OLD | NEW |
1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
6 | 6 |
7 #include <time.h> | 7 #include <time.h> |
8 #include "../../../include/fpdfapi/fpdf_parser.h" | 8 #include "../../../include/fpdfapi/fpdf_parser.h" |
9 #include "../../../include/fdrm/fx_crypt.h" | 9 #include "../../../include/fdrm/fx_crypt.h" |
10 const uint8_t defpasscode[32] = { | 10 const uint8_t defpasscode[32] = { |
11 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, | 11 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, |
12 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08, | 12 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
13 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80, | 13 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; |
14 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a | 14 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, |
15 }; | 15 const uint8_t* password, |
16 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, const uint8_t* password, FX_DWORD
pass_size, | 16 FX_DWORD pass_size, |
17 uint8_t* key, int keylen, FX_BOOL bIgnoreMeta, CPDF_Array* p
IdArray) | 17 uint8_t* key, |
18 { | 18 int keylen, |
19 int revision = pEncrypt->GetInteger(FX_BSTRC("R")); | 19 FX_BOOL bIgnoreMeta, |
20 uint8_t passcode[32]; | 20 CPDF_Array* pIdArray) { |
21 for (FX_DWORD i = 0; i < 32; i ++) { | 21 int revision = pEncrypt->GetInteger(FX_BSTRC("R")); |
22 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; | 22 uint8_t passcode[32]; |
| 23 for (FX_DWORD i = 0; i < 32; i++) { |
| 24 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
| 25 } |
| 26 uint8_t md5[100]; |
| 27 CRYPT_MD5Start(md5); |
| 28 CRYPT_MD5Update(md5, passcode, 32); |
| 29 CFX_ByteString okey = pEncrypt->GetString(FX_BSTRC("O")); |
| 30 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
| 31 FX_DWORD perm = pEncrypt->GetInteger(FX_BSTRC("P")); |
| 32 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
| 33 if (pIdArray) { |
| 34 CFX_ByteString id = pIdArray->GetString(0); |
| 35 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
| 36 } |
| 37 if (!bIgnoreMeta && revision >= 3 && |
| 38 !pEncrypt->GetInteger(FX_BSTRC("EncryptMetadata"), 1)) { |
| 39 FX_DWORD tag = (FX_DWORD)-1; |
| 40 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
| 41 } |
| 42 uint8_t digest[16]; |
| 43 CRYPT_MD5Finish(md5, digest); |
| 44 FX_DWORD copy_len = keylen; |
| 45 if (copy_len > sizeof(digest)) { |
| 46 copy_len = sizeof(digest); |
| 47 } |
| 48 if (revision >= 3) { |
| 49 for (int i = 0; i < 50; i++) { |
| 50 CRYPT_MD5Generate(digest, copy_len, digest); |
| 51 } |
| 52 } |
| 53 FXSYS_memset(key, 0, keylen); |
| 54 FXSYS_memcpy(key, digest, copy_len); |
| 55 } |
| 56 CPDF_CryptoHandler* CPDF_StandardSecurityHandler::CreateCryptoHandler() { |
| 57 return new CPDF_StandardCryptoHandler; |
| 58 } |
| 59 typedef struct _PDF_CRYPTOITEM { |
| 60 int32_t m_Cipher; |
| 61 int32_t m_KeyLen; |
| 62 FX_BOOL m_bChecked; |
| 63 CPDF_StandardCryptoHandler* m_pCryptoHandler; |
| 64 } PDF_CRYPTOITEM; |
| 65 CPDF_StandardSecurityHandler::CPDF_StandardSecurityHandler() { |
| 66 m_Version = 0; |
| 67 m_Revision = 0; |
| 68 m_pParser = NULL; |
| 69 m_pEncryptDict = NULL; |
| 70 m_bOwner = FALSE; |
| 71 m_Permissions = 0; |
| 72 m_Cipher = FXCIPHER_NONE; |
| 73 m_KeyLen = 0; |
| 74 } |
| 75 CPDF_StandardSecurityHandler::~CPDF_StandardSecurityHandler() {} |
| 76 FX_BOOL CPDF_StandardSecurityHandler::OnInit(CPDF_Parser* pParser, |
| 77 CPDF_Dictionary* pEncryptDict) { |
| 78 m_pParser = pParser; |
| 79 if (!LoadDict(pEncryptDict)) { |
| 80 return FALSE; |
| 81 } |
| 82 if (m_Cipher == FXCIPHER_NONE) { |
| 83 return TRUE; |
| 84 } |
| 85 return CheckSecurity(m_KeyLen); |
| 86 } |
| 87 FX_BOOL CPDF_StandardSecurityHandler::CheckSecurity(int32_t key_len) { |
| 88 CFX_ByteString password = m_pParser->GetPassword(); |
| 89 if (CheckPassword(password, password.GetLength(), TRUE, m_EncryptKey, |
| 90 key_len)) { |
| 91 if (password.IsEmpty()) { |
| 92 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
| 93 key_len)) { |
| 94 return FALSE; |
| 95 } |
| 96 } |
| 97 m_bOwner = TRUE; |
| 98 return TRUE; |
| 99 } |
| 100 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
| 101 key_len); |
| 102 } |
| 103 FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() { |
| 104 return m_Permissions; |
| 105 } |
| 106 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
| 107 const CFX_ByteStringC& name, |
| 108 int& cipher, |
| 109 int& keylen) { |
| 110 int Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
| 111 cipher = FXCIPHER_RC4; |
| 112 keylen = 0; |
| 113 if (Version >= 4) { |
| 114 CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDict(FX_BSTRC("CF")); |
| 115 if (pCryptFilters == NULL) { |
| 116 return FALSE; |
| 117 } |
| 118 if (name == FX_BSTRC("Identity")) { |
| 119 cipher = FXCIPHER_NONE; |
| 120 } else { |
| 121 CPDF_Dictionary* pDefFilter = pCryptFilters->GetDict(name); |
| 122 if (pDefFilter == NULL) { |
| 123 return FALSE; |
| 124 } |
| 125 int nKeyBits = 0; |
| 126 if (Version == 4) { |
| 127 nKeyBits = pDefFilter->GetInteger(FX_BSTRC("Length"), 0); |
| 128 if (nKeyBits == 0) { |
| 129 nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 128); |
| 130 } |
| 131 } else { |
| 132 nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 256); |
| 133 } |
| 134 if (nKeyBits < 40) { |
| 135 nKeyBits *= 8; |
| 136 } |
| 137 keylen = nKeyBits / 8; |
| 138 CFX_ByteString cipher_name = pDefFilter->GetString(FX_BSTRC("CFM")); |
| 139 if (cipher_name == FX_BSTRC("AESV2") || |
| 140 cipher_name == FX_BSTRC("AESV3")) { |
| 141 cipher = FXCIPHER_AES; |
| 142 } |
| 143 } |
| 144 } else { |
| 145 keylen = |
| 146 Version > 1 ? pEncryptDict->GetInteger(FX_BSTRC("Length"), 40) / 8 : 5; |
| 147 } |
| 148 if (keylen > 32 || keylen < 0) { |
| 149 return FALSE; |
| 150 } |
| 151 return TRUE; |
| 152 } |
| 153 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { |
| 154 m_pEncryptDict = pEncryptDict; |
| 155 m_bOwner = FALSE; |
| 156 m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
| 157 m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
| 158 m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
| 159 if (m_Version < 4) { |
| 160 return _LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen); |
| 161 } |
| 162 CFX_ByteString stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
| 163 CFX_ByteString strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
| 164 if (stmf_name != strf_name) { |
| 165 return FALSE; |
| 166 } |
| 167 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { |
| 168 return FALSE; |
| 169 } |
| 170 return TRUE; |
| 171 } |
| 172 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
| 173 FX_DWORD type, |
| 174 int& cipher, |
| 175 int& key_len) { |
| 176 m_pEncryptDict = pEncryptDict; |
| 177 m_bOwner = FALSE; |
| 178 m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
| 179 m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
| 180 m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
| 181 CFX_ByteString strf_name, stmf_name; |
| 182 if (m_Version >= 4) { |
| 183 stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
| 184 strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
| 185 if (stmf_name != strf_name) { |
| 186 return FALSE; |
| 187 } |
| 188 } |
| 189 if (!_LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) { |
| 190 return FALSE; |
| 191 } |
| 192 m_Cipher = cipher; |
| 193 m_KeyLen = key_len; |
| 194 return TRUE; |
| 195 return TRUE; |
| 196 } |
| 197 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, |
| 198 const uint8_t*& buffer, |
| 199 int& keylen) { |
| 200 cipher = m_Cipher; |
| 201 buffer = m_EncryptKey; |
| 202 keylen = m_KeyLen; |
| 203 return TRUE; |
| 204 } |
| 205 #define FX_GET_32WORD(n, b, i) \ |
| 206 { \ |
| 207 (n) = (FX_DWORD)( \ |
| 208 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ |
| 209 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ |
| 210 } |
| 211 int BigOrder64BitsMod3(uint8_t* data) { |
| 212 uint64_t ret = 0; |
| 213 for (int i = 0; i < 4; ++i) { |
| 214 FX_DWORD value; |
| 215 FX_GET_32WORD(value, data, 4 * i); |
| 216 ret <<= 32; |
| 217 ret |= value; |
| 218 ret %= 3; |
| 219 } |
| 220 return (int)ret; |
| 221 } |
| 222 void Revision6_Hash(const uint8_t* password, |
| 223 FX_DWORD size, |
| 224 const uint8_t* salt, |
| 225 const uint8_t* vector, |
| 226 uint8_t* hash) { |
| 227 int iBlockSize = 32; |
| 228 uint8_t sha[128]; |
| 229 CRYPT_SHA256Start(sha); |
| 230 CRYPT_SHA256Update(sha, password, size); |
| 231 CRYPT_SHA256Update(sha, salt, 8); |
| 232 if (vector) { |
| 233 CRYPT_SHA256Update(sha, vector, 48); |
| 234 } |
| 235 uint8_t digest[32]; |
| 236 CRYPT_SHA256Finish(sha, digest); |
| 237 CFX_ByteTextBuf buf; |
| 238 uint8_t* input = digest; |
| 239 uint8_t* key = input; |
| 240 uint8_t* iv = input + 16; |
