| OLD | NEW |
|---|
| 1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fpdfapi/fpdf_parser/cpdf_standard_security_handler.h" | 7 #include "core/fpdfapi/fpdf_parser/cpdf_standard_security_handler.h" |
| 8 | 8 |
| 9 #include <time.h> | 9 #include <time.h> |
| 10 | 10 |
| 11 #include "core/fdrm/crypto/include/fx_crypt.h" | 11 #include "core/fdrm/crypto/include/fx_crypt.h" |
| 12 #include "core/fpdfapi/fpdf_parser/cpdf_standard_crypto_handler.h" | 12 #include "core/fpdfapi/fpdf_parser/cpdf_standard_crypto_handler.h" |
| 13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" | 13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" |
| 14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" | 14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" |
| 15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" | 15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" |
| 16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" | 16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" |
| 17 | 17 |
| 18 namespace { | 18 namespace { |
| 19 | 19 |
| 20 const uint8_t defpasscode[32] = { | 20 const uint8_t defpasscode[32] = { |
| 21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, | 21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, |
| 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, | 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
| 23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; | 23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; |
| 24 | 24 |
| 25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, | 25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, |
| 26 const uint8_t* password, | 26 const uint8_t* password, |
| 27 FX_DWORD pass_size, | 27 uint32_t pass_size, |
| 28 uint8_t* key, | 28 uint8_t* key, |
| 29 int keylen, | 29 int keylen, |
| 30 FX_BOOL bIgnoreMeta, | 30 FX_BOOL bIgnoreMeta, |
| 31 CPDF_Array* pIdArray) { | 31 CPDF_Array* pIdArray) { |
| 32 int revision = pEncrypt->GetIntegerBy("R"); | 32 int revision = pEncrypt->GetIntegerBy("R"); |
| 33 uint8_t passcode[32]; | 33 uint8_t passcode[32]; |
| 34 for (FX_DWORD i = 0; i < 32; i++) { | 34 for (uint32_t i = 0; i < 32; i++) { |
| 35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; | 35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
| 36 } | 36 } |
| 37 uint8_t md5[100]; | 37 uint8_t md5[100]; |
| 38 CRYPT_MD5Start(md5); | 38 CRYPT_MD5Start(md5); |
| 39 CRYPT_MD5Update(md5, passcode, 32); | 39 CRYPT_MD5Update(md5, passcode, 32); |
| 40 CFX_ByteString okey = pEncrypt->GetStringBy("O"); | 40 CFX_ByteString okey = pEncrypt->GetStringBy("O"); |
| 41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); | 41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
| 42 FX_DWORD perm = pEncrypt->GetIntegerBy("P"); | 42 uint32_t perm = pEncrypt->GetIntegerBy("P"); |
| 43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); | 43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
| 44 if (pIdArray) { | 44 if (pIdArray) { |
| 45 CFX_ByteString id = pIdArray->GetStringAt(0); | 45 CFX_ByteString id = pIdArray->GetStringAt(0); |
| 46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
| 47 } | 47 } |
| 48 if (!bIgnoreMeta && revision >= 3 && | 48 if (!bIgnoreMeta && revision >= 3 && |
| 49 !pEncrypt->GetIntegerBy("EncryptMetadata", 1)) { | 49 !pEncrypt->GetIntegerBy("EncryptMetadata", 1)) { |
| 50 FX_DWORD tag = (FX_DWORD)-1; | 50 uint32_t tag = (uint32_t)-1; |
| 51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); | 51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
| 52 } | 52 } |
| 53 uint8_t digest[16]; | 53 uint8_t digest[16]; |
