void CPDF_CryptoHandler::CryptBlock(bool bEncrypt,
uint32_t objnum,
uint32_t gennum,
const uint8_t* src_buf,
uint32_t src_size,
uint8_t* dest_buf,
uint32_t& dest_size) {
if (m_Cipher == FXCIPHER_NONE) {
FXSYS_memcpy(dest_buf, src_buf, src_size);
return;
}
uint8_t realkey[16];
int realkeylen = 16;
if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) {
uint8_t key1[32];
PopulateKey(objnum, gennum, key1);
if (m_Cipher == FXCIPHER_AES) {
FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4);
}
CRYPT_MD5Generate(
key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey);
realkeylen = m_KeyLen + 5;
if (realkeylen > 16) {
realkeylen = 16;
}
}
if (m_Cipher == FXCIPHER_AES) {
CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey,
m_KeyLen, bEncrypt);
if (bEncrypt) {
uint8_t iv[16];
for (int i = 0; i < 16; i++) {
iv[i] = (uint8_t)rand();
}
CRYPT_AESSetIV(m_pAESContext, iv);
FXSYS_memcpy(dest_buf, iv, 16);
int nblocks = src_size / 16;
CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16);
uint8_t padding[16];
FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16);
FXSYS_memset(padding + src_size % 16, 16 - src_size % 16,
16 - src_size % 16);
CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding,
16);
dest_size = 32 + nblocks * 16;
} else {
CRYPT_AESSetIV(m_pAESContext, src_buf);
CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16);
dest_size = src_size - 16;
dest_size -= dest_buf[dest_size - 1];
}
} else {
ASSERT(dest_size == src_size);
if (dest_buf != src_buf) {
FXSYS_memcpy(dest_buf, src_buf, src_size);
}
CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen);
}
}
bool CPDF_CryptoHandler::CryptStream(void* context,
const uint8_t* src_buf,
uint32_t src_size,
CFX_BinaryBuf& dest_buf,
bool bEncrypt) {
if (!context) {
return false;
}
if (m_Cipher == FXCIPHER_NONE) {
dest_buf.AppendBlock(src_buf, src_size);
return true;
}
if (m_Cipher == FXCIPHER_RC4) {
int old_size = dest_buf.GetSize();
dest_buf.AppendBlock(src_buf, src_size);
CRYPT_ArcFourCrypt(reinterpret_cast<CRYPT_rc4_context*>(context),
dest_buf.GetBuffer() + old_size, src_size);
return true;
}
AESCryptContext* pContext = reinterpret_cast<AESCryptContext*>(context);
if (pContext->m_bIV && bEncrypt) {
dest_buf.AppendBlock(pContext->m_Block, 16);
pContext->m_bIV = false;
}
uint32_t src_off = 0;
uint32_t src_left = src_size;
while (1) {
uint32_t copy_size = 16 - pContext->m_BlockOffset;
if (copy_size > src_left) {
copy_size = src_left;
}
FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_off,
copy_size);
src_off += copy_size;
src_left -= copy_size;
pContext->m_BlockOffset += copy_size;
if (pContext->m_BlockOffset == 16) {
if (!bEncrypt && pContext->m_bIV) {
CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block);
pContext->m_bIV = false;
pContext->m_BlockOffset = 0;
} else if (src_off < src_size) {
uint8_t block_buf[16];
if (bEncrypt) {
CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block,
16);
} else {
CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block,
16);
}
dest_buf.AppendBlock(block_buf, 16);
pContext->m_BlockOffset = 0;
}
}
if (!src_left) {
break;
}
}
return true;
}
bool CPDF_CryptoHandler::CryptFinish(void* context,
CFX_BinaryBuf& dest_buf,
bool bEncrypt) {
if (!context) {
return false;
}
if (m_Cipher == FXCIPHER_NONE) {
return true;
}
if (m_Cipher == FXCIPHER_RC4) {
FX_Free(context);
return true;
}
AESCryptContext* pContext = (AESCryptContext*)context;
if (bEncrypt) {
uint8_t block_buf[16];
if (pContext->m_BlockOffset == 16) {
CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
dest_buf.AppendBlock(block_buf, 16);
pContext->m_BlockOffset = 0;
}
FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset,
(uint8_t)(16 - pContext->m_BlockOffset),
16 - pContext->m_BlockOffset);
CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
dest_buf.AppendBlock(block_buf, 16);
} else if (pContext->m_BlockOffset == 16) {
uint8_t block_buf[16];
CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16);
if (block_buf[15] <= 16) {
dest_buf.AppendBlock(block_buf, 16 - block_buf[15]);
}
}
FX_Free(pContext);
return true;
}
FX_BOOL CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password,
uint32_t size,
FX_BOOL bOwner,
uint8_t* key) {
CFX_ByteString okey =
m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString();
if (okey.GetLength() < 48) {
return FALSE;
}
CFX_ByteString ukey =
m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString();
