| OLD | NEW |
|---|
| 1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fpdfapi/fpdf_parser/cpdf_security_handler.h" | 7 #include "core/fpdfapi/fpdf_parser/cpdf_security_handler.h" |
| 8 | 8 |
| 9 #include <time.h> | 9 #include <time.h> |
| 10 | 10 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, | 22 0x56, 0xff, 0xfa, 0x01, 0x08, 0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, |
| 23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; | 23 0x3e, 0x80, 0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a}; |
| 24 | 24 |
| 25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, | 25 void CalcEncryptKey(CPDF_Dictionary* pEncrypt, |
| 26 const uint8_t* password, | 26 const uint8_t* password, |
| 27 uint32_t pass_size, | 27 uint32_t pass_size, |
| 28 uint8_t* key, | 28 uint8_t* key, |
| 29 int keylen, | 29 int keylen, |
| 30 FX_BOOL bIgnoreMeta, | 30 FX_BOOL bIgnoreMeta, |
| 31 CPDF_Array* pIdArray) { | 31 CPDF_Array* pIdArray) { |
| 32 int revision = pEncrypt->GetIntegerBy("R"); | 32 int revision = pEncrypt->GetIntegerFor("R"); |
| 33 uint8_t passcode[32]; | 33 uint8_t passcode[32]; |
| 34 for (uint32_t i = 0; i < 32; i++) { | 34 for (uint32_t i = 0; i < 32; i++) { |
| 35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; | 35 passcode[i] = i < pass_size ? password[i] : defpasscode[i - pass_size]; |
| 36 } | 36 } |
| 37 uint8_t md5[100]; | 37 uint8_t md5[100]; |
| 38 CRYPT_MD5Start(md5); | 38 CRYPT_MD5Start(md5); |
| 39 CRYPT_MD5Update(md5, passcode, 32); | 39 CRYPT_MD5Update(md5, passcode, 32); |
| 40 CFX_ByteString okey = pEncrypt->GetStringBy("O"); | 40 CFX_ByteString okey = pEncrypt->GetStringFor("O"); |
| 41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); | 41 CRYPT_MD5Update(md5, (uint8_t*)okey.c_str(), okey.GetLength()); |
| 42 uint32_t perm = pEncrypt->GetIntegerBy("P"); | 42 uint32_t perm = pEncrypt->GetIntegerFor("P"); |
| 43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); | 43 CRYPT_MD5Update(md5, (uint8_t*)&perm, 4); |
| 44 if (pIdArray) { | 44 if (pIdArray) { |
| 45 CFX_ByteString id = pIdArray->GetStringAt(0); | 45 CFX_ByteString id = pIdArray->GetStringAt(0); |
| 46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 46 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
| 47 } | 47 } |
| 48 if (!bIgnoreMeta && revision >= 3 && | 48 if (!bIgnoreMeta && revision >= 3 && |
| 49 !pEncrypt->GetIntegerBy("EncryptMetadata", 1)) { | 49 !pEncrypt->GetIntegerFor("EncryptMetadata", 1)) { |
| 50 uint32_t tag = (uint32_t)-1; | 50 uint32_t tag = (uint32_t)-1; |
| 51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); | 51 CRYPT_MD5Update(md5, (uint8_t*)&tag, 4); |
| 52 } | 52 } |
| 53 uint8_t digest[16]; | 53 uint8_t digest[16]; |
| 54 CRYPT_MD5Finish(md5, digest); | 54 CRYPT_MD5Finish(md5, digest); |
| 55 uint32_t copy_len = keylen; | 55 uint32_t copy_len = keylen; |
| 56 if (copy_len > sizeof(digest)) { | 56 if (copy_len > sizeof(digest)) { |
| 57 copy_len = sizeof(digest); | 57 copy_len = sizeof(digest); |
| 58 } | 58 } |
| 59 if (revision >= 3) { | 59 if (revision >= 3) { |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 108 } | 108 } |
| 109 | 109 |
| 110 uint32_t CPDF_SecurityHandler::GetPermissions() { | 110 uint32_t CPDF_SecurityHandler::GetPermissions() { |
| 111 return m_bOwnerUnlocked ? 0xFFFFFFFF : m_Permissions; | 111 return m_bOwnerUnlocked ? 0xFFFFFFFF : m_Permissions; |
| 112 } | 112 } |
| 113 | 113 |
| 114 static FX_BOOL LoadCryptInfo(CPDF_Dictionary* pEncryptDict, | 114 static FX_BOOL LoadCryptInfo(CPDF_Dictionary* pEncryptDict, |
| 115 const CFX_ByteString& name, | 115 const CFX_ByteString& name, |