| 54 CRYPT_MD5Finish(md5, digest); | 54 CRYPT_MD5Finish(md5, digest); |
| 55 FX_DWORD copy_len = keylen; | 55 uint32_t copy_len = keylen; |
| 56 if (copy_len > sizeof(digest)) { | 56 if (copy_len > sizeof(digest)) { |
| 57 copy_len = sizeof(digest); | 57 copy_len = sizeof(digest); |
| 58 } | 58 } |
| 59 if (revision >= 3) { | 59 if (revision >= 3) { |
| 60 for (int i = 0; i < 50; i++) { | 60 for (int i = 0; i < 50; i++) { |
| 61 CRYPT_MD5Generate(digest, copy_len, digest); | 61 CRYPT_MD5Generate(digest, copy_len, digest); |
| 62 } | 62 } |
| 63 } | 63 } |
| 64 FXSYS_memset(key, 0, keylen); | 64 FXSYS_memset(key, 0, keylen); |
| 65 FXSYS_memcpy(key, digest, copy_len); | 65 FXSYS_memcpy(key, digest, copy_len); |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, | 104 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
| 105 key_len)) { | 105 key_len)) { |
| 106 return FALSE; | 106 return FALSE; |
| 107 } | 107 } |
| 108 } | 108 } |
| 109 return TRUE; | 109 return TRUE; |
| 110 } | 110 } |
| 111 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, | 111 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
| 112 key_len); | 112 key_len); |
| 113 } | 113 } |
| 114 FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() { | 114 uint32_t CPDF_StandardSecurityHandler::GetPermissions() { |
| 115 return m_Permissions; | 115 return m_Permissions; |
| 116 } | 116 } |
| 117 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, | 117 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
| 118 const CFX_ByteStringC& name, | 118 const CFX_ByteStringC& name, |
| 119 int& cipher, | 119 int& cipher, |
| 120 int& keylen) { | 120 int& keylen) { |
| 121 int Version = pEncryptDict->GetIntegerBy("V"); | 121 int Version = pEncryptDict->GetIntegerBy("V"); |
| 122 cipher = FXCIPHER_RC4; | 122 cipher = FXCIPHER_RC4; |
| 123 keylen = 0; | 123 keylen = 0; |
| 124 if (Version >= 4) { | 124 if (Version >= 4) { |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 173 if (stmf_name != strf_name) { | 173 if (stmf_name != strf_name) { |
| 174 return FALSE; | 174 return FALSE; |
| 175 } | 175 } |
| 176 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { | 176 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { |
| 177 return FALSE; | 177 return FALSE; |
| 178 } | 178 } |
| 179 return TRUE; | 179 return TRUE; |
| 180 } | 180 } |
| 181 | 181 |
| 182 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, | 182 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
| 183 FX_DWORD type, | 183 uint32_t type, |
| 184 int& cipher, | 184 int& cipher, |
| 185 int& key_len) { | 185 int& key_len) { |
| 186 m_pEncryptDict = pEncryptDict; | 186 m_pEncryptDict = pEncryptDict; |
| 187 m_Version = pEncryptDict->GetIntegerBy("V"); | 187 m_Version = pEncryptDict->GetIntegerBy("V"); |
| 188 m_Revision = pEncryptDict->GetIntegerBy("R"); | 188 m_Revision = pEncryptDict->GetIntegerBy("R"); |
| 189 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 189 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); |
| 190 CFX_ByteString strf_name, stmf_name; | 190 CFX_ByteString strf_name, stmf_name; |
| 191 if (m_Version >= 4) { | 191 if (m_Version >= 4) { |
| 192 stmf_name = pEncryptDict->GetStringBy("StmF"); | 192 stmf_name = pEncryptDict->GetStringBy("StmF"); |
| 193 strf_name = pEncryptDict->GetStringBy("StrF"); | 193 strf_name = pEncryptDict->GetStringBy("StrF"); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 206 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, | 206 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, |
| 207 const uint8_t*& buffer, | 207 const uint8_t*& buffer, |
| 208 int& keylen) { | 208 int& keylen) { |
