Commit ae1385cd8a2ae302cd5a57875d5589695e8e5972
1 parent
9a23c3dc
Update ChangeLog with recent changes
Showing
1 changed file
with
106 additions
and
15 deletions
ChangeLog
| 1 | +2012-12-30 Jay Berkenbilt <ejb@ql.org> | ||
| 2 | + | ||
| 3 | + * Fix long-standing bug that could theoretically have resulted in | ||
| 4 | + possible misinterpretation of decode parameters in streams. As | ||
| 5 | + far as I can tell, it is extremely unlikely that files with the | ||
| 6 | + characteristics that would have triggered the bug actually exist | ||
| 7 | + in cases that qpdf versions prior to 4.0.0 could have read. | ||
| 8 | + Unencrypted files with encrypted attachments would have triggered | ||
| 9 | + this bug, but qpdf versions prior to 4.0.0 already refused to open | ||
| 10 | + such files. | ||
| 11 | + | ||
| 12 | + * Fix long-standing bug in which a stream that used a crypt | ||
| 13 | + filter and was otherwise not filterable by qpdf would be decrypted | ||
| 14 | + properly but would retain the crypt filter indication in the | ||
| 15 | + file. There are no known ways to create files like this, so it is | ||
| 16 | + unlikely that anyone ever hit this bug. | ||
| 17 | + | ||
| 18 | +2012-12-29 Jay Berkenbilt <ejb@ql.org> | ||
| 19 | + | ||
| 20 | + * Add read/write support for both the deprecated Acrobat IX | ||
| 21 | + encryption format and the Acrobat X/PDF 2.0 encryption format | ||
| 22 | + using 256-bit AES keys. Using the Acrobat IX format (R=5) forces | ||
| 23 | + the version of the file to 1.7 with extension level 3. Using the | ||
| 24 | + PDF 2.0 format (R=6) forces it to 1.7 extension level 8. | ||
| 25 | + | ||
| 26 | + * Add new method QPDF::getEncryptionKey to return the actual | ||
| 27 | + encryption key used for encryption of data in the file. The key | ||
| 28 | + is returned as a std::string. | ||
| 29 | + | ||
| 30 | + * Non-compatible API change: change signature of | ||
| 31 | + QPDF::compute_data_key to take the R and V values from the | ||
| 32 | + encryption dictionary. There is no reason for any application | ||
| 33 | + code to call this method since handling of encryption is done | ||
| 34 | + automatically by the qpdf libary. It is used internally by | ||
| 35 | + QPDFWriter. | ||
| 36 | + | ||
| 37 | + * Support reading and decryption of files whose main text is not | ||
| 38 | + encrypted but whose attachments are. More generally, support the | ||
| 39 | + case of files and streams encrypted differently with some | ||
| 40 | + limitations, described in the documentation. This was not | ||
| 41 | + previously supported due to lack of test files, but I created test | ||
| 42 | + files using a trial version of Acrobat XI to fully implement this | ||
| 43 | + case. | ||
| 44 | + | ||
| 45 | + * Incorporate sha2 code from sphlib 3.0. See README for | ||
| 46 | + licensing. Create private pipeline class for computing hashes | ||
| 47 | + with sha256, sha384, and sha512. | ||
| 48 | + | ||
| 49 | + * Allow specification of initialization vector when using AES | ||
| 50 | + filtering. This is required to compute the hash used in /R=6 (PDF | ||
| 51 | + 2.0) encryption. | ||
| 52 | + | ||
| 53 | +2012-12-28 Jay Berkenbilt <ejb@ql.org> | ||
| 54 | + | ||
| 55 | + * Add random number generation functions to QUtil. | ||
| 56 | + | ||
| 57 | + * Fix old bug that could cause an infinite loop if user password | ||
| 58 | + recovery methods were called and a password contained the "(" | ||
| 59 | + character (which happens to be the first byte of padding used by | ||
| 60 | + older PDF encryption formats). This bug was noticed while reading | ||
| 61 | + code and would not happen under ordinary usage patterns even if | ||
| 62 | + the password contained that character. | ||
| 63 | + | ||
