tdf#114939 officecfg,sfx2: always use AES/SHA256 in ODF 1.2

The setting ODFVER_012_EXT_COMPAT "1.2 Extended (compatibility mode)" no longer has an effect on the encryption algorithms. API CHANGE: Remove the configuration settings: Office.Common.Save.ODF.UseSHA1InODF12 Office.Common.Save.ODF.UseBlowfishInODF12 Rationale: * Every release since 2012, from LO >= 3.4 and AOO >= 3.4, can read AES/SHA256 encrypted files. * SHA1 is broken anyway * tdf#114939 causes SHA1 interop issues Retain SHA1/Blowfish only for ODF 1.1 export. Change-Id: I007511d4830a90121e38bf5bb4534df5695621e9

tdf#114939 officecfg,sfx2: always use AES/SHA256 in ODF 1.2
The setting ODFVER_012_EXT_COMPAT "1.2 Extended (compatibility mode)" no longer has an effect on the encryption algorithms. API CHANGE: Remove the configuration settings: Office.Common.Save.ODF.UseSHA1InODF12 Office.Common.Save.ODF.UseBlowfishInODF12 Rationale: * Every release since 2012, from LO >= 3.4 and AOO >= 3.4, can read AES/SHA256 encrypted files. * SHA1 is broken anyway * tdf#114939 causes SHA1 interop issues Retain SHA1/Blowfish only for ODF 1.1 export. Change-Id: I007511d4830a90121e38bf5bb4534df5695621e9
0b7c3b7d · Michael Stahl · 42e90b44 · 0b7c3b7d · 0b7c3b7d
Kaydet (Commit) 0b7c3b7d authored Ock 11, 2018 tarafından Michael Stahl
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 27 deletions

Common.xcs officecfg/registry/schema/org/openoffice/Office/Common.xcs +0 -15

objstor.cxx sfx2/source/doc/objstor.cxx +3 -12

No files found.
--- a/officecfg/registry/schema/org/openoffice/Office/Common.xcs
+++ b/officecfg/registry/schema/org/openoffice/Office/Common.xcs
@@ -2409,21 +2409,6 @@
          </constraints>
          <value>3</value>
        </prop>
-        <prop oor:name="UseSHA1InODF12" oor:type="xs:boolean" oor:nillable="false">
-          <info>
-            <desc>Specifies whether SHA1 algorithm instead of SHA256 should be
-            used in ODF12 for StartKey and Checksum generation during
-            encryption.</desc>
-          </info>
-          <value>false</value>
-        </prop>
-        <prop oor:name="UseBlowfishInODF12" oor:type="xs:boolean" oor:nillable="false">
-          <info>
-            <desc>Specifies whether Blowfish algorithm instead of AES should be
-            used in ODF12 for encryption.</desc>
-          </info>
-          <value>false</value>
-        </prop>
      </group>
    </group>
    <group oor:name="Load">

--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -362,15 +362,10 @@ void SfxObjectShell::SetupStorage( const uno::Reference< embed::XStorage >& xSto
                }

                SvtSaveOptions::ODFDefaultVersion nDefVersion = SvtSaveOptions::ODFVER_012;
-                bool bUseSHA1InODF12 = false;
-                bool bUseBlowfishInODF12 = false;
-
                if (!utl::ConfigManager::IsFuzzing())
                {
                    SvtSaveOptions aSaveOpt;
                    nDefVersion = aSaveOpt.GetODFDefaultVersion();
-                    bUseSHA1InODF12 = officecfg::Office::Common::Save::ODF::UseSHA1InODF12::get();
-                    bUseBlowfishInODF12 = officecfg::Office::Common::Save::ODF::UseBlowfishInODF12::get();
                }

                // the default values, that should be used for ODF1.1 and older formats
@@ -392,13 +387,9 @@ void SfxObjectShell::SetupStorage( const uno::Reference< embed::XStorage >& xSto
                    {
                    }

-                    if ( !bUseSHA1InODF12 && nDefVersion != SvtSaveOptions::ODFVER_012_EXT_COMPAT )
-                    {
-                        aEncryptionAlgs[0].Value <<= xml::crypto::DigestID::SHA256;
-                        aEncryptionAlgs[2].Value <<= xml::crypto::DigestID::SHA256_1K;
-                    }
-                    if ( !bUseBlowfishInODF12 && nDefVersion != SvtSaveOptions::ODFVER_012_EXT_COMPAT )
-                        aEncryptionAlgs[1].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
+                    aEncryptionAlgs[0].Value <<= xml::crypto::DigestID::SHA256;
+                    aEncryptionAlgs[2].Value <<= xml::crypto::DigestID::SHA256_1K;
+                    aEncryptionAlgs[1].Value <<= xml::crypto::CipherID::AES_CBC_W3C_PADDING;
                }

                try