OLD | NEW |
1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
6 | 6 |
7 #include "core/fpdfapi/parser/cpdf_security_handler.h" | 7 #include "core/fpdfapi/parser/cpdf_security_handler.h" |
8 | 8 |
9 #include <time.h> | 9 #include <time.h> |
10 | 10 |
(...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
379 std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength())); | 379 std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength())); |
380 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); | 380 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); |
381 uint8_t buf[16]; | 381 uint8_t buf[16]; |
382 CRYPT_AESDecrypt(aes.data(), buf, perms_buf, 16); | 382 CRYPT_AESDecrypt(aes.data(), buf, perms_buf, 16); |
383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') | 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') |
384 return false; | 384 return false; |
385 | 385 |
386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) | 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) |
387 return false; | 387 return false; |
388 | 388 |
389 bool encrypted = IsMetadataEncrypted(); | 389 // Relax this check as there appear to be some non-conforming documents |
390 if ((buf[8] == 'T' && !encrypted) || (buf[8] == 'F' && encrypted)) | 390 // in the wild. The value in the buffer is the truth; if it requires us |
391 return false; | 391 // to encrypt metadata, but the dictionary says otherwise, then we may |
392 return true; | 392 // have a tampered doc. Otherwise, give it a pass. |
| 393 return buf[8] == 'F' || IsMetadataEncrypted(); |
393 } | 394 } |
394 | 395 |
395 bool CPDF_SecurityHandler::CheckPassword(const uint8_t* password, | 396 bool CPDF_SecurityHandler::CheckPassword(const uint8_t* password, |
396 uint32_t size, | 397 uint32_t size, |
397 bool bOwner, | 398 bool bOwner, |
398 uint8_t* key, | 399 uint8_t* key, |
399 int32_t key_len) { | 400 int32_t key_len) { |
400 if (m_Revision >= 5) | 401 if (m_Revision >= 5) |
401 return AES256_CheckPassword(password, size, bOwner, key); | 402 return AES256_CheckPassword(password, size, bOwner, key); |
402 | 403 |
(...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
705 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 706 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
706 CRYPT_AESSetKey(aes, 16, key, 32, true); | 707 CRYPT_AESSetKey(aes, 16, key, 32, true); |
707 uint8_t iv[16], buf1[16]; | 708 uint8_t iv[16], buf1[16]; |
708 FXSYS_memset(iv, 0, 16); | 709 FXSYS_memset(iv, 0, 16); |
709 CRYPT_AESSetIV(aes, iv); | 710 CRYPT_AESSetIV(aes, iv); |
710 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 711 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
711 FX_Free(aes); | 712 FX_Free(aes); |
712 pEncryptDict->SetNewFor<CPDF_String>("Perms", CFX_ByteString(buf1, 16), | 713 pEncryptDict->SetNewFor<CPDF_String>("Perms", CFX_ByteString(buf1, 16), |
713 false); | 714 false); |
714 } | 715 } |
OLD | NEW |