| 241 uint8_t* E = buf.GetBuffer(); |
| 242 int iBufLen = buf.GetLength(); |
| 243 CFX_ByteTextBuf interDigest; |
| 244 int i = 0; |
| 245 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 246 while (i < 64 || i < E[iBufLen - 1] + 32) { |
| 247 int iRoundSize = size + iBlockSize; |
| 248 if (vector) { |
| 249 iRoundSize += 48; |
| 250 } |
| 251 iBufLen = iRoundSize * 64; |
| 252 buf.EstimateSize(iBufLen); |
| 253 E = buf.GetBuffer(); |
| 254 CFX_ByteTextBuf content; |
| 255 for (int j = 0; j < 64; ++j) { |
| 256 content.AppendBlock(password, size); |
| 257 content.AppendBlock(input, iBlockSize); |
| 258 if (vector) { |
| 259 content.AppendBlock(vector, 48); |
| 260 } |
| 261 } |
| 262 CRYPT_AESSetKey(aes, 16, key, 16, TRUE); |
| 263 CRYPT_AESSetIV(aes, iv); |
| 264 CRYPT_AESEncrypt(aes, E, content.GetBuffer(), iBufLen); |
| 265 int iHash = 0; |
| 266 switch (BigOrder64BitsMod3(E)) { |
| 267 case 0: |
| 268 iHash = 0; |
| 269 iBlockSize = 32; |
| 270 break; |
| 271 case 1: |
| 272 iHash = 1; |
| 273 iBlockSize = 48; |
| 274 break; |
| 275 default: |
| 276 iHash = 2; |
| 277 iBlockSize = 64; |
| 278 break; |
| 279 } |
| 280 interDigest.EstimateSize(iBlockSize); |
| 281 input = interDigest.GetBuffer(); |
| 282 if (iHash == 0) { |
| 283 CRYPT_SHA256Generate(E, iBufLen, input); |
| 284 } else if (iHash == 1) { |
| 285 CRYPT_SHA384Generate(E, iBufLen, input); |
| 286 } else if (iHash == 2) { |
| 287 CRYPT_SHA512Generate(E, iBufLen, input); |
| 288 } |
| 289 key = input; |
| 290 iv = input + 16; |
| 291 ++i; |
| 292 } |
| 293 FX_Free(aes); |
| 294 if (hash) { |
| 295 FXSYS_memcpy(hash, input, 32); |
| 296 } |
| 297 } |
| 298 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( |
| 299 const uint8_t* password, |
| 300 FX_DWORD size, |
| 301 FX_BOOL bOwner, |
| 302 uint8_t* key) { |
| 303 CFX_ByteString okey = m_pEncryptDict |
| 304 ? m_pEncryptDict->GetString(FX_BSTRC("O")) |
| 305 : CFX_ByteString(); |
| 306 if (okey.GetLength() < 48) { |
| 307 return FALSE; |
| 308 } |
| 309 CFX_ByteString ukey = m_pEncryptDict |
| 310 ? m_pEncryptDict->GetString(FX_BSTRC("U")) |
| 311 : CFX_ByteString(); |
| 312 if (ukey.GetLength() < 48) { |
| 313 return FALSE; |
| 314 } |
| 315 const uint8_t* pkey = bOwner ? (const uint8_t*)okey : (const uint8_t*)ukey; |
| 316 uint8_t sha[128]; |
| 317 uint8_t digest[32]; |
| 318 if (m_Revision >= 6) { |
| 319 Revision6_Hash(password, size, (const uint8_t*)pkey + 32, |
| 320 (bOwner ? (const uint8_t*)ukey : NULL), digest); |
| 321 } else { |
| 322 CRYPT_SHA256Start(sha); |
| 323 CRYPT_SHA256Update(sha, password, size); |
| 324 CRYPT_SHA256Update(sha, pkey + 32, 8); |
| 325 if (bOwner) { |
| 326 CRYPT_SHA256Update(sha, ukey, 48); |
| 327 } |
| 328 CRYPT_SHA256Finish(sha, digest); |
| 329 } |
| 330 if (FXSYS_memcmp(digest, pkey, 32) != 0) { |
| 331 return FALSE; |
| 332 } |
| 333 if (key == NULL) { |
| 334 return TRUE; |
| 335 } |
| 336 if (m_Revision >= 6) { |
| 337 Revision6_Hash(password, size, (const uint8_t*)pkey + 40, |
| 338 (bOwner ? (const uint8_t*)ukey : NULL), digest); |
| 339 } else { |
| 340 CRYPT_SHA256Start(sha); |
| 341 CRYPT_SHA256Update(sha, password, size); |
| 342 CRYPT_SHA256Update(sha, pkey + 40, 8); |
| 343 if (bOwner) { |
| 344 CRYPT_SHA256Update(sha, ukey, 48); |
| 345 } |
| 346 CRYPT_SHA256Finish(sha, digest); |
| 347 } |
| 348 CFX_ByteString ekey = |
| 349 m_pEncryptDict |
| 350 ? m_pEncryptDict->GetString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE")) |
| 351 : CFX_ByteString(); |
| 352 if (ekey.GetLength() < 32) { |
| 353 return FALSE; |
| 354 } |
| 355 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 356 CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); |
| 357 uint8_t iv[16]; |
| 358 FXSYS_memset(iv, 0, 16); |
| 359 CRYPT_AESSetIV(aes, iv); |
| 360 CRYPT_AESDecrypt(aes, key, ekey, 32); |
| 361 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
| 362 CRYPT_AESSetIV(aes, iv); |
| 363 CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms")); |
| 364 if (perms.IsEmpty()) { |
| 365 return FALSE; |
| 366 } |
| 367 uint8_t perms_buf[16]; |
| 368 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
| 369 FX_DWORD copy_len = sizeof(perms_buf); |
| 370 if (copy_len > (FX_DWORD)perms.GetLength()) { |
| 371 copy_len = perms.GetLength(); |
| 372 } |
| 373 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); |
| 374 uint8_t buf[16]; |
| 375 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); |
| 376 FX_Free(aes); |
| 377 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { |
| 378 return FALSE; |
| 379 } |
| 380 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
| 381 return FALSE; |
| 382 } |
| 383 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || |
| 384 (buf[8] == 'F' && IsMetadataEncrypted())) { |
| 385 return FALSE; |
| 386 } |
| 387 return TRUE; |
| 388 } |
| 389 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
| 390 FX_DWORD pass_size, |
| 391 FX_BOOL bOwner, |
| 392 uint8_t* key) { |
| 393 return CheckPassword(password, pass_size, bOwner, key, m_KeyLen); |
| 394 } |
| 395 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
| 396 FX_DWORD size, |
| 397 FX_BOOL bOwner, |
| 398 uint8_t* key, |
| 399 int32_t key_len) { |
| 400 if (m_Revision >= 5) { |
| 401 return AES256_CheckPassword(password, size, bOwner, key); |
| 402 } |
| 403 uint8_t keybuf[32]; |
| 404 if (key == NULL) { |
| 405 key = keybuf; |
| 406 } |
| 407 if (bOwner) { |
| 408 return CheckOwnerPassword(password, size, key, key_len); |
| 409 } |
| 410 return CheckUserPassword(password, size, FALSE, key, key_len) || |
| 411 CheckUserPassword(password, size, TRUE, key, key_len); |
| 412 } |
| 413 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( |
| 414 const uint8_t* password, |
| 415 FX_DWORD pass_size, |
| 416 FX_BOOL bIgnoreEncryptMeta, |
| 417 uint8_t* key, |
| 418 int32_t key_len) { |
| 419 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
| 420 bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
| 421 CFX_ByteString ukey = m_pEncryptDict |
| 422 ? m_pEncryptDict->GetString(FX_BSTRC("U")) |
| 423 : CFX_ByteString(); |
| 424 if (ukey.GetLength() < 16) { |
| 425 return FALSE; |
| 426 } |
| 427 uint8_t ukeybuf[32]; |
| 428 if (m_Revision == 2) { |
| 429 FXSYS_memcpy(ukeybuf, defpasscode, 32); |
| 430 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
| 431 } else { |
| 432 uint8_t test[32], tmpkey[32]; |
| 433 FX_DWORD copy_len = sizeof(test); |
| 434 if (copy_len > (FX_DWORD)ukey.GetLength()) { |
| 435 copy_len = ukey.GetLength(); |
| 436 } |
| 437 FXSYS_memset(test, 0, sizeof(test)); |
| 438 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); |
| 439 FXSYS_memcpy(test, ukey.c_str(), copy_len); |
| 440 for (int i = 19; i >= 0; i--) { |
| 441 for (int j = 0; j < key_len; j++) { |
| 442 tmpkey[j] = key[j] ^ i; |
| 443 } |
| 444 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); |
23 } | 445 } |
24 uint8_t md5[100]; | 446 uint8_t md5[100]; |
25 CRYPT_MD5Start(md5); | 447 CRYPT_MD5Start(md5); |
26 CRYPT_MD5Update(md5, passcode, 32); | 448 CRYPT_MD5Update(md5, defpasscode, 32); |
27 CFX_ByteString okey = pEncrypt->GetString(FX_BSTRC("O")); | 449 CPDF_Array* pIdArray = m_pParser->GetIDArray(); |
28 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); | |
29 FX_DWORD perm = pEncrypt->GetInteger(FX_BSTRC("P")); | |
30 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); | |
31 if (pIdArray) { | 450 if (pIdArray) { |
32 CFX_ByteString id = pIdArray->GetString(0); | 451 CFX_ByteString id = pIdArray->GetString(0); |
33 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 452 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
34 } | 453 } |
35 if (!bIgnoreMeta && revision >= 3 && !pEncrypt->GetInteger(FX_BSTRC("Encrypt
Metadata"), 1)) { | 454 CRYPT_MD5Finish(md5, ukeybuf); |
36 FX_DWORD tag = (FX_DWORD) - 1; | 455 return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
37 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); | 456 } |
38 } | 457 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
39 uint8_t digest[16]; | |
40 CRYPT_MD5Finish(md5, digest); | |
41 FX_DWORD copy_len = keylen; | |
42 if (copy_len > sizeof(digest)) { | |
43 copy_len = sizeof(digest); | |
44 } | |
45 if (revision >= 3) { | |
46 for (int i = 0; i < 50; i ++) { | |
47 CRYPT_MD5Generate(digest, copy_len, digest); | |
48 } | |
49 } | |
50 FXSYS_memset(key, 0, keylen); | |
51 FXSYS_memcpy(key, digest, copy_len); | |
52 } | |
53 CPDF_CryptoHandler* CPDF_StandardSecurityHandler::CreateCryptoHandler() | |
54 { | |
55 return new CPDF_StandardCryptoHandler; | |
56 } | |
57 typedef struct _PDF_CRYPTOITEM { | |
58 int32_t» m_Cipher; | |
59 int32_t» m_KeyLen; | |
60 FX_BOOL» » m_bChecked; | |
61 CPDF_StandardCryptoHandler*»m_pCryptoHandler; | |
62 } PDF_CRYPTOITEM; | |
63 CPDF_StandardSecurityHandler::CPDF_StandardSecurityHandler() | |
