Commit 4635a59e65c859b5aac7b08f5780c6f0a679b948
1 parent
11266b14
Remove redundant `compute_U_UE_value_V5`, `compute_O_OE_value_V5`, and `compute_…
…Perms_value_V5` methods; inline their logic into `setV5EncryptionParameters` to simplify encryption data processing.
Showing
2 changed files
with
14 additions
and
53 deletions
include/qpdf/QPDF.hh
| @@ -532,21 +532,9 @@ class QPDF | @@ -532,21 +532,9 @@ class QPDF | ||
| 532 | 532 | ||
| 533 | std::string hash_V5( | 533 | std::string hash_V5( |
| 534 | std::string const& password, std::string const& salt, std::string const& udata) const; | 534 | std::string const& password, std::string const& salt, std::string const& udata) const; |
| 535 | - std::string compute_Perms_value_V5(std::string const& encryption_key) const; | ||
| 536 | std::string | 535 | std::string |
| 537 | compute_O_value(std::string const& user_password, std::string const& owner_password) const; | 536 | compute_O_value(std::string const& user_password, std::string const& owner_password) const; |
| 538 | std::string compute_U_value(std::string const& user_password) const; | 537 | std::string compute_U_value(std::string const& user_password) const; |
| 539 | - void compute_O_OE_value_V5( | ||
| 540 | - std::string const& owner_password, | ||
| 541 | - std::string const& encryption_key, | ||
| 542 | - std::string const& U, | ||
| 543 | - std::string& O, | ||
| 544 | - std::string& OE) const; | ||
| 545 | - void compute_U_UE_value_V5( | ||
| 546 | - std::string const& user_password, | ||
| 547 | - std::string const& encryption_key, | ||
| 548 | - std::string& U, | ||
| 549 | - std::string& UE) const; | ||
| 550 | std::string compute_encryption_key_from_password(std::string const& password) const; | 538 | std::string compute_encryption_key_from_password(std::string const& password) const; |
| 551 | std::string recover_encryption_key_with_password(std::string const& password) const; | 539 | std::string recover_encryption_key_with_password(std::string const& password) const; |
| 552 | bool check_owner_password_V4( | 540 | bool check_owner_password_V4( |
libqpdf/QPDF_encryption.cc
| @@ -612,37 +612,6 @@ QPDF::EncryptionData::recover_encryption_key_with_password(std::string const& pa | @@ -612,37 +612,6 @@ QPDF::EncryptionData::recover_encryption_key_with_password(std::string const& pa | ||
| 612 | return recover_encryption_key_with_password(password, disregard); | 612 | return recover_encryption_key_with_password(password, disregard); |
| 613 | } | 613 | } |
| 614 | 614 | ||
| 615 | -void | ||
| 616 | -QPDF::EncryptionData::compute_U_UE_value_V5( | ||
| 617 | - std::string const& user_password, | ||
| 618 | - std::string const& encryption_key, | ||
| 619 | - std::string& out_U, | ||
| 620 | - std::string& out_UE) const | ||
| 621 | -{ | ||
| 622 | - // Algorithm 3.8 from the PDF 1.7 extension level 3 | ||
| 623 | - auto validation_salt = util::random_string(8); | ||
| 624 | - auto key_salt = util::random_string(8); | ||
| 625 | - out_U = hash_V5(user_password, validation_salt, "").append(validation_salt).append(key_salt); | ||
| 626 | - auto intermediate_key = hash_V5(user_password, key_salt, ""); | ||
| 627 | - out_UE = process_with_aes(intermediate_key, true, encryption_key); | ||
| 628 | -} | ||
| 629 | - | ||
| 630 | -void | ||
| 631 | -QPDF::EncryptionData::compute_O_OE_value_V5( | ||
| 632 | - std::string const& owner_password, | ||
| 633 | - std::string const& encryption_key, | ||
| 634 | - std::string const& in_U, | ||
