Bug 24399 - password and encrypt document
Summary: password and encrypt document
Status: RESOLVED FIXED
Alias: None
Product: koffice
Classification: Unmaintained
Component: general (show other bugs)
Version: 0.1
Platform: Compiled Sources Linux
: NOR wishlist
Target Milestone: ---
Assignee: KOffice List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2001-04-19 15:03 UTC by matt
Modified: 2007-06-29 22:06 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description matt 2001-04-19 14:59:58 UTC
(*** This bug was imported into bugs.kde.org ***)

Package:           kspread
Version:           0.1 (using KDE 2.1.0 )
Severity:          wishlist
Installed from:    compiled sources
Compiler:          gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release)
OS:                Linux 2.2.14 i686
OS/Compiler notes: 

The wish is this:  To be able to password protect and encrypt KOffice documents.

(Submitted via bugs.kde.org)
(Called from KBugReport dialog)
Comment 1 tnagy 2003-12-19 11:35:36 UTC
With kgpg it is possible to encrypt the documents (right-click in konqueror).

This is fine when you want to prevent everybody from accessing them, however it is not possible to share those encrypted documents with a ring of colleagues for example (would require symetric key encryption, using eg: aes or blowfish).

I wonder if it would not be better to add such a feature to kgpg instead of modifying koffice and then duplicating it to other kde applications.

Comment 2 Kjetil Kjernsmo 2004-01-18 23:02:31 UTC
Huh, I just tried to encrypt a document using several public keys and kgpg, and it seemed to work. That would mean that you could just encrypt the document with your colleagues' keys, and that would do the trick...? Or am I missing something fundamental here...?
Comment 3 tnagy 2004-01-18 23:09:18 UTC
If you encrypt a document with the public key (gpg) of your colleague, you cannot decrypt and read it again (need the secret key). This is perfect for one's self but not very convenient for sharing documents with colleagues (symetric key encryption is more appropriate).

------- Additional Comment #2 From Kjetil Kjernsmo 2004-01-18 23:02 -------
Huh, I just tried to encrypt a document using several public keys and kgpg, and it seemed to work. That would mean that you could just encrypt the document with your colleagues' keys, and that would do the trick...? Or am I missing something fundamental here...?
Comment 4 Ben Lamb 2004-01-18 23:16:51 UTC
Kgpg supports symmetrical encryption i.e. encrypt a document with a password and anyone who knows the password can decrypt it. No keys required.

From memory, on the key selection screen there is a box marked "use conventional encryption."
Comment 5 tnagy 2004-01-18 23:30:55 UTC
That's right, kgpg does it (feature hidden in the options). That feature would be also clearer if labeled as "Use a password (symetric encryption)", but that's a kgpg issue :)

------- Additional Comment #4 From Ben Lamb  2004-01-18 23:16 ------- 
Kgpg supports symmetrical encryption i.e. encrypt a document with a password and anyone who knows the password can decrypt it. No keys required.

From memory, on the key selection screen there is a box marked "use conventional encryption." 
Comment 6 Brad Hards 2004-07-25 09:23:28 UTC
The new OASIS format provides for encryption of documents using the normal Zip file encryption mechanism (see Section 16.3 of the OASIS office specification).

I guess that we need to handle this at the KZip level, with some support also required in koZipStore and the calling application.
Comment 7 Nicolas Goutte 2004-07-25 15:35:54 UTC
As far as I have understood, OASIS does not use the ZIP encryption but its own 
(probably stronger one). So we do not need any support at ZIP level, as it is 
data like any other binary data.

Have a nice day!

On Sunday 25 July 2004 09:23, Brad Hards wrote:
(...)
> The new OASIS format provides for encryption of documents using the
> normal Zip file encryption mechanism (see Section 16.3 of the OASIS office
> specification).
>
> I guess that we need to handle this at the KZip level, with some support
> also required in koZipStore and the calling application.
> _______________________________________________
> koffice-devel mailing list
> koffice-devel@mail.kde.org
> https://mail.kde.org/mailman/listinfo/koffice-devel

Comment 8 Brad Hards 2004-07-29 22:51:56 UTC
I have looked again, and you are correct. The Zip file is not encrypted, just each file within it.

I will be doing some work on this.
Comment 9 Nicolas Goutte 2004-07-29 23:33:37 UTC
On Thursday 29 July 2004 22:51, Brad Hards wrote:
(...)
> I have looked again, and you are correct. The Zip file is not
> encrypted, just each file within it.
>
> I will be doing some work on this.

The first step would be to find a library that can do the right encryption.
(...)

Comment 10 Brad Hards 2004-07-30 09:57:48 UTC
I'm doing the initial work with qca (and qca-tls plugin). It doesn't seem to support the PBKDF2 function, but it does provide the SHA1 and Blowfish algorithms.

I'm assuming that a conditional build on qca would be OK, and would be preferred to including qca instead. 
Comment 11 Nicolas Goutte 2004-07-31 16:02:59 UTC
On Friday 30 July 2004 09:57, Brad Hards wrote:
(...)
> I'm doing the initial work with qca (and qca-tls plugin). It
> doesn't seem to support the PBKDF2 function, but it does provide the SHA1
> and Blowfish algorithms.
>
> I'm assuming that a conditional build on qca would be OK, and would be
> preferred to including qca instead.

Yes, conditional build is fine, especially as not everybody wants or is 
allowed to use encryption.

Have a nice day!

> _______________________________________________
> koffice-devel mailing list
> koffice-devel@mail.kde.org
> https://mail.kde.org/mailman/listinfo/koffice-devel

Comment 12 Thomas Zander 2007-06-29 22:06:01 UTC
Available in svn (for KOffice 2.0)