Bug 115483 - implementation of 19.697 table:protection-key / 19.850 text:protection-key doesn't conform to ODF 1.2
Summary: implementation of 19.697 table:protection-key / 19.850 text:protection-key do...
Status: RESOLVED FIXED
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: filters and storage (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: All All
: medium normal
Assignee: Michael Stahl (CIB)
URL:
Whiteboard: odf target:6.1.0 target:6.0.2
Keywords:
Depends on:
Blocks: ODF-import
  Show dependency treegraph
 
Reported: 2018-02-06 09:47 UTC by Michael Stahl (CIB)
Modified: 2018-02-15 10:18 UTC (History)
4 users (show)

See Also:
Crash report or crash signature:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Stahl (CIB) 2018-02-06 09:47:33 UTC
ODF 1.1 allowed these attributes to set passwords to "protect" sections,
indexes, spreadsheet documents and sheets, and did not specify
in any way what their string value means.

ODF 1.2 part 1 says about them:

19.851 text:protection-key-digest-algorithm

... The password shall be provided as a sequence of bytes in UTF-8 encoding.

... Consumers shall support http://www.w3.org/2000/09/xmldsig#sha1, which is the default, and http://www.w3.org/2000/09/xmldsig#sha256.

bugs:

1. the LO implementation uses UTF-16 little-endian encoding for the password
(while evidently some ancient OOo versions from 2003 or so actually used
UTF-16 *native* endian, so would use big-endian on e.g. SPARC)

2. only SHA1 is supported, not the mandatory SHA256

3. the SHA1 implementation is buggy, see bug 114939
   (although that should have little practical consequence,
   surely nobody is using 52-byte passwords for this)
Comment 1 Commit Notification 2018-02-07 17:04:13 UTC
Michael Stahl committed a patch related to this issue.
It has been pushed to "master":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=398275ba9f4d65bebcc78864e70eee6212a84397

tdf#115483 svl xmloff sc sw: verify all ODF 1.2 protection-key hashes

It will be available in 6.1.0.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.
Comment 2 Michael Stahl (CIB) 2018-02-07 19:43:46 UTC
fixed on master, in that we can now verify & round-trip all required ODF 1.2 protection key hashes, but for now we continue to generate the same thing as before until the import code is more widely deployed
Comment 3 Michael Stahl (CIB) 2018-02-07 20:07:41 UTC
forgot to mention:
in my testing, MS Office 2010, Gnumeric, Abiword, Calligra Words do not support these attributes.  Calligra Sheets does, and understands the same UTF-16 LE as legacy OOo/LO does.

MS Office 2016 claims to not support these attributes:

https://msdn.microsoft.com/en-us/library/hh695327
Comment 4 Commit Notification 2018-02-15 10:18:36 UTC
Michael Stahl committed a patch related to this issue.
It has been pushed to "libreoffice-6-0":

http://cgit.freedesktop.org/libreoffice/core/commit/?id=d28ceb7511a8df9345b1c9818baaad5532853a12&h=libreoffice-6-0

tdf#115483 svl xmloff sc sw: verify all ODF 1.2 protection-key hashes

It will be available in 6.0.2.

The patch should be included in the daily builds available at
http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More
information about daily builds can be found at:
http://wiki.documentfoundation.org/Testing_Daily_Builds

Affected users are encouraged to test the fix and report feedback.