bug#59292: libreoffice password protection doesn't work

bug#59292: libreoffice password protection doesn't work

[Maxim Cournoyer]

Hi,

When password-protecting (encrypting) a file with LibreOffice, it fails
silently, leaving the file unprotected (!).

Reproducer:

1. Launch Calc with 'libreoffice --calc'.
2. Input something in the first cell.
3. Select File -> Save As.  At the bottom left of the dialog box, make
sure to tick the "Save with password" box.  Give it a name,
e.g. very-secret.ods, then click on "Save".
4. Enter a dummy password, such as 1234.
5. Quit LibreOffice Calc.

6. Open the assumed protected file, with 'libreoffice --calc
very-secret.ods'.  Notice the file is open without any password.

No output is printed at the console, and if you have an truly
password-encrypted file, it won't be able to open it.

-- 
Thanks,
Maxim

bug#59292: libreoffice password protection doesn't work

[Maxim Cournoyer]

[-- Attachment #1: Type: text/plain, Size: 926 bytes --]

Hello,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> Hi,
>
> When password-protecting (encrypting) a file with LibreOffice, it fails
> silently, leaving the file unprotected (!).
>
> Reproducer:
>
> 1. Launch Calc with 'libreoffice --calc'.
> 2. Input something in the first cell.
> 3. Select File -> Save As.  At the bottom left of the dialog box, make
> sure to tick the "Save with password" box.  Give it a name,
> e.g. very-secret.ods, then click on "Save".
> 4. Enter a dummy password, such as 1234.
> 5. Quit LibreOffice Calc.
>
> 6. Open the assumed protected file, with 'libreoffice --calc
> very-secret.ods'.  Notice the file is open without any password.
>
> No output is printed at the console, and if you have an truly
> password-encrypted file, it won't be able to open it.

Attached is a sample ODS file, produced on a different GNU/Linux
distribution immune to the problem.  The password is: "1234".


[-- Attachment #2: password-protected-spreadsheet.ods --]
[-- Type: application/octet-stream, Size: 12353 bytes --]

[-- Attachment #3: Type: text/plain, Size: 151 bytes --]


When attempting to open it with our LibreOffice, it says: "The password
is incorrect. The file cannot be opened.", which is a lie.

-- 
Thanks,
Maxim

bug#59292: libreoffice password protection doesn't work

[Maxim Cournoyer]

Hi,

It may have to do with not correctly finding the "libnssckbi.so" share
library, which is from NSS.  Here's what tipped me to it, in strace
output:

--8<---------------cut here---------------start------------->8---
13 matches for "ckbi" in buffer: *scratch*
    169:[pid  2594] openat(AT_FDCWD, "/home/maxim/.thunderbird/sjp3hftb.default/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    171:[pid  2594] openat(AT_FDCWD, "/gnu/store/rrid5nx9cbrq0flkhc1rv4b5hk4w70ib-nspr-4.34/lib/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    172:[pid  2594] openat(AT_FDCWD, "/gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    173:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    174:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../tls/x86_64/x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    176:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../tls/x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    178:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../tls/x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    180:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../tls/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    182:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../x86_64/x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    184:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    186:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../x86_64/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    188:[pid  2594] openat(AT_FDCWD, "/gnu/store/094bbaq6glba86h1d4cj16xhdi6fk2jl-gcc-10.3.0-lib/lib/gcc/x86_64-unknown-linux-gnu/10.3.0/../../../libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
    190:[pid  2594] openat(AT_FDCWD, "/gnu/store/5h2w4qi9hk1qzzgi1w83220ydslinr4s-glibc-2.33/lib/libnssckbi.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
--8<---------------cut here---------------end--------------->8---

It never resolves libnssckbi.so.

LibreOffice attempts to load this library in
xmlsecurity/source/xmlsec/nss/nssinitializer.cxx, in the
'nsscrypto_initialize' procedure.

The library appears to be dynamically loaded via SECMOD_LoadUserModule.
Perhaps we can patch 'OUString rootModule("libnssckbi"
SAL_DLLEXTENSION)' to its full name.  Some more output, after building
libreoffice with "--enable-sal-log" and setting the 'SAL_LOG=+INFO'
environment variable:

--8<---------------cut here---------------start------------->8---
info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:857: expandMacros called with: libnssckbi.so
info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:985: expandMacros result: libnssckbi.so
info:xmlsecurity.xmlsec:8927:8927:xmlsecurity/source/xmlsec/nss/nssinitializer.cxx:471: FAILED to load the new root certificate module Root Certs for OpenOffice.orgcontained in libnssckbi.so
warn:legacy.osl:8927:8927:comphelper/source/misc/storagehelper.cxx:406: Can not create SHA256 digest!
warn:package.xstor:8927:8927:package/source/xstor/owriteablestream.cxx:1138: Can't write encryption related properties com.sun.star.uno.RuntimeException message: "No expected key is provided! at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243"
info:package.xstor:8927:8927:package/source/xstor/xstorage.cxx:2274: Rethrow com.sun.star.io.IOException message: "No expected key is provided! at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243 at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/xstor/owriteablestream.cxx:1140"
--8<---------------cut here---------------end--------------->8---

So it seems to cause an error, which is apparently ignored.