| 116 int& cipher, | 116 int& cipher, |
| 117 int& keylen) { | 117 int& keylen) { |
| 118 int Version = pEncryptDict->GetIntegerBy("V"); | 118 int Version = pEncryptDict->GetIntegerFor("V"); |
| 119 cipher = FXCIPHER_RC4; | 119 cipher = FXCIPHER_RC4; |
| 120 keylen = 0; | 120 keylen = 0; |
| 121 if (Version >= 4) { | 121 if (Version >= 4) { |
| 122 CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDictBy("CF"); | 122 CPDF_Dictionary* pCryptFilters = pEncryptDict->GetDictFor("CF"); |
| 123 if (!pCryptFilters) { | 123 if (!pCryptFilters) { |
| 124 return FALSE; | 124 return FALSE; |
| 125 } | 125 } |
| 126 if (name == "Identity") { | 126 if (name == "Identity") { |
| 127 cipher = FXCIPHER_NONE; | 127 cipher = FXCIPHER_NONE; |
| 128 } else { | 128 } else { |
| 129 CPDF_Dictionary* pDefFilter = pCryptFilters->GetDictBy(name); | 129 CPDF_Dictionary* pDefFilter = pCryptFilters->GetDictFor(name); |
| 130 if (!pDefFilter) { | 130 if (!pDefFilter) { |
| 131 return FALSE; | 131 return FALSE; |
| 132 } | 132 } |
| 133 int nKeyBits = 0; | 133 int nKeyBits = 0; |
| 134 if (Version == 4) { | 134 if (Version == 4) { |
| 135 nKeyBits = pDefFilter->GetIntegerBy("Length", 0); | 135 nKeyBits = pDefFilter->GetIntegerFor("Length", 0); |
| 136 if (nKeyBits == 0) { | 136 if (nKeyBits == 0) { |
| 137 nKeyBits = pEncryptDict->GetIntegerBy("Length", 128); | 137 nKeyBits = pEncryptDict->GetIntegerFor("Length", 128); |
| 138 } | 138 } |
| 139 } else { | 139 } else { |
| 140 nKeyBits = pEncryptDict->GetIntegerBy("Length", 256); | 140 nKeyBits = pEncryptDict->GetIntegerFor("Length", 256); |
| 141 } | 141 } |
| 142 if (nKeyBits < 40) { | 142 if (nKeyBits < 40) { |
| 143 nKeyBits *= 8; | 143 nKeyBits *= 8; |
| 144 } | 144 } |
| 145 keylen = nKeyBits / 8; | 145 keylen = nKeyBits / 8; |
| 146 CFX_ByteString cipher_name = pDefFilter->GetStringBy("CFM"); | 146 CFX_ByteString cipher_name = pDefFilter->GetStringFor("CFM"); |
| 147 if (cipher_name == "AESV2" || cipher_name == "AESV3") { | 147 if (cipher_name == "AESV2" || cipher_name == "AESV3") { |
| 148 cipher = FXCIPHER_AES; | 148 cipher = FXCIPHER_AES; |
| 149 } | 149 } |
| 150 } | 150 } |
| 151 } else { | 151 } else { |
| 152 keylen = Version > 1 ? pEncryptDict->GetIntegerBy("Length", 40) / 8 : 5; | 152 keylen = Version > 1 ? pEncryptDict->GetIntegerFor("Length", 40) / 8 : 5; |
| 153 } | 153 } |
| 154 if (keylen > 32 || keylen < 0) { | 154 if (keylen > 32 || keylen < 0) { |
| 155 return FALSE; | 155 return FALSE; |
| 156 } | 156 } |
| 157 return TRUE; | 157 return TRUE; |
| 158 } | 158 } |
| 159 | 159 |
| 160 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { | 160 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict) { |
| 161 m_pEncryptDict = pEncryptDict; | 161 m_pEncryptDict = pEncryptDict; |
| 162 m_Version = pEncryptDict->GetIntegerBy("V"); | 162 m_Version = pEncryptDict->GetIntegerFor("V"); |
| 163 m_Revision = pEncryptDict->GetIntegerBy("R"); | 163 m_Revision = pEncryptDict->GetIntegerFor("R"); |
| 164 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 164 m_Permissions = pEncryptDict->GetIntegerFor("P", -1); |
| 165 if (m_Version < 4) | 165 if (m_Version < 4) |
| 166 return LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen); | 166 return LoadCryptInfo(pEncryptDict, CFX_ByteString(), m_Cipher, m_KeyLen); |
| 167 | 167 |
| 168 CFX_ByteString stmf_name = pEncryptDict->GetStringBy("StmF"); | 168 CFX_ByteString stmf_name = pEncryptDict->GetStringFor("StmF"); |
| 169 CFX_ByteString strf_name = pEncryptDict->GetStringBy("StrF"); | 169 CFX_ByteString strf_name = pEncryptDict->GetStringFor("StrF"); |
