You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/09/19 09:38:24 UTC
svn commit: r1881843 - in
/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption:
PublicKeySecurityHandler.java SecurityHandler.java
StandardSecurityHandler.java
Author: tilman
Date: Sat Sep 19 09:38:24 2020
New Revision: 1881843
URL: http://svn.apache.org/viewvc?rev=1881843&view=rev
Log:
PDFBOX-4421: use getters/setters for encryptionKey and make it private, as suggested by Christian Appl
Modified:
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java?rev=1881843&r1=1881842&r2=1881843&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java Sat Sep 19 09:38:24 2020
@@ -269,8 +269,8 @@ public final class PublicKeySecurityHand
}
// we have the encryption key ...
- encryptionKey = new byte[getKeyLength() / 8];
- System.arraycopy(mdResult, 0, encryptionKey, 0, getKeyLength() / 8);
+ setEncryptionKey(new byte[getKeyLength() / 8]);
+ System.arraycopy(mdResult, 0, getEncryptionKey(), 0, getKeyLength() / 8);
}
catch (CMSException | KeyStoreException | CertificateEncodingException e)
{
@@ -389,8 +389,8 @@ public final class PublicKeySecurityHand
break;
}
- this.encryptionKey = new byte[getKeyLength() / 8];
- System.arraycopy(mdResult, 0, this.encryptionKey, 0, getKeyLength() / 8);
+ setEncryptionKey(new byte[getKeyLength() / 8]);
+ System.arraycopy(mdResult, 0, getEncryptionKey(), 0, getKeyLength() / 8);
doc.setEncryptionDictionary(dictionary);
doc.getDocument().setEncryptionDictionary(dictionary.getCOSObject());
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java?rev=1881843&r1=1881842&r2=1881843&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java Sat Sep 19 09:38:24 2020
@@ -70,7 +70,7 @@ public abstract class SecurityHandler
private int keyLength = DEFAULT_KEY_LENGTH;
/** The encryption key that will used to encrypt / decrypt.*/
- protected byte[] encryptionKey;
+ private byte[] encryptionKey;
/** The RC4 implementation used for cryptographic functions. */
private final RC4Cipher rc4 = new RC4Cipher();
@@ -729,6 +729,26 @@ public abstract class SecurityHandler
}
/**
+ * Returns the current encryption key data.
+ *
+ * @return The current encryption key data.
+ */
+ public byte[] getEncryptionKey()
+ {
+ return encryptionKey;
+ }
+
+ /**
+ * Sets the current encryption key data.
+ *
+ * @param encryptionKey The encryption key data to set.
+ */
+ public void setEncryptionKey(byte[] encryptionKey)
+ {
+ this.encryptionKey = encryptionKey;
+ }
+
+ /**
* Computes the version number of the {@link SecurityHandler} based on the encryption key
* length. See PDF Spec 1.6 p 93 and
* <a href="https://www.adobe.com/content/dam/acom/en/devnet/pdf/adobe_supplement_iso32000.pdf">PDF
Modified: pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1881843&r1=1881842&r2=1881843&view=diff
==============================================================================
--- pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java (original)
+++ pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java Sat Sep 19 09:38:24 2020
@@ -207,7 +207,7 @@ public final class StandardSecurityHandl
ownerKey, dicRevision, dicLength );
}
- encryptionKey =
+ setEncryptionKey(
computeEncryptedKey(
computedPassword,
ownerKey, userKey, oe, ue,
@@ -215,7 +215,7 @@ public final class StandardSecurityHandl
documentIDBytes,
dicRevision,
dicLength,
- encryptMetadata, true );
+ encryptMetadata, true));
}
else if( isUserPassword(password.getBytes(passwordCharset), userKey, ownerKey,
dicPermissions, documentIDBytes, dicRevision,
@@ -225,7 +225,7 @@ public final class StandardSecurityHandl
currentAccessPermission.setReadOnly();
setCurrentAccessPermission(currentAccessPermission);
- encryptionKey =
+ setEncryptionKey(
computeEncryptedKey(
password.getBytes(passwordCharset),
ownerKey, userKey, oe, ue,
@@ -233,7 +233,7 @@ public final class StandardSecurityHandl
documentIDBytes,
dicRevision,
dicLength,
- encryptMetadata, false );
+ encryptMetadata, false));
}
else
{
@@ -288,7 +288,7 @@ public final class StandardSecurityHandl
// initialization vector of zero and the file encryption key as the key."
@SuppressWarnings({"squid:S4432"})
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
- cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(encryptionKey, "AES"));
+ cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(getEncryptionKey(), "AES"));
byte[] perms = cipher.doFinal(encryption.getPerms());
// "Verify that bytes 9-11 of the result are the characters âaâ, âdâ, âbâ."
@@ -398,8 +398,8 @@ public final class StandardSecurityHandl
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
// make a random 256-bit file encryption key
- encryptionKey = new byte[32];
- rnd.nextBytes(encryptionKey);
+ setEncryptionKey(new byte[32]);
+ rnd.nextBytes(getEncryptionKey());
// Algorithm 8a: Compute U
byte[] userPasswordBytes = truncate127(userPassword.getBytes(StandardCharsets.UTF_8));
@@ -417,7 +417,7 @@ public final class StandardSecurityHandl
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(hashUE, "AES"),
// "an initialization vector of zero"
new IvParameterSpec(new byte[16]));
- byte[] ue = cipher.doFinal(encryptionKey);
+ byte[] ue = cipher.doFinal(getEncryptionKey());
// Algorithm 9a: Compute O
byte[] ownerPasswordBytes = truncate127(ownerPassword.getBytes(StandardCharsets.UTF_8));
@@ -435,7 +435,7 @@ public final class StandardSecurityHandl
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(hashOE, "AES"),
// "an initialization vector of zero"
new IvParameterSpec(new byte[16]));
- byte[] oe = cipher.doFinal(encryptionKey);
+ byte[] oe = cipher.doFinal(getEncryptionKey());
// Set keys and other required constants in encryption dictionary
encryptionDictionary.setUserKey(u);
@@ -464,7 +464,7 @@ public final class StandardSecurityHandl
perms[i] = (byte) rnd.nextInt();
}
- cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptionKey, "AES"),
+ cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(getEncryptionKey(), "AES"),
// "an initialization vector of zero"
new IvParameterSpec(new byte[16]));
@@ -515,8 +515,8 @@ public final class StandardSecurityHandl
userPassword.getBytes(StandardCharsets.ISO_8859_1),
ownerBytes, permissionInt, id.getBytes(), revision, length, true);
- encryptionKey = computeEncryptedKey(userPassword.getBytes(StandardCharsets.ISO_8859_1), ownerBytes,
- null, null, null, permissionInt, id.getBytes(), revision, length, true, false);
+ setEncryptionKey(computeEncryptedKey(userPassword.getBytes(StandardCharsets.ISO_8859_1), ownerBytes,
+ null, null, null, permissionInt, id.getBytes(), revision, length, true, false));
encryptionDictionary.setOwnerKey(ownerBytes);
encryptionDictionary.setUserKey(userBytes);