diff options
author | Jay Berkenbilt <ejb@ql.org> | 2021-11-10 23:57:12 +0100 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2021-11-11 18:24:15 +0100 |
commit | 750aca5b94351f730fa768b07caa3fc26c8d27c0 (patch) | |
tree | 2f95b4770973da7f1fb530cb1b5c8dd7e25401e7 /TODO | |
parent | 37916f392568c84570ae0a6afb33a62d8c9e3a10 (diff) | |
download | qpdf-750aca5b94351f730fa768b07caa3fc26c8d27c0.tar.zst |
First increment of improving handling of weak crypto (fixes #358)
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 17 |
1 files changed, 17 insertions, 0 deletions
@@ -187,6 +187,23 @@ Comments appear in the code prefixed by "ABI" before copying, though maybe we don't because it could cause multiple copies to be made...usually it's better to handle that explicitly. +* Deal with weak cryptographic algorithms: + * Github issue #576 + * Add something to QPDFWriter that you must call in order to allow + creation of files with insecure crypto. Maybe + QPDFWriter::allowWeakCrypto. Call this when --allow-weak-crypto is + passed and probably also when copying encryption by default from + an input file. + * Change deterministic id to use something other than MD5 but allow + the old way for compatibility -- maybe rename the method to force + the developer to make a choice + * Find other uses of MD5 and find the ones that are discretionary, + if any + * Have QPDFWriter raise an exception if it's about to write using + weak crypto and hasn't been given permission + * Search for --allow-weak-crypto in the manual and in qpdf.cc's help + information + * Update the ref.weak-crypto section of the manual Page splitting/merging ====================== |