| 170 if (stmf_name != strf_name) | 170 if (stmf_name != strf_name) |
| 171 return FALSE; | 171 return FALSE; |
| 172 | 172 |
| 173 return LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen); | 173 return LoadCryptInfo(pEncryptDict, strf_name, m_Cipher, m_KeyLen); |
| 174 } | 174 } |
| 175 | 175 |
| 176 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, | 176 FX_BOOL CPDF_SecurityHandler::LoadDict(CPDF_Dictionary* pEncryptDict, |
| 177 uint32_t type, | 177 uint32_t type, |
| 178 int& cipher, | 178 int& cipher, |
| 179 int& key_len) { | 179 int& key_len) { |
| 180 m_pEncryptDict = pEncryptDict; | 180 m_pEncryptDict = pEncryptDict; |
| 181 m_Version = pEncryptDict->GetIntegerBy("V"); | 181 m_Version = pEncryptDict->GetIntegerFor("V"); |
| 182 m_Revision = pEncryptDict->GetIntegerBy("R"); | 182 m_Revision = pEncryptDict->GetIntegerFor("R"); |
| 183 m_Permissions = pEncryptDict->GetIntegerBy("P", -1); | 183 m_Permissions = pEncryptDict->GetIntegerFor("P", -1); |
| 184 | 184 |
| 185 CFX_ByteString strf_name; | 185 CFX_ByteString strf_name; |
| 186 CFX_ByteString stmf_name; | 186 CFX_ByteString stmf_name; |
| 187 if (m_Version >= 4) { | 187 if (m_Version >= 4) { |
| 188 stmf_name = pEncryptDict->GetStringBy("StmF"); | 188 stmf_name = pEncryptDict->GetStringFor("StmF"); |
| 189 strf_name = pEncryptDict->GetStringBy("StrF"); | 189 strf_name = pEncryptDict->GetStringFor("StrF"); |
| 190 if (stmf_name != strf_name) | 190 if (stmf_name != strf_name) |
| 191 return FALSE; | 191 return FALSE; |
| 192 } | 192 } |
| 193 if (!LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) | 193 if (!LoadCryptInfo(pEncryptDict, strf_name, cipher, key_len)) |
| 194 return FALSE; | 194 return FALSE; |
| 195 | 195 |
| 196 m_Cipher = cipher; | 196 m_Cipher = cipher; |
| 197 m_KeyLen = key_len; | 197 m_KeyLen = key_len; |
| 198 return TRUE; | 198 return TRUE; |
| 199 } | 199 } |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 297 FX_Free(aes); | 297 FX_Free(aes); |
| 298 if (hash) { | 298 if (hash) { |
| 299 FXSYS_memcpy(hash, input, 32); | 299 FXSYS_memcpy(hash, input, 32); |
| 300 } | 300 } |
| 301 } | 301 } |
| 302 FX_BOOL CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password, | 302 FX_BOOL CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password, |
| 303 uint32_t size, | 303 uint32_t size, |
| 304 FX_BOOL bOwner, | 304 FX_BOOL bOwner, |
| 305 uint8_t* key) { | 305 uint8_t* key) { |
| 306 CFX_ByteString okey = | 306 CFX_ByteString okey = |
| 307 m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); | 307 m_pEncryptDict ? m_pEncryptDict->GetStringFor("O") : CFX_ByteString(); |
| 308 if (okey.GetLength() < 48) { | 308 if (okey.GetLength() < 48) { |
| 309 return FALSE; | 309 return FALSE; |
| 310 } | 310 } |
| 311 CFX_ByteString ukey = | 311 CFX_ByteString ukey = |
| 312 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 312 m_pEncryptDict ? m_pEncryptDict->GetStringFor("U") : CFX_ByteString(); |
| 313 if (ukey.GetLength() < 48) { | 313 if (ukey.GetLength() < 48) { |
| 314 return FALSE; | 314 return FALSE; |
| 315 } | 315 } |
| 316 const uint8_t* pkey = (bOwner ? okey : ukey).raw_str(); | 316 const uint8_t* pkey = (bOwner ? okey : ukey).raw_str(); |
| 317 uint8_t sha[128]; | 317 uint8_t sha[128]; |
| 318 uint8_t digest[32]; | 318 uint8_t digest[32]; |
| 319 if (m_Revision >= 6) { | 319 if (m_Revision >= 6) { |
| 320 Revision6_Hash(password, size, (const uint8_t*)pkey + 32, | 320 Revision6_Hash(password, size, (const uint8_t*)pkey + 32, |
| 321 bOwner ? ukey.raw_str() : nullptr, digest); | 321 bOwner ? ukey.raw_str() : nullptr, digest); |
| 322 } else { | 322 } else { |