| 209 cipher = m_Cipher; | 209 cipher = m_Cipher; |
| 210 buffer = m_EncryptKey; | 210 buffer = m_EncryptKey; |
| 211 keylen = m_KeyLen; | 211 keylen = m_KeyLen; |
| 212 return TRUE; | 212 return TRUE; |
| 213 } | 213 } |
| 214 #define FX_GET_32WORD(n, b, i) \ | 214 #define FX_GET_32WORD(n, b, i) \ |
| 215 { \ | 215 { \ |
| 216 (n) = (FX_DWORD)( \ | 216 (n) = (uint32_t)( \ |
| 217 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ | 217 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ |
| 218 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ | 218 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ |
| 219 } | 219 } |
| 220 int BigOrder64BitsMod3(uint8_t* data) { | 220 int BigOrder64BitsMod3(uint8_t* data) { |
| 221 uint64_t ret = 0; | 221 uint64_t ret = 0; |
| 222 for (int i = 0; i < 4; ++i) { | 222 for (int i = 0; i < 4; ++i) { |
| 223 FX_DWORD value; | 223 uint32_t value; |
| 224 FX_GET_32WORD(value, data, 4 * i); | 224 FX_GET_32WORD(value, data, 4 * i); |
| 225 ret <<= 32; | 225 ret <<= 32; |
| 226 ret |= value; | 226 ret |= value; |
| 227 ret %= 3; | 227 ret %= 3; |
| 228 } | 228 } |
| 229 return (int)ret; | 229 return (int)ret; |
| 230 } | 230 } |
| 231 void Revision6_Hash(const uint8_t* password, | 231 void Revision6_Hash(const uint8_t* password, |
| 232 FX_DWORD size, | 232 uint32_t size, |
| 233 const uint8_t* salt, | 233 const uint8_t* salt, |
| 234 const uint8_t* vector, | 234 const uint8_t* vector, |
| 235 uint8_t* hash) { | 235 uint8_t* hash) { |
| 236 int iBlockSize = 32; | 236 int iBlockSize = 32; |
| 237 uint8_t sha[128]; | 237 uint8_t sha[128]; |
| 238 CRYPT_SHA256Start(sha); | 238 CRYPT_SHA256Start(sha); |
| 239 CRYPT_SHA256Update(sha, password, size); | 239 CRYPT_SHA256Update(sha, password, size); |
| 240 CRYPT_SHA256Update(sha, salt, 8); | 240 CRYPT_SHA256Update(sha, salt, 8); |
| 241 if (vector) { | 241 if (vector) { |
| 242 CRYPT_SHA256Update(sha, vector, 48); | 242 CRYPT_SHA256Update(sha, vector, 48); |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 299 iv = input + 16; | 299 iv = input + 16; |
| 300 ++i; | 300 ++i; |
| 301 } | 301 } |
| 302 FX_Free(aes); | 302 FX_Free(aes); |
| 303 if (hash) { | 303 if (hash) { |
| 304 FXSYS_memcpy(hash, input, 32); | 304 FXSYS_memcpy(hash, input, 32); |
| 305 } | 305 } |
| 306 } | 306 } |
| 307 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( | 307 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( |
| 308 const uint8_t* password, | 308 const uint8_t* password, |
| 309 FX_DWORD size, | 309 uint32_t size, |
| 310 FX_BOOL bOwner, | 310 FX_BOOL bOwner, |
| 311 uint8_t* key) { | 311 uint8_t* key) { |
| 312 CFX_ByteString okey = | 312 CFX_ByteString okey = |
| 313 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); | 313 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); |
| 314 if (okey.GetLength() < 48) { | 314 if (okey.GetLength() < 48) { |
| 315 return FALSE; | 315 return FALSE; |
| 316 } | 316 } |
| 317 CFX_ByteString ukey = | 317 CFX_ByteString ukey = |
| 318 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 318 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
| 319 if (ukey.GetLength() < 48) { | 319 if (ukey.GetLength() < 48) { |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 365 CRYPT_AESSetIV(aes, iv); | 365 CRYPT_AESSetIV(aes, iv); |
| 366 CRYPT_AESDecrypt(aes, key, ekey, 32); | 366 CRYPT_AESDecrypt(aes, key, ekey, 32); |
| 367 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); | 367 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
| 368 CRYPT_AESSetIV(aes, iv); | 368 CRYPT_AESSetIV(aes, iv); |
| 369 CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); | 369 CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); |
| 370 if (perms.IsEmpty()) { | 370 if (perms.IsEmpty()) { |
| 371 return FALSE; | 371 return FALSE; |
| 372 } | 372 } |
| 373 uint8_t perms_buf[16]; | 373 uint8_t perms_buf[16]; |
| 374 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); | 374 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
| 375 FX_DWORD copy_len = sizeof(perms_buf); | 375 uint32_t copy_len = sizeof(perms_buf); |
| 376 if (copy_len > (FX_DWORD)perms.GetLength()) { | 376 if (copy_len > (uint32_t)perms.GetLength()) { |
| 377 copy_len = perms.GetLength(); | 377 copy_len = perms.GetLength(); |
| 378 } | 378 } |
| 379 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); | 379 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); |
| 380 uint8_t buf[16]; | 380 uint8_t buf[16]; |
| 381 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); | 381 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); |
| 382 FX_Free(aes); | 382 FX_Free(aes); |
| 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { | 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { |
| 384 return FALSE; | 384 return FALSE; |
| 385 } | 385 } |
| 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { | 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
| 387 return FALSE; | 387 return FALSE; |
| 388 } | 388 } |
| 389 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || | 389 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || |
| 390 (buf[8] == 'F' && IsMetadataEncrypted())) { | 390 (buf[8] == 'F' && IsMetadataEncrypted())) { |
| 391 return FALSE; | 391 return FALSE; |
| 392 } | 392 } |
| 393 return TRUE; | 393 return TRUE; |
| 394 } | 394 } |
| 395 | 395 |
| 396 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, | 396 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
| 397 FX_DWORD size, | 397 uint32_t size, |
| 398 FX_BOOL bOwner, | 398 FX_BOOL bOwner, |
| 399 uint8_t* key, | 399 uint8_t* key, |
| 400 int32_t key_len) { | 400 int32_t key_len) { |
| 401 if (m_Revision >= 5) { | 401 if (m_Revision >= 5) { |
| 402 return AES256_CheckPassword(password, size, bOwner, key); | 402 return AES256_CheckPassword(password, size, bOwner, key); |
| 403 } | 403 } |
| 404 uint8_t keybuf[32]; | 404 uint8_t keybuf[32]; |
| 405 if (!key) { | 405 if (!key) { |
| 406 key = keybuf; | 406 key = keybuf; |
| 407 } | 407 } |
| 408 if (bOwner) { | 408 if (bOwner) { |
| 409 return CheckOwnerPassword(password, size, key, key_len); | 409 return CheckOwnerPassword(password, size, key, key_len); |
| 410 } | 410 } |
| 411 return CheckUserPassword(password, size, FALSE, key, key_len) || | 411 return CheckUserPassword(password, size, FALSE, key, key_len) || |
| 412 CheckUserPassword(password, size, TRUE, key, key_len); | 412 CheckUserPassword(password, size, TRUE, key, key_len); |
| 413 } | 413 } |
| 414 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( | 414 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( |
| 415 const uint8_t* password, | 415 const uint8_t* password, |
| 416 FX_DWORD pass_size, | 416 uint32_t pass_size, |
| 417 FX_BOOL bIgnoreEncryptMeta, | 417 FX_BOOL bIgnoreEncryptMeta, |
| 418 uint8_t* key, | 418 uint8_t* key, |
| 419 int32_t key_len) { | 419 int32_t key_len) { |
| 420 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, | 420 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
| 421 bIgnoreEncryptMeta, m_pParser->GetIDArray()); | 421 bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
| 422 CFX_ByteString ukey = | 422 CFX_ByteString ukey = |
| 423 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 423 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
