Created attachment 200389 [details] A sample from Ask site; password: 03530 Ref: https://ask.libreoffice.org/t/libreoffice-calc-24-2-7-2-wont-ask-for-password-when-opening-encrypted-xlsx/120931 This XLSX can be opened using Excel 2016 using password 03530 But opening in in LibreOffice prompts to repair the file, and fails if confirmed. The file was generated using Apache POI. The Ask site mentioned this code (I changed password): try (POIFSFileSystem fs = new POIFSFileSystem()) { EncryptionInfo info = new EncryptionInfo(EncryptionMode.agile, CipherAlgorithm.aes192, HashAlgorithm.sha384, -1, -1, null); Encryptor enc = info.getEncryptor(); enc.confirmPassword("03530"); // Read in an existing OOXML file and write to encrypted output stream // don't forget to close the output stream otherwise the padding bytes aren't added try (OPCPackage opc = OPCPackage.open(new File("..."), PackageAccess.READ_WRITE); OutputStream os = enc.getDataStream(fs)) { opc.save(os); } // Write out the encrypted version try (FileOutputStream fos = new FileOutputStream("...")) { fs.writeFilesystem(fos); } }
Reproducible Version: 25.8.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 7dddd449068d69ec2f47bfca2487f01fa7067fd0 CPU threads: 16; OS: Windows 11 X86_64 (build 26100); UI render: Skia/Vulkan; VCL: win Locale: es-ES (es_ES); UI: en-GB Calc: CL threaded
Reproducible from the oldest that I have installed Version: 7.2.0.1 / LibreOffice Community Build ID: 32efc3b7f3a71cfa6a7fa3f6c208333df48656cc CPU threads: 8; OS: Linux 6.11; UI render: default; VCL: gtk3 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded
I've submitted a patch on gerrit here: https://gerrit.libreoffice.org/c/core/+/184407 but it still fail to open the file once the password has been requested.
Created attachment 200442 [details] Valgrind trace when the quoted patch is applied
Created attachment 200444 [details] bt and also the bt after patch applied. I'm a bit stuck here. Thought Valgrind would help but putting a break in gdb in ./oox/source/crypto/AgileEngine.cxx spotted by Valgrind doesn't help, it segfaults before entering the break.
Julien Nabet committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/a399c4fae0a3f7dfd00565929e7ad6a41bde0df8 tdf#166241: add AES_192_CBC/AES_192_EBC It will be available in 25.8.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Would be also good to extend tests in oox/qa/unit/CryptoTest.cxx, which unit tests the OOXML encryption and decryption. If not also add a test document to sw/qa/extras/ooxmlexport/ooxmlencryption.cxx MSO skipped all this in-between AES modes and went directly from AES128 to AES256, so there was no need to implement AES192. But yeah - if we want to be "complete" we also need to implement that, but in practice it doesn't matter.
(In reply to Tomaz Vajngerl from comment #7) > Would be also good to extend tests in oox/qa/unit/CryptoTest.cxx, which unit > tests the OOXML encryption and decryption. If not also add a test document > to sw/qa/extras/ooxmlexport/ooxmlencryption.cxx > ... Done here: https://gerrit.libreoffice.org/c/core/+/184593
Hi Julien, this should probably be added to https://wiki.documentfoundation.org/ReleaseNotes/25.8
(In reply to Xisco Faulí from comment #9) > Hi Julien, > this should probably be added to > https://wiki.documentfoundation.org/ReleaseNotes/25.8 Thank you for the suggestion, done now.
Julien Nabet committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/core/commit/89a4dff62ea9b571bbc37dad8e2e65846118994a Related tdf#166241: add QA test in oox/qa/unit/CryptoTest.cxx for AES_192 It will be available in 25.8.0. The patch should be included in the daily builds available at https://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: https://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Working well in Version: 25.8.0.0.alpha0+ (X86_64) / LibreOffice Community Build ID: 109e9d6a61a540fde0b0146cb5114ff87594fb21 CPU threads: 16; OS: Linux 6.11; UI render: default; VCL: gtk3 Locale: en-US (en_US.UTF-8); UI: en-US Calc: threaded Julien, I think you can mark as Resolved, if everything is done.
(In reply to BogdanB from comment #12) >... > Julien, I think you can mark as Resolved, if everything is done. Indeed :-)