| (...skipping 17 matching lines...) Expand all Loading... |
| 340 } else { | 340 } else { |
| 341 CRYPT_SHA256Start(sha); | 341 CRYPT_SHA256Start(sha); |
| 342 CRYPT_SHA256Update(sha, password, size); | 342 CRYPT_SHA256Update(sha, password, size); |
| 343 CRYPT_SHA256Update(sha, pkey + 40, 8); | 343 CRYPT_SHA256Update(sha, pkey + 40, 8); |
| 344 if (bOwner) { | 344 if (bOwner) { |
| 345 CRYPT_SHA256Update(sha, ukey.raw_str(), 48); | 345 CRYPT_SHA256Update(sha, ukey.raw_str(), 48); |
| 346 } | 346 } |
| 347 CRYPT_SHA256Finish(sha, digest); | 347 CRYPT_SHA256Finish(sha, digest); |
| 348 } | 348 } |
| 349 CFX_ByteString ekey = m_pEncryptDict | 349 CFX_ByteString ekey = m_pEncryptDict |
| 350 ? m_pEncryptDict->GetStringBy(bOwner ? "OE" : "UE") | 350 ? m_pEncryptDict->GetStringFor(bOwner ? "OE" : "UE") |
| 351 : CFX_ByteString(); | 351 : CFX_ByteString(); |
| 352 if (ekey.GetLength() < 32) { | 352 if (ekey.GetLength() < 32) { |
| 353 return FALSE; | 353 return FALSE; |
| 354 } | 354 } |
| 355 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 355 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 356 CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); | 356 CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); |
| 357 uint8_t iv[16]; | 357 uint8_t iv[16]; |
| 358 FXSYS_memset(iv, 0, 16); | 358 FXSYS_memset(iv, 0, 16); |
| 359 CRYPT_AESSetIV(aes, iv); | 359 CRYPT_AESSetIV(aes, iv); |
| 360 CRYPT_AESDecrypt(aes, key, ekey.raw_str(), 32); | 360 CRYPT_AESDecrypt(aes, key, ekey.raw_str(), 32); |
| 361 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); | 361 CRYPT_AESSetKey(aes, 16, key, 32, FALSE); |
| 362 CRYPT_AESSetIV(aes, iv); | 362 CRYPT_AESSetIV(aes, iv); |
| 363 CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); | 363 CFX_ByteString perms = m_pEncryptDict->GetStringFor("Perms"); |
| 364 if (perms.IsEmpty()) { | 364 if (perms.IsEmpty()) { |
| 365 return FALSE; | 365 return FALSE; |
| 366 } | 366 } |
| 367 uint8_t perms_buf[16]; | 367 uint8_t perms_buf[16]; |
| 368 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); | 368 FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); |
| 369 uint32_t copy_len = sizeof(perms_buf); | 369 uint32_t copy_len = sizeof(perms_buf); |
| 370 if (copy_len > (uint32_t)perms.GetLength()) { | 370 if (copy_len > (uint32_t)perms.GetLength()) { |
| 371 copy_len = perms.GetLength(); | 371 copy_len = perms.GetLength(); |
| 372 } | 372 } |
| 373 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); | 373 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 406 CheckUserPassword(password, size, TRUE, key, key_len); | 406 CheckUserPassword(password, size, TRUE, key, key_len); |
| 407 } | 407 } |
| 408 FX_BOOL CPDF_SecurityHandler::CheckUserPassword(const uint8_t* password, | 408 FX_BOOL CPDF_SecurityHandler::CheckUserPassword(const uint8_t* password, |
| 409 uint32_t pass_size, | 409 uint32_t pass_size, |
| 410 FX_BOOL bIgnoreEncryptMeta, | 410 FX_BOOL bIgnoreEncryptMeta, |
| 411 uint8_t* key, | 411 uint8_t* key, |
| 412 int32_t key_len) { | 412 int32_t key_len) { |
| 413 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, | 413 CalcEncryptKey(m_pEncryptDict, password, pass_size, key, key_len, |
| 414 bIgnoreEncryptMeta, m_pParser->GetIDArray()); | 414 bIgnoreEncryptMeta, m_pParser->GetIDArray()); |
| 415 CFX_ByteString ukey = | 415 CFX_ByteString ukey = |
| 416 m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); | 416 m_pEncryptDict ? m_pEncryptDict->GetStringFor("U") : CFX_ByteString(); |
| 417 if (ukey.GetLength() < 16) { | 417 if (ukey.GetLength() < 16) { |
| 418 return FALSE; | 418 return FALSE; |