| 424 if (ukey.GetLength() < 16) { | 424 if (ukey.GetLength() < 16) { |
| 425 return FALSE; | 425 return FALSE; |
| 426 } | 426 } |
| 427 uint8_t ukeybuf[32]; | 427 uint8_t ukeybuf[32]; |
| 428 if (m_Revision == 2) { | 428 if (m_Revision == 2) { |
| 429 FXSYS_memcpy(ukeybuf, defpasscode, 32); | 429 FXSYS_memcpy(ukeybuf, defpasscode, 32); |
| 430 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); | 430 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
| 431 } else { | 431 } else { |
| 432 uint8_t test[32], tmpkey[32]; | 432 uint8_t test[32], tmpkey[32]; |
| 433 FX_DWORD copy_len = sizeof(test); | 433 uint32_t copy_len = sizeof(test); |
| 434 if (copy_len > (FX_DWORD)ukey.GetLength()) { | 434 if (copy_len > (uint32_t)ukey.GetLength()) { |
| 435 copy_len = ukey.GetLength(); | 435 copy_len = ukey.GetLength(); |
| 436 } | 436 } |
| 437 FXSYS_memset(test, 0, sizeof(test)); | 437 FXSYS_memset(test, 0, sizeof(test)); |
| 438 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); | 438 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); |
| 439 FXSYS_memcpy(test, ukey.c_str(), copy_len); | 439 FXSYS_memcpy(test, ukey.c_str(), copy_len); |
| 440 for (int i = 19; i >= 0; i--) { | 440 for (int i = 19; i >= 0; i--) { |
| 441 for (int j = 0; j < key_len; j++) { | 441 for (int j = 0; j < key_len; j++) { |
| 442 tmpkey[j] = key[j] ^ i; | 442 tmpkey[j] = key[j] ^ i; |
| 443 } | 443 } |
| 444 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); | 444 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); |
| 445 } | 445 } |
| 446 uint8_t md5[100]; | 446 uint8_t md5[100]; |
| 447 CRYPT_MD5Start(md5); | 447 CRYPT_MD5Start(md5); |
| 448 CRYPT_MD5Update(md5, defpasscode, 32); | 448 CRYPT_MD5Update(md5, defpasscode, 32); |
| 449 CPDF_Array* pIdArray = m_pParser->GetIDArray(); | 449 CPDF_Array* pIdArray = m_pParser->GetIDArray(); |
| 450 if (pIdArray) { | 450 if (pIdArray) { |
| 451 CFX_ByteString id = pIdArray->GetStringAt(0); | 451 CFX_ByteString id = pIdArray->GetStringAt(0); |
| 452 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 452 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
| 453 } | 453 } |
| 454 CRYPT_MD5Finish(md5, ukeybuf); | 454 CRYPT_MD5Finish(md5, ukeybuf); |
| 455 return FXSYS_memcmp(test, ukeybuf, 16) == 0; | 455 return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
| 456 } | 456 } |
| 457 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { | 457 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
| 458 return TRUE; | 458 return TRUE; |
| 459 } | 459 } |
| 460 return FALSE; | 460 return FALSE; |
| 461 } | 461 } |
| 462 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( | 462 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
| 463 const uint8_t* owner_pass, | 463 const uint8_t* owner_pass, |
| 464 FX_DWORD pass_size, | 464 uint32_t pass_size, |
| 465 int32_t key_len) { | 465 int32_t key_len) { |
| 466 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); | 466 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); |
| 467 uint8_t passcode[32]; | 467 uint8_t passcode[32]; |
| 468 FX_DWORD i; | 468 uint32_t i; |
| 469 for (i = 0; i < 32; i++) { | 469 for (i = 0; i < 32; i++) { |
| 470 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; | 470 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
| 471 } | 471 } |
| 472 uint8_t digest[16]; | 472 uint8_t digest[16]; |
| 473 CRYPT_MD5Generate(passcode, 32, digest); | 473 CRYPT_MD5Generate(passcode, 32, digest); |
| 474 if (m_Revision >= 3) { | 474 if (m_Revision >= 3) { |
| 475 for (int i = 0; i < 50; i++) { | 475 for (int i = 0; i < 50; i++) { |
