You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/09/18 18:58:53 UTC
svn commit: r1881827 - in
/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption:
PublicKeySecurityHandler.java SecurityHandler.java
StandardSecurityHandler.java
Author: tilman
Date: Fri Sep 18 18:58:53 2020
New Revision: 1881827
URL: http://svn.apache.org/viewvc?rev=1881827&view=rev
Log:
PDFBOX-4421: pull up protection policy and computing version number, because it will be used by both security handlers, as suggested by Christian Appl
Modified:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java?rev=1881827&r1=1881826&r2=1881827&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java Fri Sep 18 18:58:53 2020
@@ -83,8 +83,6 @@ public final class PublicKeySecurityHand
private static final String SUBFILTER4 = "adbe.pkcs7.s4";
private static final String SUBFILTER5 = "adbe.pkcs7.s5";
- private PublicKeyProtectionPolicy policy = null;
-
/**
* Constructor.
*/
@@ -95,12 +93,12 @@ public final class PublicKeySecurityHand
/**
* Constructor used for encryption.
*
- * @param p The protection policy.
+ * @param publicKeyProtectionPolicy The protection policy.
*/
- public PublicKeySecurityHandler(PublicKeyProtectionPolicy p)
+ public PublicKeySecurityHandler(PublicKeyProtectionPolicy publicKeyProtectionPolicy)
{
- policy = p;
- this.keyLength = policy.getEncryptionKeyLength();
+ setProtectionPolicy(publicKeyProtectionPolicy);
+ this.keyLength = publicKeyProtectionPolicy.getEncryptionKeyLength();
}
/**
@@ -411,29 +409,6 @@ public final class PublicKeySecurityHand
}
}
- /**
- * Computes the version number of the StandardSecurityHandler based on the encryption key
- * length. See PDF Spec 1.6 p 93 and
- * <a href="https://www.adobe.com/content/dam/acom/en/devnet/pdf/adobe_supplement_iso32000.pdf">PDF
- * 1.7 Supplement ExtensionLevel: 3</a>
- *
- * @return The computed version number.
- */
- private int computeVersionNumber()
- {
- switch (keyLength)
- {
- case 40:
- return 1;
- case 128:
- return 4; // prefer AES
- case 256:
- return 5;
- default:
- throw new IllegalArgumentException("key length must be 40, 128 or 256");
- }
- }
-
private void prepareEncryptionDictAES(PDEncryption encryptionDictionary, COSName aesVName, byte[][] recipients)
{
PDCryptFilterDictionary cryptFilterDictionary = new PDCryptFilterDictionary();
@@ -455,8 +430,9 @@ public final class PublicKeySecurityHand
private byte[][] computeRecipientsField(byte[] seed) throws GeneralSecurityException, IOException
{
- byte[][] recipientsField = new byte[policy.getNumberOfRecipients()][];
- Iterator<PublicKeyRecipient> it = policy.getRecipientsIterator();
+ PublicKeyProtectionPolicy protectionPolicy = (PublicKeyProtectionPolicy) getProtectionPolicy();
+ byte[][] recipientsField = new byte[protectionPolicy.getNumberOfRecipients()][];
+ Iterator<PublicKeyRecipient> it = protectionPolicy.getRecipientsIterator();
int i = 0;
while(it.hasNext())
@@ -575,13 +551,4 @@ public final class PublicKeySecurityHand
RecipientIdentifier recipientId = new RecipientIdentifier(serial);
return new KeyTransRecipientInfo(recipientId, algorithmId, octets);
}
-
- /**
- * {@inheritDoc}
- */
- @Override
- public boolean hasProtectionPolicy()
- {
- return policy != null;
- }
}
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java?rev=1881827&r1=1881826&r2=1881827&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java Fri Sep 18 18:58:53 2020
@@ -91,6 +91,8 @@ public abstract class SecurityHandler
private boolean useAES;
+ private ProtectionPolicy protectionPolicy = null;
+
/**
* The access permission granted to the current user for the document. These
* permissions are computed during decryption and are in read only mode.
@@ -706,5 +708,54 @@ public abstract class SecurityHandler
*
* @return true if a protection policy has been set.
*/
- public abstract boolean hasProtectionPolicy();
+ public boolean hasProtectionPolicy()
+ {
+ return protectionPolicy != null;
+ }
+
+ /**
+ * Returns the set {@link ProtectionPolicy} or null.
+ *
+ * @return The set {@link ProtectionPolicy}.
+ */
+ protected ProtectionPolicy getProtectionPolicy()
+ {
+ return protectionPolicy;
+ }
+
+ /**
+ * Sets the {@link ProtectionPolicy} to the given value.
+ * @param protectionPolicy The {@link ProtectionPolicy}, that shall be set.
+ */
+ protected void setProtectionPolicy(ProtectionPolicy protectionPolicy)
+ {
+ this.protectionPolicy = protectionPolicy;
+ }
+
+ /**
+ * Computes the version number of the {@link SecurityHandler} based on the encryption key
+ * length. See PDF Spec 1.6 p 93 and
+ * <a href="https://www.adobe.com/content/dam/acom/en/devnet/pdf/adobe_supplement_iso32000.pdf">PDF
+ * 1.7 Supplement ExtensionLevel: 3</a> and
+ * <a href="http://intranet.pdfa.org/wp-content/uploads/2016/08/ISO_DIS_32000-2-DIS4.pdf">PDF
+ * Spec 2.0</a>.
+ *
+ * @return The computed version number.
+ */
+ protected int computeVersionNumber()
+ {
+ if (keyLength == 40)
+ {
+ return 1;
+ }
+ else if (keyLength == 128 && protectionPolicy.isPreferAES())
+ {
+ return 4;
+ }
+ else if (keyLength == 256)
+ {
+ return 5;
+ }
+ return 2;
+ }
}
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1881827&r1=1881826&r2=1881827&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java Fri Sep 18 18:58:53 2020
@@ -74,10 +74,6 @@ public final class StandardSecurityHandl
// hashes used for Algorithm 2.B, depending on remainder from E modulo 3
private static final String[] HASHES_2B = new String[] {"SHA-256", "SHA-384", "SHA-512"};
- private static final int DEFAULT_VERSION = 1;
-
- private StandardProtectionPolicy policy;
-
/**
* Constructor.
*/
@@ -88,37 +84,12 @@ public final class StandardSecurityHandl
/**
* Constructor used for encryption.
*
- * @param p The protection policy.
+ * @param standardProtectionPolicy The protection policy.
*/
- public StandardSecurityHandler(StandardProtectionPolicy p)
+ public StandardSecurityHandler(StandardProtectionPolicy standardProtectionPolicy)
{
- policy = p;
- keyLength = policy.getEncryptionKeyLength();
- }
-
- /**
- * Computes the version number of the StandardSecurityHandler
- * based on the encryption key length.
- * See PDF Spec 1.6 p 93 and PDF 1.7 AEL3
- *
- * @return The computed version number.
- */
- private int computeVersionNumber()
- {
- if(keyLength == 40)
- {
- return DEFAULT_VERSION;
- }
- else if (keyLength == 128 && policy.isPreferAES())
- {
- return 4;
- }
- else if (keyLength == 256)
- {
- return 5;
- }
-
- return 2;
+ setProtectionPolicy(standardProtectionPolicy);
+ keyLength = standardProtectionPolicy.getEncryptionKeyLength();
}
/**
@@ -132,7 +103,9 @@ public final class StandardSecurityHandl
*/
private int computeRevisionNumber(int version)
{
- if(version < 2 && !policy.getPermissions().hasAnyRevision3PermissionSet())
+ StandardProtectionPolicy protectionPolicy = (StandardProtectionPolicy) getProtectionPolicy();
+ AccessPermission permissions = protectionPolicy.getPermissions();
+ if (version < 2 && !permissions.hasAnyRevision3PermissionSet())
{
return 2;
}
@@ -145,7 +118,7 @@ public final class StandardSecurityHandl
{
return 4;
}
- if ( version == 2 || version == 3 || policy.getPermissions().hasAnyRevision3PermissionSet())
+ if (version == 2 || version == 3 || permissions.hasAnyRevision3PermissionSet())
{
return 3;
}
@@ -373,8 +346,9 @@ public final class StandardSecurityHandl
encryptionDictionary.setRevision(revision);
encryptionDictionary.setLength(keyLength);
- String ownerPassword = policy.getOwnerPassword();
- String userPassword = policy.getUserPassword();
+ StandardProtectionPolicy protectionPolicy = (StandardProtectionPolicy) getProtectionPolicy();
+ String ownerPassword = protectionPolicy.getOwnerPassword();
+ String userPassword = protectionPolicy.getUserPassword();
if( ownerPassword == null )
{
ownerPassword = "";
@@ -390,7 +364,7 @@ public final class StandardSecurityHandl
ownerPassword = userPassword;
}
- int permissionInt = policy.getPermissions().getPermissionBytes();
+ int permissionInt = protectionPolicy.getPermissions().getPermissionBytes();
encryptionDictionary.setPermissions(permissionInt);
@@ -1202,13 +1176,4 @@ public final class StandardSecurityHandl
{
}
}
-
- /**
- * {@inheritDoc}
- */
- @Override
- public boolean hasProtectionPolicy()
- {
- return policy != null;
- }
}