64 { | |
65 m_Version = 0; | |
66 m_Revision = 0; | |
67 m_pParser = NULL; | |
68 m_pEncryptDict = NULL; | |
69 m_bOwner = FALSE; | |
70 m_Permissions = 0; | |
71 m_Cipher = FXCIPHER_NONE; | |
72 m_KeyLen = 0; | |
73 } | |
74 CPDF_StandardSecurityHandler::~CPDF_StandardSecurityHandler() | |
75 { | |
76 } | |
77 FX_BOOL CPDF_StandardSecurityHandler::OnInit(CPDF_Parser* pParser, CPDF_Dictiona
ry* pEncryptDict) | |
78 { | |
79 m_pParser = pParser; | |
80 if (!LoadDict(pEncryptDict)) { | |
81 return FALSE; | |
82 } | |
83 if (m_Cipher == FXCIPHER_NONE) { | |
84 return TRUE; | |
85 } | |
86 return CheckSecurity(m_KeyLen); | |
87 } | |
88 FX_BOOL CPDF_StandardSecurityHandler::CheckSecurity(int32_t key_len) | |
89 { | |
90 CFX_ByteString password = m_pParser->GetPassword(); | |
91 if (CheckPassword(password, password.GetLength(), TRUE, m_EncryptKey, key_le
n)) { | |
92 if (password.IsEmpty()) { | |
93 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptK
ey, key_len)) { | |
94 return FALSE; | |
95 } | |
96 } | |
97 m_bOwner = TRUE; | |
98 return TRUE; | |
99 } | |
100 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, ke
y_len); | |
101 } | |
102 FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() | |
103 { | |
104 return m_Permissions; | |
105 } | |
106 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, const CFX_ByteStrin
gC& name, int& cipher, int& keylen) | |
107 { | |
108 int Version = pEncryptDict->GetInteger(FX_BSTRC("V")); | |
109 cipher = FXCIPHER_RC4; | |
110 keylen = 0; | |
111 if (Version >= 4) { | |
112 CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDict(FX_BSTRC("CF")); | |
113 if (pCryptFilters == NULL) { | |
114 return FALSE; | |
115 } | |
116 if (name == FX_BSTRC("Identity")) { | |
117 cipher = FXCIPHER_NONE; | |
118 } else { | |
119 CPDF_Dictionary* pDefFilter = pCryptFilters->GetDict(name); | |
120 if (pDefFilter == NULL) { | |
121 return FALSE; | |
122 } | |
123 int nKeyBits = 0; | |
124 if (Version == 4) { | |
125 nKeyBits = pDefFilter->GetInteger(FX_BSTRC("Length"), 0); | |
126 if (nKeyBits == 0) { | |
127 nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 128)
; | |
128 } | |
129 } else { | |
130 nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 256); | |
131 } | |
132 if (nKeyBits < 40) { | |
133 nKeyBits *= 8; | |
134 } | |
135 keylen = nKeyBits / 8; | |
136 CFX_ByteString cipher_name = pDefFilter->GetString(FX_BSTRC("CFM")); | |
137 if (cipher_name == FX_BSTRC("AESV2") || cipher_name == FX_BSTRC("AES
V3")) { | |
138 cipher = FXCIPHER_AES; | |
139 } | |
140 } | |
141 } else { | |
142 keylen = Version > 1 ? pEncryptDict->GetInteger(FX_BSTRC("Length"), 40)
/ 8 : 5; | |
143 } | |
144 if (keylen > 32 || keylen < 0) { | |
145 return FALSE; | |
146 } | |
147 return TRUE; | 458 return TRUE; |
148 } | 459 } |
149 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) | 460 return FALSE; |
150 { | 461 } |
151 m_pEncryptDict = pEncryptDict; | 462 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
152 m_bOwner = FALSE; | 463 const uint8_t* owner_pass, |
153 m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); | 464 FX_DWORD pass_size) { |
154 m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); | 465 return GetUserPassword(owner_pass, pass_size, m_KeyLen); |
155 m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); | 466 } |
156 if (m_Version < 4) { | 467 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
157 return _LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen
); | 468 const uint8_t* owner_pass, |
158 } | 469 FX_DWORD pass_size, |
159 CFX_ByteString stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); | 470 int32_t key_len) { |
160 CFX_ByteString strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); | 471 CFX_ByteString okey = m_pEncryptDict->GetString(FX_BSTRC("O")); |
161 if (stmf_name != strf_name) { | 472 uint8_t passcode[32]; |
162 return FALSE; | 473 FX_DWORD i; |
163 } | 474 for (i = 0; i < 32; i++) { |
164 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { | 475 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
165 return FALSE; | 476 } |
166 } | 477 uint8_t digest[16]; |
| 478 CRYPT_MD5Generate(passcode, 32, digest); |
| 479 if (m_Revision >= 3) { |
| 480 for (int i = 0; i < 50; i++) { |
| 481 CRYPT_MD5Generate(digest, 16, digest); |
| 482 } |
| 483 } |
| 484 uint8_t enckey[32]; |
| 485 FXSYS_memset(enckey, 0, sizeof(enckey)); |
| 486 FX_DWORD copy_len = key_len; |
| 487 if (copy_len > sizeof(digest)) { |
| 488 copy_len = sizeof(digest); |
| 489 } |
| 490 FXSYS_memcpy(enckey, digest, copy_len); |
| 491 int okeylen = okey.GetLength(); |
| 492 if (okeylen > 32) { |
| 493 okeylen = 32; |
| 494 } |
| 495 uint8_t okeybuf[64]; |
| 496 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); |
| 497 FXSYS_memcpy(okeybuf, okey.c_str(), okeylen); |
| 498 if (m_Revision == 2) { |
| 499 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, enckey, key_len); |
| 500 } else { |
| 501 for (int i = 19; i >= 0; i--) { |
| 502 uint8_t tempkey[32]; |
| 503 FXSYS_memset(tempkey, 0, sizeof(tempkey)); |
| 504 for (int j = 0; j < m_KeyLen; j++) { |
| 505 tempkey[j] = enckey[j] ^ i; |
| 506 } |
| 507 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); |
| 508 } |
| 509 } |
| 510 int len = 32; |
| 511 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
| 512 len--; |
| 513 } |
| 514 return CFX_ByteString(okeybuf, len); |
| 515 } |
| 516 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( |
| 517 const uint8_t* password, |
| 518 FX_DWORD pass_size, |
| 519 uint8_t* key, |
| 520 int32_t key_len) { |
| 521 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
| 522 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, |
| 523 key_len)) { |
167 return TRUE; | 524 return TRUE; |
168 } | 525 } |
169 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, FX
_DWORD type, int& cipher, int& key_len) | 526 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, |
170 { | 527 key_len); |
171 m_pEncryptDict = pEncryptDict; | 528 } |
172 m_bOwner = FALSE; | 529 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { |
173 m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); | 530 return m_pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE); |
174 m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); | 531 } |
175 m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); | 532 CPDF_SecurityHandler* FPDF_CreateStandardSecurityHandler() { |
176 CFX_ByteString strf_name, stmf_name; | 533 return new CPDF_StandardSecurityHandler; |
177 if (m_Version >= 4) { | 534 } |
178 stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); | 535 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
179 strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); | 536 CPDF_Array* pIdArray, |
180 if (stmf_name != strf_name) { | 537 const uint8_t* user_pass, |
181 return FALSE; | 538 FX_DWORD user_size, |
182 } | 539 const uint8_t* owner_pass, |
183 } | 540 FX_DWORD owner_size, |
184 if (!_LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) { | 541 FX_BOOL bDefault, |
185 return FALSE; | 542 FX_DWORD type) { |
186 } | 543 int cipher = 0, key_len = 0; |
187 m_Cipher = cipher; | 544 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
188 m_KeyLen = key_len; | 545 return; |
189 return TRUE; | 546 } |
190 return TRUE; | 547 if (bDefault && (owner_pass == NULL || owner_size == 0)) { |
191 } | 548 owner_pass = user_pass; |
192 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, const uint8_t*&
buffer, int& keylen) | 549 owner_size = user_size; |
193 { | 550 } |
194 cipher = m_Cipher; | 551 if (m_Revision >= 5) { |
195 buffer = m_EncryptKey; | 552 int t = (int)time(NULL); |
196 keylen = m_KeyLen; | |
197 return TRUE; | |
198 } | |
199 #define FX_GET_32WORD(n,b,i)» » » » » » »
» \ | |
200 {» » » » » » » » » »
» » » » \ | |
201 (n) = (FX_DWORD)(( (uint64_t) (b)[(i)] << 24 )» » » \ | |
202 | ( (uint64_t) (b)[(i) + 1] << 16 )» » »
» » \ | |
203 | ( (uint64_t) (b)[(i) + 2] << 8 )» » »
» » \ | |
204 | ( (uint64_t) (b)[(i) + 3] ));» » »
» » \ | |
205 } | |
206 int BigOrder64BitsMod3(uint8_t* data) | |
207 { | |
208 uint64_t ret = 0; | |
209 for (int i = 0; i < 4; ++i) { | |
210 FX_DWORD value; | |
211 FX_GET_32WORD(value, data, 4 * i); | |
212 ret <<= 32; | |
213 ret |= value; | |
214 ret %= 3; | |
215 } | |
216 return (int)ret; | |
217 } | |
218 void Revision6_Hash(const uint8_t* password, FX_DWORD size, const uint8_t* salt,
const uint8_t* vector, uint8_t* hash) | |
219 { | |
220 int iBlockSize = 32; | |
221 uint8_t sha[128]; | 553 uint8_t sha[128]; |
222 CRYPT_SHA256Start(sha); | 554 CRYPT_SHA256Start(sha); |
223 CRYPT_SHA256Update(sha, password, size); | 555 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
224 CRYPT_SHA256Update(sha, salt, 8); | 556 CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
