You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2019/06/01 17:55:43 UTC
svn commit: r1860488 - in
/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption:
SaslPrep.java StandardSecurityHandler.java
Author: tilman
Date: Sat Jun 1 17:55:43 2019
New Revision: 1860488
URL: http://svn.apache.org/viewvc?rev=1860488&view=rev
Log:
PDFBOX-4155: use SASLprep algorithm implementation by Tom Bentley for revision 6, as suggested by Marc Kaufman
Added:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SaslPrep.java
- copied unchanged from r1860486, pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SaslPrep.java
Modified:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1860488&r1=1860487&r2=1860488&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java Sat Jun 1 17:55:43 2019
@@ -208,7 +208,12 @@ public final class StandardSecurityHandl
ue = encryption.getUserEncryptionKey();
oe = encryption.getOwnerEncryptionKey();
}
-
+
+ if (dicRevision == 6)
+ {
+ password = SaslPrep.saslPrepQuery(password); // PDFBOX-4155
+ }
+
AccessPermission currentAccessPermission;
if( isOwnerPassword(password.getBytes(passwordCharset), userKey, ownerKey,
@@ -378,7 +383,7 @@ public final class StandardSecurityHandl
{
userPassword = "";
}
-
+
// If no owner password is set, use the user password instead.
if (ownerPassword.isEmpty())
{
@@ -393,6 +398,9 @@ public final class StandardSecurityHandl
if (revision == 6)
{
+ // PDFBOX-4155
+ ownerPassword = SaslPrep.saslPrepStored(ownerPassword);
+ userPassword = SaslPrep.saslPrepStored(userPassword);
prepareEncryptionDictRev6(ownerPassword, userPassword, encryptionDictionary, permissionInt);
}
else