Commit 4635a59e65c859b5aac7b08f5780c6f0a679b948
1 parent
11266b14
Remove redundant `compute_U_UE_value_V5`, `compute_O_OE_value_V5`, and `compute_…
…Perms_value_V5` methods; inline their logic into `setV5EncryptionParameters` to simplify encryption data processing.
Showing
2 changed files
with
14 additions
and
53 deletions
include/qpdf/QPDF.hh
| ... | ... | @@ -532,21 +532,9 @@ class QPDF |
| 532 | 532 | |
| 533 | 533 | std::string hash_V5( |
| 534 | 534 | std::string const& password, std::string const& salt, std::string const& udata) const; |
| 535 | - std::string compute_Perms_value_V5(std::string const& encryption_key) const; | |
| 536 | 535 | std::string |
| 537 | 536 | compute_O_value(std::string const& user_password, std::string const& owner_password) const; |
| 538 | 537 | std::string compute_U_value(std::string const& user_password) const; |
| 539 | - void compute_O_OE_value_V5( | |
| 540 | - std::string const& owner_password, | |
| 541 | - std::string const& encryption_key, | |
| 542 | - std::string const& U, | |
| 543 | - std::string& O, | |
| 544 | - std::string& OE) const; | |
| 545 | - void compute_U_UE_value_V5( | |
| 546 | - std::string const& user_password, | |
| 547 | - std::string const& encryption_key, | |
| 548 | - std::string& U, | |
| 549 | - std::string& UE) const; | |
| 550 | 538 | std::string compute_encryption_key_from_password(std::string const& password) const; |
| 551 | 539 | std::string recover_encryption_key_with_password(std::string const& password) const; |
| 552 | 540 | bool check_owner_password_V4( | ... | ... |
libqpdf/QPDF_encryption.cc
| ... | ... | @@ -612,37 +612,6 @@ QPDF::EncryptionData::recover_encryption_key_with_password(std::string const& pa |
| 612 | 612 | return recover_encryption_key_with_password(password, disregard); |
| 613 | 613 | } |
| 614 | 614 | |
| 615 | -void | |
| 616 | -QPDF::EncryptionData::compute_U_UE_value_V5( | |
| 617 | - std::string const& user_password, | |
| 618 | - std::string const& encryption_key, | |
| 619 | - std::string& out_U, | |
| 620 | - std::string& out_UE) const | |
| 621 | -{ | |
| 622 | - // Algorithm 3.8 from the PDF 1.7 extension level 3 | |
| 623 | - auto validation_salt = util::random_string(8); | |
| 624 | - auto key_salt = util::random_string(8); | |
| 625 | - out_U = hash_V5(user_password, validation_salt, "").append(validation_salt).append(key_salt); | |
| 626 | - auto intermediate_key = hash_V5(user_password, key_salt, ""); | |
| 627 | - out_UE = process_with_aes(intermediate_key, true, encryption_key); | |
| 628 | -} | |
| 629 | - | |
| 630 | -void | |
| 631 | -QPDF::EncryptionData::compute_O_OE_value_V5( | |
| 632 | - std::string const& owner_password, | |
| 633 | - std::string const& encryption_key, | |
| 634 | - std::string const& in_U, | |
| 635 | - std::string& out_O, | |
| 636 | - std::string& out_OE) const | |
| 637 | -{ | |
| 638 | - // Algorithm 3.9 from the PDF 1.7 extension level 3 | |
| 639 | - auto validation_salt = util::random_string(8); | |
| 640 | - auto key_salt = util::random_string(8); | |
| 641 | - out_O = hash_V5(owner_password, validation_salt, in_U) + validation_salt + key_salt; | |
| 642 | - std::string intermediate_key = hash_V5(owner_password, key_salt, in_U); | |
| 643 | - out_OE = process_with_aes(intermediate_key, true, encryption_key); | |
| 644 | -} | |
| 645 | - | |
| 646 | 615 | std::string |
| 647 | 616 | QPDF::EncryptionData::compute_Perms_value_V5_clear() const |
| 648 | 617 | { |
| ... | ... | @@ -661,13 +630,6 @@ QPDF::EncryptionData::compute_Perms_value_V5_clear() const |
| 661 | 630 | } |
| 662 | 631 | |
| 663 | 632 | std::string |
| 664 | -QPDF::EncryptionData::compute_Perms_value_V5(std::string const& encryption_key) const | |
| 665 | -{ | |
| 666 | - // Algorithm 3.10 from the PDF 1.7 extension level 3 | |
| 667 | - return process_with_aes(encryption_key, true, compute_Perms_value_V5_clear()); | |
| 668 | -} | |
| 669 | - | |
| 670 | -std::string | |
| 671 | 633 | QPDF::EncryptionData::recover_encryption_key_with_password( |
| 672 | 634 | std::string const& password, bool& perms_valid) const |
| 673 | 635 | { |
| ... | ... | @@ -1207,9 +1169,20 @@ QPDF::EncryptionData::compute_encryption_parameters_V5( |
| 1207 | 1169 | std::string& out_Perms) |
| 1208 | 1170 | { |
| 1209 | 1171 | out_encryption_key = util::random_string(key_bytes); |
| 1210 | - compute_U_UE_value_V5(user_password, out_encryption_key, out_U, out_UE); | |
| 1211 | - compute_O_OE_value_V5(owner_password, out_encryption_key, out_U, out_O, out_OE); | |
| 1212 | - out_Perms = compute_Perms_value_V5(out_encryption_key); | |
| 1172 | + // Algorithm 8 from the PDF 2.0 | |
| 1173 | + auto validation_salt = util::random_string(8); | |
| 1174 | + auto key_salt = util::random_string(8); | |
| 1175 | + out_U = hash_V5(user_password, validation_salt, "").append(validation_salt).append(key_salt); | |
| 1176 | + auto intermediate_key = hash_V5(user_password, key_salt, ""); | |
| 1177 | + out_UE = process_with_aes(intermediate_key, true, out_encryption_key); | |
| 1178 | + // Algorithm 9 from the PDF 2.0 | |
| 1179 | + validation_salt = util::random_string(8); | |
| 1180 | + key_salt = util::random_string(8); | |
| 1181 | + out_O = hash_V5(owner_password, validation_salt, out_U) + validation_salt + key_salt; | |
| 1182 | + intermediate_key = hash_V5(owner_password, key_salt, out_U); | |
| 1183 | + out_OE = process_with_aes(intermediate_key, true, out_encryption_key); | |
| 1184 | + // Algorithm 10 from the PDF 2.0 | |
| 1185 | + out_Perms = process_with_aes(out_encryption_key, true, compute_Perms_value_V5_clear()); | |
| 1213 | 1186 | setV5EncryptionParameters(out_O, out_OE, out_U, out_UE, out_Perms); |
| 1214 | 1187 | } |
| 1215 | 1188 | ... | ... |