| 635 | - std::string& out_O, | ||
| 636 | - std::string& out_OE) const | ||
| 637 | -{ | ||
| 638 | - // Algorithm 3.9 from the PDF 1.7 extension level 3 | ||
| 639 | - auto validation_salt = util::random_string(8); | ||
| 640 | - auto key_salt = util::random_string(8); | ||
| 641 | - out_O = hash_V5(owner_password, validation_salt, in_U) + validation_salt + key_salt; | ||
| 642 | - std::string intermediate_key = hash_V5(owner_password, key_salt, in_U); | ||
| 643 | - out_OE = process_with_aes(intermediate_key, true, encryption_key); | ||
| 644 | -} | ||
| 645 | - | ||
| 646 | std::string | 615 | std::string |
| 647 | QPDF::EncryptionData::compute_Perms_value_V5_clear() const | 616 | QPDF::EncryptionData::compute_Perms_value_V5_clear() const |
| 648 | { | 617 | { |
| @@ -661,13 +630,6 @@ QPDF::EncryptionData::compute_Perms_value_V5_clear() const | @@ -661,13 +630,6 @@ QPDF::EncryptionData::compute_Perms_value_V5_clear() const | ||
| 661 | } | 630 | } |
| 662 | 631 | ||
| 663 | std::string | 632 | std::string |
| 664 | -QPDF::EncryptionData::compute_Perms_value_V5(std::string const& encryption_key) const | ||
| 665 | -{ | ||
| 666 | - // Algorithm 3.10 from the PDF 1.7 extension level 3 | ||
| 667 | - return process_with_aes(encryption_key, true, compute_Perms_value_V5_clear()); | ||
| 668 | -} | ||
| 669 | - | ||
| 670 | -std::string | ||
| 671 | QPDF::EncryptionData::recover_encryption_key_with_password( | 633 | QPDF::EncryptionData::recover_encryption_key_with_password( |
| 672 | std::string const& password, bool& perms_valid) const | 634 | std::string const& password, bool& perms_valid) const |
| 673 | { | 635 | { |
| @@ -1207,9 +1169,20 @@ QPDF::EncryptionData::compute_encryption_parameters_V5( | @@ -1207,9 +1169,20 @@ QPDF::EncryptionData::compute_encryption_parameters_V5( | ||
| 1207 | std::string& out_Perms) | 1169 | std::string& out_Perms) |
| 1208 | { | 1170 | { |
| 1209 | out_encryption_key = util::random_string(key_bytes); | 1171 | out_encryption_key = util::random_string(key_bytes); |
| 1210 | - compute_U_UE_value_V5(user_password, out_encryption_key, out_U, out_UE); | ||
| 1211 | - compute_O_OE_value_V5(owner_password, out_encryption_key, out_U, out_O, out_OE); | ||
| 1212 | - out_Perms = compute_Perms_value_V5(out_encryption_key); | 1172 | + // Algorithm 8 from the PDF 2.0 |
| 1173 | + auto validation_salt = util::random_string(8); | ||
| 1174 | + auto key_salt = util::random_string(8); | ||
| 1175 | + out_U = hash_V5(user_password, validation_salt, "").append(validation_salt).append(key_salt); | ||
| 1176 | + auto intermediate_key = hash_V5(user_password, key_salt, ""); | ||
| 1177 | + out_UE = process_with_aes(intermediate_key, true, out_encryption_key); | ||
| 1178 | + // Algorithm 9 from the PDF 2.0 | ||
| 1179 | + validation_salt = util::random_string(8); | ||
| 1180 | + key_salt = util::random_string(8); | ||
| 1181 | + out_O = hash_V5(owner_password, validation_salt, out_U) + validation_salt + key_salt; | ||
| 1182 | + intermediate_key = hash_V5(owner_password, key_salt, out_U); | ||
| 1183 | + out_OE = process_with_aes(intermediate_key, true, out_encryption_key); | ||
| 1184 | + // Algorithm 10 from the PDF 2.0 | ||
| 1185 | + out_Perms = process_with_aes(out_encryption_key, true, compute_Perms_value_V5_clear()); | ||
| 1213 | setV5EncryptionParameters(out_O, out_OE, out_U, out_UE, out_Perms); | 1186 | setV5EncryptionParameters(out_O, out_OE, out_U, out_UE, out_Perms); |
| 1214 | } | 1187 | } |
| 1215 | 1188 |