tdf#114550 don't use PBKDF2 in package for gpg encryption

No need to derive password-based key, simply skip rtl_digest_PBKDF2 for the gpg4libre case. Also pass down PBKDF2 iteration count from ZipPackage, which knows about GPG encryption, instead of just always setting it in package stream. We otherwise needlessly iterate session key also for gpg encrypted storages. Change-Id: Ic96b2193f8541bbd109795fb9c0212a0a10c7344 Reviewed-on: https://gerrit.libreoffice.org/47783Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>

tdf#114550 don't use PBKDF2 in package for gpg encryption
No need to derive password-based key, simply skip rtl_digest_PBKDF2 for the gpg4libre case. Also pass down PBKDF2 iteration count from ZipPackage, which knows about GPG encryption, instead of just always setting it in package stream. We otherwise needlessly iterate session key also for gpg encrypted storages. Change-Id: Ic96b2193f8541bbd109795fb9c0212a0a10c7344 Reviewed-on: https://gerrit.libreoffice.org/47783Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
39805f65 · Thorsten Behrens · 6df0c7bc · 39805f65 · 39805f65 · 39805f65
Kaydet (Commit) 39805f65 authored Ock 11, 2018 tarafından Thorsten Behrens
7 changed files
--- a/package/inc/ZipPackageEntry.hxx
+++ b/package/inc/ZipPackageEntry.hxx
@@ -69,6 +69,7 @@ public:
                            std::vector < css::uno::Sequence < css::beans::PropertyValue > > &rManList,
                            ZipOutputStream & rZipOut,
                            const css::uno::Sequence < sal_Int8 >& rEncryptionKey,
+                            sal_Int32 nPBKDF2IterationCount,
                            const rtlRandomPool &rRandomPool ) = 0;

    void clearParent()

--- a/package/inc/ZipPackageFolder.hxx
+++ b/package/inc/ZipPackageFolder.hxx
@@ -73,6 +73,7 @@ public:
                            std::vector < css::uno::Sequence < css::beans::PropertyValue > > &rManList,
                            ZipOutputStream & rZipOut,
                            const css::uno::Sequence < sal_Int8 >& rEncryptionKey,
+                            sal_Int32 nPBKDF2IterationCount,
                            const rtlRandomPool &rRandomPool ) override;

    // Recursive functions
@@ -82,6 +83,7 @@ public:
            std::vector < css::uno::Sequence < css::beans::PropertyValue > > &rManList,
            ZipOutputStream & rZipOut,
            const css::uno::Sequence< sal_Int8 > &rEncryptionKey,
+            sal_Int32 nPBKDF2IterationCount,
            const rtlRandomPool & rRandomPool) const;

    // XNameContainer

--- a/package/inc/ZipPackageStream.hxx
+++ b/package/inc/ZipPackageStream.hxx
@@ -133,6 +133,7 @@ public:
                            std::vector < css::uno::Sequence < css::beans::PropertyValue > > &rManList,
                            ZipOutputStream & rZipOut,
                            const css::uno::Sequence < sal_Int8 >& rEncryptionKey,
+                            sal_Int32 nPBKDF2IterationCount,
                            const rtlRandomPool &rRandomPool ) override;

    void setZipEntryOnLoading( const ZipEntry &rInEntry);

--- a/package/source/zipapi/ZipFile.cxx
+++ b/package/source/zipapi/ZipFile.cxx
@@ -170,7 +170,14 @@ uno::Reference< xml::crypto::XCipherContext > ZipFile::StaticGetCipher( const un
        }

        uno::Sequence< sal_Int8 > aDerivedKey( xEncryptionData->m_nDerivedKeySize );
-        if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ),
+        if ( !xEncryptionData->m_nIterationCount &&
+             xEncryptionData->m_nDerivedKeySize == xEncryptionData->m_aKey.getLength() )
+        {
+            // gpg4libre: no need to derive key, m_aKey is already
+            // usable as symmetric session key
+            aDerivedKey = xEncryptionData->m_aKey;
+        }
+        else if ( rtl_Digest_E_None != rtl_digest_PBKDF2( reinterpret_cast< sal_uInt8* >( aDerivedKey.getArray() ),
                            aDerivedKey.getLength(),
                            reinterpret_cast< const sal_uInt8 * > (xEncryptionData->m_aKey.getConstArray() ),
                            xEncryptionData->m_aKey.getLength(),

--- a/package/source/zippackage/ZipPackage.cxx
+++ b/package/source/zippackage/ZipPackage.cxx
@@ -287,6 +287,7 @@ void ZipPackage::parseManifest()
                                        pStream->SetToBeCompressed ( true );
                                        pStream->SetToBeEncrypted ( true );
                                        pStream->SetIsEncrypted ( true );
+                                        pStream->setIterationCount(0);