| 476 CRYPT_MD5Generate(digest, 16, digest); | 476 CRYPT_MD5Generate(digest, 16, digest); |
| 477 } | 477 } |
| 478 } | 478 } |
| 479 uint8_t enckey[32]; | 479 uint8_t enckey[32]; |
| 480 FXSYS_memset(enckey, 0, sizeof(enckey)); | 480 FXSYS_memset(enckey, 0, sizeof(enckey)); |
| 481 FX_DWORD copy_len = key_len; | 481 uint32_t copy_len = key_len; |
| 482 if (copy_len > sizeof(digest)) { | 482 if (copy_len > sizeof(digest)) { |
| 483 copy_len = sizeof(digest); | 483 copy_len = sizeof(digest); |
| 484 } | 484 } |
| 485 FXSYS_memcpy(enckey, digest, copy_len); | 485 FXSYS_memcpy(enckey, digest, copy_len); |
| 486 int okeylen = okey.GetLength(); | 486 int okeylen = okey.GetLength(); |
| 487 if (okeylen > 32) { | 487 if (okeylen > 32) { |
| 488 okeylen = 32; | 488 okeylen = 32; |
| 489 } | 489 } |
| 490 uint8_t okeybuf[64]; | 490 uint8_t okeybuf[64]; |
| 491 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); | 491 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 503 } | 503 } |
| 504 } | 504 } |
| 505 int len = 32; | 505 int len = 32; |
| 506 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { | 506 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
| 507 len--; | 507 len--; |
| 508 } | 508 } |
| 509 return CFX_ByteString(okeybuf, len); | 509 return CFX_ByteString(okeybuf, len); |
| 510 } | 510 } |
| 511 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( | 511 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( |
| 512 const uint8_t* password, | 512 const uint8_t* password, |
| 513 FX_DWORD pass_size, | 513 uint32_t pass_size, |
| 514 uint8_t* key, | 514 uint8_t* key, |
| 515 int32_t key_len) { | 515 int32_t key_len) { |
| 516 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); | 516 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
| 517 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, | 517 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, |
| 518 key_len)) { | 518 key_len)) { |
| 519 return TRUE; | 519 return TRUE; |
| 520 } | 520 } |
| 521 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, | 521 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, |
| 522 key_len); | 522 key_len); |
| 523 } | 523 } |
| 524 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { | 524 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { |
| 525 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); | 525 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); |
| 526 } | 526 } |
| 527 | 527 |
| 528 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 528 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
| 529 CPDF_Array* pIdArray, | 529 CPDF_Array* pIdArray, |
| 530 const uint8_t* user_pass, | 530 const uint8_t* user_pass, |
| 531 FX_DWORD user_size, | 531 uint32_t user_size, |
| 532 const uint8_t* owner_pass, | 532 const uint8_t* owner_pass, |
| 533 FX_DWORD owner_size, | 533 uint32_t owner_size, |
| 534 FX_BOOL bDefault, | 534 FX_BOOL bDefault, |
| 535 FX_DWORD type) { | 535 uint32_t type) { |
| 536 int cipher = 0, key_len = 0; | 536 int cipher = 0, key_len = 0; |
| 537 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { | 537 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
| 538 return; | 538 return; |
| 539 } | 539 } |
| 540 if (bDefault && (!owner_pass || owner_size == 0)) { | 540 if (bDefault && (!owner_pass || owner_size == 0)) { |
| 541 owner_pass = user_pass; | 541 owner_pass = user_pass; |
| 542 owner_size = user_size; | 542 owner_size = user_size; |
| 543 } | 543 } |
| 544 if (m_Revision >= 5) { | 544 if (m_Revision >= 5) { |
| 545 int t = (int)time(NULL); | 545 int t = (int)time(NULL); |
| 546 uint8_t sha[128]; | 546 uint8_t sha[128]; |
| 547 CRYPT_SHA256Start(sha); | 547 CRYPT_SHA256Start(sha); |
