Uploaded image for project: 'OASIS Open Document Format for Office Applications (OpenDocument) TC'
  1. OASIS Open Document Format for Office Applications (OpenDocument) TC
  2. OFFICE-2562

ODF 1.2 Part 1 CD04: protection-key password format unspecified

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Applied
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: ODF 1.2 Part 1 CD 4
    • Fix Version/s: ODF 1.2 Part 1 CD 5
    • Component/s: Security, Table, Text
    • Labels:
      None
    • Environment:

      This issue applies to all versions of ODF 1.2 Part 1 CD04, earlier drafts, and to ODF 1.1 and ODF 1.0

    • Proposal:
      Hide

      In each of section 19.699 table:protection-key and section 19.852 text:protection-key, add the following paragraph immediately after the original paragraph and before any addition as part of OFFICE-2561 resolution:

      "
      The input that is supplied to the digest algorithm consists of the UTF-8 encoding of the key value. The UTF-8 encoding shall represent only those Unicode characters permitted in XML documents as specified in Section 2.2 of [XML 1.0]. The UTF-8 encoding shall be truncated at 2^61-1 octets.
      "

      Show
      In each of section 19.699 table:protection-key and section 19.852 text:protection-key, add the following paragraph immediately after the original paragraph and before any addition as part of OFFICE-2561 resolution: " The input that is supplied to the digest algorithm consists of the UTF-8 encoding of the key value. The UTF-8 encoding shall represent only those Unicode characters permitted in XML documents as specified in Section 2.2 of [XML 1.0] . The UTF-8 encoding shall be truncated at 2^61-1 octets. "
    • Resolution:
      Hide

      Add to 19.699 and 19.852:

      The password shall be provided as a sequence of bytes in UTF-8 encoding.

      Show
      Add to 19.699 and 19.852: The password shall be provided as a sequence of bytes in UTF-8 encoding.

      Description

      The table:protection-key (19.699) and text:protection-key (19.852) attributes carry the results of hashing of sequences of binary bits supplied to a digest algorithm. The input is internal computer data.

      For ODF 1.2 Part 1 protection-key attributes, it is not specified how those binary bits are obtained nor how a consumer of a document holding such keys is expected to obtain the same binary bits and confirm their submission by arriving at the same hash-code result.

      This proposal establishes that UTF-8 encoding in binary octets shall be used.

      This proposal establishes that the permissible Unicode characters shall be the same ones permitted for encoding of XML document in Unicode.

      Finally, truncation or limitation of the string differently by the consumer than is applied by the producer requires that there be some agreement on where truncation shall occur. The value of 2^61-1 octets is chosen because that is the limitation on the input for SHA1. It would be wise to find a more-practical though generous limitation. This proposal makes no recommendation.

        Attachments

          Activity

            People

            • Assignee:
              Patrick Patrick Durusau
              Reporter:
              orcmid Dennis Hamilton (Inactive)
            • Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: