OLD | NEW |
1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
6 | 6 |
7 #include "core/fpdfapi/fpdf_parser/cpdf_standard_security_handler.h" | 7 #include "core/fpdfapi/fpdf_parser/cpdf_security_handler.h" |
8 | 8 |
9 #include <time.h> | 9 #include <time.h> |
10 | 10 |
11 #include "core/fdrm/crypto/include/fx_crypt.h" | 11 #include "core/fdrm/crypto/include/fx_crypt.h" |
12 #include "core/fpdfapi/fpdf_parser/cpdf_standard_crypto_handler.h" | 12 #include "core/fpdfapi/fpdf_parser/cpdf_crypto_handler.h" |
13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" | 13 #include "core/fpdfapi/fpdf_parser/include/cpdf_array.h" |
14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" | 14 #include "core/fpdfapi/fpdf_parser/include/cpdf_dictionary.h" |
15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" | 15 #include "core/fpdfapi/fpdf_parser/include/cpdf_object.h" |
16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" | 16 #include "core/fpdfapi/fpdf_parser/include/cpdf_parser.h" |
17 | 17 |
18 namespace { | 18 namespace { |
19 | 19 |
20 const uint8_t defpasscode[32] = { | 20 const uint8_t defpasscode[32] = { |
21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, | 21 0x28, 0xbf, 0x4e, 0x5e, 0x4e, 0x75, 0x8a, 0x41, 0x64, 0x00, 0x4e, |
22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, | 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
60 for (int i = 0; i < 50; i++) { | 60 for (int i = 0; i < 50; i++) { |
61 CRYPT_MD5Generate(digest, copy_len, digest); | 61 CRYPT_MD5Generate(digest, copy_len, digest); |
62 } | 62 } |
63 } | 63 } |
64 FXSYS_memset(key, 0, keylen); | 64 FXSYS_memset(key, 0, keylen); |
65 FXSYS_memcpy(key, digest, copy_len); | 65 FXSYS_memcpy(key, digest, copy_len); |
66 } | 66 } |
67 | 67 |
68 } // namespace | 68 } // namespace |
69 | 69 |
70 IPDF_SecurityHandler::~IPDF_SecurityHandler() {} | 70 CPDF_SecurityHandler::CPDF_SecurityHandler() { |
71 | |
72 CPDF_StandardSecurityHandler::CPDF_StandardSecurityHandler() { | |
73 m_Version = 0; | 71 m_Version = 0; |
74 m_Revision = 0; | 72 m_Revision = 0; |
75 m_pParser = NULL; | 73 m_pParser = NULL; |
76 m_pEncryptDict = NULL; | 74 m_pEncryptDict = NULL; |
77 m_Permissions = 0; | 75 m_Permissions = 0; |
78 m_Cipher = FXCIPHER_NONE; | 76 m_Cipher = FXCIPHER_NONE; |
79 m_KeyLen = 0; | 77 m_KeyLen = 0; |
80 } | 78 } |
81 | 79 |
82 CPDF_StandardSecurityHandler::~CPDF_StandardSecurityHandler() {} | 80 CPDF_SecurityHandler::~CPDF_SecurityHandler() {} |
83 | 81 |
84 IPDF_CryptoHandler* CPDF_StandardSecurityHandler::CreateCryptoHandler() { | 82 CPDF_CryptoHandler* CPDF_SecurityHandler::CreateCryptoHandler() { |
85 return new CPDF_StandardCryptoHandler; | 83 return new CPDF_CryptoHandler; |
86 } | 84 } |
87 | 85 |
88 FX_BOOL CPDF_StandardSecurityHandler::OnInit(CPDF_Parser* pParser, | 86 FX_BOOL CPDF_SecurityHandler::OnInit(CPDF_Parser* pParser, |
89 CPDF_Dictionary* pEncryptDict) { | 87 CPDF_Dictionary* pEncryptDict) { |
90 m_pParser = pParser; | 88 m_pParser = pParser; |
91 if (!LoadDict(pEncryptDict)) { | 89 if (!LoadDict(pEncryptDict)) { |
92 return FALSE; | 90 return FALSE; |
93 } | 91 } |
94 if (m_Cipher == FXCIPHER_NONE) { | 92 if (m_Cipher == FXCIPHER_NONE) { |
95 return TRUE; | 93 return TRUE; |
96 } | 94 } |
97 return CheckSecurity(m_KeyLen); | 95 return CheckSecurity(m_KeyLen); |
98 } | 96 } |
99 FX_BOOL CPDF_StandardSecurityHandler::CheckSecurity(int32_t key_len) { | 97 FX_BOOL CPDF_SecurityHandler::CheckSecurity(int32_t key_len) { |
100 CFX_ByteString password = m_pParser->GetPassword(); | 98 CFX_ByteString password = m_pParser->GetPassword(); |
101 if (CheckPassword(password.raw_str(), password.GetLength(), TRUE, | 99 if (CheckPassword(password.raw_str(), password.GetLength(), TRUE, |
102 m_EncryptKey, key_len)) { | 100 m_EncryptKey, key_len)) { |
103 if (password.IsEmpty()) { | 101 if (password.IsEmpty()) { |
104 if (!CheckPassword(password.raw_str(), password.GetLength(), FALSE, | 102 if (!CheckPassword(password.raw_str(), password.GetLength(), FALSE, |
105 m_EncryptKey, key_len)) { | 103 m_EncryptKey, key_len)) { |
106 return FALSE; | 104 return FALSE; |
107 } | 105 } |
108 } | 106 } |
109 return TRUE; | 107 return TRUE; |
110 } | 108 } |
111 return CheckPassword(password.raw_str(), password.GetLength(), FALSE, | 109 return CheckPassword(password.raw_str(), password.GetLength(), FALSE, |
112 m_EncryptKey, key_len); | 110 m_EncryptKey, key_len); |
113 } | 111 } |
114 uint32_t CPDF_StandardSecurityHandler::GetPermissions() { | 112 uint32_t CPDF_SecurityHandler::GetPermissions() { |
115 return m_Permissions; | 113 return m_Permissions; |
116 } | 114 } |
117 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, | 115 static FX_BOOL _LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
118 const CFX_ByteStringC& name, | 116 const CFX_ByteStringC& name, |
119 int& cipher, | 117 int& cipher, |
120 int& keylen) { | 118 int& keylen) { |
121 int Version = pEncryptDict->GetIntegerBy("V"); | 119 int Version = pEncryptDict->GetIntegerBy("V"); |
122 cipher = FXCIPHER_RC4; | 120 cipher = FXCIPHER_RC4; |
123 keylen = 0; | 121 keylen = 0; |
124 if (Version >= 4) { | 122 if (Version >= 4) { |
(...skipping 28 matching lines...) Expand all Loading... |
153 } | 151 } |
154 } else { | 152 } else { |
155 keylen = Version > 1 ? pEncryptDict->GetIntegerBy("Length", 40) / 8 : 5; | 153 keylen = Version > 1 ? pEncryptDict->GetIntegerBy("Length", 40) / 8 : 5; |
156 } | 154 } |
157 if (keylen > 32 || keylen < 0) { | 155 if (keylen > 32 || keylen < 0) { |
158 return FALSE; | 156 return FALSE; |
159 } | 157 } |
160 return TRUE; | 158 return TRUE; |
161 } | 159 } |
162 | 160 |
163 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { | 161 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { |
164 m_pEncryptDict = pEncryptDict; | 162 m_pEncryptDict = pEncryptDict; |
165 m_Version = pEncryptDict->GetIntegerBy("V"); | 163 m_Version = pEncryptDict->GetIntegerBy("V"); |
166 m_Revision = pEncryptDict->GetIntegerBy("R"); | 164 m_Revision = pEncryptDict->GetIntegerBy("R"); |
167 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 165 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); |
168 if (m_Version < 4) { | 166 if (m_Version < 4) { |
169 return _LoadCryptInfo(pEncryptDict, CFX_ByteStringC(), m_Cipher, m_KeyLen); | 167 return _LoadCryptInfo(pEncryptDict, CFX_ByteStringC(), m_Cipher, m_KeyLen); |
170 } | 168 } |
171 CFX_ByteString stmf_name = pEncryptDict->GetStringBy("StmF"); | 169 CFX_ByteString stmf_name = pEncryptDict->GetStringBy("StmF"); |
172 CFX_ByteString strf_name = pEncryptDict->GetStringBy("StrF"); | 170 CFX_ByteString strf_name = pEncryptDict->GetStringBy("StrF"); |
173 if (stmf_name != strf_name) { | 171 if (stmf_name != strf_name) { |
174 return FALSE; | 172 return FALSE; |
175 } | 173 } |
176 if (!_LoadCryptInfo(pEncryptDict, strf_name.AsStringC(), m_Cipher, | 174 if (!_LoadCryptInfo(pEncryptDict, strf_name.AsStringC(), m_Cipher, |
177 m_KeyLen)) { | 175 m_KeyLen)) { |
178 return FALSE; | 176 return FALSE; |
179 } | 177 } |
180 return TRUE; | 178 return TRUE; |
181 } | 179 } |
182 | 180 |
183 FX_BOOL CPDF_StandardSecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, | 181 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
184 uint32_t type, | 182 uint32_t type, |
185 int& cipher, | 183 int& cipher, |
186 int& key_len) { | 184 int& key_len) { |
187 m_pEncryptDict = pEncryptDict; | 185 m_pEncryptDict = pEncryptDict; |
188 m_Version = pEncryptDict->GetIntegerBy("V"); | 186 m_Version = pEncryptDict->GetIntegerBy("V"); |
189 m_Revision = pEncryptDict->GetIntegerBy("R"); | 187 m_Revision = pEncryptDict->GetIntegerBy("R"); |
190 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 188 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); |
191 CFX_ByteString strf_name, stmf_name; | 189 CFX_ByteString strf_name, stmf_name; |
192 if (m_Version >= 4) { | 190 if (m_Version >= 4) { |
193 stmf_name = pEncryptDict->GetStringBy("StmF"); | 191 stmf_name = pEncryptDict->GetStringBy("StmF"); |
194 strf_name = pEncryptDict->GetStringBy("StrF"); | 192 strf_name = pEncryptDict->GetStringBy("StrF"); |
195 if (stmf_name != strf_name) { | 193 if (stmf_name != strf_name) { |
196 return FALSE; | 194 return FALSE; |
197 } | 195 } |
198 } | 196 } |
199 if (!_LoadCryptInfo(pEncryptDict, strf_name.AsStringC(), cipher, key_len)) { | 197 if (!_LoadCryptInfo(pEncryptDict, strf_name.AsStringC(), cipher, key_len)) { |
200 return FALSE; | 198 return FALSE; |
201 } | 199 } |
202 m_Cipher = cipher; | 200 m_Cipher = cipher; |
203 m_KeyLen = key_len; | 201 m_KeyLen = key_len; |
204 return TRUE; | 202 return TRUE; |
205 } | 203 } |
206 | 204 |
207 FX_BOOL CPDF_StandardSecurityHandler::GetCryptInfo(int& cipher, | 205 FX_BOOL CPDF_SecurityHandler::GetCryptInfo(int& cipher, |
208 const uint8_t*& buffer, | 206 const uint8_t*& buffer, |
209 int& keylen) { | 207 int& keylen) { |
210 cipher = m_Cipher; | 208 cipher = m_Cipher; |
211 buffer = m_EncryptKey; | 209 buffer = m_EncryptKey; |
212 keylen = m_KeyLen; | 210 keylen = m_KeyLen; |
213 return TRUE; | 211 return TRUE; |
214 } | 212 } |
215 #define FX_GET_32WORD(n, b, i) \ | 213 #define FX_GET_32WORD(n, b, i) \ |
216 { \ | 214 { \ |
217 (n) = (uint32_t)( \ | 215 (n) = (uint32_t)( \ |
218 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ | 216 ((uint64_t)(b)[(i)] << 24) | ((uint64_t)(b)[(i) + 1] << 16) | \ |
219 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ | 217 ((uint64_t)(b)[(i) + 2] << 8) | ((uint64_t)(b)[(i) + 3])); \ |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
298 } | 296 } |
299 key = input; | 297 key = input; |
300 iv = input + 16; | 298 iv = input + 16; |
301 ++i; | 299 ++i; |
302 } | 300 } |
303 FX_Free(aes); | 301 FX_Free(aes); |
304 if (hash) { | 302 if (hash) { |
305 FXSYS_memcpy(hash, input, 32); | 303 FXSYS_memcpy(hash, input, 32); |
306 } | 304 } |
307 } | 305 } |
308 FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword( | 306 FX_BOOL CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password, |
309 const uint8_t* password, | 307 uint32_t size, |
310 uint32_t size, | 308 FX_BOOL bOwner, |
311 FX_BOOL bOwner, | 309 uint8_t* key) { |
312 uint8_t* key) { | |
313 CFX_ByteString okey = | 310 CFX_ByteString okey = |
314 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); | 311 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); |
315 if (okey.GetLength() < 48) { | 312 if (okey.GetLength() < 48) { |
316 return FALSE; | 313 return FALSE; |
317 } | 314 } |
318 CFX_ByteString ukey = | 315 CFX_ByteString ukey = |
319 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 316 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
320 if (ukey.GetLength() < 48) { | 317 if (ukey.GetLength() < 48) { |
321 return FALSE; | 318 return FALSE; |
322 } | 319 } |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
387 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { | 384 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { |
388 return FALSE; | 385 return FALSE; |
389 } | 386 } |
390 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || | 387 if ((buf[8] == 'T' && !IsMetadataEncrypted()) || |
391 (buf[8] == 'F' && IsMetadataEncrypted())) { | 388 (buf[8] == 'F' && IsMetadataEncrypted())) { |
392 return FALSE; | 389 return FALSE; |
393 } | 390 } |
394 return TRUE; | 391 return TRUE; |
395 } | 392 } |
396 | 393 |
397 int CPDF_StandardSecurityHandler::CheckPassword(const uint8_t* password, | 394 int CPDF_SecurityHandler::CheckPassword(const uint8_t* password, |
398 uint32_t size, | 395 uint32_t size, |
399 FX_BOOL bOwner, | 396 FX_BOOL bOwner, |
400 uint8_t* key, | 397 uint8_t* key, |
401 int32_t key_len) { | 398 int32_t key_len) { |
402 if (m_Revision >= 5) { | 399 if (m_Revision >= 5) { |
403 return AES256_CheckPassword(password, size, bOwner, key); | 400 return AES256_CheckPassword(password, size, bOwner, key); |
404 } | 401 } |
405 uint8_t keybuf[32]; | 402 uint8_t keybuf[32]; |
406 if (!key) { | 403 if (!key) { |
407 key = keybuf; | 404 key = keybuf; |
408 } | 405 } |
409 if (bOwner) { | 406 if (bOwner) { |
410 return CheckOwnerPassword(password, size, key, key_len); | 407 return CheckOwnerPassword(password, size, key, key_len); |
411 } | 408 } |
412 return CheckUserPassword(password, size, FALSE, key, key_len) || | 409 return CheckUserPassword(password, size, FALSE, key, key_len) || |
413 CheckUserPassword(password, size, TRUE, key, key_len); | 410 CheckUserPassword(password, size, TRUE, key, key_len); |
414 } | 411 } |
415 FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword( | 412 FX_BOOL CPDF_SecurityHandler::CheckUserPassword(const uint8_t* password, |
416 const uint8_t* password, | 413 uint32_t pass_size, |
417 uint32_t pass_size, | 414 FX_BOOL bIgnoreEncryptMeta, |
418 FX_BOOL bIgnoreEncryptMeta, | 415 uint8_t* key, |
419 uint8_t* key, | 416 int32_t key_len) { |
420 int32_t key_len) { | |
421 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, | 417 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
422 bIgnoreEncryptMeta, m_pParser->GetIDArray()); | 418 bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
423 CFX_ByteString ukey = | 419 CFX_ByteString ukey = |
424 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 420 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); |
425 if (ukey.GetLength() < 16) { | 421 if (ukey.GetLength() < 16) { |
426 return FALSE; | 422 return FALSE; |
427 } | 423 } |
428 uint8_t ukeybuf[32]; | 424 uint8_t ukeybuf[32]; |
429 if (m_Revision == 2) { | 425 if (m_Revision == 2) { |
430 FXSYS_memcpy(ukeybuf, defpasscode, 32); | 426 FXSYS_memcpy(ukeybuf, defpasscode, 32); |
(...skipping 22 matching lines...) Expand all Loading... |
453 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 449 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
454 } | 450 } |
455 CRYPT_MD5Finish(md5, ukeybuf); | 451 CRYPT_MD5Finish(md5, ukeybuf); |
456 return FXSYS_memcmp(test, ukeybuf, 16) == 0; | 452 return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
457 } | 453 } |
458 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { | 454 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
459 return TRUE; | 455 return TRUE; |
460 } | 456 } |
461 return FALSE; | 457 return FALSE; |
462 } | 458 } |
463 CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword( | 459 CFX_ByteString CPDF_SecurityHandler::GetUserPassword(const uint8_t* owner_pass, |
464 const uint8_t* owner_pass, | 460 uint32_t pass_size, |
465 uint32_t pass_size, | 461 int32_t key_len) { |
466 int32_t key_len) { | |
467 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); | 462 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); |
468 uint8_t passcode[32]; | 463 uint8_t passcode[32]; |
469 uint32_t i; | 464 uint32_t i; |
470 for (i = 0; i < 32; i++) { | 465 for (i = 0; i < 32; i++) { |
471 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; | 466 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
472 } | 467 } |
473 uint8_t digest[16]; | 468 uint8_t digest[16]; |
474 CRYPT_MD5Generate(passcode, 32, digest); | 469 CRYPT_MD5Generate(passcode, 32, digest); |
475 if (m_Revision >= 3) { | 470 if (m_Revision >= 3) { |
476 for (int i = 0; i < 50; i++) { | 471 for (int i = 0; i < 50; i++) { |
(...skipping 25 matching lines...) Expand all Loading... |
502 } | 497 } |
503 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); | 498 CRYPT_ArcFourCryptBlock(okeybuf, okeylen, tempkey, key_len); |
504 } | 499 } |
505 } | 500 } |
506 int len = 32; | 501 int len = 32; |
507 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { | 502 while (len && defpasscode[len - 1] == okeybuf[len - 1]) { |
508 len--; | 503 len--; |
509 } | 504 } |
510 return CFX_ByteString(okeybuf, len); | 505 return CFX_ByteString(okeybuf, len); |
511 } | 506 } |
512 FX_BOOL CPDF_StandardSecurityHandler::CheckOwnerPassword( | 507 FX_BOOL CPDF_SecurityHandler::CheckOwnerPassword(const uint8_t* password, |
513 const uint8_t* password, | 508 uint32_t pass_size, |
514 uint32_t pass_size, | 509 uint8_t* key, |
515 uint8_t* key, | 510 int32_t key_len) { |
516 int32_t key_len) { | |
517 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); | 511 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
518 if (CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), FALSE, key, | 512 if (CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), FALSE, key, |
519 key_len)) { | 513 key_len)) { |
520 return TRUE; | 514 return TRUE; |
521 } | 515 } |
522 return CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), TRUE, | 516 return CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), TRUE, |
523 key, key_len); | 517 key, key_len); |
524 } | 518 } |
525 FX_BOOL CPDF_StandardSecurityHandler::IsMetadataEncrypted() { | 519 FX_BOOL CPDF_SecurityHandler::IsMetadataEncrypted() { |
526 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); | 520 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", TRUE); |
527 } | 521 } |
528 | 522 |
529 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 523 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
530 CPDF_Array* pIdArray, | 524 CPDF_Array* pIdArray, |
531 const uint8_t* user_pass, | 525 const uint8_t* user_pass, |
532 uint32_t user_size, | 526 uint32_t user_size, |
533 const uint8_t* owner_pass, | 527 const uint8_t* owner_pass, |
534 uint32_t owner_size, | 528 uint32_t owner_size, |
535 FX_BOOL bDefault, | 529 FX_BOOL bDefault, |
536 uint32_t type) { | 530 uint32_t type) { |
537 int cipher = 0, key_len = 0; | 531 int cipher = 0, key_len = 0; |
538 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { | 532 if (!LoadDict(pEncryptDict, type, cipher, key_len)) { |
539 return; | 533 return; |
540 } | 534 } |
541 if (bDefault && (!owner_pass || owner_size == 0)) { | 535 if (bDefault && (!owner_pass || owner_size == 0)) { |
542 owner_pass = user_pass; | 536 owner_pass = user_pass; |
543 owner_size = user_size; | 537 owner_size = user_size; |
544 } | 538 } |
545 if (m_Revision >= 5) { | 539 if (m_Revision >= 5) { |
546 int t = (int)time(NULL); | 540 int t = (int)time(NULL); |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
613 for (int i = 1; i <= 19; i++) { | 607 for (int i = 1; i <= 19; i++) { |
614 for (int j = 0; j < key_len; j++) { | 608 for (int j = 0; j < key_len; j++) { |
615 tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; | 609 tempkey[j] = m_EncryptKey[j] ^ (uint8_t)i; |
616 } | 610 } |
617 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); | 611 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
618 } | 612 } |
619 CRYPT_MD5Generate(digest, 16, digest + 16); | 613 CRYPT_MD5Generate(digest, 16, digest + 16); |
620 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); | 614 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); |
621 } | 615 } |
622 } | 616 } |
623 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 617 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
624 CPDF_Array* pIdArray, | 618 CPDF_Array* pIdArray, |
625 const uint8_t* user_pass, | 619 const uint8_t* user_pass, |
626 uint32_t user_size, | 620 uint32_t user_size, |
627 const uint8_t* owner_pass, | 621 const uint8_t* owner_pass, |
628 uint32_t owner_size, | 622 uint32_t owner_size, |
629 uint32_t type) { | 623 uint32_t type) { |
630 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, | 624 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
631 TRUE, type); | 625 TRUE, type); |
632 } | 626 } |
633 void CPDF_StandardSecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 627 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
634 CPDF_Array* pIdArray, | 628 CPDF_Array* pIdArray, |
635 const uint8_t* user_pass, | 629 const uint8_t* user_pass, |
636 uint32_t user_size, | 630 uint32_t user_size, |
637 uint32_t type) { | 631 uint32_t type) { |
638 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); | 632 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, NULL, 0, FALSE, type); |
639 } | 633 } |
640 void CPDF_StandardSecurityHandler::AES256_SetPassword( | 634 void CPDF_SecurityHandler::AES256_SetPassword(CPDF_Dictionary* pEncryptDict, |
641 CPDF_Dictionary* pEncryptDict, | 635 const uint8_t* password, |
642 const uint8_t* password, | 636 uint32_t size, |
643 uint32_t size, | 637 FX_BOOL bOwner, |
644 FX_BOOL bOwner, | 638 const uint8_t* key) { |
645 const uint8_t* key) { | |
646 uint8_t sha[128]; | 639 uint8_t sha[128]; |
647 CRYPT_SHA1Start(sha); | 640 CRYPT_SHA1Start(sha); |
648 CRYPT_SHA1Update(sha, key, 32); | 641 CRYPT_SHA1Update(sha, key, 32); |
649 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); | 642 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
650 uint8_t digest[20]; | 643 uint8_t digest[20]; |
651 CRYPT_SHA1Finish(sha, digest); | 644 CRYPT_SHA1Finish(sha, digest); |
652 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); | 645 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); |
653 uint8_t digest1[48]; | 646 uint8_t digest1[48]; |
654 if (m_Revision >= 6) { | 647 if (m_Revision >= 6) { |
655 Revision6_Hash(password, size, digest, bOwner ? ukey.raw_str() : nullptr, | 648 Revision6_Hash(password, size, digest, bOwner ? ukey.raw_str() : nullptr, |
(...skipping 23 matching lines...) Expand all Loading... |
679 } | 672 } |
680 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 673 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
681 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); | 674 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
682 uint8_t iv[16]; | 675 uint8_t iv[16]; |
683 FXSYS_memset(iv, 0, 16); | 676 FXSYS_memset(iv, 0, 16); |
684 CRYPT_AESSetIV(aes, iv); | 677 CRYPT_AESSetIV(aes, iv); |
685 CRYPT_AESEncrypt(aes, digest1, key, 32); | 678 CRYPT_AESEncrypt(aes, digest1, key, 32); |
686 FX_Free(aes); | 679 FX_Free(aes); |
687 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); | 680 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); |
688 } | 681 } |
689 void CPDF_StandardSecurityHandler::AES256_SetPerms( | 682 void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict, |
690 CPDF_Dictionary* pEncryptDict, | 683 uint32_t permissions, |
691 uint32_t permissions, | 684 FX_BOOL bEncryptMetadata, |
692 FX_BOOL bEncryptMetadata, | 685 const uint8_t* key) { |
693 const uint8_t* key) { | |
694 uint8_t buf[16]; | 686 uint8_t buf[16]; |
695 buf[0] = (uint8_t)permissions; | 687 buf[0] = (uint8_t)permissions; |
696 buf[1] = (uint8_t)(permissions >> 8); | 688 buf[1] = (uint8_t)(permissions >> 8); |
697 buf[2] = (uint8_t)(permissions >> 16); | 689 buf[2] = (uint8_t)(permissions >> 16); |
698 buf[3] = (uint8_t)(permissions >> 24); | 690 buf[3] = (uint8_t)(permissions >> 24); |
699 buf[4] = 0xff; | 691 buf[4] = 0xff; |
700 buf[5] = 0xff; | 692 buf[5] = 0xff; |
701 buf[6] = 0xff; | 693 buf[6] = 0xff; |
702 buf[7] = 0xff; | 694 buf[7] = 0xff; |
703 buf[8] = bEncryptMetadata ? 'T' : 'F'; | 695 buf[8] = bEncryptMetadata ? 'T' : 'F'; |
704 buf[9] = 'a'; | 696 buf[9] = 'a'; |
705 buf[10] = 'd'; | 697 buf[10] = 'd'; |
706 buf[11] = 'b'; | 698 buf[11] = 'b'; |
707 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 699 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
708 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); | 700 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
709 uint8_t iv[16], buf1[16]; | 701 uint8_t iv[16], buf1[16]; |
710 FXSYS_memset(iv, 0, 16); | 702 FXSYS_memset(iv, 0, 16); |
711 CRYPT_AESSetIV(aes, iv); | 703 CRYPT_AESSetIV(aes, iv); |
712 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 704 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
713 FX_Free(aes); | 705 FX_Free(aes); |
714 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); | 706 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); |
715 } | 707 } |
OLD | NEW |