Index: core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp |
diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp |
index 9f356a47483d2fb658433dadaa15e15547ad0102..55e648a0543d4fc50c4756f5e61eafa83ff2c45f 100644 |
--- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp |
+++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp |
@@ -8,952 +8,1039 @@ |
#include "../../../include/fpdfapi/fpdf_parser.h" |
#include "../../../include/fdrm/fx_crypt.h" |
const uint8_t defpasscode[32] = { |
- 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, |
- 0x64, 0x00, 0x4e, 0x56, 0xff, 0xfa, 0x01, 0x08, |
- 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80, |
- 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a |
-}; |
-void CalcEncryptKey(CPDF_Dictionary* pEncrypt, const uint8_t* password, FX_DWORD pass_size, |
- uint8_t* key, int keylen, FX_BOOL bIgnoreMeta, CPDF_Array* pIdArray) |
-{ |
- int revision = pEncrypt->GetInteger(FX_BSTRC("R")); |
- uint8_t passcode[32]; |
- for (FX_DWORD i = 0; i < 32; i ++) { |
- passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
- } |
- uint8_t md5[100]; |
- CRYPT_MD5Start(md5); |
- CRYPT_MD5Update(md5, passcode, 32); |
- CFX_ByteString okey = pEncrypt->GetString(FX_BSTRC("O")); |
- CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
- FX_DWORD perm = pEncrypt->GetInteger(FX_BSTRC("P")); |
- CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
- if (pIdArray) { |
- CFX_ByteString id = pIdArray->GetString(0); |
- CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
- } |
- if (!bIgnoreMeta && revision >= 3 && !pEncrypt->GetInteger(FX_BSTRC("EncryptMetadata"), 1)) { |
- FX_DWORD tag = (FX_DWORD) - 1; |
- CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
- } |
- uint8_t digest[16]; |
- CRYPT_MD5Finish(md5, digest); |
- FX_DWORD copy_len = keylen; |
- if (copy_len > sizeof(digest)) { |
- copy_len = sizeof(digest); |
- } |
- if (revision >= 3) { |
- for (int i = 0; i < 50; i ++) { |
- CRYPT_MD5Generate(digest, copy_len, digest); |
- } |
- } |
- FXSYS_memset(key, 0, keylen); |
- FXSYS_memcpy(key, digest, copy_len); |
+ 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, |
+ 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
+ 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; |
+void CalcEncryptKey(CPDF_Dictionary* pEncrypt, |
+ const uint8_t* password, |
+ FX_DWORD pass_size, |
+ uint8_t* key, |
+ int keylen, |
+ FX_BOOL bIgnoreMeta, |
+ CPDF_Array* pIdArray) { |
+ int revision = pEncrypt->GetInteger(FX_BSTRC("R")); |
+ uint8_t passcode[32]; |
+ for (FX_DWORD i = 0; i < 32; i++) { |
+ passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
+ } |
+ uint8_t md5[100]; |
+ CRYPT_MD5Start(md5); |
+ CRYPT_MD5Update(md5, passcode, 32); |
+ CFX_ByteString okey = pEncrypt->GetString(FX_BSTRC("O")); |
+ CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
+ FX_DWORD perm = pEncrypt->GetInteger(FX_BSTRC("P")); |
+ CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
+ if (pIdArray) { |
+ CFX_ByteString id = pIdArray->GetString(0); |
+ CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
+ } |
+ if (!bIgnoreMeta && revision >= 3 && |
+ !pEncrypt->GetInteger(FX_BSTRC("EncryptMetadata"), 1)) { |
+ FX_DWORD tag = (FX_DWORD)-1; |
+ CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
+ } |
+ uint8_t digest[16]; |
+ CRYPT_MD5Finish(md5, digest); |
+ FX_DWORD copy_len = keylen; |
+ if (copy_len > sizeof(digest)) { |
+ copy_len = sizeof(digest); |
+ } |
+ if (revision >= 3) { |
+ for (int i = 0; i < 50; i++) { |
+ CRYPT_MD5Generate(digest, copy_len, digest); |
+ } |
+ } |
+ FXSYS_memset(key, 0, keylen); |
+ FXSYS_memcpy(key, digest, copy_len); |
} |
-CPDF_CryptoHandler* CPDF_StandardSecurityHandler::CreateCryptoHandler() |
-{ |
- return new CPDF_StandardCryptoHandler; |
+CPDF_CryptoHandler* CPDF_StandardSecurityHandler::CreateCryptoHandler() { |
+ return new CPDF_StandardCryptoHandler; |
} |
-typedef struct _PDF_CRYPTOITEM { |
- int32_t m_Cipher; |
- int32_t m_KeyLen; |
- FX_BOOL m_bChecked; |
- CPDF_StandardCryptoHandler* m_pCryptoHandler; |
+typedef struct _PDF_CRYPTOITEM { |
+ int32_t m_Cipher; |
+ int32_t m_KeyLen; |
+ FX_BOOL m_bChecked; |
+ CPDF_StandardCryptoHandler* m_pCryptoHandler; |
} PDF_CRYPTOITEM; |
-CPDF_StandardSecurityHandler::CPDF_StandardSecurityHandler() |
-{ |
- m_Version = 0; |
- m_Revision = 0; |
- m_pParser = NULL; |
- m_pEncryptDict = NULL; |
- m_bOwner = FALSE; |
- m_Permissions = 0; |
- m_Cipher = FXCIPHER_NONE; |
- m_KeyLen = 0; |
-} |
-CPDF_StandardSecurityHandler::~CPDF_StandardSecurityHandler() |
-{ |
-} |
-FX_BOOL CPDF_StandardSecurityHandler::OnInit(CPDF_Parser* pParser, CPDF_Dictionary* pEncryptDict) |
-{ |
- m_pParser = pParser; |
- if (!LoadDict(pEncryptDict)) { |
- return FALSE; |
- } |
- if (m_Cipher == FXCIPHER_NONE) { |
- return TRUE; |
- } |
- return CheckSecurity(m_KeyLen); |
+CPDF_StandardSecurityHandler::CPDF_StandardSecurityHandler() { |
+ m_Version = 0; |
+ m_Revision = 0; |
+ m_pParser = NULL; |
+ m_pEncryptDict = NULL; |
+ m_bOwner = FALSE; |
+ m_Permissions = 0; |
+ m_Cipher = FXCIPHER_NONE; |
+ m_KeyLen = 0; |
} |
-FX_BOOL CPDF_StandardSecurityHandler::CheckSecurity(int32_t key_len) |
-{ |
- CFX_ByteString password = m_pParser->GetPassword(); |
- if (CheckPassword(password, password.GetLength(), TRUE, m_EncryptKey, key_len)) { |
- if (password.IsEmpty()) { |
- if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, key_len)) { |
- return FALSE; |
- } |
- } |
- m_bOwner = TRUE; |
- return TRUE; |
- } |
- return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, key_len); |
-} |
-FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() |
-{ |
- return m_Permissions; |
-} |
-static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, const CFX_ByteStringC& name, int& cipher, int& keylen) |
-{ |
- int Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
- cipher = FXCIPHER_RC4; |
- keylen = 0; |
- if (Version >= 4) { |
- CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDict(FX_BSTRC("CF")); |
- if (pCryptFilters == NULL) { |
- return FALSE; |
- } |
- if (name == FX_BSTRC("Identity")) { |
- cipher = FXCIPHER_NONE; |
- } else { |
- CPDF_Dictionary* pDefFilter = pCryptFilters->GetDict(name); |
- if (pDefFilter == NULL) { |
- return FALSE; |
- } |
- int nKeyBits = 0; |
- if (Version == 4) { |
- nKeyBits = pDefFilter->GetInteger(FX_BSTRC("Length"), 0); |
- if (nKeyBits == 0) { |
- nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 128); |
- } |
- } else { |
- nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 256); |
- } |
- if (nKeyBits < 40) { |
- nKeyBits *= 8; |
- } |
- keylen = nKeyBits / 8; |
- CFX_ByteString cipher_name = pDefFilter->GetString(FX_BSTRC("CFM")); |
- if (cipher_name == FX_BSTRC("AESV2") || cipher_name == FX_BSTRC("AESV3")) { |
- cipher = FXCIPHER_AES; |
- } |
- } |
- } else { |
- keylen = Version > 1 ? pEncryptDict->GetInteger(FX_BSTRC("Length"), 40) / 8 : 5; |
- } |
- if (keylen > 32 || keylen < 0) { |
- return FALSE; |
- } |
+CPDF_StandardSecurityHandler::~CPDF_StandardSecurityHandler() {} |
+FX_BOOL CPDF_StandardSecurityHandler::OnInit(CPDF_Parser* pParser, |
+ CPDF_Dictionary* pEncryptDict) { |
+ m_pParser = pParser; |
+ if (!LoadDict(pEncryptDict)) { |
+ return FALSE; |
+ } |
+ if (m_Cipher == FXCIPHER_NONE) { |
return TRUE; |
+ } |
+ return CheckSecurity(m_KeyLen); |
} |
-FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) |
-{ |
- m_pEncryptDict = pEncryptDict; |
- m_bOwner = FALSE; |
- m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
- m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
- m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
- if (m_Version < 4) { |
- return _LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen); |
- } |
- CFX_ByteString stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
- CFX_ByteString strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
- if (stmf_name != strf_name) { |
- return FALSE; |
- } |
- if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { |
+FX_BOOL CPDF_StandardSecurityHandler::CheckSecurity(int32_t key_len) { |
+ CFX_ByteString password = m_pParser->GetPassword(); |
+ if (CheckPassword(password, password.GetLength(), TRUE, m_EncryptKey, |
+ key_len)) { |
+ if (password.IsEmpty()) { |
+ if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
+ key_len)) { |
return FALSE; |
+ } |
} |
+ m_bOwner = TRUE; |
return TRUE; |
+ } |
+ return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
+ key_len); |
} |
-FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, FX_DWORD type, int& cipher, int& key_len) |
-{ |
- m_pEncryptDict = pEncryptDict; |
- m_bOwner = FALSE; |
- m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
- m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
- m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
- CFX_ByteString strf_name, stmf_name; |
- if (m_Version >= 4) { |
- stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
- strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
- if (stmf_name != strf_name) { |
- return FALSE; |
- } |
- } |
- if (!_LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) { |
+FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() { |
+ return m_Permissions; |
+} |
+static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
+ const CFX_ByteStringC& name, |
+ int& cipher, |
+ int& keylen) { |
+ int Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
+ cipher = FXCIPHER_RC4; |
+ keylen = 0; |
+ if (Version >= 4) { |
+ CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDict(FX_BSTRC("CF")); |
+ if (pCryptFilters == NULL) { |
+ return FALSE; |
+ } |
+ if (name == FX_BSTRC("Identity")) { |
+ cipher = FXCIPHER_NONE; |
+ } else { |
+ CPDF_Dictionary* pDefFilter = pCryptFilters->GetDict(name); |
+ if (pDefFilter == NULL) { |
return FALSE; |
+ } |
+ int nKeyBits = 0; |
+ if (Version == 4) { |
+ nKeyBits = pDefFilter->GetInteger(FX_BSTRC("Length"), 0); |
+ if (nKeyBits == 0) { |
+ nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 128); |
+ } |
+ } else { |
+ nKeyBits = pEncryptDict->GetInteger(FX_BSTRC("Length"), 256); |
+ } |
+ if (nKeyBits < 40) { |
+ nKeyBits *= 8; |
+ } |
+ keylen = nKeyBits / 8; |
+ CFX_ByteString cipher_name = pDefFilter->GetString(FX_BSTRC("CFM")); |
+ if (cipher_name == FX_BSTRC("AESV2") || |
+ cipher_name == FX_BSTRC("AESV3")) { |
+ cipher = FXCIPHER_AES; |
+ } |
+ } |
+ } else { |
+ keylen = |
+ Version > 1 ? pEncryptDict->GetInteger(FX_BSTRC("Length"), 40) / 8 : 5; |
+ } |
+ if (keylen > 32 || keylen < 0) { |
+ return FALSE; |
+ } |
+ return TRUE; |
+} |
+FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { |
+ m_pEncryptDict = pEncryptDict; |
+ m_bOwner = FALSE; |
+ m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
+ m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
+ m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
+ if (m_Version < 4) { |
+ return _LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen); |
+ } |
+ CFX_ByteString stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
+ CFX_ByteString strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
+ if (stmf_name != strf_name) { |
+ return FALSE; |
+ } |
+ if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { |
+ return FALSE; |
+ } |
+ return TRUE; |
+} |
+FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
+ FX_DWORD type, |
+ int& cipher, |
+ int& key_len) { |
+ m_pEncryptDict = pEncryptDict; |
+ m_bOwner = FALSE; |
+ m_Version = pEncryptDict->GetInteger(FX_BSTRC("V")); |
+ m_Revision = pEncryptDict->GetInteger(FX_BSTRC("R")); |
+ m_Permissions = pEncryptDict->GetInteger(FX_BSTRC("P"), -1); |
+ CFX_ByteString strf_name, stmf_name; |
+ if (m_Version >= 4) { |
+ stmf_name = pEncryptDict->GetString(FX_BSTRC("StmF")); |
+ strf_name = pEncryptDict->GetString(FX_BSTRC("StrF")); |
+ if (stmf_name != strf_name) { |
+ return FALSE; |
} |
- m_Cipher = cipher; |
- m_KeyLen = key_len; |
- return TRUE; |
- return TRUE; |
+ } |
+ if (!_LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) { |
+ return FALSE; |
+ } |
+ m_Cipher = cipher; |
+ m_KeyLen = key_len; |
+ return TRUE; |
+ return TRUE; |
} |
-FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, const uint8_t*& buffer, int& keylen) |
-{ |
- cipher = m_Cipher; |
- buffer = m_EncryptKey; |
- keylen = m_KeyLen; |
- return TRUE; |
+FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, |
+ const uint8_t*& buffer, |
+ int& keylen) { |
+ cipher = m_Cipher; |
+ buffer = m_EncryptKey; |
+ keylen = m_KeyLen; |
+ return TRUE; |
} |
-#define FX_GET_32WORD(n,b,i) \ |
- { \ |
- (n) = (FX_DWORD)(( (uint64_t) (b)[(i)] << 24 ) \ |
- | ( (uint64_t) (b)[(i) + 1] << 16 ) \ |
- | ( (uint64_t) (b)[(i) + 2] << 8 ) \ |
- | ( (uint64_t) (b)[(i) + 3] )); \ |
- } |
-int BigOrder64BitsMod3(uint8_t* data) |
-{ |
- uint64_t ret = 0; |
- for (int i = 0; i < 4; ++i) { |
- FX_DWORD value; |
- FX_GET_32WORD(value, data, 4 * i); |
- ret <<= 32; |
- ret |= value; |
- ret %= 3; |
- } |
- return (int)ret; |
-} |
-void Revision6_Hash(const uint8_t* password, FX_DWORD size, const uint8_t* salt, const uint8_t* vector, uint8_t* hash) |
-{ |
- int iBlockSize = 32; |
- uint8_t sha[128]; |
+#define FX_GET_32WORD(n, b, i) \ |
+ { \ |
+ (n) = (FX_DWORD)( \ |
+ ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ |
+ ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ |
+ } |
+int BigOrder64BitsMod3(uint8_t* data) { |
+ uint64_t ret = 0; |
+ for (int i = 0; i < 4; ++i) { |
+ FX_DWORD value; |
+ FX_GET_32WORD(value, data, 4 * i); |
+ ret <<= 32; |
+ ret |= value; |
+ ret %= 3; |
+ } |
+ return (int)ret; |
+} |
+void Revision6_Hash(const uint8_t* password, |
+ FX_DWORD size, |
+ const uint8_t* salt, |
+ const uint8_t* vector, |
+ uint8_t* hash) { |
+ int iBlockSize = 32; |
+ uint8_t sha[128]; |
+ CRYPT_SHA256Start(sha); |
+ CRYPT_SHA256Update(sha, password, size); |
+ CRYPT_SHA256Update(sha, salt, 8); |
+ if (vector) { |
+ CRYPT_SHA256Update(sha, vector, 48); |
+ } |
+ uint8_t digest[32]; |
+ CRYPT_SHA256Finish(sha, digest); |
+ CFX_ByteTextBuf buf; |
+ uint8_t* input = digest; |
+ uint8_t* key = input; |
+ uint8_t* iv = input + 16; |
+ uint8_t* E = buf.GetBuffer(); |
+ int iBufLen = buf.GetLength(); |
+ CFX_ByteTextBuf interDigest; |
+ int i = 0; |
+ uint8_t* aes = FX_Alloc(uint8_t, 2048); |
+ while (i < 64 || i < E[iBufLen - 1] + 32) { |
+ int iRoundSize = size + iBlockSize; |
+ if (vector) { |
+ iRoundSize += 48; |
+ } |
+ iBufLen = iRoundSize * 64; |
+ buf.EstimateSize(iBufLen); |
+ E = buf.GetBuffer(); |
+ CFX_ByteTextBuf content; |
+ for (int j = 0; j < 64; ++j) { |
+ content.AppendBlock(password, size); |
+ content.AppendBlock(input, iBlockSize); |
+ if (vector) { |
+ content.AppendBlock(vector, 48); |
+ } |
+ } |
+ CRYPT_AESSetKey(aes, 16, key, 16, TRUE); |
+ CRYPT_AESSetIV(aes, iv); |
+ CRYPT_AESEncrypt(aes, E, content.GetBuffer(), iBufLen); |
+ int iHash = 0; |
+ switch (BigOrder64BitsMod3(E)) { |
+ case 0: |
+ iHash = 0; |
+ iBlockSize = 32; |
+ break; |
+ case 1: |
+ iHash = 1; |
+ iBlockSize = 48; |
+ break; |
+ default: |
+ iHash = 2; |
+ iBlockSize = 64; |
+ break; |
+ } |
+ interDigest.EstimateSize(iBlockSize); |
+ input = interDigest.GetBuffer(); |
+ if (iHash == 0) { |
+ CRYPT_SHA256Generate(E, iBufLen, input); |
+ } else if (iHash == 1) { |
+ CRYPT_SHA384Generate(E, iBufLen, input); |
+ } else if (iHash == 2) { |
+ CRYPT_SHA512Generate(E, iBufLen, input); |
+ } |
+ key = input; |
+ iv = input + 16; |
+ ++i; |
+ } |
+ FX_Free(aes); |
+ if (hash) { |
+ FXSYS_memcpy(hash, input, 32); |
+ } |
+} |
+FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( |
+ const uint8_t* password, |
+ FX_DWORD size, |
+ FX_BOOL bOwner, |
+ uint8_t* key) { |
+ CFX_ByteString okey = m_pEncryptDict |
+ ? m_pEncryptDict->GetString(FX_BSTRC("O")) |
+ : CFX_ByteString(); |
+ if (okey.GetLength() < 48) { |
+ return FALSE; |
+ } |
+ CFX_ByteString ukey = m_pEncryptDict |
+ ? m_pEncryptDict->GetString(FX_BSTRC("U")) |
+ : CFX_ByteString(); |
+ if (ukey.GetLength() < 48) { |
+ return FALSE; |
+ } |
+ const uint8_t* pkey = bOwner ? (const uint8_t*)okey : (const uint8_t*)ukey; |
+ uint8_t sha[128]; |
+ uint8_t digest[32]; |
+ if (m_Revision >= 6) { |
+ Revision6_Hash(password, size, (const uint8_t*)pkey + 32, |
+ (bOwner ? (const uint8_t*)ukey : NULL), digest); |
+ } else { |
CRYPT_SHA256Start(sha); |
CRYPT_SHA256Update(sha, password, size); |
- CRYPT_SHA256Update(sha, salt, 8); |
- if (vector) { |
- CRYPT_SHA256Update(sha, vector, 48); |
+ CRYPT_SHA256Update(sha, pkey + 32, 8); |
+ if (bOwner) { |
+ CRYPT_SHA256Update(sha, ukey, 48); |
} |
- uint8_t digest[32]; |
CRYPT_SHA256Finish(sha, digest); |
- CFX_ByteTextBuf buf; |
- uint8_t* input = digest; |
- uint8_t* key = input; |
- uint8_t* iv = input + 16; |
- uint8_t* E = buf.GetBuffer(); |
- int iBufLen = buf.GetLength(); |
- CFX_ByteTextBuf interDigest; |
- int i = 0; |
- uint8_t* aes = FX_Alloc(uint8_t, 2048); |
- while (i < 64 || i < E[iBufLen - 1] + 32) { |
- int iRoundSize = size + iBlockSize; |
- if (vector) { |
- iRoundSize += 48; |
- } |
- iBufLen = iRoundSize * 64; |
- buf.EstimateSize(iBufLen); |
- E = buf.GetBuffer(); |
- CFX_ByteTextBuf content; |
- for (int j = 0; j < 64; ++j) { |
- content.AppendBlock(password, size); |
- content.AppendBlock(input, iBlockSize); |
- if (vector) { |
- content.AppendBlock(vector, 48); |
- } |
- } |
- CRYPT_AESSetKey(aes, 16, key, 16, TRUE); |
- CRYPT_AESSetIV(aes, iv); |
- CRYPT_AESEncrypt(aes, E, content.GetBuffer(), iBufLen); |
- int iHash = 0; |
- switch (BigOrder64BitsMod3(E)) { |
- case 0: |
- iHash = 0; |
- iBlockSize = 32; |
- break; |
- case 1: |
- iHash = 1; |
- iBlockSize = 48; |
- break; |
- default: |
- iHash = 2; |
- iBlockSize = 64; |
- break; |
- } |
- interDigest.EstimateSize(iBlockSize); |
- input = interDigest.GetBuffer(); |
- if (iHash == 0) { |
- CRYPT_SHA256Generate(E, iBufLen, input); |
- } else if (iHash == 1) { |
- CRYPT_SHA384Generate(E, iBufLen, input); |
- } else if (iHash == 2) { |
- CRYPT_SHA512Generate(E, iBufLen, input); |
- } |
- key = input; |
- iv = input + 16; |
- ++i; |
- } |
- FX_Free(aes); |
- if (hash) { |
- FXSYS_memcpy(hash, input, 32); |
+ } |
+ if (FXSYS_memcmp(digest, pkey, 32) != 0) { |
+ return FALSE; |
+ } |
+ if (key == NULL) { |
+ return TRUE; |
+ } |
+ if (m_Revision >= 6) { |
+ Revision6_Hash(password, size, (const uint8_t*)pkey + 40, |
+ (bOwner ? (const uint8_t*)ukey : NULL), digest); |
+ } else { |
+ CRYPT_SHA256Start(sha); |
+ CRYPT_SHA256Update(sha, password, size); |
+ CRYPT_SHA256Update(sha, pkey + 40, 8); |
+ if (bOwner) { |
+ CRYPT_SHA256Update(sha, ukey, 48); |
} |
+ CRYPT_SHA256Finish(sha, digest); |
+ } |
+ CFX_ByteString ekey = |
+ m_pEncryptDict |
+ ? m_pEncryptDict->GetString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE")) |
+ : CFX_ByteString(); |
+ if (ekey.GetLength() < 32) { |
+ return FALSE; |
+ } |
+ uint8_t* aes = FX_Alloc(uint8_t, 2048); |
+ CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); |
+ uint8_t iv[16]; |
+ FXSYS_memset(iv, 0, 16); |
+ CRYPT_AESSetIV(aes, iv); |
+ CRYPT_AESDecrypt(aes, key, ekey, 32); |
+ CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
+ CRYPT_AESSetIV(aes, iv); |
+ CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms")); |
+ if (perms.IsEmpty()) { |
+ return FALSE; |
+ } |
+ uint8_t perms_buf[16]; |
+ FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
+ FX_DWORD copy_len = sizeof(perms_buf); |
+ if (copy_len > (FX_DWORD)perms.GetLength()) { |
+ copy_len = perms.GetLength(); |
+ } |
+ FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); |
+ uint8_t buf[16]; |
+ CRYPT_AESDecrypt(aes, buf, perms_buf, 16); |
+ FX_Free(aes); |
+ if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { |
+ return FALSE; |
+ } |
+ if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
+ return FALSE; |
+ } |
+ if ((buf[8] == 'T' && !IsMetadataEncrypted()) || |
+ (buf[8] == 'F' && IsMetadataEncrypted())) { |
+ return FALSE; |
+ } |
+ return TRUE; |
} |
-FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword(const uint8_t* password, FX_DWORD size, |
- FX_BOOL bOwner, uint8_t* key) |
-{ |
- CFX_ByteString okey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("O")) : CFX_ByteString(); |
- if (okey.GetLength() < 48) { |
- return FALSE; |
- } |
- CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U")) : CFX_ByteString(); |
- if (ukey.GetLength() < 48) { |
- return FALSE; |
- } |
- const uint8_t* pkey = bOwner ? (const uint8_t*)okey : (const uint8_t*)ukey; |
- uint8_t sha[128]; |
- uint8_t digest[32]; |
- if (m_Revision >= 6) { |
- Revision6_Hash(password, size, (const uint8_t*)pkey + 32, (bOwner ? (const uint8_t*)ukey : NULL), digest); |
- } else { |
- CRYPT_SHA256Start(sha); |
- CRYPT_SHA256Update(sha, password, size); |
- CRYPT_SHA256Update(sha, pkey + 32, 8); |
- if (bOwner) { |
- CRYPT_SHA256Update(sha, ukey, 48); |
- } |
- CRYPT_SHA256Finish(sha, digest); |
- } |
- if (FXSYS_memcmp(digest, pkey, 32) != 0) { |
- return FALSE; |
- } |
- if (key == NULL) { |
- return TRUE; |
- } |
- if (m_Revision >= 6) { |
- Revision6_Hash(password, size, (const uint8_t*)pkey + 40, (bOwner ? (const uint8_t*)ukey : NULL), digest); |
- } else { |
- CRYPT_SHA256Start(sha); |
- CRYPT_SHA256Update(sha, password, size); |
- CRYPT_SHA256Update(sha, pkey + 40, 8); |
- if (bOwner) { |
- CRYPT_SHA256Update(sha, ukey, 48); |
- } |
- CRYPT_SHA256Finish(sha, digest); |
- } |
- CFX_ByteString ekey = m_pEncryptDict ? m_pEncryptDict->GetString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE")) : CFX_ByteString(); |
- if (ekey.GetLength() < 32) { |
- return FALSE; |
- } |
- uint8_t* aes = FX_Alloc(uint8_t, 2048); |
- CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); |
- uint8_t iv[16]; |
- FXSYS_memset(iv, 0, 16); |
- CRYPT_AESSetIV(aes, iv); |
- CRYPT_AESDecrypt(aes, key, ekey, 32); |
- CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
- CRYPT_AESSetIV(aes, iv); |
- CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms")); |
- if (perms.IsEmpty()) { |
- return FALSE; |
- } |
- uint8_t perms_buf[16]; |
- FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
- FX_DWORD copy_len = sizeof(perms_buf); |
- if (copy_len > (FX_DWORD)perms.GetLength()) { |
- copy_len = perms.GetLength(); |
- } |
- FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); |
- uint8_t buf[16]; |
- CRYPT_AESDecrypt(aes, buf, perms_buf, 16); |
- FX_Free(aes); |
- if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { |
- return FALSE; |
- } |
- if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
- return FALSE; |
+int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
+ FX_DWORD pass_size, |
+ FX_BOOL bOwner, |
+ uint8_t* key) { |
+ return CheckPassword(password, pass_size, bOwner, key, m_KeyLen); |
+} |
+int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
+ FX_DWORD size, |
+ FX_BOOL bOwner, |
+ uint8_t* key, |
+ int32_t key_len) { |
+ if (m_Revision >= 5) { |
+ return AES256_CheckPassword(password, size, bOwner, key); |
+ } |
+ uint8_t keybuf[32]; |
+ if (key == NULL) { |
+ key = keybuf; |
+ } |
+ if (bOwner) { |
+ return CheckOwnerPassword(password, size, key, key_len); |
+ } |
+ return CheckUserPassword(password, size, FALSE, key, key_len) || |
+ CheckUserPassword(password, size, TRUE, key, key_len); |
+} |
+FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( |
+ const uint8_t* password, |
+ FX_DWORD pass_size, |
+ FX_BOOL bIgnoreEncryptMeta, |
+ uint8_t* key, |
+ int32_t key_len) { |
+ CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
+ bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
+ CFX_ByteString ukey = m_pEncryptDict |
+ ? m_pEncryptDict->GetString(FX_BSTRC("U")) |
+ : CFX_ByteString(); |
+ if (ukey.GetLength() < 16) { |
+ return FALSE; |
+ } |
+ uint8_t ukeybuf[32]; |
+ if (m_Revision == 2) { |
+ FXSYS_memcpy(ukeybuf, defpasscode, 32); |
+ CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
+ } else { |
+ uint8_t test[32], tmpkey[32]; |
+ FX_DWORD copy_len = sizeof(test); |
+ if (copy_len > (FX_DWORD)ukey.GetLength()) { |
+ copy_len = ukey.GetLength(); |
+ } |
+ FXSYS_memset(test, 0, sizeof(test)); |
+ FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); |
+ FXSYS_memcpy(test, ukey.c_str(), copy_len); |
+ for (int i = 19; i >= 0; i--) { |
+ for (int j = 0; j < key_len; j++) { |
+ tmpkey[j] = key[j] ^ i; |
+ } |
+ CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); |
} |
- if ((buf[8] == 'T' && !IsMetadataEncrypted()) || (buf[8] == 'F' && IsMetadataEncrypted())) { |
- return FALSE; |
+ uint8_t md5[100]; |
+ CRYPT_MD5Start(md5); |
+ CRYPT_MD5Update(md5, defpasscode, 32); |
+ CPDF_Array* pIdArray = m_pParser->GetIDArray(); |
+ if (pIdArray) { |
+ CFX_ByteString id = pIdArray->GetString(0); |
+ CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
} |
+ CRYPT_MD5Finish(md5, ukeybuf); |
+ return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
+ } |
+ if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
return TRUE; |
+ } |
+ return FALSE; |
} |
-int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, FX_DWORD pass_size, FX_BOOL bOwner, uint8_t* key) |
-{ |
- return CheckPassword(password, pass_size, bOwner, key, m_KeyLen); |
+CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
+ const uint8_t* owner_pass, |
+ FX_DWORD pass_size) { |
+ return GetUserPassword(owner_pass, pass_size, m_KeyLen); |
} |
-int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, FX_DWORD size, FX_BOOL bOwner, uint8_t* key, int32_t key_len) |
-{ |
- if (m_Revision >= 5) { |
- return AES256_CheckPassword(password, size, bOwner, key); |
- } |
- uint8_t keybuf[32]; |
- if (key == NULL) { |
- key = keybuf; |
- } |
- if (bOwner) { |
- return CheckOwnerPassword(password, size, key, key_len); |
- } |
- return CheckUserPassword(password, size, FALSE, key, key_len) || CheckUserPassword(password, size, TRUE, key, key_len); |
+CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
+ const uint8_t* owner_pass, |
+ FX_DWORD pass_size, |
+ int32_t key_len) { |
+ CFX_ByteString okey = m_pEncryptDict->GetString(FX_BSTRC("O")); |
+ uint8_t passcode[32]; |
+ FX_DWORD i; |
+ for (i = 0; i < 32; i++) { |
+ passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
+ } |
+ uint8_t digest[16]; |
+ CRYPT_MD5Generate(passcode, 32, digest); |
+ if (m_Revision >= 3) { |
+ for (int i = 0; i < 50; i++) { |
+ CRYPT_MD5Generate(digest, 16, digest); |
+ } |
+ } |
+ uint8_t enckey[32]; |
+ FXSYS_memset(enckey, 0, sizeof(enckey)); |
+ FX_DWORD copy_len = key_len; |
+ if (copy_len > sizeof(digest)) { |
+ copy_len = sizeof(digest); |
+ } |
+ FXSYS_memcpy(enckey, digest, copy_len); |
+ int okeylen = okey.GetLength(); |
+ if (okeylen > 32) { |
+ okeylen = 32; |
+ } |
+ uint8_t okeybuf[64]; |
+ FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); |
+ FXSYS_memcpy(okeybuf, okey.c_str(), okeylen); |
+ if (m_Revision == 2) { |
+ CRYPT_ArcFourCryptBlock(okeybuf, okeylen, enckey, key_len); |
+ } else { |
+ for (int i = 19; i >= 0; i--) { |
+ uint8_t tempkey[32]; |
+ FXSYS_memset(tempkey, 0, sizeof(tempkey)); |
+ for (int j = 0; j < m_KeyLen; j++) { |
+ tempkey[j] = enckey[j] ^ i; |
+ } |
+ CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); |
+ } |
+ } |
+ int len = 32; |
+ while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
+ len--; |
+ } |
+ return CFX_ByteString(okeybuf, len); |
} |
-FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword(const uint8_t* password, FX_DWORD pass_size, |
- FX_BOOL bIgnoreEncryptMeta, uint8_t* key, int32_t key_len) |
-{ |
- CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, bIgnoreEncryptMeta, |
- m_pParser->GetIDArray()); |
- CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U")) : CFX_ByteString(); |
- if (ukey.GetLength() < 16) { |
- return FALSE; |
- } |
- uint8_t ukeybuf[32]; |
- if (m_Revision == 2) { |
- FXSYS_memcpy(ukeybuf, defpasscode, 32); |
- CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
- } else { |
- uint8_t test[32], tmpkey[32]; |
- FX_DWORD copy_len = sizeof(test); |
- if (copy_len > (FX_DWORD)ukey.GetLength()) { |
- copy_len = ukey.GetLength(); |
- } |
- FXSYS_memset(test, 0, sizeof(test)); |
- FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); |
- FXSYS_memcpy(test, ukey.c_str(), copy_len); |
- for (int i = 19; i >= 0; i --) { |
- for (int j = 0; j < key_len; j ++) { |
- tmpkey[j] = key[j] ^ i; |
- } |
- CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); |
- } |
- uint8_t md5[100]; |
- CRYPT_MD5Start(md5); |
- CRYPT_MD5Update(md5, defpasscode, 32); |
- CPDF_Array* pIdArray = m_pParser->GetIDArray(); |
- if (pIdArray) { |
- CFX_ByteString id = pIdArray->GetString(0); |
- CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
- } |
- CRYPT_MD5Finish(md5, ukeybuf); |
- return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
- } |
- if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
- return TRUE; |
- } |
- return FALSE; |
+FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( |
+ const uint8_t* password, |
+ FX_DWORD pass_size, |
+ uint8_t* key, |
+ int32_t key_len) { |
+ CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
+ if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, |
+ key_len)) { |
+ return TRUE; |
+ } |
+ return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, |
+ key_len); |
} |
-CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(const uint8_t* owner_pass, FX_DWORD pass_size) |
-{ |
- return GetUserPassword(owner_pass, pass_size, m_KeyLen); |
+FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { |
+ return m_pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE); |
} |
-CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(const uint8_t* owner_pass, FX_DWORD pass_size, int32_t key_len) |
-{ |
- CFX_ByteString okey = m_pEncryptDict->GetString(FX_BSTRC("O")); |
+CPDF_SecurityHandler* FPDF_CreateStandardSecurityHandler() { |
+ return new CPDF_StandardSecurityHandler; |
+} |
+void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
+ CPDF_Array* pIdArray, |
+ const uint8_t* user_pass, |
+ FX_DWORD user_size, |
+ const uint8_t* owner_pass, |
+ FX_DWORD owner_size, |
+ FX_BOOL bDefault, |
+ FX_DWORD type) { |
+ int cipher = 0, key_len = 0; |
+ if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
+ return; |
+ } |
+ if (bDefault && (owner_pass == NULL || owner_size == 0)) { |
+ owner_pass = user_pass; |
+ owner_size = user_size; |
+ } |
+ if (m_Revision >= 5) { |
+ int t = (int)time(NULL); |
+ uint8_t sha[128]; |
+ CRYPT_SHA256Start(sha); |
+ CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
+ CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
+ CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
+ CRYPT_SHA256Finish(sha, m_EncryptKey); |
+ AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
+ if (bDefault) { |
+ AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, |
+ m_EncryptKey); |
+ AES256_SetPerms( |
+ pEncryptDict, m_Permissions, |
+ pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE), |
+ m_EncryptKey); |
+ } |
+ return; |
+ } |
+ if (bDefault) { |
uint8_t passcode[32]; |
FX_DWORD i; |
- for (i = 0; i < 32; i ++) { |
- passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
+ for (i = 0; i < 32; i++) { |
+ passcode[i] = |
+ i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
} |
uint8_t digest[16]; |
CRYPT_MD5Generate(passcode, 32, digest); |
if (m_Revision >= 3) { |
- for (int i = 0; i < 50; i ++) { |
- CRYPT_MD5Generate(digest, 16, digest); |
- } |
+ for (int i = 0; i < 50; i++) { |
+ CRYPT_MD5Generate(digest, 16, digest); |
+ } |
} |
uint8_t enckey[32]; |
- FXSYS_memset(enckey, 0, sizeof(enckey)); |
- FX_DWORD copy_len = key_len; |
- if (copy_len > sizeof(digest)) { |
- copy_len = sizeof(digest); |
- } |
- FXSYS_memcpy(enckey, digest, copy_len); |
- int okeylen = okey.GetLength(); |
- if (okeylen > 32) { |
- okeylen = 32; |
- } |
- uint8_t okeybuf[64]; |
- FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); |
- FXSYS_memcpy(okeybuf, okey.c_str(), okeylen); |
- if (m_Revision == 2) { |
- CRYPT_ArcFourCryptBlock(okeybuf, okeylen, enckey, key_len); |
- } else { |
- for (int i = 19; i >= 0; i --) { |
- uint8_t tempkey[32]; |
- FXSYS_memset(tempkey, 0, sizeof(tempkey)); |
- for (int j = 0; j < m_KeyLen; j ++) { |
- tempkey[j] = enckey[j] ^ i; |
- } |
- CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); |
- } |
+ FXSYS_memcpy(enckey, digest, key_len); |
+ for (i = 0; i < 32; i++) { |
+ passcode[i] = i < user_size ? user_pass[i] : defpasscode[i - user_size]; |
} |
- int len = 32; |
- while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
- len --; |
- } |
- return CFX_ByteString(okeybuf, len); |
-} |
-FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword(const uint8_t* password, FX_DWORD pass_size, |
- uint8_t* key, int32_t key_len) |
-{ |
- CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
- if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, key_len)) { |
- return TRUE; |
- } |
- return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, key_len); |
-} |
-FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() |
-{ |
- return m_pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE); |
-} |
-CPDF_SecurityHandler* FPDF_CreateStandardSecurityHandler() |
-{ |
- return new CPDF_StandardSecurityHandler; |
-} |
-void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_Array* pIdArray, |
- const uint8_t* user_pass, FX_DWORD user_size, |
- const uint8_t* owner_pass, FX_DWORD owner_size, FX_BOOL bDefault, FX_DWORD type) |
-{ |
- int cipher = 0, key_len = 0; |
- if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
- return; |
- } |
- if (bDefault && (owner_pass == NULL || owner_size == 0)) { |
- owner_pass = user_pass; |
- owner_size = user_size; |
- } |
- if (m_Revision >= 5) { |
- int t = (int)time(NULL); |
- uint8_t sha[128]; |
- CRYPT_SHA256Start(sha); |
- CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
- CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
- CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
- CRYPT_SHA256Finish(sha, m_EncryptKey); |
- AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
- if (bDefault) { |
- AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, m_EncryptKey); |
- AES256_SetPerms(pEncryptDict, m_Permissions, pEncryptDict->GetBoolean(FX_BSTRC("EncryptMetadata"), TRUE), m_EncryptKey); |
- } |
- return; |
- } |
- if (bDefault) { |
- uint8_t passcode[32]; |
- FX_DWORD i; |
- for (i = 0; i < 32; i ++) { |
- passcode[i] = i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
- } |
- uint8_t digest[16]; |
- CRYPT_MD5Generate(passcode, 32, digest); |
- if (m_Revision >= 3) { |
- for (int i = 0; i < 50; i ++) { |
- CRYPT_MD5Generate(digest, 16, digest); |
- } |
- } |
- uint8_t enckey[32]; |
- FXSYS_memcpy(enckey, digest, key_len); |
- for (i = 0; i < 32; i ++) { |
- passcode[i] = i < user_size ? user_pass[i] : defpasscode[i - user_size]; |
- } |
- CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); |
- uint8_t tempkey[32]; |
- if (m_Revision >= 3) { |
- for (i = 1; i <= 19; i ++) { |
- for (int j = 0; j < key_len; j ++) { |
- tempkey[j] = enckey[j] ^ (uint8_t)i; |
- } |
- CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); |
- } |
- } |
- pEncryptDict->SetAtString(FX_BSTRC("O"), CFX_ByteString(passcode, 32)); |
- } |
- CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey, key_len, FALSE, pIdArray); |
- if (m_Revision < 3) { |
- uint8_t tempbuf[32]; |
- FXSYS_memcpy(tempbuf, defpasscode, 32); |
- CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); |
- pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(tempbuf, 32)); |
- } else { |
- uint8_t md5[100]; |
- CRYPT_MD5Start(md5); |
- CRYPT_MD5Update(md5, defpasscode, 32); |
- if (pIdArray) { |
- CFX_ByteString id = pIdArray->GetString(0); |
- CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
- } |
- uint8_t digest[32]; |
- CRYPT_MD5Finish(md5, digest); |
- CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); |
- uint8_t tempkey[32]; |
- for (int i = 1; i <= 19; i ++) { |
- for (int j = 0; j < key_len; j ++) { |
- tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; |
- } |
- CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
+ CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); |
+ uint8_t tempkey[32]; |
+ if (m_Revision >= 3) { |
+ for (i = 1; i <= 19; i++) { |
+ for (int j = 0; j < key_len; j++) { |
+ tempkey[j] = enckey[j] ^ (uint8_t)i; |
} |
- CRYPT_MD5Generate(digest, 16, digest + 16); |
- pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(digest, 32)); |
+ CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); |
+ } |
+ } |
+ pEncryptDict->SetAtString(FX_BSTRC("O"), CFX_ByteString(passcode, 32)); |
+ } |
+ CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey, |
+ key_len, FALSE, pIdArray); |
+ if (m_Revision < 3) { |
+ uint8_t tempbuf[32]; |
+ FXSYS_memcpy(tempbuf, defpasscode, 32); |
+ CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); |
+ pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(tempbuf, 32)); |
+ } else { |
+ uint8_t md5[100]; |
+ CRYPT_MD5Start(md5); |
+ CRYPT_MD5Update(md5, defpasscode, 32); |
+ if (pIdArray) { |
+ CFX_ByteString id = pIdArray->GetString(0); |
+ CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
} |
+ uint8_t digest[32]; |
+ CRYPT_MD5Finish(md5, digest); |
+ CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); |
+ uint8_t tempkey[32]; |
+ for (int i = 1; i <= 19; i++) { |
+ for (int j = 0; j < key_len; j++) { |
+ tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; |
+ } |
+ CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
+ } |
+ CRYPT_MD5Generate(digest, 16, digest + 16); |
+ pEncryptDict->SetAtString(FX_BSTRC("U"), CFX_ByteString(digest, 32)); |
+ } |
} |
-void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_Array* pIdArray, |
- const uint8_t* user_pass, FX_DWORD user_size, |
- const uint8_t* owner_pass, FX_DWORD owner_size, FX_DWORD type) |
-{ |
- OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, TRUE, type); |
+void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
+ CPDF_Array* pIdArray, |
+ const uint8_t* user_pass, |
+ FX_DWORD user_size, |
+ const uint8_t* owner_pass, |
+ FX_DWORD owner_size, |
+ FX_DWORD type) { |
+ OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
+ TRUE, type); |
} |
-void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, CPDF_Array* pIdArray, const uint8_t* user_pass, FX_DWORD user_size, FX_DWORD type) |
-{ |
- OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
+void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
+ CPDF_Array* pIdArray, |
+ const uint8_t* user_pass, |
+ FX_DWORD user_size, |
+ FX_DWORD type) { |
+ OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
} |
-void CPDF_StandardSecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptDict, const uint8_t* password, FX_DWORD size, FX_BOOL bOwner, const uint8_t* key) |
-{ |
- uint8_t sha[128]; |
- CRYPT_SHA1Start(sha); |
- CRYPT_SHA1Update(sha, key, 32); |
- CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
- uint8_t digest[20]; |
- CRYPT_SHA1Finish(sha, digest); |
- CFX_ByteString ukey = pEncryptDict->GetString(FX_BSTRC("U")); |
- uint8_t digest1[48]; |
- if (m_Revision >= 6) { |
- Revision6_Hash(password, size, digest, (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
- } else { |