| 419 } | 419 } |
| 420 uint8_t ukeybuf[32]; | 420 uint8_t ukeybuf[32]; |
| 421 if (m_Revision == 2) { | 421 if (m_Revision == 2) { |
| 422 FXSYS_memcpy(ukeybuf, defpasscode, 32); | 422 FXSYS_memcpy(ukeybuf, defpasscode, 32); |
| 423 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); | 423 CRYPT_ArcFourCryptBlock(ukeybuf, 32, key, key_len); |
| 424 } else { | 424 } else { |
| 425 uint8_t test[32], tmpkey[32]; | 425 uint8_t test[32], tmpkey[32]; |
| 426 uint32_t copy_len = sizeof(test); | 426 uint32_t copy_len = sizeof(test); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 447 return FXSYS_memcmp(test, ukeybuf, 16) == 0; | 447 return FXSYS_memcmp(test, ukeybuf, 16) == 0; |
| 448 } | 448 } |
| 449 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { | 449 if (FXSYS_memcmp((void*)ukey.c_str(), ukeybuf, 16) == 0) { |
| 450 return TRUE; | 450 return TRUE; |
| 451 } | 451 } |
| 452 return FALSE; | 452 return FALSE; |
| 453 } | 453 } |
| 454 CFX_ByteString CPDF_SecurityHandler::GetUserPassword(const uint8_t* owner_pass, | 454 CFX_ByteString CPDF_SecurityHandler::GetUserPassword(const uint8_t* owner_pass, |
| 455 uint32_t pass_size, | 455 uint32_t pass_size, |
| 456 int32_t key_len) { | 456 int32_t key_len) { |
| 457 CFX_ByteString okey = m_pEncryptDict->GetStringBy("O"); | 457 CFX_ByteString okey = m_pEncryptDict->GetStringFor("O"); |
| 458 uint8_t passcode[32]; | 458 uint8_t passcode[32]; |
| 459 for (uint32_t i = 0; i < 32; i++) { | 459 for (uint32_t i = 0; i < 32; i++) { |
| 460 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; | 460 passcode[i] = i < pass_size ? owner_pass[i] : defpasscode[i - pass_size]; |
| 461 } | 461 } |
| 462 uint8_t digest[16]; | 462 uint8_t digest[16]; |
| 463 CRYPT_MD5Generate(passcode, 32, digest); | 463 CRYPT_MD5Generate(passcode, 32, digest); |
| 464 if (m_Revision >= 3) { | 464 if (m_Revision >= 3) { |
| 465 for (uint32_t i = 0; i < 50; i++) { | 465 for (uint32_t i = 0; i < 50; i++) { |
| 466 CRYPT_MD5Generate(digest, 16, digest); | 466 CRYPT_MD5Generate(digest, 16, digest); |
| 467 } | 467 } |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 504 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); | 504 CFX_ByteString user_pass = GetUserPassword(password, pass_size, key_len); |
| 505 if (CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), FALSE, key, | 505 if (CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), FALSE, key, |
| 506 key_len)) { | 506 key_len)) { |
| 507 return TRUE; | 507 return TRUE; |
| 508 } | 508 } |
| 509 return CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), TRUE, | 509 return CheckUserPassword(user_pass.raw_str(), user_pass.GetLength(), TRUE, |
| 510 key, key_len); | 510 key, key_len); |
| 511 } | 511 } |
| 512 | 512 |
| 513 bool CPDF_SecurityHandler::IsMetadataEncrypted() const { | 513 bool CPDF_SecurityHandler::IsMetadataEncrypted() const { |
| 514 return m_pEncryptDict->GetBooleanBy("EncryptMetadata", true); | 514 return m_pEncryptDict->GetBooleanFor("EncryptMetadata", true); |
| 515 } | 515 } |
| 516 | 516 |
| 517 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 517 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
| 518 CPDF_Array* pIdArray, | 518 CPDF_Array* pIdArray, |
| 519 const uint8_t* user_pass, | 519 const uint8_t* user_pass, |
| 520 uint32_t user_size, | 520 uint32_t user_size, |
| 521 const uint8_t* owner_pass, | 521 const uint8_t* owner_pass, |
| 522 uint32_t owner_size, | 522 uint32_t owner_size, |
| 523 FX_BOOL bDefault, | 523 FX_BOOL bDefault, |
| 524 uint32_t type) { | 524 uint32_t type) { |
