You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2017/06/17 06:37:40 UTC
svn commit: r1798994 -
/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Author: tilman
Date: Sat Jun 17 06:37:40 2017
New Revision: 1798994
URL: http://svn.apache.org/viewvc?rev=1798994&view=rev
Log:
PDFBOX-2852: refactor
Modified:
pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
Modified: pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1798994&r1=1798993&r2=1798994&view=diff
==============================================================================
--- pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java (original)
+++ pdfbox/branches/2.0/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java Sat Jun 17 06:37:40 2017
@@ -927,44 +927,57 @@ public final class StandardSecurityHandl
byte[] id, int encRevision, int length, boolean encryptMetadata)
throws IOException
{
- if( encRevision == 2 )
+ switch (encRevision)
+ {
+ case 2:
+ case 3:
+ case 4:
+ return isUserPassword234(password, user, owner, permissions, id, encRevision,
+ length, encryptMetadata);
+ case 5:
+ case 6:
+ return isUserPassword56(password, user, encRevision);
+ default:
+ throw new IOException("Unknown Encryption Revision " + encRevision);
+ }
+ }
+
+ private boolean isUserPassword234(byte[] password, byte[] user, byte[] owner, int permissions,
+ byte[] id, int encRevision, int length, boolean encryptMetadata)
+ throws IOException
+ {
+ byte[] passwordBytes = computeUserPassword(password, owner, permissions, id, encRevision,
+ length, encryptMetadata);
+ if (encRevision == 2)
{
- byte[] passwordBytes = computeUserPassword( password, owner, permissions, id, encRevision,
- length, encryptMetadata );
return Arrays.equals(user, passwordBytes);
}
- else if( encRevision == 3 || encRevision == 4 )
+ else
{
- byte[] passwordBytes = computeUserPassword( password, owner, permissions, id, encRevision,
- length, encryptMetadata );
// compare first 16 bytes only
return Arrays.equals(Arrays.copyOf(user, 16), Arrays.copyOf(passwordBytes, 16));
}
- else if (encRevision == 6 || encRevision == 5)
- {
- byte[] truncatedPassword = truncate127(password);
-
- byte[] uHash = new byte[32];
- byte[] uValidationSalt = new byte[8];
- System.arraycopy(user, 0, uHash, 0, 32);
- System.arraycopy(user, 32, uValidationSalt, 0, 8);
+ }
- byte[] hash;
- if (encRevision == 5)
- {
- hash = computeSHA256(truncatedPassword, uValidationSalt, null);
- }
- else
- {
- hash = computeHash2A(truncatedPassword, uValidationSalt, null);
- }
+ private boolean isUserPassword56(byte[] password, byte[] user, int encRevision) throws IOException
+ {
+ byte[] truncatedPassword = truncate127(password);
+ byte[] uHash = new byte[32];
+ byte[] uValidationSalt = new byte[8];
+ System.arraycopy(user, 0, uHash, 0, 32);
+ System.arraycopy(user, 32, uValidationSalt, 0, 8);
- return Arrays.equals(hash, uHash);
+ byte[] hash;
+ if (encRevision == 5)
+ {
+ hash = computeSHA256(truncatedPassword, uValidationSalt, null);
}
else
{
- throw new IOException( "Unknown Encryption Revision " + encRevision );
+ hash = computeHash2A(truncatedPassword, uValidationSalt, null);
}
+
+ return Arrays.equals(hash, uHash);
}
/**