225 if (vector) { | 557 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
226 CRYPT_SHA256Update(sha, vector, 48); | 558 CRYPT_SHA256Finish(sha, m_EncryptKey); |
227 } | 559 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
228 uint8_t digest[32]; | 560 if (bDefault) { |
229 CRYPT_SHA256Finish(sha, digest); | 561 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, |
230 CFX_ByteTextBuf buf; | 562 m_EncryptKey); |
231 uint8_t* input = digest; | 563 AES256_SetPerms( |
232 uint8_t* key = input; | 564 pEncryptDict, m_Permissions, |
233 uint8_t* iv = input + 16; | 565 pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE), |
234 uint8_t* E = buf.GetBuffer(); | 566 m_EncryptKey); |
235 int iBufLen = buf.GetLength(); | 567 } |
236 CFX_ByteTextBuf interDigest; | 568 return; |
237 int i = 0; | 569 } |
238 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 570 if (bDefault) { |
239 while (i < 64 || i < E[iBufLen - 1] + 32) { | |
240 int iRoundSize = size + iBlockSize; | |
241 if (vector) { | |
242 iRoundSize += 48; | |
243 } | |
244 iBufLen = iRoundSize * 64; | |
245 buf.EstimateSize(iBufLen); | |
246 E = buf.GetBuffer(); | |
247 CFX_ByteTextBuf content; | |
248 for (int j = 0; j < 64; ++j) { | |
249 content.AppendBlock(password, size); | |
250 content.AppendBlock(input, iBlockSize); | |
251 if (vector) { | |
252 content.AppendBlock(vector, 48); | |
253 } | |
254 } | |
255 CRYPT_AESSetKey(aes, 16, key, 16, TRUE); | |
256 CRYPT_AESSetIV(aes, iv); | |
257 CRYPT_AESEncrypt(aes, E, content.GetBuffer(), iBufLen); | |
258 int iHash = 0; | |
259 switch (BigOrder64BitsMod3(E)) { | |
260 case 0: | |
261 iHash = 0; | |
262 iBlockSize = 32; | |
263 break; | |
264 case 1: | |
265 iHash = 1; | |
266 iBlockSize = 48; | |
267 break; | |
268 default: | |
269 iHash = 2; | |
270 iBlockSize = 64; | |
271 break; | |
272 } | |
273 interDigest.EstimateSize(iBlockSize); | |
274 input = interDigest.GetBuffer(); | |
275 if (iHash == 0) { | |
276 CRYPT_SHA256Generate(E, iBufLen, input); | |
277 } else if (iHash == 1) { | |
278 CRYPT_SHA384Generate(E, iBufLen, input); | |
279 } else if (iHash == 2) { | |
280 CRYPT_SHA512Generate(E, iBufLen, input); | |
281 } | |
282 key = input; | |
283 iv = input + 16; | |
284 ++i; | |
285 } | |
286 FX_Free(aes); | |
287 if (hash) { | |
288 FXSYS_memcpy(hash, input, 32); | |
289 } | |
290 } | |
291 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword(const uint8_t* passwo
rd, FX_DWORD size, | |
292 FX_BOOL bOwner, uint8_t* key) | |
293 { | |
294 CFX_ByteString okey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("O
")) : CFX_ByteString(); | |
295 if (okey.GetLength() < 48) { | |
296 return FALSE; | |
297 } | |
298 CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U
")) : CFX_ByteString(); | |
299 if (ukey.GetLength() < 48) { | |
300 return FALSE; | |
301 } | |
302 const uint8_t* pkey = bOwner ? (const uint8_t*)okey : (const uint8_t*)ukey; | |
303 uint8_t sha[128]; | |
304 uint8_t digest[32]; | |
305 if (m_Revision >= 6) { | |
306 Revision6_Hash(password, size, (const uint8_t*)pkey + 32, (bOwner ? (con
st uint8_t*)ukey : NULL), digest); | |
307 } else { | |
308 CRYPT_SHA256Start(sha); | |
309 CRYPT_SHA256Update(sha, password, size); | |
310 CRYPT_SHA256Update(sha, pkey + 32, 8); | |
311 if (bOwner) { | |
312 CRYPT_SHA256Update(sha, ukey, 48); | |
313 } | |
314 CRYPT_SHA256Finish(sha, digest); | |
315 } | |
316 if (FXSYS_memcmp(digest, pkey, 32) != 0) { | |
317 return FALSE; | |
318 } | |
319 if (key == NULL) { | |
320 return TRUE; | |
321 } | |
322 if (m_Revision >= 6) { | |
323 Revision6_Hash(password, size, (const uint8_t*)pkey + 40, (bOwner ? (con
st uint8_t*)ukey : NULL), digest); | |
324 } else { | |
325 CRYPT_SHA256Start(sha); | |
326 CRYPT_SHA256Update(sha, password, size); | |
327 CRYPT_SHA256Update(sha, pkey + 40, 8); | |
328 if (bOwner) { | |
329 CRYPT_SHA256Update(sha, ukey, 48); | |
330 } | |
331 CRYPT_SHA256Finish(sha, digest); | |
332 } | |
333 CFX_ByteString ekey = m_pEncryptDict ? m_pEncryptDict->GetString(bOwner ? FX
_BSTRC("OE") : FX_BSTRC("UE")) : CFX_ByteString(); | |
334 if (ekey.GetLength() < 32) { | |
335 return FALSE; | |
336 } | |
337 uint8_t* aes = FX_Alloc(uint8_t, 2048); | |
338 CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); | |
339 uint8_t iv[16]; | |
340 FXSYS_memset(iv, 0, 16); | |
341 CRYPT_AESSetIV(aes, iv); | |
342 CRYPT_AESDecrypt(aes, key, ekey, 32); | |
343 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); | |
344 CRYPT_AESSetIV(aes, iv); | |
345 CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms")); | |
346 if (perms.IsEmpty()) { | |
347 return FALSE; | |
348 } | |
349 uint8_t perms_buf[16]; | |
350 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); | |
351 FX_DWORD copy_len = sizeof(perms_buf); | |
352 if (copy_len > (FX_DWORD)perms.GetLength()) { | |
353 copy_len = perms.GetLength(); | |
354 } | |
355 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); | |
356 uint8_t buf[16]; | |
357 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); | |
358 FX_Free(aes); | |
359 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { | |
360 return FALSE; | |
361 } | |
362 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { | |
363 return FALSE; | |
364 } | |
365 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || (buf[8] == 'F' && IsMetadat
aEncrypted())) { | |
366 return FALSE; | |
367 } | |
368 return TRUE; | |
369 } | |
370 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, FX_DWOR
D pass_size, FX_BOOL bOwner, uint8_t* key) | |
371 { | |
372 return CheckPassword(password, pass_size, bOwner, key, m_KeyLen); | |
373 } | |
374 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, FX_DWOR
D size, FX_BOOL bOwner, uint8_t* key, int32_t key_len) | |
375 { | |
376 if (m_Revision >= 5) { | |
377 return AES256_CheckPassword(password, size, bOwner, key); | |
378 } | |
379 uint8_t keybuf[32]; | |
380 if (key == NULL) { | |
381 key = keybuf; | |
382 } | |
383 if (bOwner) { | |
384 return CheckOwnerPassword(password, size, key, key_len); | |
385 } | |
386 return CheckUserPassword(password, size, FALSE, key, key_len) || CheckUserPa
ssword(password, size, TRUE, key, key_len); | |
387 } | |
388 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword(const uint8_t* password,
FX_DWORD pass_size, | |
389 FX_BOOL bIgnoreEncryptMeta, uint8_t* key, int32_t key_len) | |
390 { | |
391 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, bIgnoreEnc
ryptMeta, | |
392 m_pParser->GetIDArray()); | |
393 CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U
")) : CFX_ByteString(); | |
394 if (ukey.GetLength() < 16) { | |
395 return FALSE; | |
396 } | |
397 uint8_t ukeybuf[32]; | |
398 if (m_Revision == 2) { | |
399 FXSYS_memcpy(ukeybuf, defpasscode, 32); | |
400 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); | |
401 } else { | |
402 uint8_t test[32], tmpkey[32]; | |
403 FX_DWORD copy_len = sizeof(test); | |
404 if (copy_len > (FX_DWORD)ukey.GetLength()) { | |
405 copy_len = ukey.GetLength(); | |
406 } | |
407 FXSYS_memset(test, 0, sizeof(test)); | |
408 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); | |
409 FXSYS_memcpy(test, ukey.c_str(), copy_len); | |
410 for (int i = 19; i >= 0; i --) { | |
411 for (int j = 0; j < key_len; j ++) { | |
412 tmpkey[j] = key[j] ^ i; | |
413 } | |
414 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); | |
415 } | |
416 uint8_t md5[100]; | |
417 CRYPT_MD5Start(md5); | |
418 CRYPT_MD5Update(md5, defpasscode, 32); | |
419 CPDF_Array* pIdArray = m_pParser->GetIDArray(); | |
420 if (pIdArray) { | |
421 CFX_ByteString id = pIdArray->GetString(0); | |
422 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | |
423 } | |
424 CRYPT_MD5Finish(md5, ukeybuf); | |
425 return FXSYS_memcmp(test, ukeybuf, 16) == 0; | |
426 } | |
427 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { | |
428 return TRUE; | |
429 } | |
430 return FALSE; | |
431 } | |
432 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(const uint8_t* owne
r_pass, FX_DWORD pass_size) | |
433 { | |
434 return GetUserPassword(owner_pass, pass_size, m_KeyLen); | |
435 } | |
436 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(const uint8_t* owne
r_pass, FX_DWORD pass_size, int32_t key_len) | |
437 { | |
438 CFX_ByteString okey = m_pEncryptDict->GetString(FX_BSTRC("O")); | |
439 uint8_t passcode[32]; | 571 uint8_t passcode[32]; |
440 FX_DWORD i; | 572 FX_DWORD i; |
441 for (i = 0; i < 32; i ++) { | 573 for (i = 0; i < 32; i++) { |
442 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]
; | 574 passcode[i] = |
| 575 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
443 } | 576 } |
444 uint8_t digest[16]; | 577 uint8_t digest[16]; |
445 CRYPT_MD5Generate(passcode, 32, digest); | 578 CRYPT_MD5Generate(passcode, 32, digest); |
446 if (m_Revision >= 3) { | 579 if (m_Revision >= 3) { |