- CRYPT_SHA256Start(sha); |
- CRYPT_SHA256Update(sha, password, size); |
- CRYPT_SHA256Update(sha, digest, 8); |
- if (bOwner) { |
- CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
- } |
- CRYPT_SHA256Finish(sha, digest1); |
- } |
- FXSYS_memcpy(digest1 + 32, digest, 16); |
- pEncryptDict->SetAtString(bOwner ? FX_BSTRC("O") : FX_BSTRC("U"), CFX_ByteString(digest1, 48)); |
- if (m_Revision >= 6) { |
- Revision6_Hash(password, size, digest + 8, (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
- } else { |
- CRYPT_SHA256Start(sha); |
- CRYPT_SHA256Update(sha, password, size); |
- CRYPT_SHA256Update(sha, digest + 8, 8); |
- if (bOwner) { |
- CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
- } |
- CRYPT_SHA256Finish(sha, digest1); |
- } |
- uint8_t* aes = FX_Alloc(uint8_t, 2048); |
- CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
- uint8_t iv[16]; |
- FXSYS_memset(iv, 0, 16); |
- CRYPT_AESSetIV(aes, iv); |
- CRYPT_AESEncrypt(aes, digest1, key, 32); |
- FX_Free(aes); |
- pEncryptDict->SetAtString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE"), CFX_ByteString(digest1, 32)); |
-} |
-void CPDF_StandardSecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict, FX_DWORD permissions, |
- FX_BOOL bEncryptMetadata, const uint8_t* key) |
-{ |
- uint8_t buf[16]; |
- buf[0] = (uint8_t)permissions; |
- buf[1] = (uint8_t)(permissions >> 8); |
- buf[2] = (uint8_t)(permissions >> 16); |
- buf[3] = (uint8_t)(permissions >> 24); |
- buf[4] = 0xff; |
- buf[5] = 0xff; |
- buf[6] = 0xff; |
- buf[7] = 0xff; |
- buf[8] = bEncryptMetadata ? 'T' : 'F'; |
- buf[9] = 'a'; |
- buf[10] = 'd'; |
- buf[11] = 'b'; |
- uint8_t* aes = FX_Alloc(uint8_t, 2048); |
- CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
- uint8_t iv[16], buf1[16]; |
- FXSYS_memset(iv, 0, 16); |
- CRYPT_AESSetIV(aes, iv); |
- CRYPT_AESEncrypt(aes, buf1, buf, 16); |
- FX_Free(aes); |
- pEncryptDict->SetAtString(FX_BSTRC("Perms"), CFX_ByteString(buf1, 16)); |
-} |
-void CPDF_StandardCryptoHandler::CryptBlock(FX_BOOL bEncrypt, FX_DWORD objnum, FX_DWORD gennum, const uint8_t* src_buf, FX_DWORD src_size, |
- uint8_t* dest_buf, FX_DWORD& dest_size) |
-{ |
- if (m_Cipher == FXCIPHER_NONE) { |
- FXSYS_memcpy(dest_buf, src_buf, src_size); |
- return; |
- } |
- uint8_t realkey[16]; |
- int realkeylen = 16; |
- if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) { |
- uint8_t key1[32]; |
- FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); |
- key1[m_KeyLen + 0] = (uint8_t)objnum; |
- key1[m_KeyLen + 1] = (uint8_t)(objnum >> 8); |
- key1[m_KeyLen + 2] = (uint8_t)(objnum >> 16); |
- key1[m_KeyLen + 3] = (uint8_t)gennum; |
- key1[m_KeyLen + 4] = (uint8_t)(gennum >> 8); |
- FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); |
- FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); |
- if (m_Cipher == FXCIPHER_AES) { |
- FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
- } |
- CRYPT_MD5Generate(key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
- realkeylen = m_KeyLen + 5; |
- if (realkeylen > 16) { |
- realkeylen = 16; |
- } |
- } |
- if (m_Cipher == FXCIPHER_AES) { |
- CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey, m_KeyLen, bEncrypt); |
- if (bEncrypt) { |
- uint8_t iv[16]; |
- for (int i = 0; i < 16; i ++) { |
- iv[i] = (uint8_t)rand(); |
- } |
- CRYPT_AESSetIV(m_pAESContext, iv); |
- FXSYS_memcpy(dest_buf, iv, 16); |
- int nblocks = src_size / 16; |
- CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16); |
- uint8_t padding[16]; |
- FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16); |
- FXSYS_memset(padding + src_size % 16, 16 - src_size % 16, 16 - src_size % 16); |
- CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding, 16); |
- dest_size = 32 + nblocks * 16; |
- } else { |
- CRYPT_AESSetIV(m_pAESContext, src_buf); |
- CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16); |
- dest_size = src_size - 16; |
- dest_size -= dest_buf[dest_size - 1]; |
- } |
- } else { |
- ASSERT(dest_size == src_size); |
- if (dest_buf != src_buf) { |
- FXSYS_memcpy(dest_buf, src_buf, src_size); |
- } |
- CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen); |
- } |
+void CPDF_StandardSecurityHandler::AES256_SetPassword( |
+ CPDF_Dictionary* pEncryptDict, |
+ const uint8_t* password, |
+ FX_DWORD size, |
+ FX_BOOL bOwner, |
+ const uint8_t* key) { |
+ uint8_t sha[128]; |
+ CRYPT_SHA1Start(sha); |
+ CRYPT_SHA1Update(sha, key, 32); |
+ CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
+ uint8_t digest[20]; |
+ CRYPT_SHA1Finish(sha, digest); |
+ CFX_ByteString ukey = pEncryptDict->GetString(FX_BSTRC("U")); |
+ uint8_t digest1[48]; |
+ if (m_Revision >= 6) { |
+ Revision6_Hash(password, size, digest, |
+ (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
+ } else { |
+ CRYPT_SHA256Start(sha); |
+ CRYPT_SHA256Update(sha, password, size); |
+ CRYPT_SHA256Update(sha, digest, 8); |
+ if (bOwner) { |
+ CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
+ } |
+ CRYPT_SHA256Finish(sha, digest1); |
+ } |
+ FXSYS_memcpy(digest1 + 32, digest, 16); |
+ pEncryptDict->SetAtString(bOwner ? FX_BSTRC("O") : FX_BSTRC("U"), |
+ CFX_ByteString(digest1, 48)); |
+ if (m_Revision >= 6) { |
+ Revision6_Hash(password, size, digest + 8, |
+ (bOwner ? (const uint8_t*)ukey : NULL), digest1); |
+ } else { |
+ CRYPT_SHA256Start(sha); |
+ CRYPT_SHA256Update(sha, password, size); |
+ CRYPT_SHA256Update(sha, digest + 8, 8); |
+ if (bOwner) { |
+ CRYPT_SHA256Update(sha, ukey, ukey.GetLength()); |
+ } |
+ CRYPT_SHA256Finish(sha, digest1); |
+ } |
+ uint8_t* aes = FX_Alloc(uint8_t, 2048); |
+ CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
+ uint8_t iv[16]; |
+ FXSYS_memset(iv, 0, 16); |
+ CRYPT_AESSetIV(aes, iv); |
+ CRYPT_AESEncrypt(aes, digest1, key, 32); |
+ FX_Free(aes); |
+ pEncryptDict->SetAtString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE"), |
+ CFX_ByteString(digest1, 32)); |
} |
-typedef struct _AESCryptContext { |
- uint8_t m_Context[2048]; |
- FX_BOOL m_bIV; |
- uint8_t m_Block[16]; |
- FX_DWORD m_BlockOffset; |
-} AESCryptContext; |
-void* CPDF_StandardCryptoHandler::CryptStart(FX_DWORD objnum, FX_DWORD gennum, FX_BOOL bEncrypt) |
-{ |
- if (m_Cipher == FXCIPHER_NONE) { |
- return this; |
- } |
- if (m_Cipher == FXCIPHER_AES && m_KeyLen == 32) { |
- AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
- pContext->m_bIV = TRUE; |
- pContext->m_BlockOffset = 0; |
- CRYPT_AESSetKey(pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt); |
- if (bEncrypt) { |
- for (int i = 0; i < 16; i ++) { |
- pContext->m_Block[i] = (uint8_t)rand(); |
- } |
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
- } |
- return pContext; |
- } |
- uint8_t key1[48]; |
+void CPDF_StandardSecurityHandler::AES256_SetPerms( |
+ CPDF_Dictionary* pEncryptDict, |
+ FX_DWORD permissions, |
+ FX_BOOL bEncryptMetadata, |
+ const uint8_t* key) { |
+ uint8_t buf[16]; |
+ buf[0] = (uint8_t)permissions; |
+ buf[1] = (uint8_t)(permissions >> 8); |
+ buf[2] = (uint8_t)(permissions >> 16); |
+ buf[3] = (uint8_t)(permissions >> 24); |
+ buf[4] = 0xff; |
+ buf[5] = 0xff; |
+ buf[6] = 0xff; |
+ buf[7] = 0xff; |
+ buf[8] = bEncryptMetadata ? 'T' : 'F'; |
+ buf[9] = 'a'; |
+ buf[10] = 'd'; |
+ buf[11] = 'b'; |
+ uint8_t* aes = FX_Alloc(uint8_t, 2048); |
+ CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
+ uint8_t iv[16], buf1[16]; |
+ FXSYS_memset(iv, 0, 16); |
+ CRYPT_AESSetIV(aes, iv); |
+ CRYPT_AESEncrypt(aes, buf1, buf, 16); |
+ FX_Free(aes); |
+ pEncryptDict->SetAtString(FX_BSTRC("Perms"), CFX_ByteString(buf1, 16)); |
+} |
+void CPDF_StandardCryptoHandler::CryptBlock(FX_BOOL bEncrypt, |
+ FX_DWORD objnum, |
+ FX_DWORD gennum, |
+ const uint8_t* src_buf, |
+ FX_DWORD src_size, |
+ uint8_t* dest_buf, |
+ FX_DWORD& dest_size) { |
+ if (m_Cipher == FXCIPHER_NONE) { |
+ FXSYS_memcpy(dest_buf, src_buf, src_size); |
+ return; |
+ } |
+ uint8_t realkey[16]; |
+ int realkeylen = 16; |
+ if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) { |
+ uint8_t key1[32]; |
FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); |
+ key1[m_KeyLen + 0] = (uint8_t)objnum; |
+ key1[m_KeyLen + 1] = (uint8_t)(objnum >> 8); |
+ key1[m_KeyLen + 2] = (uint8_t)(objnum >> 16); |
+ key1[m_KeyLen + 3] = (uint8_t)gennum; |
+ key1[m_KeyLen + 4] = (uint8_t)(gennum >> 8); |
FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); |
FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); |
if (m_Cipher == FXCIPHER_AES) { |
- FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
+ FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
} |
- uint8_t realkey[16]; |
- CRYPT_MD5Generate(key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
- int realkeylen = m_KeyLen + 5; |
+ CRYPT_MD5Generate( |
+ key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
+ realkeylen = m_KeyLen + 5; |
if (realkeylen > 16) { |
- realkeylen = 16; |
+ realkeylen = 16; |
} |
- if (m_Cipher == FXCIPHER_AES) { |
- AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
- pContext->m_bIV = TRUE; |
- pContext->m_BlockOffset = 0; |
- CRYPT_AESSetKey(pContext->m_Context, 16, realkey, 16, bEncrypt); |
- if (bEncrypt) { |
- for (int i = 0; i < 16; i ++) { |
- pContext->m_Block[i] = (uint8_t)rand(); |
- } |
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
- } |
- return pContext; |
- } |
- void* pContext = FX_Alloc(uint8_t, 1040); |
- CRYPT_ArcFourSetup(pContext, realkey, realkeylen); |
- return pContext; |
+ } |
+ if (m_Cipher == FXCIPHER_AES) { |
+ CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey, |
+ m_KeyLen, bEncrypt); |
+ if (bEncrypt) { |
+ uint8_t iv[16]; |
+ for (int i = 0; i < 16; i++) { |
+ iv[i] = (uint8_t)rand(); |
+ } |
+ CRYPT_AESSetIV(m_pAESContext, iv); |
+ FXSYS_memcpy(dest_buf, iv, 16); |
+ int nblocks = src_size / 16; |
+ CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16); |
+ uint8_t padding[16]; |
+ FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16); |
+ FXSYS_memset(padding + src_size % 16, 16 - src_size % 16, |
+ 16 - src_size % 16); |
+ CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding, |
+ 16); |
+ dest_size = 32 + nblocks * 16; |
+ } else { |
+ CRYPT_AESSetIV(m_pAESContext, src_buf); |
+ CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16); |
+ dest_size = src_size - 16; |
+ dest_size -= dest_buf[dest_size - 1]; |
+ } |
+ } else { |
+ ASSERT(dest_size == src_size); |
+ if (dest_buf != src_buf) { |
+ FXSYS_memcpy(dest_buf, src_buf, src_size); |
+ } |
+ CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen); |
+ } |
} |
-FX_BOOL CPDF_StandardCryptoHandler::CryptStream(void* context, const uint8_t* src_buf, FX_DWORD src_size, CFX_BinaryBuf& dest_buf, FX_BOOL bEncrypt) |
-{ |
- if (!context) { |
- return FALSE; |
- } |
- if (m_Cipher == FXCIPHER_NONE) { |
- dest_buf.AppendBlock(src_buf, src_size); |
- return TRUE; |
- } |
- if (m_Cipher == FXCIPHER_RC4) { |
- int old_size = dest_buf.GetSize(); |
- dest_buf.AppendBlock(src_buf, src_size); |
- CRYPT_ArcFourCrypt(context, dest_buf.GetBuffer() + old_size, src_size); |
- return TRUE; |
- } |
- AESCryptContext* pContext = (AESCryptContext*)context; |
- if (pContext->m_bIV && bEncrypt) { |
- dest_buf.AppendBlock(pContext->m_Block, 16); |
- pContext->m_bIV = FALSE; |
+typedef struct _AESCryptContext { |
+ uint8_t m_Context[2048]; |
+ FX_BOOL m_bIV; |
+ uint8_t m_Block[16]; |
+ FX_DWORD m_BlockOffset; |
+} AESCryptContext; |
+void* CPDF_StandardCryptoHandler::CryptStart(FX_DWORD objnum, |
+ FX_DWORD gennum, |
+ FX_BOOL bEncrypt) { |
+ if (m_Cipher == FXCIPHER_NONE) { |
+ return this; |
+ } |
+ if (m_Cipher == FXCIPHER_AES && m_KeyLen == 32) { |
+ AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
+ pContext->m_bIV = TRUE; |
+ pContext->m_BlockOffset = 0; |
+ CRYPT_AESSetKey(pContext->m_Context, 16, m_EncryptKey, 32, bEncrypt); |
+ if (bEncrypt) { |
+ for (int i = 0; i < 16; i++) { |
+ pContext->m_Block[i] = (uint8_t)rand(); |
+ } |
+ CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
} |
- FX_DWORD src_off = 0; |
- FX_DWORD src_left = src_size; |
- while (1) { |
- FX_DWORD copy_size = 16 - pContext->m_BlockOffset; |
- if (copy_size > src_left) { |
- copy_size = src_left; |
- } |
- FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_off, copy_size); |
- src_off += copy_size; |
- src_left -= copy_size; |
- pContext->m_BlockOffset += copy_size; |
- if (pContext->m_BlockOffset == 16) { |
- if (!bEncrypt && pContext->m_bIV) { |
- CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
- pContext->m_bIV = FALSE; |
- pContext->m_BlockOffset = 0; |
- } else if (src_off < src_size) { |
- uint8_t block_buf[16]; |
- if (bEncrypt) { |
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
- } else { |
- CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
- } |
- dest_buf.AppendBlock(block_buf, 16); |
- pContext->m_BlockOffset = 0; |
- } |
- } |
- if (!src_left) { |
- break; |
- } |
+ return pContext; |
+ } |
+ uint8_t key1[48]; |
+ FXSYS_memcpy(key1, m_EncryptKey, m_KeyLen); |
+ FXSYS_memcpy(key1 + m_KeyLen, &objnum, 3); |
+ FXSYS_memcpy(key1 + m_KeyLen + 3, &gennum, 2); |
+ if (m_Cipher == FXCIPHER_AES) { |
+ FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); |
+ } |
+ uint8_t realkey[16]; |
+ CRYPT_MD5Generate( |
+ key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); |
+ int realkeylen = m_KeyLen + 5; |
+ if (realkeylen > 16) { |
+ realkeylen = 16; |
+ } |
+ if (m_Cipher == FXCIPHER_AES) { |
+ AESCryptContext* pContext = FX_Alloc(AESCryptContext, 1); |
+ pContext->m_bIV = TRUE; |
+ pContext->m_BlockOffset = 0; |
+ CRYPT_AESSetKey(pContext->m_Context, 16, realkey, 16, bEncrypt); |
+ if (bEncrypt) { |
+ for (int i = 0; i < 16; i++) { |
+ pContext->m_Block[i] = (uint8_t)rand(); |
+ } |
+ CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
} |
- return TRUE; |
+ return pContext; |
+ } |
+ void* pContext = FX_Alloc(uint8_t, 1040); |
+ CRYPT_ArcFourSetup(pContext, realkey, realkeylen); |
+ return pContext; |
} |
-FX_BOOL CPDF_StandardCryptoHandler::CryptFinish(void* context, CFX_BinaryBuf& dest_buf, FX_BOOL bEncrypt) |
-{ |
- if (!context) { |
- return FALSE; |
- } |
- if (m_Cipher == FXCIPHER_NONE) { |
- return TRUE; |
- } |
- if (m_Cipher == FXCIPHER_RC4) { |
- FX_Free(context); |
- return TRUE; |
- } |
- AESCryptContext* pContext = (AESCryptContext*)context; |
- if (bEncrypt) { |
+FX_BOOL CPDF_StandardCryptoHandler::CryptStream(void* context, |
+ const uint8_t* src_buf, |
+ FX_DWORD src_size, |
+ CFX_BinaryBuf& dest_buf, |
+ FX_BOOL bEncrypt) { |
+ if (!context) { |
+ return FALSE; |
+ } |
+ if (m_Cipher == FXCIPHER_NONE) { |
+ dest_buf.AppendBlock(src_buf, src_size); |
+ return TRUE; |
+ } |
+ if (m_Cipher == FXCIPHER_RC4) { |
+ int old_size = dest_buf.GetSize(); |
+ dest_buf.AppendBlock(src_buf, src_size); |
+ CRYPT_ArcFourCrypt(context, dest_buf.GetBuffer() + old_size, src_size); |
+ return TRUE; |
+ } |
+ AESCryptContext* pContext = (AESCryptContext*)context; |
+ if (pContext->m_bIV && bEncrypt) { |
+ dest_buf.AppendBlock(pContext->m_Block, 16); |
+ pContext->m_bIV = FALSE; |
+ } |
+ FX_DWORD src_off = 0; |
+ FX_DWORD src_left = src_size; |
+ while (1) { |
+ FX_DWORD copy_size = 16 - pContext->m_BlockOffset; |
+ if (copy_size > src_left) { |
+ copy_size = src_left; |
+ } |
+ FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_off, |
+ copy_size); |
+ src_off += copy_size; |
+ src_left -= copy_size; |
+ pContext->m_BlockOffset += copy_size; |
+ if (pContext->m_BlockOffset == 16) { |
+ if (!bEncrypt && pContext->m_bIV) { |
+ CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); |
+ pContext->m_bIV = FALSE; |
+ pContext->m_BlockOffset = 0; |
+ } else if (src_off < src_size) { |
uint8_t block_buf[16]; |
- if (pContext->m_BlockOffset == 16) { |
