| OLD | NEW |
|---|
| 1 // Copyright 2014 PDFium Authors. All rights reserved. | 1 // Copyright 2014 PDFium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com | 5 // Original code copyright 2014 Foxit Software Inc. http://www.foxitsoftware.com |
| 6 | 6 |
| 7 #include "core/fpdfapi/parser/cpdf_security_handler.h" | 7 #include "core/fpdfapi/parser/cpdf_security_handler.h" |
| 8 | 8 |
| 9 #include <time.h> | 9 #include <time.h> |
| 10 | 10 |
| (...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 379 std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength())); | 379 std::min(sizeof(perms_buf), static_cast<size_t>(perms.GetLength())); |
| 380 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); | 380 FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); |
| 381 uint8_t buf[16]; | 381 uint8_t buf[16]; |
| 382 CRYPT_AESDecrypt(aes.data(), buf, perms_buf, 16); | 382 CRYPT_AESDecrypt(aes.data(), buf, perms_buf, 16); |
| 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') | 383 if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') |
| 384 return false; | 384 return false; |
| 385 | 385 |
| 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) | 386 if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) |
| 387 return false; | 387 return false; |
| 388 | 388 |
| 389 bool encrypted = IsMetadataEncrypted(); | 389 // Relax this check as there appear to be some non-conforming documents |
| 390 if ((buf[8] == 'T' && !encrypted) || (buf[8] == 'F' && encrypted)) | 390 // in the wild. The value in the buffer is the truth; if it requires us |
| 391 return false; | 391 // to encrypt metadata, but the dictionary says otherwise, then we may |
| 392 return true; | 392 // have a tampered doc. Otherwise, give it a pass. |
| 393 return buf[8] == 'F' || IsMetadataEncrypted(); |
| 393 } | 394 } |
| 394 | 395 |
| 395 bool CPDF_SecurityHandler::CheckPassword(const uint8_t* password, | 396 bool CPDF_SecurityHandler::CheckPassword(const uint8_t* password, |
| 396 uint32_t size, | 397 uint32_t size, |
| 397 bool bOwner, | 398 bool bOwner, |
| 398 uint8_t* key, | 399 uint8_t* key, |
| 399 int32_t key_len) { | 400 int32_t key_len) { |
| 400 if (m_Revision >= 5) | 401 if (m_Revision >= 5) |
| 401 return AES256_CheckPassword(password, size, bOwner, key); | 402 return AES256_CheckPassword(password, size, bOwner, key); |
| 402 | 403 |
| (...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 705 uint8_t* aes = FX_Alloc(uint8_t, 2048); | 706 uint8_t* aes = FX_Alloc(uint8_t, 2048); |
| 706 CRYPT_AESSetKey(aes, 16, key, 32, true); | 707 CRYPT_AESSetKey(aes, 16, key, 32, true); |
| 707 uint8_t iv[16], buf1[16]; | 708 uint8_t iv[16], buf1[16]; |
| 708 FXSYS_memset(iv, 0, 16); | 709 FXSYS_memset(iv, 0, 16); |
| 709 CRYPT_AESSetIV(aes, iv); | 710 CRYPT_AESSetIV(aes, iv); |
| 710 CRYPT_AESEncrypt(aes, buf1, buf, 16); | 711 CRYPT_AESEncrypt(aes, buf1, buf, 16); |
| 711 FX_Free(aes); | 712 FX_Free(aes); |
| 712 pEncryptDict->SetNewFor<CPDF_String>("Perms", CFX_ByteString(buf1, 16), | 713 pEncryptDict->SetNewFor<CPDF_String>("Perms", CFX_ByteString(buf1, 16), |
| 713 false); | 714 false); |
| 714 } | 715 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2581873002:
Relax the EncryptMetadata check. (Closed)