| 548 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); | 548 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
| 549 CRYPT_SHA256Update(sha, m_EncryptKey, 32); | 549 CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
| 550 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); | 550 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
| 551 CRYPT_SHA256Finish(sha, m_EncryptKey); | 551 CRYPT_SHA256Finish(sha, m_EncryptKey); |
| 552 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); | 552 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
| 553 if (bDefault) { | 553 if (bDefault) { |
| 554 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, | 554 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, |
| 555 m_EncryptKey); | 555 m_EncryptKey); |
| 556 AES256_SetPerms(pEncryptDict, m_Permissions, | 556 AES256_SetPerms(pEncryptDict, m_Permissions, |
| 557 pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE), | 557 pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE), |
| 558 m_EncryptKey); | 558 m_EncryptKey); |
| 559 } | 559 } |
| 560 return; | 560 return; |
| 561 } | 561 } |
| 562 if (bDefault) { | 562 if (bDefault) { |
| 563 uint8_t passcode[32]; | 563 uint8_t passcode[32]; |
| 564 FX_DWORD i; | 564 uint32_t i; |
| 565 for (i = 0; i < 32; i++) { | 565 for (i = 0; i < 32; i++) { |
| 566 passcode[i] = | 566 passcode[i] = |
| 567 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; | 567 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
| 568 } | 568 } |
| 569 uint8_t digest[16]; | 569 uint8_t digest[16]; |
| 570 CRYPT_MD5Generate(passcode, 32, digest); | 570 CRYPT_MD5Generate(passcode, 32, digest); |
| 571 if (m_Revision >= 3) { | 571 if (m_Revision >= 3) { |
| 572 for (int i = 0; i < 50; i++) { | 572 for (int i = 0; i < 50; i++) { |
| 573 CRYPT_MD5Generate(digest, 16, digest); | 573 CRYPT_MD5Generate(digest, 16, digest); |
| 574 } | 574 } |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 615 } | 615 } |
| 616 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); | 616 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
| 617 } | 617 } |
| 618 CRYPT_MD5Generate(digest, 16, digest + 16); | 618 CRYPT_MD5Generate(digest, 16, digest + 16); |
| 619 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); | 619 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); |
| 620 } | 620 } |
| 621 } | 621 } |
| 622 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 622 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
| 623 CPDF_Array* pIdArray, | 623 CPDF_Array* pIdArray, |
| 624 const uint8_t* user_pass, | 624 const uint8_t* user_pass, |
| 625 FX_DWORD user_size, | 625 uint32_t user_size, |
| 626 const uint8_t* owner_pass, | 626 const uint8_t* owner_pass, |
| 627 FX_DWORD owner_size, | 627 uint32_t owner_size, |
| 628 FX_DWORD type) { | 628 uint32_t type) { |
| 629 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, | 629 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
| 630 TRUE, type); | 630 TRUE, type); |
| 631 } | 631 } |
| 632 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 632 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
| 633 CPDF_Array* pIdArray, | 633 CPDF_Array* pIdArray, |
| 634 const uint8_t* user_pass, | 634 const uint8_t* user_pass, |
| 635 FX_DWORD user_size, | 635 uint32_t user_size, |
| 636 FX_DWORD type) { | 636 uint32_t type) { |
| 637 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); | 637 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
| 638 } | 638 } |
| 639 void CPDF_StandardSecurityHandler::AES256_SetPassword( | 639 void CPDF_StandardSecurityHandler::AES256_SetPassword( |