| (...skipping 11 matching lines...) Expand all Loading... |
| 536 CRYPT_SHA256Start(sha); | 536 CRYPT_SHA256Start(sha); |
| 537 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); | 537 CRYPT_SHA256Update(sha, (uint8_t*)&t, sizeof t); |
| 538 CRYPT_SHA256Update(sha, m_EncryptKey, 32); | 538 CRYPT_SHA256Update(sha, m_EncryptKey, 32); |
| 539 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); | 539 CRYPT_SHA256Update(sha, (uint8_t*)"there", 5); |
| 540 CRYPT_SHA256Finish(sha, m_EncryptKey); | 540 CRYPT_SHA256Finish(sha, m_EncryptKey); |
| 541 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); | 541 AES256_SetPassword(pEncryptDict, user_pass, user_size, FALSE, m_EncryptKey); |
| 542 if (bDefault) { | 542 if (bDefault) { |
| 543 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, | 543 AES256_SetPassword(pEncryptDict, owner_pass, owner_size, TRUE, |
| 544 m_EncryptKey); | 544 m_EncryptKey); |
| 545 AES256_SetPerms(pEncryptDict, m_Permissions, | 545 AES256_SetPerms(pEncryptDict, m_Permissions, |
| 546 pEncryptDict->GetBooleanBy("EncryptMetadata", true), | 546 pEncryptDict->GetBooleanFor("EncryptMetadata", true), |
| 547 m_EncryptKey); | 547 m_EncryptKey); |
| 548 } | 548 } |
| 549 return; | 549 return; |
| 550 } | 550 } |
| 551 if (bDefault) { | 551 if (bDefault) { |
| 552 uint8_t passcode[32]; | 552 uint8_t passcode[32]; |
| 553 for (uint32_t i = 0; i < 32; i++) { | 553 for (uint32_t i = 0; i < 32; i++) { |
| 554 passcode[i] = | 554 passcode[i] = |
| 555 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; | 555 i < owner_size ? owner_pass[i] : defpasscode[i - owner_size]; |
| 556 } | 556 } |
| (...skipping 10 matching lines...) Expand all Loading... |
| 567 } | 567 } |
| 568 CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); | 568 CRYPT_ArcFourCryptBlock(passcode, 32, enckey, key_len); |
| 569 uint8_t tempkey[32]; | 569 uint8_t tempkey[32]; |
| 570 if (m_Revision >= 3) { | 570 if (m_Revision >= 3) { |
| 571 for (uint8_t i = 1; i <= 19; i++) { | 571 for (uint8_t i = 1; i <= 19; i++) { |
| 572 for (int j = 0; j < key_len; j++) | 572 for (int j = 0; j < key_len; j++) |
| 573 tempkey[j] = enckey[j] ^ i; | 573 tempkey[j] = enckey[j] ^ i; |
| 574 CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); | 574 CRYPT_ArcFourCryptBlock(passcode, 32, tempkey, key_len); |
| 575 } | 575 } |
| 576 } | 576 } |
| 577 pEncryptDict->SetAtString("O", CFX_ByteString(passcode, 32)); | 577 pEncryptDict->SetStringFor("O", CFX_ByteString(passcode, 32)); |
| 578 } | 578 } |
| 579 CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey, | 579 CalcEncryptKey(m_pEncryptDict, (uint8_t*)user_pass, user_size, m_EncryptKey, |
| 580 key_len, FALSE, pIdArray); | 580 key_len, FALSE, pIdArray); |
| 581 if (m_Revision < 3) { | 581 if (m_Revision < 3) { |
| 582 uint8_t tempbuf[32]; | 582 uint8_t tempbuf[32]; |
| 583 FXSYS_memcpy(tempbuf, defpasscode, 32); | 583 FXSYS_memcpy(tempbuf, defpasscode, 32); |
| 584 CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); | 584 CRYPT_ArcFourCryptBlock(tempbuf, 32, m_EncryptKey, key_len); |
| 585 pEncryptDict->SetAtString("U", CFX_ByteString(tempbuf, 32)); | 585 pEncryptDict->SetStringFor("U", CFX_ByteString(tempbuf, 32)); |
| 586 } else { | 586 } else { |
| 587 uint8_t md5[100]; | 587 uint8_t md5[100]; |
| 588 CRYPT_MD5Start(md5); | 588 CRYPT_MD5Start(md5); |
| 589 CRYPT_MD5Update(md5, defpasscode, 32); | 589 CRYPT_MD5Update(md5, defpasscode, 32); |
| 590 if (pIdArray) { | 590 if (pIdArray) { |
| 591 CFX_ByteString id = pIdArray->GetStringAt(0); | 591 CFX_ByteString id = pIdArray->GetStringAt(0); |