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
- dest_buf.AppendBlock(block_buf, 16); |
- pContext->m_BlockOffset = 0; |
+ if (bEncrypt) { |
+ CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, |
+ 16); |
+ } else { |
+ CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, |
+ 16); |
} |
- FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset, (uint8_t)(16 - pContext->m_BlockOffset), 16 - pContext->m_BlockOffset); |
- CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
dest_buf.AppendBlock(block_buf, 16); |
- } else if (pContext->m_BlockOffset == 16) { |
- uint8_t block_buf[16]; |
- CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
- if (block_buf[15] <= 16) { |
- dest_buf.AppendBlock(block_buf, 16 - block_buf[15]); |
- } |
+ pContext->m_BlockOffset = 0; |
+ } |
} |
- FX_Free(pContext); |
+ if (!src_left) { |
+ break; |
+ } |
+ } |
+ return TRUE; |
+} |
+FX_BOOL CPDF_StandardCryptoHandler::CryptFinish(void* context, |
+ CFX_BinaryBuf& dest_buf, |
+ FX_BOOL bEncrypt) { |
+ if (!context) { |
+ return FALSE; |
+ } |
+ if (m_Cipher == FXCIPHER_NONE) { |
+ return TRUE; |
+ } |
+ if (m_Cipher == FXCIPHER_RC4) { |
+ FX_Free(context); |
return TRUE; |
+ } |
+ AESCryptContext* pContext = (AESCryptContext*)context; |
+ if (bEncrypt) { |
+ uint8_t block_buf[16]; |
+ if (pContext->m_BlockOffset == 16) { |
+ CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
+ dest_buf.AppendBlock(block_buf, 16); |
+ pContext->m_BlockOffset = 0; |
+ } |
+ FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset, |
+ (uint8_t)(16 - pContext->m_BlockOffset), |
+ 16 - pContext->m_BlockOffset); |
+ CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
+ dest_buf.AppendBlock(block_buf, 16); |
+ } else if (pContext->m_BlockOffset == 16) { |
+ uint8_t block_buf[16]; |
+ CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); |
+ if (block_buf[15] <= 16) { |
+ dest_buf.AppendBlock(block_buf, 16 - block_buf[15]); |
+ } |
+ } |
+ FX_Free(pContext); |
+ return TRUE; |
} |
-void* CPDF_StandardCryptoHandler::DecryptStart(FX_DWORD objnum, FX_DWORD gennum) |
-{ |
- return CryptStart(objnum, gennum, FALSE); |
+void* CPDF_StandardCryptoHandler::DecryptStart(FX_DWORD objnum, |
+ FX_DWORD gennum) { |
+ return CryptStart(objnum, gennum, FALSE); |
} |
-FX_DWORD CPDF_StandardCryptoHandler::DecryptGetSize(FX_DWORD src_size) |
-{ |
- return m_Cipher == FXCIPHER_AES ? src_size - 16 : src_size; |
+FX_DWORD CPDF_StandardCryptoHandler::DecryptGetSize(FX_DWORD src_size) { |
+ return m_Cipher == FXCIPHER_AES ? src_size - 16 : src_size; |
} |
-FX_BOOL CPDF_StandardCryptoHandler::Init(CPDF_Dictionary* pEncryptDict, CPDF_SecurityHandler* pSecurityHandler) |
-{ |
- const uint8_t* key; |
- if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen)) { |
- return FALSE; |
- } |
- if (m_KeyLen > 32 || m_KeyLen < 0) { |
+FX_BOOL CPDF_StandardCryptoHandler::Init( |
+ CPDF_Dictionary* pEncryptDict, |
+ CPDF_SecurityHandler* pSecurityHandler) { |
+ const uint8_t* key; |
+ if (!pSecurityHandler->GetCryptInfo(m_Cipher, key, m_KeyLen)) { |
+ return FALSE; |
+ } |
+ if (m_KeyLen > 32 || m_KeyLen < 0) { |
+ return FALSE; |
+ } |
+ if (m_Cipher != FXCIPHER_NONE) { |
+ FXSYS_memcpy(m_EncryptKey, key, m_KeyLen); |
+ } |
+ if (m_Cipher == FXCIPHER_AES) { |
+ m_pAESContext = FX_Alloc(uint8_t, 2048); |
+ } |
+ return TRUE; |
+} |
+FX_BOOL CPDF_StandardCryptoHandler::Init(int cipher, |
+ const uint8_t* key, |
+ int keylen) { |
+ if (cipher == FXCIPHER_AES) { |
+ switch (keylen) { |
+ case 16: |
+ case 24: |
+ case 32: |
+ break; |
+ default: |
return FALSE; |
} |
- if (m_Cipher != FXCIPHER_NONE) { |
- FXSYS_memcpy(m_EncryptKey, key, m_KeyLen); |
- } |
- if (m_Cipher == FXCIPHER_AES) { |
- m_pAESContext = FX_Alloc(uint8_t, 2048); |
- } |
- return TRUE; |
+ } else if (cipher == FXCIPHER_AES2) { |
+ if (keylen != 32) { |
+ return FALSE; |
+ } |
+ } else if (cipher == FXCIPHER_RC4) { |
+ if (keylen < 5 || keylen > 16) { |
+ return FALSE; |
+ } |
+ } else { |
+ if (keylen > 32) { |
+ keylen = 32; |
+ } |
+ } |
+ m_Cipher = cipher; |
+ m_KeyLen = keylen; |
+ FXSYS_memcpy(m_EncryptKey, key, keylen); |
+ if (m_Cipher == FXCIPHER_AES) { |
+ m_pAESContext = FX_Alloc(uint8_t, 2048); |
+ } |
+ return TRUE; |
} |
-FX_BOOL CPDF_StandardCryptoHandler::Init(int cipher, const uint8_t* key, int keylen) |
-{ |
- if (cipher == FXCIPHER_AES) { |
- switch(keylen) { |
- case 16: |
- case 24: |
- case 32: |
- break; |
- default: |
- return FALSE; |
- } |
- } else if (cipher == FXCIPHER_AES2) { |
- if (keylen != 32) { |
- return FALSE; |
- } |
- } else if (cipher == FXCIPHER_RC4) { |
- if (keylen < 5 || keylen > 16) { |
- return FALSE; |
- } |
- } else { |
- if (keylen > 32) { |
- keylen = 32; |
- } |
- } |
- m_Cipher = cipher; |
- m_KeyLen = keylen; |
- FXSYS_memcpy(m_EncryptKey, key, keylen); |
- if (m_Cipher == FXCIPHER_AES) { |
- m_pAESContext = FX_Alloc(uint8_t, 2048); |
- } |
- return TRUE; |
+FX_BOOL CPDF_StandardCryptoHandler::DecryptStream(void* context, |
+ const uint8_t* src_buf, |
+ FX_DWORD src_size, |
+ CFX_BinaryBuf& dest_buf) { |
+ return CryptStream(context, src_buf, src_size, dest_buf, FALSE); |
} |
-FX_BOOL CPDF_StandardCryptoHandler::DecryptStream(void* context, const uint8_t* src_buf, FX_DWORD src_size, |
- CFX_BinaryBuf& dest_buf) |
-{ |
- return CryptStream(context, src_buf, src_size, dest_buf, FALSE); |
+FX_BOOL CPDF_StandardCryptoHandler::DecryptFinish(void* context, |
+ CFX_BinaryBuf& dest_buf) { |
+ return CryptFinish(context, dest_buf, FALSE); |
} |
-FX_BOOL CPDF_StandardCryptoHandler::DecryptFinish(void* context, CFX_BinaryBuf& dest_buf) |
-{ |
- return CryptFinish(context, dest_buf, FALSE); |
+FX_DWORD CPDF_StandardCryptoHandler::EncryptGetSize(FX_DWORD objnum, |
+ FX_DWORD version, |
+ const uint8_t* src_buf, |
+ FX_DWORD src_size) { |
+ if (m_Cipher == FXCIPHER_AES) { |
+ return src_size + 32; |
+ } |
+ return src_size; |
} |
-FX_DWORD CPDF_StandardCryptoHandler::EncryptGetSize(FX_DWORD objnum, FX_DWORD version, const uint8_t* src_buf, FX_DWORD src_size) |
-{ |
- if (m_Cipher == FXCIPHER_AES) { |
- return src_size + 32; |
- } |
- return src_size; |
+FX_BOOL CPDF_StandardCryptoHandler::EncryptContent(FX_DWORD objnum, |
+ FX_DWORD gennum, |
+ const uint8_t* src_buf, |
+ FX_DWORD src_size, |
+ uint8_t* dest_buf, |
+ FX_DWORD& dest_size) { |
+ CryptBlock(TRUE, objnum, gennum, src_buf, src_size, dest_buf, dest_size); |
+ return TRUE; |
} |
-FX_BOOL CPDF_StandardCryptoHandler::EncryptContent(FX_DWORD objnum, FX_DWORD gennum, const uint8_t* src_buf, FX_DWORD src_size, |
- uint8_t* dest_buf, FX_DWORD& dest_size) |
-{ |
- CryptBlock(TRUE, objnum, gennum, src_buf, src_size, dest_buf, dest_size); |
- return TRUE; |
+void CPDF_CryptoHandler::Decrypt(FX_DWORD objnum, |
+ FX_DWORD gennum, |
+ CFX_ByteString& str) { |
+ CFX_BinaryBuf dest_buf; |
+ void* context = DecryptStart(objnum, gennum); |
+ DecryptStream(context, (const uint8_t*)str, str.GetLength(), dest_buf); |
+ DecryptFinish(context, dest_buf); |
+ str = dest_buf; |
} |
-void CPDF_CryptoHandler::Decrypt(FX_DWORD objnum, FX_DWORD gennum, CFX_ByteString& str) |
-{ |
- CFX_BinaryBuf dest_buf; |
- void* context = DecryptStart(objnum, gennum); |
- DecryptStream(context, (const uint8_t*)str, str.GetLength(), dest_buf); |
- DecryptFinish(context, dest_buf); |
- str = dest_buf; |
-} |
-CPDF_StandardCryptoHandler::CPDF_StandardCryptoHandler() |
-{ |
- m_pAESContext = NULL; |
- m_Cipher = FXCIPHER_NONE; |
- m_KeyLen = 0; |
-} |
-CPDF_StandardCryptoHandler::~CPDF_StandardCryptoHandler() |
-{ |
- if (m_pAESContext) { |
- FX_Free(m_pAESContext); |
- } |
+CPDF_StandardCryptoHandler::CPDF_StandardCryptoHandler() { |
+ m_pAESContext = NULL; |
+ m_Cipher = FXCIPHER_NONE; |
+ m_KeyLen = 0; |
+} |
+CPDF_StandardCryptoHandler::~CPDF_StandardCryptoHandler() { |
+ if (m_pAESContext) { |
+ FX_Free(m_pAESContext); |
+ } |
} |