void CPDF_CryptoHandler::CryptBlock(bool bEncrypt, uint32_t objnum, uint32_t gennum, const uint8_t* src_buf, uint32_t src_size, uint8_t* dest_buf, uint32_t& dest_size) { if (m_Cipher == FXCIPHER_NONE) { FXSYS_memcpy(dest_buf, src_buf, src_size); return; } uint8_t realkey[16]; int realkeylen = 16; if (m_Cipher != FXCIPHER_AES || m_KeyLen != 32) { uint8_t key1[32]; PopulateKey(objnum, gennum, key1); if (m_Cipher == FXCIPHER_AES) { FXSYS_memcpy(key1 + m_KeyLen + 5, "sAlT", 4); } CRYPT_MD5Generate( key1, m_Cipher == FXCIPHER_AES ? m_KeyLen + 9 : m_KeyLen + 5, realkey); realkeylen = m_KeyLen + 5; if (realkeylen > 16) { realkeylen = 16; } } if (m_Cipher == FXCIPHER_AES) { CRYPT_AESSetKey(m_pAESContext, 16, m_KeyLen == 32 ? m_EncryptKey : realkey, m_KeyLen, bEncrypt); if (bEncrypt) { uint8_t iv[16]; for (int i = 0; i < 16; i++) { iv[i] = (uint8_t)rand(); } CRYPT_AESSetIV(m_pAESContext, iv); FXSYS_memcpy(dest_buf, iv, 16); int nblocks = src_size / 16; CRYPT_AESEncrypt(m_pAESContext, dest_buf + 16, src_buf, nblocks * 16); uint8_t padding[16]; FXSYS_memcpy(padding, src_buf + nblocks * 16, src_size % 16); FXSYS_memset(padding + src_size % 16, 16 - src_size % 16, 16 - src_size % 16); CRYPT_AESEncrypt(m_pAESContext, dest_buf + nblocks * 16 + 16, padding, 16); dest_size = 32 + nblocks * 16; } else { CRYPT_AESSetIV(m_pAESContext, src_buf); CRYPT_AESDecrypt(m_pAESContext, dest_buf, src_buf + 16, src_size - 16); dest_size = src_size - 16; dest_size -= dest_buf[dest_size - 1]; } } else { ASSERT(dest_size == src_size); if (dest_buf != src_buf) { FXSYS_memcpy(dest_buf, src_buf, src_size); } CRYPT_ArcFourCryptBlock(dest_buf, dest_size, realkey, realkeylen); } }
bool CPDF_CryptoHandler::CryptStream(void* context, const uint8_t* src_buf, uint32_t src_size, CFX_BinaryBuf& dest_buf, bool bEncrypt) { if (!context) { return false; } if (m_Cipher == FXCIPHER_NONE) { dest_buf.AppendBlock(src_buf, src_size); return true; } if (m_Cipher == FXCIPHER_RC4) { int old_size = dest_buf.GetSize(); dest_buf.AppendBlock(src_buf, src_size); CRYPT_ArcFourCrypt(reinterpret_cast<CRYPT_rc4_context*>(context), dest_buf.GetBuffer() + old_size, src_size); return true; } AESCryptContext* pContext = reinterpret_cast<AESCryptContext*>(context); if (pContext->m_bIV && bEncrypt) { dest_buf.AppendBlock(pContext->m_Block, 16); pContext->m_bIV = false; } uint32_t src_off = 0; uint32_t src_left = src_size; while (1) { uint32_t copy_size = 16 - pContext->m_BlockOffset; if (copy_size > src_left) { copy_size = src_left; } FXSYS_memcpy(pContext->m_Block + pContext->m_BlockOffset, src_buf + src_off, copy_size); src_off += copy_size; src_left -= copy_size; pContext->m_BlockOffset += copy_size; if (pContext->m_BlockOffset == 16) { if (!bEncrypt && pContext->m_bIV) { CRYPT_AESSetIV(pContext->m_Context, pContext->m_Block); pContext->m_bIV = false; pContext->m_BlockOffset = 0; } else if (src_off < src_size) { uint8_t block_buf[16]; if (bEncrypt) { CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); } else { CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); } dest_buf.AppendBlock(block_buf, 16); pContext->m_BlockOffset = 0; } } if (!src_left) { break; } } return true; }