if (ukey.GetLength() < 48) {
return FALSE;
}
const uint8_t* pkey = (bOwner ? okey : ukey).raw_str();
uint8_t sha[128];
uint8_t digest[32];
if (m_Revision >= 6) {
Revision6_Hash(password, size, (const uint8_t*)pkey + 32,
bOwner ? ukey.raw_str() : nullptr, digest);
} else {
CRYPT_SHA256Start(sha);
CRYPT_SHA256Update(sha, password, size);
CRYPT_SHA256Update(sha, pkey + 32, 8);
if (bOwner) {
CRYPT_SHA256Update(sha, ukey.raw_str(), 48);
}
CRYPT_SHA256Finish(sha, digest);
}
if (FXSYS_memcmp(digest, pkey, 32) != 0) {
return FALSE;
}
if (!key) {
return TRUE;
}
if (m_Revision >= 6) {
Revision6_Hash(password, size, (const uint8_t*)pkey + 40,
bOwner ? ukey.raw_str() : nullptr, digest);
} else {
CRYPT_SHA256Start(sha);
CRYPT_SHA256Update(sha, password, size);
CRYPT_SHA256Update(sha, pkey + 40, 8);
if (bOwner) {
CRYPT_SHA256Update(sha, ukey.raw_str(), 48);
}
CRYPT_SHA256Finish(sha, digest);
}
CFX_ByteString ekey = m_pEncryptDict
? m_pEncryptDict->GetStringBy(bOwner ? "OE" : "UE")
: CFX_ByteString();
if (ekey.GetLength() < 32) {
return FALSE;
}
uint8_t* aes = FX_Alloc(uint8_t, 2048);
CRYPT_AESSetKey(aes, 16, digest, 32, FALSE);
uint8_t iv[16];
FXSYS_memset(iv, 0, 16);
CRYPT_AESSetIV(aes, iv);
CRYPT_AESDecrypt(aes, key, ekey.raw_str(), 32);
CRYPT_AESSetKey(aes, 16, key, 32, FALSE);
CRYPT_AESSetIV(aes, iv);
CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms");
if (perms.IsEmpty()) {
return FALSE;
}
uint8_t perms_buf[16];
FXSYS_memset(perms_buf, 0, sizeof(perms_buf));
uint32_t copy_len = sizeof(perms_buf);
if (copy_len > (uint32_t)perms.GetLength()) {
copy_len = perms.GetLength();
}
FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len);
uint8_t buf[16];
CRYPT_AESDecrypt(aes, buf, perms_buf, 16);
FX_Free(aes);
if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') {
return FALSE;
}
if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) {
return FALSE;
}
if ((buf[8] == 'T' && !IsMetadataEncrypted()) ||
(buf[8] == 'F' && IsMetadataEncrypted())) {
return FALSE;
}
return TRUE;
}
FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword(FX_LPCBYTE password, FX_DWORD size,
FX_BOOL bOwner, FX_LPBYTE key)
{
CFX_ByteString okey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("O")) : CFX_ByteString();
if (okey.GetLength() < 48) {
return FALSE;
}
CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U")) : CFX_ByteString();
if (ukey.GetLength() < 48) {
return FALSE;
}
FX_LPCBYTE pkey = bOwner ? (FX_LPCBYTE)okey : (FX_LPCBYTE)ukey;
FX_BYTE sha[128];
FX_BYTE digest[32];
if (m_Revision >= 6) {
Revision6_Hash(password, size, (FX_LPCBYTE)pkey + 32, (bOwner ? (FX_LPCBYTE)ukey : NULL), digest);
} else {
CRYPT_SHA256Start(sha);
CRYPT_SHA256Update(sha, password, size);
CRYPT_SHA256Update(sha, pkey + 32, 8);
if (bOwner) {
CRYPT_SHA256Update(sha, ukey, 48);
}
CRYPT_SHA256Finish(sha, digest);
}
if (FXSYS_memcmp32(digest, pkey, 32) != 0) {
return FALSE;
}
if (key == NULL) {
return TRUE;
}
if (m_Revision >= 6) {
Revision6_Hash(password, size, (FX_LPCBYTE)pkey + 40, (bOwner ? (FX_LPCBYTE)ukey : NULL), digest);
} else {
CRYPT_SHA256Start(sha);
CRYPT_SHA256Update(sha, password, size);
CRYPT_SHA256Update(sha, pkey + 40, 8);
if (bOwner) {
CRYPT_SHA256Update(sha, ukey, 48);
}
CRYPT_SHA256Finish(sha, digest);
}
CFX_ByteString ekey = m_pEncryptDict ? m_pEncryptDict->GetString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE")) : CFX_ByteString();
if (ekey.GetLength() < 32) {
return FALSE;
}
FX_BYTE* aes = FX_Alloc(FX_BYTE, 2048);
CRYPT_AESSetKey(aes, 16, digest, 32, FALSE);
FX_BYTE iv[16];
FXSYS_memset32(iv, 0, 16);
CRYPT_AESSetIV(aes, iv);
CRYPT_AESDecrypt(aes, key, ekey, 32);
CRYPT_AESSetKey(aes, 16, key, 32, FALSE);
CRYPT_AESSetIV(aes, iv);
CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms"));
if (perms.IsEmpty()) {
return FALSE;
}
FX_BYTE perms_buf[16];
FXSYS_memset32(perms_buf, 0, sizeof(perms_buf));
FX_DWORD copy_len = sizeof(perms_buf);
if (copy_len > (FX_DWORD)perms.GetLength()) {
copy_len = perms.GetLength();
}
FXSYS_memcpy32(perms_buf, (FX_LPCBYTE)perms, copy_len);
FX_BYTE buf[16];
CRYPT_AESDecrypt(aes, buf, perms_buf, 16);
FX_Free(aes);
if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') {
return FALSE;
}
if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) {
return FALSE;
}
if ((buf[8] == 'T' && !IsMetadataEncrypted()) || (buf[8] == 'F' && IsMetadataEncrypted())) {
return FALSE;
}
return TRUE;
}