447 for (int i = 0; i < 50; i ++) { | 580 for (int i = 0; i < 50; i++) { |
448 CRYPT_MD5Generate(digest, 16, digest); | 581 CRYPT_MD5Generate(digest, 16, digest); |
| 582 } |
| 583 } |
| 584 uint8_t enckey[32]; |
| 585 FXSYS_memcpy(enckey, digest, key_len); |
| 586 for (i = 0; i < 32; i++) { |
| 587 passcode[i] = i < user_size ? user_pass[i] : defpasscode[i - user_size]; |
| 588 } |
| 589 CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); |
| 590 uint8_t tempkey[32]; |
| 591 if (m_Revision >= 3) { |
| 592 for (i = 1; i <= 19; i++) { |
| 593 for (int j = 0; j < key_len; j++) { |
| 594 tempkey[j] = enckey[j] ^ (uint8_t)i; |
449 } | 595 } |
450 } | 596 CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); |
451 uint8_t enckey[32]; | 597 } |
452 FXSYS_memset(enckey, 0, sizeof(enckey)); | 598 } |
453 FX_DWORD copy_len = key_len; | 599 pEncryptDict->SetAtString(FX_BSTRC("O"), CFX_ByteString(passcode, 32)); |
454 if (copy_len > sizeof(digest)) { | 600 } |
455 copy_len = sizeof(digest); | 601 CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey, |
456 } | 602 key_len, FALSE, pIdArray); |
457 FXSYS_memcpy(enckey, digest, copy_len); | 603 if (m_Revision < 3) { |
458 int okeylen = okey.GetLength(); | 604 uint8_t tempbuf[32]; |
459 if (okeylen > 32) { | 605 FXSYS_memcpy(tempbuf, defpasscode, 32); |
460 okeylen = 32; | 606 CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); |
461 } | 607 pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(tempbuf, 32)); |
462 uint8_t okeybuf[64]; | 608 } else { |
463 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); | 609 uint8_t md5[100]; |
464 FXSYS_memcpy(okeybuf, okey.c_str(), okeylen); | 610 CRYPT_MD5Start(md5); |
465 if (m_Revision == 2) { | 611 CRYPT_MD5Update(md5, defpasscode, 32); |
466 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, enckey, key_len); | 612 if (pIdArray) { |
467 } else { | 613 CFX_ByteString id = pIdArray->GetString(0); |
468 for (int i = 19; i >= 0; i --) { | 614 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
469 uint8_t tempkey[32]; | 615 } |
470 FXSYS_memset(tempkey, 0, sizeof(tempkey)); | 616 uint8_t digest[32]; |
471 for (int j = 0; j < m_KeyLen; j ++) { | 617 CRYPT_MD5Finish(md5, digest); |
472 tempkey[j] = enckey[j] ^ i; | 618 CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); |
473 } | 619 uint8_t tempkey[32]; |
474 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); | 620 for (int i = 1; i <= 19; i++) { |
475 } | 621 for (int j = 0; j < key_len; j++) { |
476 } | 622 tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; |
477 int len = 32; | 623 } |
478 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { | 624 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
479 len --; | 625 } |
480 } | 626 CRYPT_MD5Generate(digest, 16, digest + 16); |
481 return CFX_ByteString(okeybuf, len); | 627 pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(digest, 32)); |
482 } | 628 } |
483 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword(const uint8_t* password
, FX_DWORD pass_size, | 629 } |
484 uint8_t* key, int32_t key_len) | 630 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
485 { | 631 CPDF_Array* pIdArray, |
486 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); | 632 const uint8_t* user_pass, |
487 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, key_len)
) { | 633 FX_DWORD user_size, |
488 return TRUE; | 634 const uint8_t* owner_pass, |
489 } | 635 FX_DWORD owner_size, |
490 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, key_le
n); | 636 FX_DWORD type) { |
491 } | 637 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
492 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() | 638 TRUE, type); |
493 { | 639 } |
494 return m_pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE); | 640 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
495 } | 641 CPDF_Array* pIdArray, |
496 CPDF_SecurityHandler* FPDF_CreateStandardSecurityHandler() | 642 const uint8_t* user_pass, |
497 { | 643 FX_DWORD user_size, |
498 return new CPDF_StandardSecurityHandler; | 644 FX_DWORD type) { |
499 } | 645 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
500 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_
Array* pIdArray, | 646 } |
501 const uint8_t* user_pass, FX_DWORD user_size, | 647 void CPDF_StandardSecurityHandler::AES256_SetPassword( |
502 const uint8_t* owner_pass, FX_DWORD owner_size, FX_BOOL bDefault, FX_DWO
RD type) | 648 CPDF_Dictionary* pEncryptDict, |
503 { | 649 const uint8_t* password, |
504 int cipher = 0, key_len = 0; | 650 FX_DWORD size, |
505 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { | 651 FX_BOOL bOwner, |
506 return; | 652 const uint8_t* key) { |
507 } | 653 uint8_t sha[128]; |
508 if (bDefault && (owner_pass == NULL || owner_size == 0)) { | 654 CRYPT_SHA1Start(sha); |
509 owner_pass = user_pass; | 655 CRYPT_SHA1Update(sha, key, 32); |
510 owner_size = user_size; | 656 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
511 } | 657 uint8_t digest[20]; |
512 if (m_Revision >= 5) { | 658 CRYPT_SHA1Finish(sha, digest); |
513 int t = (int)time(NULL); | 659 CFX_ByteString ukey = pEncryptDict->GetString(FX_BSTRC("U")); |
514 uint8_t sha[128]; | 660 uint8_t digest1[48]; |
515 CRYPT_SHA256Start(sha); | 661 if (m_Revision >= 6) { |
516 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); | 662 Revision6_Hash(password, size, digest, |
517 CRYPT_SHA256Update(sha, m_EncryptKey, 32); | 663 (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
518 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); | 664 } else { |
519 CRYPT_SHA256Finish(sha, m_EncryptKey); | 665 CRYPT_SHA256Start(sha); |
520 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptK
ey); | 666 CRYPT_SHA256Update(sha, password, size); |
521 if (bDefault) { | 667 CRYPT_SHA256Update(sha, digest, 8); |
522 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, m_Enc
ryptKey); | 668 if (bOwner) { |
523 AES256_SetPerms(pEncryptDict, m_Permissions, pEncryptDict->GetBoolea
n(FX_BSTRC("EncryptMetadata"), TRUE), m_EncryptKey); | 669 CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
524 } | 670 } |
525 return; | 671 CRYPT_SHA256Finish(sha, digest1); |
526 } | 672 } |
527 if (bDefault) { | 673 FXSYS_memcpy(digest1 + 32, digest, 16); |
528 uint8_t passcode[32]; | 674 pEncryptDict->SetAtString(bOwner ? FX_BSTRC("O") : FX_BSTRC("U"), |
529 FX_DWORD i; | 675 CFX_ByteString(digest1, 48)); |
530 for (i = 0; i < 32; i ++) { | 676 if (m_Revision >= 6) { |
531 passcode[i] = i < owner_size ? owner_pass[i] : defpasscode[i - owner
_size]; | 677 Revision6_Hash(password, size, digest + 8, |
532 } | 678 (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
533 uint8_t digest[16]; | 679 } else { |
534 CRYPT_MD5Generate(passcode, 32, digest); | 680 CRYPT_SHA256Start(sha); |
535 if (m_Revision >= 3) { | 681 CRYPT_SHA256Update(sha, password, size); |
536 for (int i = 0; i < 50; i ++) { | 682 CRYPT_SHA256Update(sha, digest + 8, 8); |
537 CRYPT_MD5Generate(digest, 16, digest); | 683 if (bOwner) { |
538 } | 684 CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
539 } | 685 } |
540 uint8_t enckey[32]; | 686 CRYPT_SHA256Finish(sha, digest1); |
541 FXSYS_memcpy(enckey, digest, key_len); | 687 } |
542 for (i = 0; i < 32; i ++) { | 688 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
543 passcode[i] = i < user_size ? user_pass[i] : defpasscode[i - user_si
ze]; | 689 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
544 } | 690 uint8_t iv[16]; |
545 CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); | 691 FXSYS_memset(iv, 0, 16); |
546 uint8_t tempkey[32]; | 692 CRYPT_AESSetIV(aes, iv); |
547 if (m_Revision >= 3) { | 693 CRYPT_AESEncrypt(aes, digest1, key, 32); |
548 for (i = 1; i <= 19; i ++) { | 694 FX_Free(aes); |
549 for (int j = 0; j < key_len; j ++) { | 695 pEncryptDict->SetAtString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE"), |
550 tempkey[j] = enckey[j] ^ (uint8_t)i; | 696 CFX_ByteString(digest1, 32)); |
551 } | 697 } |
552 CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); | 698 void CPDF_StandardSecurityHandler::AES256_SetPerms( |
553 } | 699 CPDF_Dictionary* pEncryptDict, |
554 } | 700 FX_DWORD permissions, |
555 pEncryptDict->SetAtString(FX_BSTRC("O"), CFX_ByteString(passcode, 32)); | 701 FX_BOOL bEncryptMetadata, |
556 } | 702 const uint8_t* key) { |
557 CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey,
key_len, FALSE, pIdArray); | 703 uint8_t buf[16]; |
558 if (m_Revision < 3) { | 704 buf[0] = (uint8_t)permissions; |
559 uint8_t tempbuf[32]; | 705 buf[1] = (uint8_t)(permissions >> 8); |
560 FXSYS_memcpy(tempbuf, defpasscode, 32); | 706 buf[2] = (uint8_t)(permissions >> 16); |
561 CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); | 707 buf[3] = (uint8_t)(permissions >> 24); |
562 pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(tempbuf, 32)); | 708 buf[4] = 0xff; |
563 } else { | 709 buf[5] = 0xff; |
564 uint8_t md5[100]; | 710 buf[6] = 0xff; |
565 CRYPT_MD5Start(md5); | 711 buf[7] = 0xff; |
566 CRYPT_MD5Update(md5, defpasscode, 32); | 712 buf[8] = bEncryptMetadata ? 'T' : 'F'; |
567 if (pIdArray) { | 713 buf[9] = 'a'; |
568 CFX_ByteString id = pIdArray->GetString(0); | 714 buf[10] = 'd'; |
569 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 715 buf[11] = 'b'; |
570 } | 716 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
571 uint8_t digest[32]; | 717 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
572 CRYPT_MD5Finish(md5, digest); | 718 uint8_t iv[16], buf1[16]; |
573 CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); | 719 FXSYS_memset(iv, 0, 16); |
574 uint8_t tempkey[32]; | 720 CRYPT_AESSetIV(aes, iv); |
575 for (int i = 1; i <= 19; i ++) { | 721 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
576 for (int j = 0; j < key_len; j ++) { | 722 FX_Free(aes); |
577 tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; | 723 pEncryptDict->SetAtString(FX_BSTRC("Perms"), CFX_ByteString(buf1, 16)); |
578 } | 724 } |
579 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); | 725 void CPDF_StandardCryptoHandler::CryptBlock(FX_BOOL bEncrypt, |
580 } | 726 FX_DWORD objnum, |
581 CRYPT_MD5Generate(digest, 16, digest + 16); | 727 FX_DWORD gennum, |
582 pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(digest, 32)); | 728 const uint8_t* src_buf, |
583 } | 729 FX_DWORD src_size, |
584 } | 730 uint8_t* dest_buf, |
585 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_
Array* pIdArray, | 731 FX_DWORD& dest_size) { |
586 const uint8_t* user_pass, FX_DWORD user_size, | 732 if (m_Cipher == FXCIPHER_NONE) { |
587 const uint8_t* owner_pass, FX_DWORD owner_size, FX_DWORD type) | 733 FXSYS_memcpy(dest_buf, src_buf, src_size); |
588 { | 734 return; |
589 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_siz
e, TRUE, type); | 735 } |
590 } | 736 uint8_t realkey[16]; |
591 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_
Array* pIdArray, const uint8_t* user_pass, FX_DWORD user_size, FX_DWORD type) | 737 int realkeylen = 16; |
592 { | 738 if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) { |
593 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type)
; | 739 uint8_t key1[32]; |
594 } | |
595 void CPDF_StandardSecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptD
ict, const uint8_t* password, FX_DWORD size, FX_BOOL bOwner, const uint8_t* key) | |
596 { | |
597 uint8_t sha[128]; | |
598 CRYPT_SHA1Start(sha); | |
599 CRYPT_SHA1Update(sha, key, 32); | |
600 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); | |
601 uint8_t digest[20]; | |
602 CRYPT_SHA1Finish(sha, digest); | |
603 CFX_ByteString ukey = pEncryptDict->GetString(FX_BSTRC("U")); | |
604 uint8_t digest1[48]; | |
605 if (m_Revision >= 6) { | |
606 Revision6_Hash(password, size, digest, (bOwner ? (const uint8_t*)ukey :
NULL), digest1); | |
607 } else { | |
608 CRYPT_SHA256Start(sha); | |
609 CRYPT_SHA256Update(sha, password, size); | |
610 CRYPT_SHA256Update(sha, digest, 8); | |
611 if (bOwner) { | |
612 CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); | |
613 } | |
614 CRYPT_SHA256Finish(sha, digest1); | |
615 } | |
616 FXSYS_memcpy(digest1 + 32, digest, 16); | |
617 pEncryptDict->SetAtString(bOwner ? FX_BSTRC("O") : FX_BSTRC("U"), CFX_ByteSt
ring(digest1, 48)); | |
618 if (m_Revision >= 6) { | |
619 Revision6_Hash(password, size, digest + 8, (bOwner ? (const uint8_t*)uke
y : NULL), digest1); | |
620 } else { | |
621 CRYPT_SHA256Start(sha); | |
622 CRYPT_SHA256Update(sha, password, size); | |
623 CRYPT_SHA256Update(sha, digest + 8, 8); | |
624 if (bOwner) { | |
625 CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); | |
626 } | |
627 CRYPT_SHA256Finish(sha, digest1); | |
628 } | |
629 uint8_t* aes = FX_Alloc(uint8_t, 2048); | |
630 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); | |
631 uint8_t iv[16]; | |
632 FXSYS_memset(iv, 0, 16); | |
633 CRYPT_AESSetIV(aes, iv); | |
634 CRYPT_AESEncrypt(aes, digest1, key, 32); | |
635 FX_Free(aes); | |
636 pEncryptDict->SetAtString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE"), CFX_Byte
String(digest1, 32)); | |
637 } | |
638 void CPDF_StandardSecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict
, FX_DWORD permissions, | |
639 FX_BOOL bEncryptMetadata, const uint8_t* key) | |
640 { | |
641 uint8_t buf[16]; | |
642 buf[0] = (uint8_t)permissions; | |
643 buf[1] = (uint8_t)(permissions >> 8); | |
644 buf[2] = (uint8_t)(permissions >> 16); | |
645 buf[3] = (uint8_t)(permissions >> 24); | |
646 buf[4] = 0xff; | |
647 buf[5] = 0xff; | |
648 buf[6] = 0xff; | |
649 buf[7] = 0xff; | |
650 buf[8] = bEncryptMetadata ? 'T' : 'F'; | |
651 buf[9] = 'a'; | |
652 buf[10] = 'd'; | |
653 buf[11] = 'b'; | |
654 uint8_t* aes = FX_Alloc(uint8_t, 2048); | |
655 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); | |
656 uint8_t iv[16], buf1[16]; | |
657 FXSYS_memset(iv, 0, 16); | |
658 CRYPT_AESSetIV(aes, iv); | |
659 CRYPT_AESEncrypt(aes, buf1, buf, 16); | |
660 FX_Free(aes); | |
661 pEncryptDict->SetAtString(FX_BSTRC("Perms"), CFX_ByteString(buf1, 16)); | |
662 } | |
663 void CPDF_StandardCryptoHandler::CryptBlock(FX_BOOL bEncrypt, FX_DWORD objnum, F
X_DWORD gennum, const uint8_t* src_buf, FX_DWORD src_size, | |
664 uint8_t* dest_buf, FX_DWORD& dest_size) | |
665 { | |
666 if (m_Cipher == FXCIPHER_NONE) { | |
667 FXSYS_memcpy(dest_buf, src_buf, src_size); | |
668 return; | |
669 } | |
670 uint8_t realkey[16]; | |
671 int realkeylen = 16; | |
672 if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) { | |
673 uint8_t key1[32]; | |
674 FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); | |
675 key1[m_KeyLen + 0] = (uint8_t)objnum; | |
676 key1[m_KeyLen + 1] = (uint8_t)(objnum >> 8); | |
677 key1[m_KeyLen + 2] = (uint8_t)(objnum >> 16); | |
678 key1[m_KeyLen + 3] = (uint8_t)gennum; | |
679 key1[m_KeyLen + 4] = (uint8_t)(gennum >> 8); | |
680 FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); | |
681 FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); | |
682 if (m_Cipher == FXCIPHER_AES) { | |
683 FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); | |
684 } | |
685 CRYPT_MD5Generate(key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyL
en + 5, realkey); | |
686 realkeylen = m_KeyLen + 5; | |
687 if (realkeylen > 16) { | |
688 realkeylen = 16; | |
689 } | |
690 } | |
691 if (m_Cipher == FXCIPHER_AES) { | |
692 CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realk
ey, m_KeyLen, bEncrypt); | |
693 if (bEncrypt) { | |
694 uint8_t iv[16]; | |
695 for (int i = 0; i < 16; i ++) { | |
696 iv[i] = (uint8_t)rand(); | |
697 } | |
698 CRYPT_AESSetIV(m_pAESContext, iv); | |
699 FXSYS_memcpy(dest_buf, iv, 16); | |
700 int nblocks = src_size / 16; | |
701 CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16
); | |
702 uint8_t padding[16]; | |
703 FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16); | |
704 FXSYS_memset(padding + src_size % 16, 16 - src_size % 16, 16 - src_s
ize % 16); | |
705 CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, paddin
g, 16); | |
706 dest_size = 32 + nblocks * 16; | |
707 } else { | |
708 CRYPT_AESSetIV(m_pAESContext, src_buf); | |
709 CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 1
6); | |
710 dest_size = src_size - 16; | |
711 dest_size -= dest_buf[dest_size - 1]; | |
712 } | |
713 } else { | |
714 ASSERT(dest_size == src_size); | |
715 if (dest_buf != src_buf) { | |
716 FXSYS_memcpy(dest_buf, src_buf, src_size); | |
717 } | |
718 CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen); | |
719 } | |
720 } | |
721 typedef struct _AESCryptContext { | |
722 uint8_t m_Context[2048]; | |
723 FX_BOOL m_bIV; | |
724 uint8_t m_Block[16]; | |
725 FX_DWORD m_BlockOffset; | |
726 } AESCryptContext; | |
727 void* CPDF_StandardCryptoHandler::CryptStart(FX_DWORD objnum, FX_DWORD gennum, F
X_BOOL bEncrypt) | |
728 { | |
729 if (m_Cipher == FXCIPHER_NONE) { | |
730 return this; | |
731 } | |
732 if (m_Cipher == FXCIPHER_AES && m_KeyLen == 32) { | |
733 AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); | |
734 pContext->m_bIV = TRUE; | |
735 pContext->m_BlockOffset = 0; | |
736 CRYPT_AESSetKey(pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt); | |
737 if (bEncrypt) { | |
738 for (int i = 0; i < 16; i ++) { | |
739 pContext->m_Block[i] = (uint8_t)rand(); | |
740 } | |
741 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); | |
742 } | |
743 return pContext; | |
744 } | |
745 uint8_t key1[48]; | |
746 FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); | 740 FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); |
| 741 key1[m_KeyLen + 0] = (uint8_t)objnum; |
| 742 key1[m_KeyLen + 1] = (uint8_t)(objnum >> 8); |
| 743 key1[m_KeyLen + 2] = (uint8_t)(objnum >> 16); |
