OLD | NEW |
1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
6 | 6 |
7 #include "core/fpdfapi/fpdf_parser/cpdf_standard_security_handler.h" | 7 #include "core/fpdfapi/fpdf_parser/cpdf_standard_security_handler.h" |
8 | 8 |
9 #include <time.h> | 9 #include <time.h> |
10 | 10 |
11 #include "core/fdrm/crypto/include/fx_crypt.h" | 11 #include "core/fdrm/crypto/include/fx_crypt.h" |
12 #include "core/fpdfapi/fpdf_parser/cpdf_standard_crypto_handler.h" | 12 #include "core/fpdfapi/fpdf_parser/cpdf_standard_crypto_handler.h" |
13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" | 13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" |
14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" | 14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" |
15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" | 15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" |
16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" | 16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" |
17 | 17 |
18 namespace { | 18 namespace { |
19 | 19 |
20 const uint8_t defpasscode[32] = { | 20 const uint8_t defpasscode[32] = { |
21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, | 21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, |
22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, | 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; | 23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; |
24 | 24 |
25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, | 25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, |
26 const uint8_t* password, | 26 const uint8_t* password, |
27 FX_DWORD pass_size, | 27 uint32_t pass_size, |
28 uint8_t* key, | 28 uint8_t* key, |
29 int keylen, | 29 int keylen, |
30 FX_BOOL bIgnoreMeta, | 30 FX_BOOL bIgnoreMeta, |
31 CPDF_Array* pIdArray) { | 31 CPDF_Array* pIdArray) { |
32 int revision = pEncrypt->GetIntegerBy("R"); | 32 int revision = pEncrypt->GetIntegerBy("R"); |
33 uint8_t passcode[32]; | 33 uint8_t passcode[32]; |
34 for (FX_DWORD i = 0; i < 32; i++) { | 34 for (uint32_t i = 0; i < 32; i++) { |
35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; | 35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
36 } | 36 } |
37 uint8_t md5[100]; | 37 uint8_t md5[100]; |
38 CRYPT_MD5Start(md5); | 38 CRYPT_MD5Start(md5); |
39 CRYPT_MD5Update(md5, passcode, 32); | 39 CRYPT_MD5Update(md5, passcode, 32); |
40 CFX_ByteString okey = pEncrypt->GetStringBy("O"); | 40 CFX_ByteString okey = pEncrypt->GetStringBy("O"); |
41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); | 41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
42 FX_DWORD perm = pEncrypt->GetIntegerBy("P"); | 42 uint32_t perm = pEncrypt->GetIntegerBy("P"); |
43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); | 43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
44 if (pIdArray) { | 44 if (pIdArray) { |
45 CFX_ByteString id = pIdArray->GetStringAt(0); | 45 CFX_ByteString id = pIdArray->GetStringAt(0); |
46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
47 } | 47 } |
48 if (!bIgnoreMeta && revision >= 3 && | 48 if (!bIgnoreMeta && revision >= 3 && |
49 !pEncrypt->GetIntegerBy("EncryptMetadata", 1)) { | 49 !pEncrypt->GetIntegerBy("EncryptMetadata", 1)) { |
50 FX_DWORD tag = (FX_DWORD)-1; | 50 uint32_t tag = (uint32_t)-1; |
51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); | 51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
52 } | 52 } |
53 uint8_t digest[16]; | 53 uint8_t digest[16]; |
54 CRYPT_MD5Finish(md5, digest); | 54 CRYPT_MD5Finish(md5, digest); |
55 FX_DWORD copy_len = keylen; | 55 uint32_t copy_len = keylen; |
56 if (copy_len > sizeof(digest)) { | 56 if (copy_len > sizeof(digest)) { |
57 copy_len = sizeof(digest); | 57 copy_len = sizeof(digest); |
58 } | 58 } |
59 if (revision >= 3) { | 59 if (revision >= 3) { |
60 for (int i = 0; i < 50; i++) { | 60 for (int i = 0; i < 50; i++) { |
61 CRYPT_MD5Generate(digest, copy_len, digest); | 61 CRYPT_MD5Generate(digest, copy_len, digest); |
62 } | 62 } |
63 } | 63 } |
64 FXSYS_memset(key, 0, keylen); | 64 FXSYS_memset(key, 0, keylen); |
65 FXSYS_memcpy(key, digest, copy_len); | 65 FXSYS_memcpy(key, digest, copy_len); |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
104 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, | 104 if (!CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
105 key_len)) { | 105 key_len)) { |
106 return FALSE; | 106 return FALSE; |
107 } | 107 } |
108 } | 108 } |
109 return TRUE; | 109 return TRUE; |
110 } | 110 } |
111 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, | 111 return CheckPassword(password, password.GetLength(), FALSE, m_EncryptKey, |
112 key_len); | 112 key_len); |
113 } | 113 } |
114 FX_DWORD CPDF_StandardSecurityHandler::GetPermissions() { | 114 uint32_t CPDF_StandardSecurityHandler::GetPermissions() { |
115 return m_Permissions; | 115 return m_Permissions; |
116 } | 116 } |
117 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, | 117 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
118 const CFX_ByteStringC& name, | 118 const CFX_ByteStringC& name, |
119 int& cipher, | 119 int& cipher, |
120 int& keylen) { | 120 int& keylen) { |
121 int Version = pEncryptDict->GetIntegerBy("V"); | 121 int Version = pEncryptDict->GetIntegerBy("V"); |
122 cipher = FXCIPHER_RC4; | 122 cipher = FXCIPHER_RC4; |
123 keylen = 0; | 123 keylen = 0; |
124 if (Version >= 4) { | 124 if (Version >= 4) { |
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
173 if (stmf_name != strf_name) { | 173 if (stmf_name != strf_name) { |
174 return FALSE; | 174 return FALSE; |
175 } | 175 } |
176 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { | 176 if (!_LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen)) { |
177 return FALSE; | 177 return FALSE; |
178 } | 178 } |
179 return TRUE; | 179 return TRUE; |
180 } | 180 } |
181 | 181 |
182 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, | 182 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
183 FX_DWORD type, | 183 uint32_t type, |
184 int& cipher, | 184 int& cipher, |
185 int& key_len) { | 185 int& key_len) { |
186 m_pEncryptDict = pEncryptDict; | 186 m_pEncryptDict = pEncryptDict; |
187 m_Version = pEncryptDict->GetIntegerBy("V"); | 187 m_Version = pEncryptDict->GetIntegerBy("V"); |
188 m_Revision = pEncryptDict->GetIntegerBy("R"); | 188 m_Revision = pEncryptDict->GetIntegerBy("R"); |
189 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 189 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); |
190 CFX_ByteString strf_name, stmf_name; | 190 CFX_ByteString strf_name, stmf_name; |
191 if (m_Version >= 4) { | 191 if (m_Version >= 4) { |
192 stmf_name = pEncryptDict->GetStringBy("StmF"); | 192 stmf_name = pEncryptDict->GetStringBy("StmF"); |
193 strf_name = pEncryptDict->GetStringBy("StrF"); | 193 strf_name = pEncryptDict->GetStringBy("StrF"); |
(...skipping 12 matching lines...) Expand all Loading... |
206 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, | 206 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, |
207 const uint8_t*& buffer, | 207 const uint8_t*& buffer, |
208 int& keylen) { | 208 int& keylen) { |
209 cipher = m_Cipher; | 209 cipher = m_Cipher; |
210 buffer = m_EncryptKey; | 210 buffer = m_EncryptKey; |
211 keylen = m_KeyLen; | 211 keylen = m_KeyLen; |
212 return TRUE; | 212 return TRUE; |
213 } | 213 } |
214 #define FX_GET_32WORD(n, b, i) \ | 214 #define FX_GET_32WORD(n, b, i) \ |
215 { \ | 215 { \ |
216 (n) = (FX_DWORD)( \ | 216 (n) = (uint32_t)( \ |
217 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ | 217 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ |
218 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ | 218 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ |
219 } | 219 } |
220 int BigOrder64BitsMod3(uint8_t* data) { | 220 int BigOrder64BitsMod3(uint8_t* data) { |
221 uint64_t ret = 0; | 221 uint64_t ret = 0; |
222 for (int i = 0; i < 4; ++i) { | 222 for (int i = 0; i < 4; ++i) { |
223 FX_DWORD value; | 223 uint32_t value; |
224 FX_GET_32WORD(value, data, 4 * i); | 224 FX_GET_32WORD(value, data, 4 * i); |
225 ret <<= 32; | 225 ret <<= 32; |
226 ret |= value; | 226 ret |= value; |
227 ret %= 3; | 227 ret %= 3; |
228 } | 228 } |
229 return (int)ret; | 229 return (int)ret; |
230 } | 230 } |
231 void Revision6_Hash(const uint8_t* password, | 231 void Revision6_Hash(const uint8_t* password, |
232 FX_DWORD size, | 232 uint32_t size, |
233 const uint8_t* salt, | 233 const uint8_t* salt, |
234 const uint8_t* vector, | 234 const uint8_t* vector, |
235 uint8_t* hash) { | 235 uint8_t* hash) { |
236 int iBlockSize = 32; | 236 int iBlockSize = 32; |
237 uint8_t sha[128]; | 237 uint8_t sha[128]; |
238 CRYPT_SHA256Start(sha); | 238 CRYPT_SHA256Start(sha); |
239 CRYPT_SHA256Update(sha, password, size); | 239 CRYPT_SHA256Update(sha, password, size); |
240 CRYPT_SHA256Update(sha, salt, 8); | 240 CRYPT_SHA256Update(sha, salt, 8); |
241 if (vector) { | 241 if (vector) { |
242 CRYPT_SHA256Update(sha, vector, 48); | 242 CRYPT_SHA256Update(sha, vector, 48); |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
299 iv = input + 16; | 299 iv = input + 16; |
300 ++i; | 300 ++i; |
301 } | 301 } |
302 FX_Free(aes); | 302 FX_Free(aes); |
303 if (hash) { | 303 if (hash) { |
304 FXSYS_memcpy(hash, input, 32); | 304 FXSYS_memcpy(hash, input, 32); |
305 } | 305 } |
306 } | 306 } |
307 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( | 307 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( |
308 const uint8_t* password, | 308 const uint8_t* password, |
309 FX_DWORD size, | 309 uint32_t size, |
310 FX_BOOL bOwner, | 310 FX_BOOL bOwner, |
311 uint8_t* key) { | 311 uint8_t* key) { |
312 CFX_ByteString okey = | 312 CFX_ByteString okey = |
313 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); | 313 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); |
314 if (okey.GetLength() < 48) { | 314 if (okey.GetLength() < 48) { |
315 return FALSE; | 315 return FALSE; |
316 } | 316 } |
317 CFX_ByteString ukey = | 317 CFX_ByteString ukey = |
318 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 318 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
319 if (ukey.GetLength() < 48) { | 319 if (ukey.GetLength() < 48) { |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
365 CRYPT_AESSetIV(aes, iv); | 365 CRYPT_AESSetIV(aes, iv); |
366 CRYPT_AESDecrypt(aes, key, ekey, 32); | 366 CRYPT_AESDecrypt(aes, key, ekey, 32); |
367 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); | 367 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
368 CRYPT_AESSetIV(aes, iv); | 368 CRYPT_AESSetIV(aes, iv); |
369 CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); | 369 CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); |
370 if (perms.IsEmpty()) { | 370 if (perms.IsEmpty()) { |
371 return FALSE; | 371 return FALSE; |
372 } | 372 } |
373 uint8_t perms_buf[16]; | 373 uint8_t perms_buf[16]; |
374 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); | 374 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
375 FX_DWORD copy_len = sizeof(perms_buf); | 375 uint32_t copy_len = sizeof(perms_buf); |
376 if (copy_len > (FX_DWORD)perms.GetLength()) { | 376 if (copy_len > (uint32_t)perms.GetLength()) { |
377 copy_len = perms.GetLength(); | 377 copy_len = perms.GetLength(); |
378 } | 378 } |
379 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); | 379 FXSYS_memcpy(perms_buf, (const uint8_t*)perms, copy_len); |
380 uint8_t buf[16]; | 380 uint8_t buf[16]; |
381 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); | 381 CRYPT_AESDecrypt(aes, buf, perms_buf, 16); |
382 FX_Free(aes); | 382 FX_Free(aes); |
383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { | 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { |
384 return FALSE; | 384 return FALSE; |
385 } | 385 } |
386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { | 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
387 return FALSE; | 387 return FALSE; |
388 } | 388 } |
389 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || | 389 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || |
390 (buf[8] == 'F' && IsMetadataEncrypted())) { | 390 (buf[8] == 'F' && IsMetadataEncrypted())) { |
391 return FALSE; | 391 return FALSE; |
392 } | 392 } |
393 return TRUE; | 393 return TRUE; |
394 } | 394 } |
395 | 395 |
396 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, | 396 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, |
397 FX_DWORD size, | 397 uint32_t size, |
398 FX_BOOL bOwner, | 398 FX_BOOL bOwner, |
399 uint8_t* key, | 399 uint8_t* key, |
400 int32_t key_len) { | 400 int32_t key_len) { |
401 if (m_Revision >= 5) { | 401 if (m_Revision >= 5) { |
402 return AES256_CheckPassword(password, size, bOwner, key); | 402 return AES256_CheckPassword(password, size, bOwner, key); |
403 } | 403 } |
404 uint8_t keybuf[32]; | 404 uint8_t keybuf[32]; |
405 if (!key) { | 405 if (!key) { |
406 key = keybuf; | 406 key = keybuf; |
407 } | 407 } |
408 if (bOwner) { | 408 if (bOwner) { |
409 return CheckOwnerPassword(password, size, key, key_len); | 409 return CheckOwnerPassword(password, size, key, key_len); |
410 } | 410 } |
411 return CheckUserPassword(password, size, FALSE, key, key_len) || | 411 return CheckUserPassword(password, size, FALSE, key, key_len) || |
412 CheckUserPassword(password, size, TRUE, key, key_len); | 412 CheckUserPassword(password, size, TRUE, key, key_len); |
413 } | 413 } |
414 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( | 414 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( |
415 const uint8_t* password, | 415 const uint8_t* password, |
416 FX_DWORD pass_size, | 416 uint32_t pass_size, |
417 FX_BOOL bIgnoreEncryptMeta, | 417 FX_BOOL bIgnoreEncryptMeta, |
418 uint8_t* key, | 418 uint8_t* key, |
419 int32_t key_len) { | 419 int32_t key_len) { |
420 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, | 420 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
421 bIgnoreEncryptMeta, m_pParser->GetIDArray()); | 421 bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
422 CFX_ByteString ukey = | 422 CFX_ByteString ukey = |
423 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 423 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
424 if (ukey.GetLength() < 16) { | 424 if (ukey.GetLength() < 16) { |
425 return FALSE; | 425 return FALSE; |
426 } | 426 } |
427 uint8_t ukeybuf[32]; | 427 uint8_t ukeybuf[32]; |
428 if (m_Revision == 2) { | 428 if (m_Revision == 2) { |
429 FXSYS_memcpy(ukeybuf, defpasscode, 32); | 429 FXSYS_memcpy(ukeybuf, defpasscode, 32); |
430 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); | 430 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
431 } else { | 431 } else { |
432 uint8_t test[32], tmpkey[32]; | 432 uint8_t test[32], tmpkey[32]; |
433 FX_DWORD copy_len = sizeof(test); | 433 uint32_t copy_len = sizeof(test); |
434 if (copy_len > (FX_DWORD)ukey.GetLength()) { | 434 if (copy_len > (uint32_t)ukey.GetLength()) { |
435 copy_len = ukey.GetLength(); | 435 copy_len = ukey.GetLength(); |
436 } | 436 } |
437 FXSYS_memset(test, 0, sizeof(test)); | 437 FXSYS_memset(test, 0, sizeof(test)); |
438 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); | 438 FXSYS_memset(tmpkey, 0, sizeof(tmpkey)); |
439 FXSYS_memcpy(test, ukey.c_str(), copy_len); | 439 FXSYS_memcpy(test, ukey.c_str(), copy_len); |
440 for (int i = 19; i >= 0; i--) { | 440 for (int i = 19; i >= 0; i--) { |
441 for (int j = 0; j < key_len; j++) { | 441 for (int j = 0; j < key_len; j++) { |
442 tmpkey[j] = key[j] ^ i; | 442 tmpkey[j] = key[j] ^ i; |
443 } | 443 } |
444 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); | 444 CRYPT_ArcFourCryptBlock(test, 32, tmpkey, key_len); |
445 } | 445 } |
446 uint8_t md5[100]; | 446 uint8_t md5[100]; |
447 CRYPT_MD5Start(md5); | 447 CRYPT_MD5Start(md5); |
448 CRYPT_MD5Update(md5, defpasscode, 32); | 448 CRYPT_MD5Update(md5, defpasscode, 32); |
449 CPDF_Array* pIdArray = m_pParser->GetIDArray(); | 449 CPDF_Array* pIdArray = m_pParser->GetIDArray(); |
450 if (pIdArray) { | 450 if (pIdArray) { |
451 CFX_ByteString id = pIdArray->GetStringAt(0); | 451 CFX_ByteString id = pIdArray->GetStringAt(0); |
452 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 452 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
453 } | 453 } |
454 CRYPT_MD5Finish(md5, ukeybuf); | 454 CRYPT_MD5Finish(md5, ukeybuf); |
455 return FXSYS_memcmp(test, ukeybuf, 16) == 0; | 455 return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
456 } | 456 } |
457 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { | 457 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
458 return TRUE; | 458 return TRUE; |
459 } | 459 } |
460 return FALSE; | 460 return FALSE; |
461 } | 461 } |
462 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( | 462 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( |
463 const uint8_t* owner_pass, | 463 const uint8_t* owner_pass, |
464 FX_DWORD pass_size, | 464 uint32_t pass_size, |
465 int32_t key_len) { | 465 int32_t key_len) { |
466 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); | 466 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); |
467 uint8_t passcode[32]; | 467 uint8_t passcode[32]; |
468 FX_DWORD i; | 468 uint32_t i; |
469 for (i = 0; i < 32; i++) { | 469 for (i = 0; i < 32; i++) { |
470 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; | 470 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
471 } | 471 } |
472 uint8_t digest[16]; | 472 uint8_t digest[16]; |
473 CRYPT_MD5Generate(passcode, 32, digest); | 473 CRYPT_MD5Generate(passcode, 32, digest); |
474 if (m_Revision >= 3) { | 474 if (m_Revision >= 3) { |
475 for (int i = 0; i < 50; i++) { | 475 for (int i = 0; i < 50; i++) { |
476 CRYPT_MD5Generate(digest, 16, digest); | 476 CRYPT_MD5Generate(digest, 16, digest); |
477 } | 477 } |
478 } | 478 } |
479 uint8_t enckey[32]; | 479 uint8_t enckey[32]; |
480 FXSYS_memset(enckey, 0, sizeof(enckey)); | 480 FXSYS_memset(enckey, 0, sizeof(enckey)); |
481 FX_DWORD copy_len = key_len; | 481 uint32_t copy_len = key_len; |
482 if (copy_len > sizeof(digest)) { | 482 if (copy_len > sizeof(digest)) { |
483 copy_len = sizeof(digest); | 483 copy_len = sizeof(digest); |
484 } | 484 } |
485 FXSYS_memcpy(enckey, digest, copy_len); | 485 FXSYS_memcpy(enckey, digest, copy_len); |
486 int okeylen = okey.GetLength(); | 486 int okeylen = okey.GetLength(); |
487 if (okeylen > 32) { | 487 if (okeylen > 32) { |
488 okeylen = 32; | 488 okeylen = 32; |
489 } | 489 } |
490 uint8_t okeybuf[64]; | 490 uint8_t okeybuf[64]; |
491 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); | 491 FXSYS_memset(okeybuf, 0, sizeof(okeybuf)); |
(...skipping 11 matching lines...) Expand all Loading... |
503 } | 503 } |
504 } | 504 } |
505 int len = 32; | 505 int len = 32; |
506 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { | 506 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
507 len--; | 507 len--; |
508 } | 508 } |
509 return CFX_ByteString(okeybuf, len); | 509 return CFX_ByteString(okeybuf, len); |
510 } | 510 } |
511 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( | 511 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( |
512 const uint8_t* password, | 512 const uint8_t* password, |
513 FX_DWORD pass_size, | 513 uint32_t pass_size, |
514 uint8_t* key, | 514 uint8_t* key, |
515 int32_t key_len) { | 515 int32_t key_len) { |
516 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); | 516 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
517 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, | 517 if (CheckUserPassword(user_pass, user_pass.GetLength(), FALSE, key, |
518 key_len)) { | 518 key_len)) { |
519 return TRUE; | 519 return TRUE; |
520 } | 520 } |
521 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, | 521 return CheckUserPassword(user_pass, user_pass.GetLength(), TRUE, key, |
522 key_len); | 522 key_len); |
523 } | 523 } |
524 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { | 524 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { |
525 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); | 525 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); |
526 } | 526 } |
527 | 527 |
528 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 528 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
529 CPDF_Array* pIdArray, | 529 CPDF_Array* pIdArray, |
530 const uint8_t* user_pass, | 530 const uint8_t* user_pass, |
531 FX_DWORD user_size, | 531 uint32_t user_size, |
532 const uint8_t* owner_pass, | 532 const uint8_t* owner_pass, |
533 FX_DWORD owner_size, | 533 uint32_t owner_size, |
534 FX_BOOL bDefault, | 534 FX_BOOL bDefault, |
535 FX_DWORD type) { | 535 uint32_t type) { |
536 int cipher = 0, key_len = 0; | 536 int cipher = 0, key_len = 0; |
537 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { | 537 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
538 return; | 538 return; |
539 } | 539 } |
540 if (bDefault && (!owner_pass || owner_size == 0)) { | 540 if (bDefault && (!owner_pass || owner_size == 0)) { |
541 owner_pass = user_pass; | 541 owner_pass = user_pass; |
542 owner_size = user_size; | 542 owner_size = user_size; |
543 } | 543 } |
544 if (m_Revision >= 5) { | 544 if (m_Revision >= 5) { |
545 int t = (int)time(NULL); | 545 int t = (int)time(NULL); |
546 uint8_t sha[128]; | 546 uint8_t sha[128]; |
547 CRYPT_SHA256Start(sha); | 547 CRYPT_SHA256Start(sha); |
548 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); | 548 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
549 CRYPT_SHA256Update(sha, m_EncryptKey, 32); | 549 CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
550 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); | 550 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
551 CRYPT_SHA256Finish(sha, m_EncryptKey); | 551 CRYPT_SHA256Finish(sha, m_EncryptKey); |
552 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); | 552 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
553 if (bDefault) { | 553 if (bDefault) { |
554 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, | 554 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, |
555 m_EncryptKey); | 555 m_EncryptKey); |
556 AES256_SetPerms(pEncryptDict, m_Permissions, | 556 AES256_SetPerms(pEncryptDict, m_Permissions, |
557 pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE), | 557 pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE), |
558 m_EncryptKey); | 558 m_EncryptKey); |
559 } | 559 } |
560 return; | 560 return; |
561 } | 561 } |
562 if (bDefault) { | 562 if (bDefault) { |
563 uint8_t passcode[32]; | 563 uint8_t passcode[32]; |
564 FX_DWORD i; | 564 uint32_t i; |
565 for (i = 0; i < 32; i++) { | 565 for (i = 0; i < 32; i++) { |
566 passcode[i] = | 566 passcode[i] = |
567 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; | 567 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
568 } | 568 } |
569 uint8_t digest[16]; | 569 uint8_t digest[16]; |
570 CRYPT_MD5Generate(passcode, 32, digest); | 570 CRYPT_MD5Generate(passcode, 32, digest); |
571 if (m_Revision >= 3) { | 571 if (m_Revision >= 3) { |
572 for (int i = 0; i < 50; i++) { | 572 for (int i = 0; i < 50; i++) { |
573 CRYPT_MD5Generate(digest, 16, digest); | 573 CRYPT_MD5Generate(digest, 16, digest); |
574 } | 574 } |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
615 } | 615 } |
616 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); | 616 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
617 } | 617 } |
618 CRYPT_MD5Generate(digest, 16, digest + 16); | 618 CRYPT_MD5Generate(digest, 16, digest + 16); |
619 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); | 619 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); |
620 } | 620 } |
621 } | 621 } |
622 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 622 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
623 CPDF_Array* pIdArray, | 623 CPDF_Array* pIdArray, |
624 const uint8_t* user_pass, | 624 const uint8_t* user_pass, |
625 FX_DWORD user_size, | 625 uint32_t user_size, |
626 const uint8_t* owner_pass, | 626 const uint8_t* owner_pass, |
627 FX_DWORD owner_size, | 627 uint32_t owner_size, |
628 FX_DWORD type) { | 628 uint32_t type) { |
629 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, | 629 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
630 TRUE, type); | 630 TRUE, type); |
631 } | 631 } |
632 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 632 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
633 CPDF_Array* pIdArray, | 633 CPDF_Array* pIdArray, |
634 const uint8_t* user_pass, | 634 const uint8_t* user_pass, |
635 FX_DWORD user_size, | 635 uint32_t user_size, |
636 FX_DWORD type) { | 636 uint32_t type) { |
637 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); | 637 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
638 } | 638 } |
639 void CPDF_StandardSecurityHandler::AES256_SetPassword( | 639 void CPDF_StandardSecurityHandler::AES256_SetPassword( |
640 CPDF_Dictionary* pEncryptDict, | 640 CPDF_Dictionary* pEncryptDict, |
641 const uint8_t* password, | 641 const uint8_t* password, |
642 FX_DWORD size, | 642 uint32_t size, |
643 FX_BOOL bOwner, | 643 FX_BOOL bOwner, |
644 const uint8_t* key) { | 644 const uint8_t* key) { |
645 uint8_t sha[128]; | 645 uint8_t sha[128]; |
646 CRYPT_SHA1Start(sha); | 646 CRYPT_SHA1Start(sha); |
647 CRYPT_SHA1Update(sha, key, 32); | 647 CRYPT_SHA1Update(sha, key, 32); |
648 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); | 648 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
649 uint8_t digest[20]; | 649 uint8_t digest[20]; |
650 CRYPT_SHA1Finish(sha, digest); | 650 CRYPT_SHA1Finish(sha, digest); |
651 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); | 651 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); |
652 uint8_t digest1[48]; | 652 uint8_t digest1[48]; |
(...skipping 27 matching lines...) Expand all Loading... |
680 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); | 680 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
681 uint8_t iv[16]; | 681 uint8_t iv[16]; |
682 FXSYS_memset(iv, 0, 16); | 682 FXSYS_memset(iv, 0, 16); |
683 CRYPT_AESSetIV(aes, iv); | 683 CRYPT_AESSetIV(aes, iv); |
684 CRYPT_AESEncrypt(aes, digest1, key, 32); | 684 CRYPT_AESEncrypt(aes, digest1, key, 32); |
685 FX_Free(aes); | 685 FX_Free(aes); |
686 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); | 686 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); |
687 } | 687 } |
688 void CPDF_StandardSecurityHandler::AES256_SetPerms( | 688 void CPDF_StandardSecurityHandler::AES256_SetPerms( |
689 CPDF_Dictionary* pEncryptDict, | 689 CPDF_Dictionary* pEncryptDict, |
690 FX_DWORD permissions, | 690 uint32_t permissions, |
691 FX_BOOL bEncryptMetadata, | 691 FX_BOOL bEncryptMetadata, |
692 const uint8_t* key) { | 692 const uint8_t* key) { |
693 uint8_t buf[16]; | 693 uint8_t buf[16]; |
694 buf[0] = (uint8_t)permissions; | 694 buf[0] = (uint8_t)permissions; |
695 buf[1] = (uint8_t)(permissions >> 8); | 695 buf[1] = (uint8_t)(permissions >> 8); |
696 buf[2] = (uint8_t)(permissions >> 16); | 696 buf[2] = (uint8_t)(permissions >> 16); |
697 buf[3] = (uint8_t)(permissions >> 24); | 697 buf[3] = (uint8_t)(permissions >> 24); |
698 buf[4] = 0xff; | 698 buf[4] = 0xff; |
699 buf[5] = 0xff; | 699 buf[5] = 0xff; |
700 buf[6] = 0xff; | 700 buf[6] = 0xff; |
701 buf[7] = 0xff; | 701 buf[7] = 0xff; |
702 buf[8] = bEncryptMetadata ? 'T' : 'F'; | 702 buf[8] = bEncryptMetadata ? 'T' : 'F'; |
703 buf[9] = 'a'; | 703 buf[9] = 'a'; |
704 buf[10] = 'd'; | 704 buf[10] = 'd'; |
705 buf[11] = 'b'; | 705 buf[11] = 'b'; |
706 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 706 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
707 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); | 707 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
708 uint8_t iv[16], buf1[16]; | 708 uint8_t iv[16], buf1[16]; |
709 FXSYS_memset(iv, 0, 16); | 709 FXSYS_memset(iv, 0, 16); |
710 CRYPT_AESSetIV(aes, iv); | 710 CRYPT_AESSetIV(aes, iv); |
711 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 711 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
712 FX_Free(aes); | 712 FX_Free(aes); |
713 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); | 713 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); |
714 } | 714 } |
OLD | NEW |