bool CPDF_CryptoHandler::CryptFinish(void* context, CFX_BinaryBuf& dest_buf, bool bEncrypt) { if (!context) { return false; } if (m_Cipher == FXCIPHER_NONE) { return true; } if (m_Cipher == FXCIPHER_RC4) { FX_Free(context); return true; } AESCryptContext* pContext = (AESCryptContext*)context; if (bEncrypt) { uint8_t block_buf[16]; if (pContext->m_BlockOffset == 16) { CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); dest_buf.AppendBlock(block_buf, 16); pContext->m_BlockOffset = 0; } FXSYS_memset(pContext->m_Block + pContext->m_BlockOffset, (uint8_t)(16 - pContext->m_BlockOffset), 16 - pContext->m_BlockOffset); CRYPT_AESEncrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); dest_buf.AppendBlock(block_buf, 16); } else if (pContext->m_BlockOffset == 16) { uint8_t block_buf[16]; CRYPT_AESDecrypt(pContext->m_Context, block_buf, pContext->m_Block, 16); if (block_buf[15] <= 16) { dest_buf.AppendBlock(block_buf, 16 - block_buf[15]); } } FX_Free(pContext); return true; }
FX_BOOL CPDF_SecurityHandler::AES256_CheckPassword(const uint8_t* password, uint32_t size, FX_BOOL bOwner, uint8_t* key) { CFX_ByteString okey = m_pEncryptDict ? m_pEncryptDict->GetStringBy("O") : CFX_ByteString(); if (okey.GetLength() < 48) { return FALSE; } CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetStringBy("U") : CFX_ByteString(); if (ukey.GetLength() < 48) { return FALSE; } const uint8_t* pkey = (bOwner ? okey : ukey).raw_str(); uint8_t sha[128]; uint8_t digest[32]; if (m_Revision >= 6) { Revision6_Hash(password, size, (const uint8_t*)pkey + 32, bOwner ? ukey.raw_str() : nullptr, digest); } else { CRYPT_SHA256Start(sha); CRYPT_SHA256Update(sha, password, size); CRYPT_SHA256Update(sha, pkey + 32, 8); if (bOwner) { CRYPT_SHA256Update(sha, ukey.raw_str(), 48); } CRYPT_SHA256Finish(sha, digest); } if (FXSYS_memcmp(digest, pkey, 32) != 0) { return FALSE; } if (!key) { return TRUE; } if (m_Revision >= 6) { Revision6_Hash(password, size, (const uint8_t*)pkey + 40, bOwner ? ukey.raw_str() : nullptr, digest); } else { CRYPT_SHA256Start(sha); CRYPT_SHA256Update(sha, password, size); CRYPT_SHA256Update(sha, pkey + 40, 8); if (bOwner) { CRYPT_SHA256Update(sha, ukey.raw_str(), 48); } CRYPT_SHA256Finish(sha, digest); } CFX_ByteString ekey = m_pEncryptDict ? m_pEncryptDict->GetStringBy(bOwner ? "OE" : "UE") : CFX_ByteString(); if (ekey.GetLength() < 32) { return FALSE; } uint8_t* aes = FX_Alloc(uint8_t, 2048); CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); uint8_t iv[16]; FXSYS_memset(iv, 0, 16); CRYPT_AESSetIV(aes, iv); CRYPT_AESDecrypt(aes, key, ekey.raw_str(), 32); CRYPT_AESSetKey(aes, 16, key, 32, FALSE); CRYPT_AESSetIV(aes, iv); CFX_ByteString perms = m_pEncryptDict->GetStringBy("Perms"); if (perms.IsEmpty()) { return FALSE; } uint8_t perms_buf[16]; FXSYS_memset(perms_buf, 0, sizeof(perms_buf)); uint32_t copy_len = sizeof(perms_buf); if (copy_len > (uint32_t)perms.GetLength()) { copy_len = perms.GetLength(); } FXSYS_memcpy(perms_buf, perms.raw_str(), copy_len); uint8_t buf[16]; CRYPT_AESDecrypt(aes, buf, perms_buf, 16); FX_Free(aes); if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { return FALSE; } if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { return FALSE; } if ((buf[8] == 'T' && !IsMetadataEncrypted()) || (buf[8] == 'F' && IsMetadataEncrypted())) { return FALSE; } return TRUE; }
FX_BOOL CPDF_StandardSecurityHandler::AES256_CheckPassword(FX_LPCBYTE password, FX_DWORD size, FX_BOOL bOwner, FX_LPBYTE key) { CFX_ByteString okey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("O")) : CFX_ByteString(); if (okey.GetLength() < 48) { return FALSE; } CFX_ByteString ukey = m_pEncryptDict ? m_pEncryptDict->GetString(FX_BSTRC("U")) : CFX_ByteString(); if (ukey.GetLength() < 48) { return FALSE; } FX_LPCBYTE pkey = bOwner ? (FX_LPCBYTE)okey : (FX_LPCBYTE)ukey; FX_BYTE sha[128]; FX_BYTE digest[32]; if (m_Revision >= 6) { Revision6_Hash(password, size, (FX_LPCBYTE)pkey + 32, (bOwner ? (FX_LPCBYTE)ukey : NULL), digest); } else { CRYPT_SHA256Start(sha); CRYPT_SHA256Update(sha, password, size); CRYPT_SHA256Update(sha, pkey + 32, 8); if (bOwner) { CRYPT_SHA256Update(sha, ukey, 48); } CRYPT_SHA256Finish(sha, digest); } if (FXSYS_memcmp32(digest, pkey, 32) != 0) { return FALSE; } if (key == NULL) { return TRUE; } if (m_Revision >= 6) { Revision6_Hash(password, size, (FX_LPCBYTE)pkey + 40, (bOwner ? (FX_LPCBYTE)ukey : NULL), digest); } else { CRYPT_SHA256Start(sha); CRYPT_SHA256Update(sha, password, size); CRYPT_SHA256Update(sha, pkey + 40, 8); if (bOwner) { CRYPT_SHA256Update(sha, ukey, 48); } CRYPT_SHA256Finish(sha, digest); } CFX_ByteString ekey = m_pEncryptDict ? m_pEncryptDict->GetString(bOwner ? FX_BSTRC("OE") : FX_BSTRC("UE")) : CFX_ByteString(); if (ekey.GetLength() < 32) { return FALSE; } FX_BYTE* aes = FX_Alloc(FX_BYTE, 2048); CRYPT_AESSetKey(aes, 16, digest, 32, FALSE); FX_BYTE iv[16]; FXSYS_memset32(iv, 0, 16); CRYPT_AESSetIV(aes, iv); CRYPT_AESDecrypt(aes, key, ekey, 32); CRYPT_AESSetKey(aes, 16, key, 32, FALSE); CRYPT_AESSetIV(aes, iv); CFX_ByteString perms = m_pEncryptDict->GetString(FX_BSTRC("Perms")); if (perms.IsEmpty()) { return FALSE; } FX_BYTE perms_buf[16]; FXSYS_memset32(perms_buf, 0, sizeof(perms_buf)); FX_DWORD copy_len = sizeof(perms_buf); if (copy_len > (FX_DWORD)perms.GetLength()) { copy_len = perms.GetLength(); } FXSYS_memcpy32(perms_buf, (FX_LPCBYTE)perms, copy_len); FX_BYTE buf[16]; CRYPT_AESDecrypt(aes, buf, perms_buf, 16); FX_Free(aes); if (buf[9] != 'a' || buf[10] != 'd' || buf[11] != 'b') { return FALSE; } if (FXDWORD_GET_LSBFIRST(buf) != m_Permissions) { return FALSE; } if ((buf[8] == 'T' && !IsMetadataEncrypted()) || (buf[8] == 'F' && IsMetadataEncrypted())) { return FALSE; } return TRUE; }