| 592 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); | 592 CRYPT_MD5Update(md5, (uint8_t*)id.c_str(), id.GetLength()); |
| 593 } | 593 } |
| 594 uint8_t digest[32]; | 594 uint8_t digest[32]; |
| 595 CRYPT_MD5Finish(md5, digest); | 595 CRYPT_MD5Finish(md5, digest); |
| 596 CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); | 596 CRYPT_ArcFourCryptBlock(digest, 16, m_EncryptKey, key_len); |
| 597 uint8_t tempkey[32]; | 597 uint8_t tempkey[32]; |
| 598 for (uint8_t i = 1; i <= 19; i++) { | 598 for (uint8_t i = 1; i <= 19; i++) { |
| 599 for (int j = 0; j < key_len; j++) { | 599 for (int j = 0; j < key_len; j++) { |
| 600 tempkey[j] = m_EncryptKey[j] ^ i; | 600 tempkey[j] = m_EncryptKey[j] ^ i; |
| 601 } | 601 } |
| 602 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); | 602 CRYPT_ArcFourCryptBlock(digest, 16, tempkey, key_len); |
| 603 } | 603 } |
| 604 CRYPT_MD5Generate(digest, 16, digest + 16); | 604 CRYPT_MD5Generate(digest, 16, digest + 16); |
| 605 pEncryptDict->SetAtString("U", CFX_ByteString(digest, 32)); | 605 pEncryptDict->SetStringFor("U", CFX_ByteString(digest, 32)); |
| 606 } | 606 } |
| 607 } | 607 } |
| 608 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, | 608 void CPDF_SecurityHandler::OnCreate(CPDF_Dictionary* pEncryptDict, |
| 609 CPDF_Array* pIdArray, | 609 CPDF_Array* pIdArray, |
| 610 const uint8_t* user_pass, | 610 const uint8_t* user_pass, |
| 611 uint32_t user_size, | 611 uint32_t user_size, |
| 612 const uint8_t* owner_pass, | 612 const uint8_t* owner_pass, |
| 613 uint32_t owner_size, | 613 uint32_t owner_size, |
| 614 uint32_t type) { | 614 uint32_t type) { |
| 615 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, | 615 OnCreate(pEncryptDict, pIdArray, user_pass, user_size, owner_pass, owner_size, |
| (...skipping 11 matching lines...) Expand all Loading... |
| 627 const uint8_t* password, | 627 const uint8_t* password, |
| 628 uint32_t size, | 628 uint32_t size, |
| 629 FX_BOOL bOwner, | 629 FX_BOOL bOwner, |
| 630 const uint8_t* key) { | 630 const uint8_t* key) { |
| 631 uint8_t sha[128]; | 631 uint8_t sha[128]; |
| 632 CRYPT_SHA1Start(sha); | 632 CRYPT_SHA1Start(sha); |
| 633 CRYPT_SHA1Update(sha, key, 32); | 633 CRYPT_SHA1Update(sha, key, 32); |
| 634 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); | 634 CRYPT_SHA1Update(sha, (uint8_t*)"hello", 5); |
| 635 uint8_t digest[20]; | 635 uint8_t digest[20]; |
| 636 CRYPT_SHA1Finish(sha, digest); | 636 CRYPT_SHA1Finish(sha, digest); |
| 637 CFX_ByteString ukey = pEncryptDict->GetStringBy("U"); | 637 CFX_ByteString ukey = pEncryptDict->GetStringFor("U"); |
| 638 uint8_t digest1[48]; | 638 uint8_t digest1[48]; |
| 639 if (m_Revision >= 6) { | 639 if (m_Revision >= 6) { |
| 640 Revision6_Hash(password, size, digest, bOwner ? ukey.raw_str() : nullptr, | 640 Revision6_Hash(password, size, digest, bOwner ? ukey.raw_str() : nullptr, |
| 641 digest1); | 641 digest1); |
| 642 } else { | 642 } else { |
| 643 CRYPT_SHA256Start(sha); | 643 CRYPT_SHA256Start(sha); |
| 644 CRYPT_SHA256Update(sha, password, size); | 644 CRYPT_SHA256Update(sha, password, size); |
| 645 CRYPT_SHA256Update(sha, digest, 8); | 645 CRYPT_SHA256Update(sha, digest, 8); |
| 646 if (bOwner) { | 646 if (bOwner) { |
| 647 CRYPT_SHA256Update(sha, ukey.raw_str(), ukey.GetLength()); | 647 CRYPT_SHA256Update(sha, ukey.raw_str(), ukey.GetLength()); |
| 648 } | 648 } |
| 649 CRYPT_SHA256Finish(sha, digest1); | 649 CRYPT_SHA256Finish(sha, digest1); |
| 650 } | 650 } |
| 651 FXSYS_memcpy(digest1 + 32, digest, 16); | 651 FXSYS_memcpy(digest1 + 32, digest, 16); |
| 652 pEncryptDict->SetAtString(bOwner ? "O" : "U", CFX_ByteString(digest1, 48)); | 652 pEncryptDict->SetStringFor(bOwner ? "O" : "U", CFX_ByteString(digest1, 48)); |