                                        // clamp to default SHA256 start key magic value,
                                        // c.f. ZipPackageStream::GetEncryptionKey()
@@ -1249,10 +1250,10 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile()
        const OUString sMediaType ("MediaType");
        const OUString sVersion ("Version");
        const OUString sFullPath ("FullPath");
+        const bool bIsGpgEncrypt = m_aGpgProps.hasElements();

        if ( m_nFormat == embed::StorageFormats::PACKAGE )
        {
-            bool bIsGpgEncrypt = m_aGpgProps.hasElements();
            uno::Sequence < PropertyValue > aPropSeq(
                bIsGpgEncrypt ? PKG_SIZE_NOENCR_MNFST+1 : PKG_SIZE_NOENCR_MNFST );
            aPropSeq [PKG_MNFST_MEDIATYPE].Name = sMediaType;
@@ -1275,8 +1276,10 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile()
            // for encrypted streams
            RandomPool aRandomPool;

+            sal_Int32 const nPBKDF2IterationCount = 100000;
+
            // call saveContents ( it will recursively save sub-directories
-            m_xRootFolder->saveContents("", aManList, aZipOut, GetEncryptionKey(), aRandomPool.get());
+            m_xRootFolder->saveContents("", aManList, aZipOut, GetEncryptionKey(), bIsGpgEncrypt ? 0 : nPBKDF2IterationCount, aRandomPool.get());
        }

        if( m_nFormat == embed::StorageFormats::PACKAGE )

--- a/package/source/zippackage/ZipPackageFolder.cxx
+++ b/package/source/zippackage/ZipPackageFolder.cxx
@@ -257,6 +257,7 @@ bool ZipPackageFolder::saveChild(
        std::vector < uno::Sequence < PropertyValue > > &rManList,
        ZipOutputStream & rZipOut,
        const uno::Sequence < sal_Int8 >& rEncryptionKey,
+        sal_Int32 nPBKDF2IterationCount,
        const rtlRandomPool &rRandomPool)
 {
    const OUString sMediaTypeProperty ("MediaType");
@@ -278,7 +279,7 @@ bool ZipPackageFolder::saveChild(
    else
        aPropSet.realloc( 0 );

-    saveContents( sTempName, rManList, rZipOut, rEncryptionKey, rRandomPool);
+    saveContents( sTempName, rManList, rZipOut, rEncryptionKey, nPBKDF2IterationCount, rRandomPool);

    // folder can have a mediatype only in package format
    if ( aPropSet.getLength() && ( m_nFormat == embed::StorageFormats::PACKAGE ) )
@@ -292,6 +293,7 @@ void ZipPackageFolder::saveContents(
        std::vector < uno::Sequence < PropertyValue > > &rManList,
        ZipOutputStream & rZipOut,
        const uno::Sequence < sal_Int8 >& rEncryptionKey,
+        sal_Int32 nPBKDF2IterationCount,
        const rtlRandomPool &rRandomPool ) const
 {
    bool bWritingFailed = false;
@@ -330,7 +332,7 @@ void ZipPackageFolder::saveContents(
        {
            bMimeTypeStreamStored = true;
            bWritingFailed = !aIter->second->pStream->saveChild(
-                rPath + aIter->first, rManList, rZipOut, rEncryptionKey, rRandomPool );
+                rPath + aIter->first, rManList, rZipOut, rEncryptionKey, nPBKDF2IterationCount, rRandomPool );
        }
    }

@@ -346,12 +348,12 @@ void ZipPackageFolder::saveContents(
            if (rInfo.bFolder)
            {
                bWritingFailed = !rInfo.pFolder->saveChild(
-                    rPath + rShortName, rManList, rZipOut, rEncryptionKey, rRandomPool );
+                    rPath + rShortName, rManList, rZipOut, rEncryptionKey, nPBKDF2IterationCount, rRandomPool );
            }
            else
            {
                bWritingFailed = !rInfo.pStream->saveChild(
-                    rPath + rShortName, rManList, rZipOut, rEncryptionKey, rRandomPool );
+                    rPath + rShortName, rManList, rZipOut, rEncryptionKey, nPBKDF2IterationCount, rRandomPool );
            }
        }
    }

--- a/package/source/zippackage/ZipPackageStream.cxx
+++ b/package/source/zippackage/ZipPackageStream.cxx
@@ -507,6 +507,7 @@ bool ZipPackageStream::saveChild(
        std::vector < uno::Sequence < beans::PropertyValue > > &rManList,
        ZipOutputStream & rZipOut,
        const uno::Sequence < sal_Int8 >& rEncryptionKey,
+        sal_Int32 nPBKDF2IterationCount,
        const rtlRandomPool &rRandomPool)
 {
    bool bSuccess = true;
@@ -652,8 +653,6 @@ bool ZipPackageStream::saveChild(
                uno::Sequence < sal_Int8 > aSalt( 16 ), aVector( GetBlockSize() );
                rtl_random_getBytes ( rRandomPool, aSalt.getArray(), 16 );
                rtl_random_getBytes ( rRandomPool, aVector.getArray(), aVector.getLength() );
-                sal_Int32 const nPBKDF2IterationCount = 100000;
-
                if ( !m_bHaveOwnKey )
                {
                    m_aEncryptionKey = rEncryptionKey;