| 640 CPDF_Dictionary* pEncryptDict, | 640 CPDF_Dictionary* pEncryptDict, |
| 641 const uint8_t* password, | 641 const uint8_t* password, |
| 642 FX_DWORD size, | 642 uint32_t size, |
| 643 FX_BOOL bOwner, | 643 FX_BOOL bOwner, |
| 644 const uint8_t* key) { | 644 const uint8_t* key) { |
| 645 uint8_t sha[128]; | 645 uint8_t sha[128]; |
| 646 CRYPT_SHA1Start(sha); | 646 CRYPT_SHA1Start(sha); |
| 647 CRYPT_SHA1Update(sha, key, 32); | 647 CRYPT_SHA1Update(sha, key, 32); |
| 648 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); | 648 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
| 649 uint8_t digest[20]; | 649 uint8_t digest[20]; |
| 650 CRYPT_SHA1Finish(sha, digest); | 650 CRYPT_SHA1Finish(sha, digest); |
| 651 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); | 651 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); |
| 652 uint8_t digest1[48]; | 652 uint8_t digest1[48]; |
| (...skipping 27 matching lines...) Expand all Loading... |
| 680 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); | 680 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
| 681 uint8_t iv[16]; | 681 uint8_t iv[16]; |
| 682 FXSYS_memset(iv, 0, 16); | 682 FXSYS_memset(iv, 0, 16); |
| 683 CRYPT_AESSetIV(aes, iv); | 683 CRYPT_AESSetIV(aes, iv); |
| 684 CRYPT_AESEncrypt(aes, digest1, key, 32); | 684 CRYPT_AESEncrypt(aes, digest1, key, 32); |
| 685 FX_Free(aes); | 685 FX_Free(aes); |
| 686 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); | 686 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); |
| 687 } | 687 } |
| 688 void CPDF_StandardSecurityHandler::AES256_SetPerms( | 688 void CPDF_StandardSecurityHandler::AES256_SetPerms( |
| 689 CPDF_Dictionary* pEncryptDict, | 689 CPDF_Dictionary* pEncryptDict, |
| 690 FX_DWORD permissions, | 690 uint32_t permissions, |
| 691 FX_BOOL bEncryptMetadata, | 691 FX_BOOL bEncryptMetadata, |
| 692 const uint8_t* key) { | 692 const uint8_t* key) { |
| 693 uint8_t buf[16]; | 693 uint8_t buf[16]; |
| 694 buf[0] = (uint8_t)permissions; | 694 buf[0] = (uint8_t)permissions; |
| 695 buf[1] = (uint8_t)(permissions >> 8); | 695 buf[1] = (uint8_t)(permissions >> 8); |
| 696 buf[2] = (uint8_t)(permissions >> 16); | 696 buf[2] = (uint8_t)(permissions >> 16); |
| 697 buf[3] = (uint8_t)(permissions >> 24); | 697 buf[3] = (uint8_t)(permissions >> 24); |
| 698 buf[4] = 0xff; | 698 buf[4] = 0xff; |
| 699 buf[5] = 0xff; | 699 buf[5] = 0xff; |
| 700 buf[6] = 0xff; | 700 buf[6] = 0xff; |
| 701 buf[7] = 0xff; | 701 buf[7] = 0xff; |
| 702 buf[8] = bEncryptMetadata ? 'T' : 'F'; | 702 buf[8] = bEncryptMetadata ? 'T' : 'F'; |
| 703 buf[9] = 'a'; | 703 buf[9] = 'a'; |
| 704 buf[10] = 'd'; | 704 buf[10] = 'd'; |
| 705 buf[11] = 'b'; | 705 buf[11] = 'b'; |
| 706 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 706 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 707 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); | 707 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
| 708 uint8_t iv[16], buf1[16]; | 708 uint8_t iv[16], buf1[16]; |
| 709 FXSYS_memset(iv, 0, 16); | 709 FXSYS_memset(iv, 0, 16); |
| 710 CRYPT_AESSetIV(aes, iv); | 710 CRYPT_AESSetIV(aes, iv); |
| 711 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 711 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
| 712 FX_Free(aes); | 712 FX_Free(aes); |
| 713 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); | 713 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); |
| 714 } | 714 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1832173003:
Remove FX_DWORD from core/ and delete definition (Closed)
Base URL: https://pdfium.googlesource.com/pdfium.git@master