-- 
Thanks,
Maxim

bug#59292: libreoffice password protection doesn't work

[Maxim Cournoyer]

Hi again,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

[...]

> It never resolves libnssckbi.so.
>
> LibreOffice attempts to load this library in
> xmlsecurity/source/xmlsec/nss/nssinitializer.cxx, in the
> 'nsscrypto_initialize' procedure.
>
> The library appears to be dynamically loaded via SECMOD_LoadUserModule.
> Perhaps we can patch 'OUString rootModule("libnssckbi"
> SAL_DLLEXTENSION)' to its full name.  Some more output, after building
> libreoffice with "--enable-sal-log" and setting the 'SAL_LOG=+INFO'
> environment variable:
>
> info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:857: expandMacros called with: libnssckbi.so
> info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:985: expandMacros result: libnssckbi.so
> info:xmlsecurity.xmlsec:8927:8927:xmlsecurity/source/xmlsec/nss/nssinitializer.cxx:471: FAILED to load the new root certificate module Root Certs for OpenOffice.orgcontained in libnssckbi.so
> warn:legacy.osl:8927:8927:comphelper/source/misc/storagehelper.cxx:406: Can not create SHA256 digest!
> warn:package.xstor:8927:8927:package/source/xstor/owriteablestream.cxx:1138: Can't write encryption related properties com.sun.star.uno.RuntimeException message: "No expected key is provided! at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243"
> info:package.xstor:8927:8927:package/source/xstor/xstorage.cxx:2274: Rethrow com.sun.star.io.IOException message: "No expected key is provided! at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243 at /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/xstor/owriteablestream.cxx:1140"
>
> So it seems to cause an error, which is apparently ignored.

I confirm this is the problem.  A workaround is to augment
LD_LIBRARY_PATH, e.g.:

--8<---------------cut here---------------start------------->8---
"LD_LIBRARY_PATH=/gnu/store/...-nss-3.81/lib/nss:$LD_LIBRARY_PATH /gnu/store/...-libreoffice-7.5.0.3/bin/libreoffice --calc"
--8<---------------cut here---------------end--------------->8---

-- 
Thanks,
Maxim

bug#59292: libreoffice password protection doesn't work

[Maxim Cournoyer]

Hello,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> Hi again,
>
> Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:
>
> [...]
>
>> It never resolves libnssckbi.so.
>>
>> LibreOffice attempts to load this library in
>> xmlsecurity/source/xmlsec/nss/nssinitializer.cxx, in the
>> 'nsscrypto_initialize' procedure.
>>
>> The library appears to be dynamically loaded via SECMOD_LoadUserModule.
>> Perhaps we can patch 'OUString rootModule("libnssckbi"
>> SAL_DLLEXTENSION)' to its full name.  Some more output, after building
>> libreoffice with "--enable-sal-log" and setting the 'SAL_LOG=+INFO'
>> environment variable:
>>
>> info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:857: expandMacros called with: libnssckbi.so
>> info:sal.bootstrap:8927:8927:sal/rtl/bootstrap.cxx:985: expandMacros result: libnssckbi.so
>> info:xmlsecurity.xmlsec:8927:8927:xmlsecurity/source/xmlsec/nss/nssinitializer.cxx:471: FAILED to load the new root certificate module Root Certs for OpenOffice.orgcontained in libnssckbi.so
>> warn:legacy.osl:8927:8927:comphelper/source/misc/storagehelper.cxx:406: Can not create SHA256 digest!
>> warn:package.xstor:8927:8927:package/source/xstor/owriteablestream.cxx:1138:
>> Can't write encryption related properties
>> com.sun.star.uno.RuntimeException message: "No expected key is
>> provided! at
>> /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243"
>> info:package.xstor:8927:8927:package/source/xstor/xstorage.cxx:2274:
>> Rethrow com.sun.star.io.IOException message: "No expected key is
>> provided! at
>> /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/zippackage/ZipPackageStream.cxx:243
>> at
>> /tmp/guix-build-libreoffice-7.5.0.3.drv-0/libreoffice-7.5.0.3/package/source/xstor/owriteablestream.cxx:1140"
>>
>> So it seems to cause an error, which is apparently ignored.
>
> I confirm this is the problem.  A workaround is to augment
> LD_LIBRARY_PATH, e.g.:
>
> "LD_LIBRARY_PATH=/gnu/store/...-nss-3.81/lib/nss:$LD_LIBRARY_PATH /gnu/store/...-libreoffice-7.5.0.3/bin/libreoffice --calc"

I've reported the problem upstream [0], and push a fix for our package
with 9f21ca83a89a5e6c808b58fab0dc54b7785c26b7 ("gnu: libreoffice: Fix
password encryption issue.").

Closing!

[0]  https://bugs.documentfoundation.org/show_bug.cgi?id=153714

-- 
Thanks,
Maxim