(*** This bug was imported into bugs.kde.org ***) Package: kspread Version: 0.1 (using KDE 2.1.0 ) Severity: wishlist Installed from: compiled sources Compiler: gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release) OS: Linux 2.2.14 i686 OS/Compiler notes: The wish is this: To be able to password protect and encrypt KOffice documents. (Submitted via bugs.kde.org) (Called from KBugReport dialog)
With kgpg it is possible to encrypt the documents (right-click in konqueror). This is fine when you want to prevent everybody from accessing them, however it is not possible to share those encrypted documents with a ring of colleagues for example (would require symetric key encryption, using eg: aes or blowfish). I wonder if it would not be better to add such a feature to kgpg instead of modifying koffice and then duplicating it to other kde applications.
Huh, I just tried to encrypt a document using several public keys and kgpg, and it seemed to work. That would mean that you could just encrypt the document with your colleagues' keys, and that would do the trick...? Or am I missing something fundamental here...?
If you encrypt a document with the public key (gpg) of your colleague, you cannot decrypt and read it again (need the secret key). This is perfect for one's self but not very convenient for sharing documents with colleagues (symetric key encryption is more appropriate). ------- Additional Comment #2 From Kjetil Kjernsmo 2004-01-18 23:02 ------- Huh, I just tried to encrypt a document using several public keys and kgpg, and it seemed to work. That would mean that you could just encrypt the document with your colleagues' keys, and that would do the trick...? Or am I missing something fundamental here...?
Kgpg supports symmetrical encryption i.e. encrypt a document with a password and anyone who knows the password can decrypt it. No keys required. From memory, on the key selection screen there is a box marked "use conventional encryption."
That's right, kgpg does it (feature hidden in the options). That feature would be also clearer if labeled as "Use a password (symetric encryption)", but that's a kgpg issue :) ------- Additional Comment #4 From Ben Lamb 2004-01-18 23:16 ------- Kgpg supports symmetrical encryption i.e. encrypt a document with a password and anyone who knows the password can decrypt it. No keys required. From memory, on the key selection screen there is a box marked "use conventional encryption."
The new OASIS format provides for encryption of documents using the normal Zip file encryption mechanism (see Section 16.3 of the OASIS office specification). I guess that we need to handle this at the KZip level, with some support also required in koZipStore and the calling application.
As far as I have understood, OASIS does not use the ZIP encryption but its own (probably stronger one). So we do not need any support at ZIP level, as it is data like any other binary data. Have a nice day! On Sunday 25 July 2004 09:23, Brad Hards wrote: (...) > The new OASIS format provides for encryption of documents using the > normal Zip file encryption mechanism (see Section 16.3 of the OASIS office > specification). > > I guess that we need to handle this at the KZip level, with some support > also required in koZipStore and the calling application. > _______________________________________________ > koffice-devel mailing list > koffice-devel@mail.kde.org > https://mail.kde.org/mailman/listinfo/koffice-devel
I have looked again, and you are correct. The Zip file is not encrypted, just each file within it. I will be doing some work on this.
On Thursday 29 July 2004 22:51, Brad Hards wrote: (...) > I have looked again, and you are correct. The Zip file is not > encrypted, just each file within it. > > I will be doing some work on this. The first step would be to find a library that can do the right encryption. (...)
I'm doing the initial work with qca (and qca-tls plugin). It doesn't seem to support the PBKDF2 function, but it does provide the SHA1 and Blowfish algorithms. I'm assuming that a conditional build on qca would be OK, and would be preferred to including qca instead.
On Friday 30 July 2004 09:57, Brad Hards wrote: (...) > I'm doing the initial work with qca (and qca-tls plugin). It > doesn't seem to support the PBKDF2 function, but it does provide the SHA1 > and Blowfish algorithms. > > I'm assuming that a conditional build on qca would be OK, and would be > preferred to including qca instead. Yes, conditional build is fine, especially as not everybody wants or is allowed to use encryption. Have a nice day! > _______________________________________________ > koffice-devel mailing list > koffice-devel@mail.kde.org > https://mail.kde.org/mailman/listinfo/koffice-devel
Available in svn (for KOffice 2.0)