[libreoffice-users] FIPS 140-2 support with password-protected docs

Hi, I just joined the list.  I'm a Linux system admin with (among
other things) about 20 CentOS 7.6 desktops under my wing.  Yesterday I
posted a question to the ASK site [1], because one of my users had
issues with password-protected docs after getting his new laptop.  I
now have confirmed that this issue is related to our desktops being
FIPS enabled ( kernel/grub2 with fips=1 ).

I joined the list to further this discussion and determine if I should
file a bug report or what.  The gist of the problem is that when FIPS
is enabled, a user can encrypt a document, but not decrypt the
document, and LO reports that the password provided was incorrect.  I
am not very technical with how LO does password protection, but this
seems like an bug.  FIPS causes the system to disable non-compliant
ciphers and algorithms, but I'm guessing that there is some piece of
code that's calling a non-compliant function only on decrypt, and not
on encrypt...or (less likely) the encrypt side isn't throwing an error
when it should.

Would this be the right place to hold such a discussion?

[1] https://ask.libreoffice.org/en/question/178069/problems-decrypting-documents-version-5361-19el7/

-- 
To unsubscribe e-mail to: users+unsubscribe@global.libreoffice.org
Problems? https://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: https://wiki.documentfoundation.org/Netiquette
List archive: https://listarchives.libreoffice.org/global/users/
Privacy Policy: https://www.documentfoundation.org/privacy