3b347664b2
Redo the ODF encryption by storing an ODF package and wrapping it as a stream "encrypted-package" in another ODF package, such that there is only one encrypted stream - this requires only one KDF computation. * This is only enabled in Experimental mode for now. * Avoid storing unencrypted data in the pTempFile of SfxMedium, as it is usually created in the same directory as the target file, which may be on a network share or similar less trusted location. * SfxMedium::SetEncryptionDataToStorage_Impl() should just set an error status if it fails (how can it fail anyway) * when loading a document, SfxDocPasswordVerifier extracts an encrypted inner package (by calling SfxMedium::TryEncryptedInnerPackage()) * SfxMedium::GetStorage() automatically decrypts an encrypted inner storage and sets it as the SfxMedium's xStorage * when storing a document, SfxObjectShell::SaveTo_Impl() creates the wrapped storages * One challenge is to keep the macro/scripting signature working; this can only be put in the inner storage, whereas the document signature should continue to be on the outer storage; also it must use a Zip storage, to see the "META-INF" directory. This needs a new SfxMedium::GetScriptingStorageToSign_Impl() and changes in SfxMedium::SignContents_Impl(). Change-Id: Ibfee36ce3a9cd030f2aa2ce1484b6d001cba2389 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/160401 Tested-by: Jenkins Reviewed-by: Michael Stahl <michael.stahl@allotropia.de> |
||
|---|---|---|
| .. | ||
| dtd | ||
| inc | ||
| qa | ||
| source | ||
| util | ||
| CppunitTest_package2_test.mk | ||
| IwyuFilter_package.yaml | ||
| Library_package2.mk | ||
| Library_xstor.mk | ||
| Makefile | ||
| Module_package.mk | ||
| Package_dtd.mk | ||
| README.md | ||
ZIP Support
Reading and writing ZIP files.