| 653 if (m_Revision >= 6) { | 653 if (m_Revision >= 6) { |
| 654 Revision6_Hash(password, size, digest + 8, | 654 Revision6_Hash(password, size, digest + 8, |
| 655 bOwner ? ukey.raw_str() : nullptr, digest1); | 655 bOwner ? ukey.raw_str() : nullptr, digest1); |
| 656 } else { | 656 } else { |
| 657 CRYPT_SHA256Start(sha); | 657 CRYPT_SHA256Start(sha); |
| 658 CRYPT_SHA256Update(sha, password, size); | 658 CRYPT_SHA256Update(sha, password, size); |
| 659 CRYPT_SHA256Update(sha, digest + 8, 8); | 659 CRYPT_SHA256Update(sha, digest + 8, 8); |
| 660 if (bOwner) { | 660 if (bOwner) { |
| 661 CRYPT_SHA256Update(sha, ukey.raw_str(), ukey.GetLength()); | 661 CRYPT_SHA256Update(sha, ukey.raw_str(), ukey.GetLength()); |
| 662 } | 662 } |
| 663 CRYPT_SHA256Finish(sha, digest1); | 663 CRYPT_SHA256Finish(sha, digest1); |
| 664 } | 664 } |
| 665 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 665 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 666 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); | 666 CRYPT_AESSetKey(aes, 16, digest1, 32, TRUE); |
| 667 uint8_t iv[16]; | 667 uint8_t iv[16]; |
| 668 FXSYS_memset(iv, 0, 16); | 668 FXSYS_memset(iv, 0, 16); |
| 669 CRYPT_AESSetIV(aes, iv); | 669 CRYPT_AESSetIV(aes, iv); |
| 670 CRYPT_AESEncrypt(aes, digest1, key, 32); | 670 CRYPT_AESEncrypt(aes, digest1, key, 32); |
| 671 FX_Free(aes); | 671 FX_Free(aes); |
| 672 pEncryptDict->SetAtString(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); | 672 pEncryptDict->SetStringFor(bOwner ? "OE" : "UE", CFX_ByteString(digest1, 32)); |
| 673 } | 673 } |
| 674 void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict, | 674 void CPDF_SecurityHandler::AES256_SetPerms(CPDF_Dictionary* pEncryptDict, |
| 675 uint32_t permissions, | 675 uint32_t permissions, |
| 676 FX_BOOL bEncryptMetadata, | 676 FX_BOOL bEncryptMetadata, |
| 677 const uint8_t* key) { | 677 const uint8_t* key) { |
| 678 uint8_t buf[16]; | 678 uint8_t buf[16]; |
| 679 buf[0] = (uint8_t)permissions; | 679 buf[0] = (uint8_t)permissions; |
| 680 buf[1] = (uint8_t)(permissions >> 8); | 680 buf[1] = (uint8_t)(permissions >> 8); |
| 681 buf[2] = (uint8_t)(permissions >> 16); | 681 buf[2] = (uint8_t)(permissions >> 16); |
| 682 buf[3] = (uint8_t)(permissions >> 24); | 682 buf[3] = (uint8_t)(permissions >> 24); |
| 683 buf[4] = 0xff; | 683 buf[4] = 0xff; |
| 684 buf[5] = 0xff; | 684 buf[5] = 0xff; |
| 685 buf[6] = 0xff; | 685 buf[6] = 0xff; |
| 686 buf[7] = 0xff; | 686 buf[7] = 0xff; |
| 687 buf[8] = bEncryptMetadata ? 'T' : 'F'; | 687 buf[8] = bEncryptMetadata ? 'T' : 'F'; |
| 688 buf[9] = 'a'; | 688 buf[9] = 'a'; |
| 689 buf[10] = 'd'; | 689 buf[10] = 'd'; |
| 690 buf[11] = 'b'; | 690 buf[11] = 'b'; |
| 691 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 691 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 692 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); | 692 CRYPT_AESSetKey(aes, 16, key, 32, TRUE); |
| 693 uint8_t iv[16], buf1[16]; | 693 uint8_t iv[16], buf1[16]; |
| 694 FXSYS_memset(iv, 0, 16); | 694 FXSYS_memset(iv, 0, 16); |
| 695 CRYPT_AESSetIV(aes, iv); | 695 CRYPT_AESSetIV(aes, iv); |
| 696 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 696 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
| 697 FX_Free(aes); | 697 FX_Free(aes); |
| 698 pEncryptDict->SetAtString("Perms", CFX_ByteString(buf1, 16)); | 698 pEncryptDict->SetStringFor("Perms", CFX_ByteString(buf1, 16)); |
| 699 } | 699 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2334323005:
Rename dictionary set and get methods (Closed)
