You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/09/19 09:38:38 UTC
svn commit: r1881844 - in
/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption:
PublicKeySecurityHandler.java SecurityHandler.java
StandardSecurityHandler.java
Author: tilman
Date: Sat Sep 19 09:38:38 2020
New Revision: 1881844
URL: http://svn.apache.org/viewvc?rev=1881844&view=rev
Log:
PDFBOX-4421: use getters/setters for encryptionKey, as suggested by Christian Appl
Modified:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java?rev=1881844&r1=1881843&r2=1881844&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java Sat Sep 19 09:38:38 2020
@@ -269,8 +269,8 @@ public final class PublicKeySecurityHand
}
// we have the encryption key ...
- encryptionKey = new byte[getKeyLength() / 8];
- System.arraycopy(mdResult, 0, encryptionKey, 0, getKeyLength() / 8);
+ setEncryptionKey(new byte[getKeyLength() / 8]);
+ System.arraycopy(mdResult, 0, getEncryptionKey(), 0, getKeyLength() / 8);
}
catch (CMSException e)
{
@@ -397,8 +397,8 @@ public final class PublicKeySecurityHand
break;
}
- this.encryptionKey = new byte[getKeyLength() / 8];
- System.arraycopy(mdResult, 0, this.encryptionKey, 0, getKeyLength() / 8);
+ setEncryptionKey(new byte[getKeyLength() / 8]);
+ System.arraycopy(mdResult, 0, getEncryptionKey(), 0, getKeyLength() / 8);
doc.setEncryptionDictionary(dictionary);
doc.getDocument().setEncryptionDictionary(dictionary.getCOSObject());
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java?rev=1881844&r1=1881843&r2=1881844&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java Sat Sep 19 09:38:38 2020
@@ -71,7 +71,7 @@ public abstract class SecurityHandler
*/
protected int keyLength = DEFAULT_KEY_LENGTH;
- /** The encryption key that will used to encrypt / decrypt.*/
+ /** The encryption key that will used to encrypt / decrypt. Will become private in 3.0. */
protected byte[] encryptionKey;
/** The RC4 implementation used for cryptographic functions. */
@@ -735,6 +735,26 @@ public abstract class SecurityHandler
}
/**
+ * Returns the current encryption key data.
+ *
+ * @return The current encryption key data.
+ */
+ public byte[] getEncryptionKey()
+ {
+ return encryptionKey;
+ }
+
+ /**
+ * Sets the current encryption key data.
+ *
+ * @param encryptionKey The encryption key data to set.
+ */
+ public void setEncryptionKey(byte[] encryptionKey)
+ {
+ this.encryptionKey = encryptionKey;
+ }
+
+ /**
* Computes the version number of the {@link SecurityHandler} based on the encryption key
* length. See PDF Spec 1.6 p 93 and
* <a href="https://www.adobe.com/content/dam/acom/en/devnet/pdf/adobe_supplement_iso32000.pdf">PDF
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1881844&r1=1881843&r2=1881844&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java Sat Sep 19 09:38:38 2020
@@ -207,7 +207,7 @@ public final class StandardSecurityHandl
ownerKey, dicRevision, dicLength );
}
- encryptionKey =
+ setEncryptionKey(
computeEncryptedKey(
computedPassword,
ownerKey, userKey, oe, ue,
@@ -215,7 +215,7 @@ public final class StandardSecurityHandl
documentIDBytes,
dicRevision,
dicLength,
- encryptMetadata, true );
+ encryptMetadata, true));
}
else if( isUserPassword(password.getBytes(passwordCharset), userKey, ownerKey,
dicPermissions, documentIDBytes, dicRevision,
@@ -225,7 +225,7 @@ public final class StandardSecurityHandl
currentAccessPermission.setReadOnly();
setCurrentAccessPermission(currentAccessPermission);
- encryptionKey =
+ setEncryptionKey(
computeEncryptedKey(
password.getBytes(passwordCharset),
ownerKey, userKey, oe, ue,
@@ -233,7 +233,7 @@ public final class StandardSecurityHandl
documentIDBytes,
dicRevision,
dicLength,
- encryptMetadata, false );
+ encryptMetadata, false));
}
else
{
@@ -287,7 +287,7 @@ public final class StandardSecurityHandl
// "Decrypt the 16-byte Perms string using AES-256 in ECB mode with an
// initialization vector of zero and the file encryption key as the key."
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
- cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(encryptionKey, "AES"));
+ cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(getEncryptionKey(), "AES"));
byte[] perms = cipher.doFinal(encryption.getPerms());
// "Verify that bytes 9-11 of the result are the characters âaâ, âdâ, âbâ."
@@ -397,8 +397,8 @@ public final class StandardSecurityHandl
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
// make a random 256-bit file encryption key
- encryptionKey = new byte[32];
- rnd.nextBytes(encryptionKey);
+ setEncryptionKey(new byte[32]);
+ rnd.nextBytes(getEncryptionKey());
// Algorithm 8a: Compute U
byte[] userPasswordBytes = truncate127(userPassword.getBytes(Charsets.UTF_8));
@@ -415,7 +415,7 @@ public final class StandardSecurityHandl
userPasswordBytes, null);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(hashUE, "AES"),
new IvParameterSpec(new byte[16]));
- byte[] ue = cipher.doFinal(encryptionKey);
+ byte[] ue = cipher.doFinal(getEncryptionKey());
// Algorithm 9a: Compute O
byte[] ownerPasswordBytes = truncate127(ownerPassword.getBytes(Charsets.UTF_8));
@@ -432,7 +432,7 @@ public final class StandardSecurityHandl
ownerPasswordBytes, u);
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(hashOE, "AES"),
new IvParameterSpec(new byte[16]));
- byte[] oe = cipher.doFinal(encryptionKey);
+ byte[] oe = cipher.doFinal(getEncryptionKey());
// Set keys and other required constants in encryption dictionary
encryptionDictionary.setUserKey(u);
@@ -461,7 +461,7 @@ public final class StandardSecurityHandl
perms[i] = (byte) rnd.nextInt();
}
- cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptionKey, "AES"),
+ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(getEncryptionKey(), "AES"),
new IvParameterSpec(new byte[16]));
byte[] permsEnc = cipher.doFinal(perms);
@@ -511,8 +511,8 @@ public final class StandardSecurityHandl
userPassword.getBytes(Charsets.ISO_8859_1),
ownerBytes, permissionInt, id.getBytes(), revision, length, true);
- encryptionKey = computeEncryptedKey(userPassword.getBytes(Charsets.ISO_8859_1), ownerBytes,
- null, null, null, permissionInt, id.getBytes(), revision, length, true, false);
+ setEncryptionKey(computeEncryptedKey(userPassword.getBytes(Charsets.ISO_8859_1), ownerBytes,
+ null, null, null, permissionInt, id.getBytes(), revision, length, true, false));
encryptionDictionary.setOwnerKey(ownerBytes);
encryptionDictionary.setUserKey(userBytes);