summaryrefslogtreecommitdiff
path: root/svl
diff options
context:
space:
mode:
authorCaolán McNamara <caolanm@redhat.com>2022-03-21 20:58:34 +0000
committerAndras Timar <andras.timar@collabora.com>2022-03-30 11:07:07 +0200
commit0654164df0f0f1c82fa6656a33c6eed2a28f3590 (patch)
tree729cba5e81a8559778067a54226c707958f816e9 /svl
parenta3691d5b6e956d400026bc7d67055f9aa1c41d59 (diff)
make hash encoding match decoding
Seeing as old versions of the hash may be in the users config, add a StorageVersion field to the office config Passwords section which defaults to 0 to indicate the old hash is in use. Try the old varient when StorageVersion is 0. When a new encoded master password it set write StorageVersion of 1 to indicate a new hash is in use and use the new style when StorageVersion is 1. Change-Id: I3174c37a5891bfc849984e0ec5c2c392b9c6e7b1 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/132080 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Diffstat (limited to 'svl')
-rw-r--r--svl/source/passwordcontainer/passwordcontainer.cxx40
-rw-r--r--svl/source/passwordcontainer/passwordcontainer.hxx6
2 files changed, 45 insertions, 1 deletions
diff --git a/svl/source/passwordcontainer/passwordcontainer.cxx b/svl/source/passwordcontainer/passwordcontainer.cxx
index 1181144ead22..f3b1132de7a5 100644
--- a/svl/source/passwordcontainer/passwordcontainer.cxx
+++ b/svl/source/passwordcontainer/passwordcontainer.cxx
@@ -18,6 +18,7 @@
*/
#include <sal/config.h>
+#include <sal/log.hxx>
#include <string_view>
@@ -254,6 +255,23 @@ bool StorageItem::useStorage()
return aResult;
}
+sal_Int32 StorageItem::getStorageVersion()
+{
+ Sequence<OUString> aNodeNames { "StorageVersion" };
+
+ Sequence< Any > aPropertyValues = ConfigItem::GetProperties( aNodeNames );
+
+ if( aPropertyValues.getLength() != aNodeNames.getLength() )
+ {
+ OSL_FAIL( "Problems during reading" );
+ return 0;
+ }
+
+ sal_Int32 nResult = 0;
+ aPropertyValues[0] >>= nResult;
+
+ return nResult;
+}
bool StorageItem::getEncodedMP( OUString& aResult )
{
@@ -289,7 +307,8 @@ void StorageItem::setEncodedMP( const OUString& aEncoded, bool bAcceptEmpty )
bool bHasMaster = ( !aEncoded.isEmpty() || bAcceptEmpty );
ConfigItem::SetModified();
- ConfigItem::PutProperties( { "HasMaster", "Master" }, { uno::Any(bHasMaster), uno::Any(aEncoded) } );
+ ConfigItem::PutProperties( { "HasMaster", "Master", "StorageVersion" },
+ { uno::Any(bHasMaster), uno::Any(aEncoded), uno::Any(nCurrentStorageVersion) } );
hasEncoded = bHasMaster;
mEncoded = aEncoded;
@@ -774,6 +793,18 @@ OUString PasswordContainer::RequestPasswordFromUser( PasswordRequestMode aRMode,
return aResult;
}
+// Mangle the key to match an old bug
+static OUString ReencodeAsOldHash(const OUString& rPass)
+{
+ OUStringBuffer aBuffer;
+ for (int ind = 0; ind < RTL_DIGEST_LENGTH_MD5; ++ind)
+ {
+ unsigned char i = static_cast<char>(rPass.copy(ind * 2, 2).toUInt32(16));
+ aBuffer.append(static_cast< sal_Unicode >('a' + (i >> 4)));
+ aBuffer.append(static_cast< sal_Unicode >('a' + (i & 15)));
+ }
+ return aBuffer.makeStringAndClear();
+}
OUString const & PasswordContainer::GetMasterPassword( const Reference< XInteractionHandler >& aHandler )
{
@@ -812,6 +843,9 @@ OUString const & PasswordContainer::GetMasterPassword( const Reference< XInterac
}
else
{
+ if (m_pStorageFile->getStorageVersion() == 0)
+ aPass = ReencodeAsOldHash(aPass);
+
std::vector< OUString > aRM( DecodePasswords( aEncodedMP, aPass, aRMode ) );
if( aRM.empty() || aPass != aRM[0] )
{
@@ -1016,6 +1050,10 @@ sal_Bool SAL_CALL PasswordContainer::authorizateWithMasterPassword( const uno::R
do {
aPass = RequestPasswordFromUser( aRMode, xTmpHandler );
+
+ if (m_pStorageFile->getStorageVersion() == 0)
+ aPass = ReencodeAsOldHash(aPass);
+
bResult = ( !aPass.isEmpty() && aPass == m_aMasterPasswd );
aRMode = PasswordRequestMode_PASSWORD_REENTER; // further questions with error notification
} while( !bResult && !aPass.isEmpty() );
diff --git a/svl/source/passwordcontainer/passwordcontainer.hxx b/svl/source/passwordcontainer/passwordcontainer.hxx
index 0a15bf989328..a513b39336c8 100644
--- a/svl/source/passwordcontainer/passwordcontainer.hxx
+++ b/svl/source/passwordcontainer/passwordcontainer.hxx
@@ -166,6 +166,10 @@ public:
typedef ::std::pair< const OUString, ::std::vector< NamePassRecord > > PairUrlRecord;
typedef ::std::map< OUString, ::std::vector< NamePassRecord > > PassMap;
+// org.openoffice.Office.Common/Passwords/StorageVersion bump if details of
+// how password details are saved changes. Enables migration from previous
+// schemes.
+constexpr sal_Int32 nCurrentStorageVersion = 1;
class PasswordContainer;
@@ -194,6 +198,8 @@ public:
void remove( const OUString& url, const OUString& rec );
void clear();
+ sal_Int32 getStorageVersion();
+
bool getEncodedMP( OUString& aResult );
void setEncodedMP( const OUString& aResult, bool bAcceptEmpty = false );
void setUseStorage( bool bUse );