| 1 | 2012-12-27 Jay Berkenbilt <ejb@ql.org> | 64 | 2012-12-27 Jay Berkenbilt <ejb@ql.org> |
| 2 | 65 | ||
| 3 | - * Removed public method QPDF::flattenScalarReferences. Instead, | ||
| 4 | - just flatten the scalar references we actually need to flatten. | ||
| 5 | - Flattening scalar references was a wrong decision years ago and | ||
| 6 | - has occasionally caused other problems, among which were that it | ||
| 7 | - caused qpdf to visit otherwise unreferenced and possibly erroneous | ||
| 8 | - objects in the file when it didn't have to. | ||
| 9 | - | ||
| 10 | - * Removed public method QPDF::decodeStreams which was previously | ||
| 11 | - used by qpdf --check but is no longer used. The decodeStreams | ||
| 12 | - method could generate false positives since it would attempt to | ||
| 13 | - access all objects in the file including those that were not | ||
| 14 | - referenced. | ||
| 15 | - | ||
| 16 | - * Removed public method QPDF::trimTrailerForWrite, which was only | ||
| 17 | - intended for use by QPDFWriter and which is no longer used. | 66 | + * Add awareness of extension level to PDF Version methods for both |
| 67 | + reading and writing. This includes adding method | ||
| 68 | + QPDF::getExtensionLevel and new versions of | ||
| 69 | + QPDFWriter::setMinimumPDFVersion and QPDFWriter::forcePDFVersion | ||
| 70 | + that support extension levels. The qpdf command-line tool | ||
| 71 | + interprets version numbers of the form x.y.z as version x.y at | ||
| 72 | + extension level z. | ||
| 73 | + | ||
| 74 | + * Update AES classes to support use of 256-bit keys. | ||
| 75 | + | ||
| 76 | + * Non-compatible API change: Removed public method | ||
| 77 | + QPDF::flattenScalarReferences. Instead, just flatten the scalar | ||
| 78 | + references we actually need to flatten. Flattening scalar | ||
| 79 | + references was a wrong decision years ago and has occasionally | ||
| 80 | + caused other problems, among which were that it caused qpdf to | ||
| 81 | + visit otherwise unreferenced and possibly erroneous objects in the | ||
| 82 | + file when it didn't have to. There's no reason that any | ||
| 83 | + non-internal code would have had to call this. | ||
| 84 | + | ||
| 85 | + * Non-compatible API change: Removed public method | ||
| 86 | + QPDF::decodeStreams which was previously used by qpdf --check but | ||
| 87 | + is no longer used. The decodeStreams method could generate false | ||
| 88 | + positives since it would attempt to access all objects in the file | ||
| 89 | + including those that were not referenced. There's no reason that | ||
| 90 | + any non-internal code would have had to call this. | ||
| 91 | + | ||
| 92 | + * Non-compatible API change: Removed public method | ||
| 93 | + QPDF::trimTrailerForWrite, which was only intended for use by | ||
| 94 | + QPDFWriter and which is no longer used. | ||
| 95 | + | ||
| 96 | +2012-12-26 Jay Berkenbilt <ejb@ql.org> | ||
| 97 | + | ||
| 98 | + * Add new fields to QPDF::EncryptionData to support newer | ||
| 99 | + encryption formats (V=5, R=5 and R=6) | ||
| 100 | + | ||
| 101 | + * Non-compatible API change: Change public nested class | ||
| 102 | + QPDF::EncryptionData to make all member fields private and to add | ||
| 103 | + method calls. This is a non-compatible API change, but changing | ||
| 104 | + EncryptionData is necessary to support newer encryption formats, | ||
| 105 | + and making this change will prevent the need from making a | ||
| 106 | + non-compatible change in the future if new fields are added. A | ||
| 107 | + public nested class should never have had public members to begin | ||
| 108 | + with. | ||
| 18 | 109 | ||
| 19 | 2012-12-25 Jay Berkenbilt <ejb@ql.org> | 110 | 2012-12-25 Jay Berkenbilt <ejb@ql.org> |
| 20 | 111 |