| 744 key1[m_KeyLen + 3] = (uint8_t)gennum; |
| 745 key1[m_KeyLen + 4] = (uint8_t)(gennum >> 8); |
747 FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); | 746 FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); |
748 FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); | 747 FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); |
749 if (m_Cipher == FXCIPHER_AES) { | 748 if (m_Cipher == FXCIPHER_AES) { |
750 FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); | 749 FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
751 } | 750 } |
752 uint8_t realkey[16]; | 751 CRYPT_MD5Generate( |
753 CRYPT_MD5Generate(key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen +
5, realkey); | 752 key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
754 int realkeylen = m_KeyLen + 5; | 753 realkeylen = m_KeyLen + 5; |
755 if (realkeylen > 16) { | 754 if (realkeylen > 16) { |
756 realkeylen = 16; | 755 realkeylen = 16; |
757 } | 756 } |
758 if (m_Cipher == FXCIPHER_AES) { | 757 } |
759 AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); | 758 if (m_Cipher == FXCIPHER_AES) { |
760 pContext->m_bIV = TRUE; | 759 CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey, |
| 760 m_KeyLen, bEncrypt); |
| 761 if (bEncrypt) { |
| 762 uint8_t iv[16]; |
| 763 for (int i = 0; i < 16; i++) { |
| 764 iv[i] = (uint8_t)rand(); |
| 765 } |
| 766 CRYPT_AESSetIV(m_pAESContext, iv); |
| 767 FXSYS_memcpy(dest_buf, iv, 16); |
| 768 int nblocks = src_size / 16; |
| 769 CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16); |
| 770 uint8_t padding[16]; |
| 771 FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16); |
| 772 FXSYS_memset(padding + src_size % 16, 16 - src_size % 16, |
| 773 16 - src_size % 16); |
| 774 CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding, |
| 775 16); |
| 776 dest_size = 32 + nblocks * 16; |
| 777 } else { |
| 778 CRYPT_AESSetIV(m_pAESContext, src_buf); |
| 779 CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16); |
| 780 dest_size = src_size - 16; |
| 781 dest_size -= dest_buf[dest_size - 1]; |
| 782 } |
| 783 } else { |
| 784 ASSERT(dest_size == src_size); |
| 785 if (dest_buf != src_buf) { |
| 786 FXSYS_memcpy(dest_buf, src_buf, src_size); |
| 787 } |
| 788 CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen); |
| 789 } |
| 790 } |
| 791 typedef struct _AESCryptContext { |
| 792 uint8_t m_Context[2048]; |
| 793 FX_BOOL m_bIV; |
| 794 uint8_t m_Block[16]; |
| 795 FX_DWORD m_BlockOffset; |
| 796 } AESCryptContext; |
| 797 void* CPDF_StandardCryptoHandler::CryptStart(FX_DWORD objnum, |
| 798 FX_DWORD gennum, |
| 799 FX_BOOL bEncrypt) { |
| 800 if (m_Cipher == FXCIPHER_NONE) { |
| 801 return this; |
| 802 } |
| 803 if (m_Cipher == FXCIPHER_AES && m_KeyLen == 32) { |
| 804 AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
| 805 pContext->m_bIV = TRUE; |
| 806 pContext->m_BlockOffset = 0; |
| 807 CRYPT_AESSetKey(pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt); |
| 808 if (bEncrypt) { |
| 809 for (int i = 0; i < 16; i++) { |
| 810 pContext->m_Block[i] = (uint8_t)rand(); |
| 811 } |
| 812 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
| 813 } |
| 814 return pContext; |
| 815 } |
| 816 uint8_t key1[48]; |
| 817 FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); |
| 818 FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); |
| 819 FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); |
| 820 if (m_Cipher == FXCIPHER_AES) { |
| 821 FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
| 822 } |
| 823 uint8_t realkey[16]; |
| 824 CRYPT_MD5Generate( |
| 825 key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
| 826 int realkeylen = m_KeyLen + 5; |
| 827 if (realkeylen > 16) { |
| 828 realkeylen = 16; |
| 829 } |
| 830 if (m_Cipher == FXCIPHER_AES) { |
| 831 AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
| 832 pContext->m_bIV = TRUE; |
| 833 pContext->m_BlockOffset = 0; |
| 834 CRYPT_AESSetKey(pContext->m_Context, 16, realkey, 16, bEncrypt); |
| 835 if (bEncrypt) { |
| 836 for (int i = 0; i < 16; i++) { |
| 837 pContext->m_Block[i] = (uint8_t)rand(); |
| 838 } |
| 839 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
| 840 } |
| 841 return pContext; |
| 842 } |
| 843 void* pContext = FX_Alloc(uint8_t, 1040); |
| 844 CRYPT_ArcFourSetup(pContext, realkey, realkeylen); |
| 845 return pContext; |
| 846 } |
| 847 FX_BOOL CPDF_StandardCryptoHandler::CryptStream(void* context, |
| 848 const uint8_t* src_buf, |
| 849 FX_DWORD src_size, |
| 850 CFX_BinaryBuf& dest_buf, |
| 851 FX_BOOL bEncrypt) { |
| 852 if (!context) { |
| 853 return FALSE; |
| 854 } |
| 855 if (m_Cipher == FXCIPHER_NONE) { |
| 856 dest_buf.AppendBlock(src_buf, src_size); |
| 857 return TRUE; |
| 858 } |
| 859 if (m_Cipher == FXCIPHER_RC4) { |
| 860 int old_size = dest_buf.GetSize(); |
| 861 dest_buf.AppendBlock(src_buf, src_size); |
| 862 CRYPT_ArcFourCrypt(context, dest_buf.GetBuffer() + old_size, src_size); |
| 863 return TRUE; |
| 864 } |
| 865 AESCryptContext* pContext = (AESCryptContext*)context; |
| 866 if (pContext->m_bIV && bEncrypt) { |
| 867 dest_buf.AppendBlock(pContext->m_Block, 16); |
| 868 pContext->m_bIV = FALSE; |
| 869 } |
| 870 FX_DWORD src_off = 0; |
| 871 FX_DWORD src_left = src_size; |
| 872 while (1) { |
| 873 FX_DWORD copy_size = 16 - pContext->m_BlockOffset; |
| 874 if (copy_size > src_left) { |
| 875 copy_size = src_left; |
| 876 } |
| 877 FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_off, |
| 878 copy_size); |
| 879 src_off += copy_size; |
| 880 src_left -= copy_size; |
| 881 pContext->m_BlockOffset += copy_size; |
| 882 if (pContext->m_BlockOffset == 16) { |
| 883 if (!bEncrypt && pContext->m_bIV) { |
| 884 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
| 885 pContext->m_bIV = FALSE; |
761 pContext->m_BlockOffset = 0; | 886 pContext->m_BlockOffset = 0; |
762 CRYPT_AESSetKey(pContext->m_Context, 16, realkey, 16, bEncrypt); | 887 } else if (src_off < src_size) { |
| 888 uint8_t block_buf[16]; |
763 if (bEncrypt) { | 889 if (bEncrypt) { |
764 for (int i = 0; i < 16; i ++) { | 890 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, |
765 pContext->m_Block[i] = (uint8_t)rand(); | 891 16); |
766 } | 892 } else { |
767 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); | 893 CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, |
| 894 16); |
768 } | 895 } |
769 return pContext; | 896 dest_buf.AppendBlock(block_buf, 16); |
770 } | 897 pContext->m_BlockOffset = 0; |
771 void* pContext = FX_Alloc(uint8_t, 1040); | 898 } |
772 CRYPT_ArcFourSetup(pContext, realkey, realkeylen); | 899 } |
773 return pContext; | 900 if (!src_left) { |
774 } | 901 break; |
775 FX_BOOL CPDF_StandardCryptoHandler::CryptStream(void* context, const uint8_t* sr
c_buf, FX_DWORD src_size, CFX_BinaryBuf& dest_buf, FX_BOOL bEncrypt) | 902 } |
776 { | 903 } |
777 if (!context) { | 904 return TRUE; |
| 905 } |
| 906 FX_BOOL CPDF_StandardCryptoHandler::CryptFinish(void* context, |
| 907 CFX_BinaryBuf& dest_buf, |
| 908 FX_BOOL bEncrypt) { |
| 909 if (!context) { |
| 910 return FALSE; |
| 911 } |
| 912 if (m_Cipher == FXCIPHER_NONE) { |
| 913 return TRUE; |
| 914 } |
| 915 if (m_Cipher == FXCIPHER_RC4) { |
| 916 FX_Free(context); |
| 917 return TRUE; |
| 918 } |
| 919 AESCryptContext* pContext = (AESCryptContext*)context; |
| 920 if (bEncrypt) { |
| 921 uint8_t block_buf[16]; |
| 922 if (pContext->m_BlockOffset == 16) { |
| 923 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
| 924 dest_buf.AppendBlock(block_buf, 16); |
| 925 pContext->m_BlockOffset = 0; |
| 926 } |
| 927 FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset, |
| 928 (uint8_t)(16 - pContext->m_BlockOffset), |
| 929 16 - pContext->m_BlockOffset); |
| 930 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
| 931 dest_buf.AppendBlock(block_buf, 16); |
| 932 } else if (pContext->m_BlockOffset == 16) { |
| 933 uint8_t block_buf[16]; |
| 934 CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
| 935 if (block_buf[15] <= 16) { |
| 936 dest_buf.AppendBlock(block_buf, 16 - block_buf[15]); |
| 937 } |
| 938 } |
| 939 FX_Free(pContext); |
| 940 return TRUE; |
| 941 } |
| 942 void* CPDF_StandardCryptoHandler::DecryptStart(FX_DWORD objnum, |
| 943 FX_DWORD gennum) { |
| 944 return CryptStart(objnum, gennum, FALSE); |
| 945 } |
| 946 FX_DWORD CPDF_StandardCryptoHandler::DecryptGetSize(FX_DWORD src_size) { |
| 947 return m_Cipher == FXCIPHER_AES ? src_size - 16 : src_size; |
| 948 } |
| 949 FX_BOOL CPDF_StandardCryptoHandler::Init( |
| 950 CPDF_Dictionary* pEncryptDict, |
| 951 CPDF_SecurityHandler* pSecurityHandler) { |
| 952 const uint8_t* key; |
| 953 if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen)) { |
| 954 return FALSE; |
| 955 } |
| 956 if (m_KeyLen > 32 || m_KeyLen < 0) { |
| 957 return FALSE; |
| 958 } |
| 959 if (m_Cipher != FXCIPHER_NONE) { |
