tdf#105844 offapi,package,sfx2: use Argon2 for wholesome ODF encryption

https://www.rfc-editor.org/rfc/rfc9106.html

* add css::xml::crypto::KDFID constant group
* add "KeyDerivationFunction" to setEncryptionAlgorithms sequence
* Argon2 is used by default for wholesome ODF encryption, but
  $LO_ARGON2_DISABLE can be set to use PBKDF2
* extend various structs in package
* use 3 new ODF attributes "loext:argon2-iterations" "loext:argon2-memory"
  "loext:argon2-lanes" to store the arguments
* use this URL for now:
  "urn:org:documentfoundation:names:experimental:office:manifest:argon2id"
* use default arguments according to second recommendation from "7.4.
  Recommendations" of RFC9106; 64 MiB RAM should hopefully not be too
  much even for 32 bit builds

Change-Id: I683118cc5e0706bd6544db6fb909096768ac9920
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161009
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>

3 files changed, 56 insertions, 0 deletions

diff --git a/offapi/UnoApi_offapi.mk b/offapi/UnoApi_offapi.mk
index 2e2ee40aa8b4..186c68d500fb 100644
--- a/offapi/UnoApi_offapi.mk
+++ b/offapi/UnoApi_offapi.mk
@@ -4276,6 +4276,7 @@ $(eval $(call gb_UnoApi_add_idlfiles,offapi,com/sun/star/xml,\
 $(eval $(call gb_UnoApi_add_idlfiles,offapi,com/sun/star/xml/crypto,\
 	CipherID \
 	DigestID \
+	KDFID \
 	SecurityOperationStatus \
 	XCertificateCreator \
 	XCipherContext \
diff --git a/offapi/com/sun/star/embed/XEncryptionProtectedStorage.idl b/offapi/com/sun/star/embed/XEncryptionProtectedStorage.idl
index 71c5695f482f..da14714c6223 100644
--- a/offapi/com/sun/star/embed/XEncryptionProtectedStorage.idl
+++ b/offapi/com/sun/star/embed/XEncryptionProtectedStorage.idl
@@ -48,6 +48,14 @@ interface XEncryptionProtectedStorage: XEncryptionProtectedSource2
                     error; it should take values from
                     com::sun::star::xml:crypto::DigestID.
             </dd>
+            <dt>KeyDerivationFunction</dt>
+            <dd>
+                    specifies the algorithm that was used to derive the
+                    encryption key from the password; it is applied to
+                    the result of the StartKeyGenerationAlgorithm;
+                    it should take values from
+                    com::sun::star::xml:crypto::KDFID.
+            </dd>
             <dt>EncryptionAlgorithm</dt>
             <dd>
                     specifies the algorithm that should be used to
diff --git a/offapi/com/sun/star/xml/crypto/KDFID.idl b/offapi/com/sun/star/xml/crypto/KDFID.idl
new file mode 100644
index 000000000000..dc58e6b7463e
--- /dev/null
+++ b/offapi/com/sun/star/xml/crypto/KDFID.idl
@@ -0,0 +1,47 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+module com { module sun { module star { module xml { module crypto {
+
+/** Constants to identify Key Derivation Function
+    @since LibreOffice 24.2
+ */
+constants KDFID
+{
+    /** PBKDF2
+
+        Derive key material from password. When used with ODF, the
+        "StartKeyGenerationAlgorithm" is applied to the password and the
+        result is passed to KDF.
+     */
+    const long PBKDF2 = 1;
+
+    /** OpenPGP/GnuPG
+
+        Of course this is public key encryption, but it does produce
+        key material for symmetric encryption. When used with ODF, the
+        "StartKeyGenerationAlgorithm" digest is not used, as the input
+        is not a password.
+     */
+    const long PGP_RSA_OAEP_MGF1P = 2;
+
+    /** Argon2id
+
+        Derive key material from password. When used with ODF, the
+        "StartKeyGenerationAlgorithm" is applied to the password and the
+        result is passed to KDF.
+
+        @see https://www.rfc-editor.org/rfc/rfc9106.html
+     */
+    const long Argon2id = 3;
+};
+
+}; }; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */