 From: Stephan Bergmann Date: Wed, 22 Aug 2018 09:49:25 +0200 Subject: rhbz#1618703: Allow to use OpenSSL as backend for rtl/cipher.h MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ...with new configuration option --enable-cipher-openssl-backend rtl/cipher.h (which is part of the stable URE interface) offers functionality to en-/decrypt data with Blowfish in ECB, CBC, and streaming CFB mode, and with RC4 (aka ARCFOUR; which is a stream cipher). LO itself only uses Blowfish CFB and RC4, so only those are wired to OpenSSL for now, for simplicity. Using Blowfish ECB and CBC, or Blowfish CFB in DirectionBoth mode would cause failures for now (cf. sal/qa/rtl/cipher/rtl_cipher.cxx); the assumption is that no external code actually makes use of this functionality. Using NSS instead of OpenSSL could be an alternative, but there appears to be no support in NSS for Blowfish in streaming CFB mode, only CKM_BLOWFISH_CBC for CBC mode. Change-Id: I0bc042961539ed46844c96cb1c808209578528a0 Reviewed-on: https://gerrit.libreoffice.org/59428 Tested-by: Jenkins Reviewed-by: Stephan Bergmann (cherry picked from commit 4bc16aeb73c1201f187742e0fefe35521fae77ac) Reviewed-on: https://gerrit.libreoffice.org/59575 Reviewed-by: Caolán McNamara Tested-by: Caolán McNamara --- config_host.mk.in | 1 + 1 file changed, 1 insertion(+) (limited to 'config_host.mk.in') diff --git a/config_host.mk.in b/config_host.mk.in index 4a864c745424..5d08d21e9b8a 100644 --- a/config_host.mk.in +++ b/config_host.mk.in @@ -112,6 +112,7 @@ export ENABLE_AVAHI=@ENABLE_AVAHI@ export ENABLE_BREAKPAD=@ENABLE_BREAKPAD@ export ENABLE_CAIRO_CANVAS=@ENABLE_CAIRO_CANVAS@ export ENABLE_CHART_TESTS=@ENABLE_CHART_TESTS@ +export ENABLE_CIPHER_OPENSSL_BACKEND=@ENABLE_CIPHER_OPENSSL_BACKEND@ export ENABLE_LIBCMIS=@ENABLE_LIBCMIS@ export ENABLE_COINMP=@ENABLE_COINMP@ export SYSTEM_COINMP=@SYSTEM_COINMP@ -- cgit