2f512aaa6c
https://www.rfc-editor.org/rfc/rfc9106.html * add css::xml::crypto::KDFID constant group * add "KeyDerivationFunction" to setEncryptionAlgorithms sequence * Argon2 is used by default for wholesome ODF encryption, but $LO_ARGON2_DISABLE can be set to use PBKDF2 * extend various structs in package * use 3 new ODF attributes "loext:argon2-iterations" "loext:argon2-memory" "loext:argon2-lanes" to store the arguments * use this URL for now: "urn:org:documentfoundation:names:experimental🏢manifest:argon2id" * use default arguments according to second recommendation from "7.4. Recommendations" of RFC9106; 64 MiB RAM should hopefully not be too much even for 32 bit builds Change-Id: I683118cc5e0706bd6544db6fb909096768ac9920 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161009 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
47 lines
1.4 KiB
Text
47 lines
1.4 KiB
Text
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/*
|
|
* This file is part of the LibreOffice project.
|
|
*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
module com { module sun { module star { module xml { module crypto {
|
|
|
|
/** Constants to identify Key Derivation Function
|
|
@since LibreOffice 24.2
|
|
*/
|
|
constants KDFID
|
|
{
|
|
/** PBKDF2
|
|
|
|
Derive key material from password. When used with ODF, the
|
|
"StartKeyGenerationAlgorithm" is applied to the password and the
|
|
result is passed to KDF.
|
|
*/
|
|
const long PBKDF2 = 1;
|
|
|
|
/** OpenPGP/GnuPG
|
|
|
|
Of course this is public key encryption, but it does produce
|
|
key material for symmetric encryption. When used with ODF, the
|
|
"StartKeyGenerationAlgorithm" digest is not used, as the input
|
|
is not a password.
|
|
*/
|
|
const long PGP_RSA_OAEP_MGF1P = 2;
|
|
|
|
/** Argon2id
|
|
|
|
Derive key material from password. When used with ODF, the
|
|
"StartKeyGenerationAlgorithm" is applied to the password and the
|
|
result is passed to KDF.
|
|
|
|
@see https://www.rfc-editor.org/rfc/rfc9106.html
|
|
*/
|
|
const long Argon2id = 3;
|
|
};
|
|
|
|
}; }; }; }; };
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */
|