Commit 0d68cd7359249c3b75160b77d876b1aa0d304298
1 parent
e623caf2
Refactor `QPDF_encryption` to inline `truncate_password_V5`, replace it with dir…
…ect `substr` calls, and simplify password handling logic.
Showing
1 changed file
with
4 additions
and
11 deletions
libqpdf/QPDF_encryption.cc
| ... | ... | @@ -191,12 +191,6 @@ pad_or_truncate_password_V4(std::string password) |
| 191 | 191 | return password; |
| 192 | 192 | } |
| 193 | 193 | |
| 194 | -static std::string | |
| 195 | -truncate_password_V5(std::string const& password) | |
| 196 | -{ | |
| 197 | - return password.substr(0, std::min(static_cast<size_t>(127), password.length())); | |
| 198 | -} | |
| 199 | - | |
| 200 | 194 | static void |
| 201 | 195 | iterate_md5_digest(MD5& md5, MD5::Digest& digest, int iterations, int key_len) |
| 202 | 196 | { |
| ... | ... | @@ -533,8 +527,8 @@ QPDF::EncryptionData::check_user_password_V5(std::string const& user_password) c |
| 533 | 527 | |
| 534 | 528 | std::string user_data = getU().substr(0, 32); |
| 535 | 529 | std::string validation_salt = getU().substr(32, 8); |
| 536 | - std::string password = truncate_password_V5(user_password); | |
| 537 | - return hash_V5(password, validation_salt, "") == user_data; | |
| 530 | + std::string password = user_password.substr(0, 127); | |
| 531 | + return hash_V5(user_password.substr(0, 127), validation_salt, "") == user_data; | |
| 538 | 532 | } |
| 539 | 533 | |
| 540 | 534 | bool |
| ... | ... | @@ -578,8 +572,7 @@ QPDF::EncryptionData::check_owner_password_V5(std::string const& owner_password) |
| 578 | 572 | std::string user_data = getU().substr(0, 48); |
| 579 | 573 | std::string owner_data = getO().substr(0, 32); |
| 580 | 574 | std::string validation_salt = getO().substr(32, 8); |
| 581 | - std::string password = truncate_password_V5(owner_password); | |
| 582 | - return hash_V5(password, validation_salt, user_data) == owner_data; | |
| 575 | + return hash_V5(owner_password.substr(0, 127), validation_salt, user_data) == owner_data; | |
| 583 | 576 | } |
| 584 | 577 | |
| 585 | 578 | bool |
| ... | ... | @@ -629,7 +622,7 @@ QPDF::EncryptionData::recover_encryption_key_with_password( |
| 629 | 622 | // profile of stringprep (RFC 3454) and then convert the result to UTF-8. |
| 630 | 623 | |
| 631 | 624 | perms_valid = false; |
| 632 | - std::string key_password = truncate_password_V5(password); | |
| 625 | + std::string key_password = password.substr(0, 127); | |
| 633 | 626 | std::string key_salt; |
| 634 | 627 | std::string user_data; |
| 635 | 628 | std::string encrypted_file_key; | ... | ... |