| 960 FXSYS_memcpy(m_EncryptKey, key, m_KeyLen); |
| 961 } |
| 962 if (m_Cipher == FXCIPHER_AES) { |
| 963 m_pAESContext = FX_Alloc(uint8_t, 2048); |
| 964 } |
| 965 return TRUE; |
| 966 } |
| 967 FX_BOOL CPDF_StandardCryptoHandler::Init(int cipher, |
| 968 const uint8_t* key, |
| 969 int keylen) { |
| 970 if (cipher == FXCIPHER_AES) { |
| 971 switch (keylen) { |
| 972 case 16: |
| 973 case 24: |
| 974 case 32: |
| 975 break; |
| 976 default: |
778 return FALSE; | 977 return FALSE; |
779 } | 978 } |
780 if (m_Cipher == FXCIPHER_NONE) { | 979 } else if (cipher == FXCIPHER_AES2) { |
781 dest_buf.AppendBlock(src_buf, src_size); | 980 if (keylen != 32) { |
782 return TRUE; | 981 return FALSE; |
783 } | 982 } |
784 if (m_Cipher == FXCIPHER_RC4) { | 983 } else if (cipher == FXCIPHER_RC4) { |
785 int old_size = dest_buf.GetSize(); | 984 if (keylen < 5 || keylen > 16) { |
786 dest_buf.AppendBlock(src_buf, src_size); | 985 return FALSE; |
787 CRYPT_ArcFourCrypt(context, dest_buf.GetBuffer() + old_size, src_size); | 986 } |
788 return TRUE; | 987 } else { |
789 } | 988 if (keylen > 32) { |
790 AESCryptContext* pContext = (AESCryptContext*)context; | 989 keylen = 32; |
791 if (pContext->m_bIV && bEncrypt) { | 990 } |
792 dest_buf.AppendBlock(pContext->m_Block, 16); | 991 } |
793 pContext->m_bIV = FALSE; | 992 m_Cipher = cipher; |
794 } | 993 m_KeyLen = keylen; |
795 FX_DWORD src_off = 0; | 994 FXSYS_memcpy(m_EncryptKey, key, keylen); |
796 FX_DWORD src_left = src_size; | 995 if (m_Cipher == FXCIPHER_AES) { |
797 while (1) { | 996 m_pAESContext = FX_Alloc(uint8_t, 2048); |
798 FX_DWORD copy_size = 16 - pContext->m_BlockOffset; | 997 } |
799 if (copy_size > src_left) { | 998 return TRUE; |
800 copy_size = src_left; | 999 } |
801 } | 1000 FX_BOOL CPDF_StandardCryptoHandler::DecryptStream(void* context, |
802 FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_
off, copy_size); | 1001 const uint8_t* src_buf, |
803 src_off += copy_size; | 1002 FX_DWORD src_size, |
804 src_left -= copy_size; | 1003 CFX_BinaryBuf& dest_buf) { |
805 pContext->m_BlockOffset += copy_size; | 1004 return CryptStream(context, src_buf, src_size, dest_buf, FALSE); |
806 if (pContext->m_BlockOffset == 16) { | 1005 } |
807 if (!bEncrypt && pContext->m_bIV) { | 1006 FX_BOOL CPDF_StandardCryptoHandler::DecryptFinish(void* context, |
808 CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); | 1007 CFX_BinaryBuf& dest_buf) { |
809 pContext->m_bIV = FALSE; | 1008 return CryptFinish(context, dest_buf, FALSE); |
810 pContext->m_BlockOffset = 0; | 1009 } |
811 } else if (src_off < src_size) { | 1010 FX_DWORD CPDF_StandardCryptoHandler::EncryptGetSize(FX_DWORD objnum, |
812 uint8_t block_buf[16]; | 1011 FX_DWORD version, |
813 if (bEncrypt) { | 1012 const uint8_t* src_buf, |
814 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m
_Block, 16); | 1013 FX_DWORD src_size) { |
815 } else { | 1014 if (m_Cipher == FXCIPHER_AES) { |
816 CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m
_Block, 16); | 1015 return src_size + 32; |
817 } | 1016 } |
818 dest_buf.AppendBlock(block_buf, 16); | 1017 return src_size; |
819 pContext->m_BlockOffset = 0; | 1018 } |
820 } | 1019 FX_BOOL CPDF_StandardCryptoHandler::EncryptContent(FX_DWORD objnum, |
821 } | 1020 FX_DWORD gennum, |
822 if (!src_left) { | 1021 const uint8_t* src_buf, |
823 break; | 1022 FX_DWORD src_size, |
824 } | 1023 uint8_t* dest_buf, |
825 } | 1024 FX_DWORD& dest_size) { |
826 return TRUE; | 1025 CryptBlock(TRUE, objnum, gennum, src_buf, src_size, dest_buf, dest_size); |
827 } | 1026 return TRUE; |
828 FX_BOOL CPDF_StandardCryptoHandler::CryptFinish(void* context, CFX_BinaryBuf& de
st_buf, FX_BOOL bEncrypt) | 1027 } |
829 { | 1028 void CPDF_CryptoHandler::Decrypt(FX_DWORD objnum, |
830 if (!context) { | 1029 FX_DWORD gennum, |
831 return FALSE; | 1030 CFX_ByteString& str) { |
832 } | 1031 CFX_BinaryBuf dest_buf; |
833 if (m_Cipher == FXCIPHER_NONE) { | 1032 void* context = DecryptStart(objnum, gennum); |
834 return TRUE; | 1033 DecryptStream(context, (const uint8_t*)str, str.GetLength(), dest_buf); |
835 } | 1034 DecryptFinish(context, dest_buf); |
836 if (m_Cipher == FXCIPHER_RC4) { | 1035 str = dest_buf; |
837 FX_Free(context); | 1036 } |
838 return TRUE; | 1037 CPDF_StandardCryptoHandler::CPDF_StandardCryptoHandler() { |
839 } | 1038 m_pAESContext = NULL; |
840 AESCryptContext* pContext = (AESCryptContext*)context; | 1039 m_Cipher = FXCIPHER_NONE; |
841 if (bEncrypt) { | 1040 m_KeyLen = 0; |
842 uint8_t block_buf[16]; | 1041 } |
843 if (pContext->m_BlockOffset == 16) { | 1042 CPDF_StandardCryptoHandler::~CPDF_StandardCryptoHandler() { |
844 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block,
16); | 1043 if (m_pAESContext) { |
845 dest_buf.AppendBlock(block_buf, 16); | 1044 FX_Free(m_pAESContext); |
846 pContext->m_BlockOffset = 0; | 1045 } |
847 } | 1046 } |
848 FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset, (uint8_t)(16 -
pContext->m_BlockOffset), 16 - pContext->m_BlockOffset); | |
849 CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); | |
850 dest_buf.AppendBlock(block_buf, 16); | |
851 } else if (pContext->m_BlockOffset == 16) { | |
852 uint8_t block_buf[16]; | |
853 CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); | |
854 if (block_buf[15] <= 16) { | |
855 dest_buf.AppendBlock(block_buf, 16 - block_buf[15]); | |
856 } | |
857 } | |
858 FX_Free(pContext); | |
859 return TRUE; | |
860 } | |
861 void* CPDF_StandardCryptoHandler::DecryptStart(FX_DWORD objnum, FX_DWORD gennum) | |
862 { | |
863 return CryptStart(objnum, gennum, FALSE); | |
864 } | |
865 FX_DWORD CPDF_StandardCryptoHandler::DecryptGetSize(FX_DWORD src_size) | |
866 { | |
867 return m_Cipher == FXCIPHER_AES ? src_size - 16 : src_size; | |
868 } | |
869 FX_BOOL CPDF_StandardCryptoHandler::Init(CPDF_Dictionary* pEncryptDict, CPDF_Sec
urityHandler* pSecurityHandler) | |
870 { | |
871 const uint8_t* key; | |
872 if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen)) { | |
873 return FALSE; | |
874 } | |
875 if (m_KeyLen > 32 || m_KeyLen < 0) { | |
876 return FALSE; | |
877 } | |
878 if (m_Cipher != FXCIPHER_NONE) { | |
879 FXSYS_memcpy(m_EncryptKey, key, m_KeyLen); | |
880 } | |
881 if (m_Cipher == FXCIPHER_AES) { | |
882 m_pAESContext = FX_Alloc(uint8_t, 2048); | |
883 } | |
884 return TRUE; | |
885 } | |
886 FX_BOOL CPDF_StandardCryptoHandler::Init(int cipher, const uint8_t* key, int key
len) | |
887 { | |
888 if (cipher == FXCIPHER_AES) { | |
889 switch(keylen) { | |
890 case 16: | |
891 case 24: | |
892 case 32: | |
893 break; | |
894 default: | |
895 return FALSE; | |
896 } | |
897 } else if (cipher == FXCIPHER_AES2) { | |
898 if (keylen != 32) { | |
899 return FALSE; | |
900 } | |
901 } else if (cipher == FXCIPHER_RC4) { | |
902 if (keylen < 5 || keylen > 16) { | |
903 return FALSE; | |
904 } | |
905 } else { | |
906 if (keylen > 32) { | |
907 keylen = 32; | |
908 } | |
909 } | |
910 m_Cipher = cipher; | |
911 m_KeyLen = keylen; | |
912 FXSYS_memcpy(m_EncryptKey, key, keylen); | |
913 if (m_Cipher == FXCIPHER_AES) { | |
914 m_pAESContext = FX_Alloc(uint8_t, 2048); | |
915 } | |
916 return TRUE; | |
917 } | |
918 FX_BOOL CPDF_StandardCryptoHandler::DecryptStream(void* context, const uint8_t*
src_buf, FX_DWORD src_size, | |
919 CFX_BinaryBuf& dest_buf) | |
920 { | |
921 return CryptStream(context, src_buf, src_size, dest_buf, FALSE); | |
922 } | |
923 FX_BOOL CPDF_StandardCryptoHandler::DecryptFinish(void* context, CFX_BinaryBuf&
dest_buf) | |
924 { | |
925 return CryptFinish(context, dest_buf, FALSE); | |
926 } | |
927 FX_DWORD CPDF_StandardCryptoHandler::EncryptGetSize(FX_DWORD objnum, FX_DWORD ve
rsion, const uint8_t* src_buf, FX_DWORD src_size) | |
928 { | |
929 if (m_Cipher == FXCIPHER_AES) { | |
930 return src_size + 32; | |
931 } | |
932 return src_size; | |
933 } | |
934 FX_BOOL CPDF_StandardCryptoHandler::EncryptContent(FX_DWORD objnum, FX_DWORD gen
num, const uint8_t* src_buf, FX_DWORD src_size, | |
935 uint8_t* dest_buf, FX_DWORD& dest_size) | |
936 { | |
937 CryptBlock(TRUE, objnum, gennum, src_buf, src_size, dest_buf, dest_size); | |
938 return TRUE; | |
939 } | |
940 void CPDF_CryptoHandler::Decrypt(FX_DWORD objnum, FX_DWORD gennum, CFX_ByteStrin
g& str) | |
941 { | |
942 CFX_BinaryBuf dest_buf; | |
943 void* context = DecryptStart(objnum, gennum); | |
944 DecryptStream(context, (const uint8_t*)str, str.GetLength(), dest_buf); | |
945 DecryptFinish(context, dest_buf); | |
946 str = dest_buf; | |
947 } | |
948 CPDF_StandardCryptoHandler::CPDF_StandardCryptoHandler() | |
949 { | |
950 m_pAESContext = NULL; | |
951 m_Cipher = FXCIPHER_NONE; | |
952 m_KeyLen = 0; | |
953 } | |
954 CPDF_StandardCryptoHandler::~CPDF_StandardCryptoHandler() | |
955 { | |
956 if (m_pAESContext) { | |
957 FX_Free(m_pAESContext); | |
958 } | |
959 } | |
OLD | NEW |