Commit 0d68cd7359249c3b75160b77d876b1aa0d304298
1 parent
e623caf2
Refactor `QPDF_encryption` to inline `truncate_password_V5`, replace it with dir…
…ect `substr` calls, and simplify password handling logic.
Showing
1 changed file
with
4 additions
and
11 deletions
libqpdf/QPDF_encryption.cc
| @@ -191,12 +191,6 @@ pad_or_truncate_password_V4(std::string password) | @@ -191,12 +191,6 @@ pad_or_truncate_password_V4(std::string password) | ||
| 191 | return password; | 191 | return password; |
| 192 | } | 192 | } |
| 193 | 193 | ||
| 194 | -static std::string | ||
| 195 | -truncate_password_V5(std::string const& password) | ||
| 196 | -{ | ||
| 197 | - return password.substr(0, std::min(static_cast<size_t>(127), password.length())); | ||
| 198 | -} | ||
| 199 | - | ||
| 200 | static void | 194 | static void |
| 201 | iterate_md5_digest(MD5& md5, MD5::Digest& digest, int iterations, int key_len) | 195 | iterate_md5_digest(MD5& md5, MD5::Digest& digest, int iterations, int key_len) |
| 202 | { | 196 | { |
| @@ -533,8 +527,8 @@ QPDF::EncryptionData::check_user_password_V5(std::string const& user_password) c | @@ -533,8 +527,8 @@ QPDF::EncryptionData::check_user_password_V5(std::string const& user_password) c | ||
| 533 | 527 | ||
| 534 | std::string user_data = getU().substr(0, 32); | 528 | std::string user_data = getU().substr(0, 32); |
| 535 | std::string validation_salt = getU().substr(32, 8); | 529 | std::string validation_salt = getU().substr(32, 8); |
| 536 | - std::string password = truncate_password_V5(user_password); | ||
| 537 | - return hash_V5(password, validation_salt, "") == user_data; | 530 | + std::string password = user_password.substr(0, 127); |
| 531 | + return hash_V5(user_password.substr(0, 127), validation_salt, "") == user_data; | ||
| 538 | } | 532 | } |
| 539 | 533 | ||
| 540 | bool | 534 | bool |
| @@ -578,8 +572,7 @@ QPDF::EncryptionData::check_owner_password_V5(std::string const& owner_password) | @@ -578,8 +572,7 @@ QPDF::EncryptionData::check_owner_password_V5(std::string const& owner_password) | ||
| 578 | std::string user_data = getU().substr(0, 48); | 572 | std::string user_data = getU().substr(0, 48); |
| 579 | std::string owner_data = getO().substr(0, 32); | 573 | std::string owner_data = getO().substr(0, 32); |
| 580 | std::string validation_salt = getO().substr(32, 8); | 574 | std::string validation_salt = getO().substr(32, 8); |
| 581 | - std::string password = truncate_password_V5(owner_password); | ||
| 582 | - return hash_V5(password, validation_salt, user_data) == owner_data; | 575 | + return hash_V5(owner_password.substr(0, 127), validation_salt, user_data) == owner_data; |
| 583 | } | 576 | } |
| 584 | 577 | ||
| 585 | bool | 578 | bool |
| @@ -629,7 +622,7 @@ QPDF::EncryptionData::recover_encryption_key_with_password( | @@ -629,7 +622,7 @@ QPDF::EncryptionData::recover_encryption_key_with_password( | ||
| 629 | // profile of stringprep (RFC 3454) and then convert the result to UTF-8. | 622 | // profile of stringprep (RFC 3454) and then convert the result to UTF-8. |
| 630 | 623 | ||
| 631 | perms_valid = false; | 624 | perms_valid = false; |
| 632 | - std::string key_password = truncate_password_V5(password); | 625 | + std::string key_password = password.substr(0, 127); |
| 633 | std::string key_salt; | 626 | std::string key_salt; |
| 634 | std::string user_data; | 627 | std::string user_data; |
| 635 | std::string encrypted_file_key; | 628 | std::string encrypted_file_key; |