On 04/01/2019 08:39, Heiko Tietze wrote:
Forwarding to the devloper list
[lets continue the discussion on the libreoffice@xxxxxxxxxxxxxxxxxxxxx
developer list]
-------- Weitergeleitete Nachricht --------
Betreff: [libreoffice-users] FIPS 140-2 support with password-protected
docs
Datum: Thu, 3 Jan 2019 12:08:55 -0500
Von: Sean <smalder73@xxxxxxxxx>
An: users@xxxxxxxxxxxxxxxxxxxxxx
Hi, I just joined the list. I'm a Linux system admin with (among
other things) about 20 CentOS 7.6 desktops under my wing. Yesterday I
posted a question to the ASK site [1], because one of my users had
issues with password-protected docs after getting his new laptop. I
now have confirmed that this issue is related to our desktops being
FIPS enabled ( kernel/grub2 with fips=1 ).
I joined the list to further this discussion and determine if I should
file a bug report or what. The gist of the problem is that when FIPS
is enabled, a user can encrypt a document, but not decrypt the
document, and LO reports that the password provided was incorrect. I
am not very technical with how LO does password protection, but this
seems like an bug. FIPS causes the system to disable non-compliant
ciphers and algorithms, but I'm guessing that there is some piece of
code that's calling a non-compliant function only on decrypt, and not
on encrypt...or (less likely) the encrypt side isn't throwing an error
when it should.
I assume you are talking about encrypted ODF 1.0/1.1 documents (and not,
say, PDF or some Microsoft-format documents). ODF 1.0/1.1 used Blowfish
for encryption, which is not sanctioned by FIPS mode, so trying to open
such a document will indeed fail (with a somewhat unhelpful UI, claiming
that any entered password is wrong). That LO allows saving such an
encrypted document would appear to be a bug with that version of LO.
Note that LO recently gained support to forward some of its
cipher-related operations to OpenSSL, see
<https://gerrit.libreoffice.org/plugins/gitiles/core/+/4bc16aeb73c1201f187742e0fefe35521fae77ac%5E%21>
"rhbz#1618703: Allow to use OpenSSL as backend for rtl/cipher.h". In a
recent LO built with --enable-cipher-openssl-backend, trying to save an
encrypted ODF 1.0/1.1 document should indeed fail (see
<https://gerrit.libreoffice.org/plugins/gitiles/core/+/3cc6d3611ac8cbbfb9803f3a084d02edde470ad3%5E!/>
"Related rhbz#1618703: Properly handle failure encoding zip file").
There is also some vague plans to allow decryption of existing documents
even in FIPS mode, and to improve the UI in cases of failure caused by
FIPS mode, but nothing implemented as of now. I don't think there's
tracker bugs for that already at <https://bugs.documentfoundation.org/>;
you could file such if you like (and please report back the ID(s) here).
_______________________________________________
LibreOffice mailing list
LibreOffice@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/libreoffice