include/poppler/Decrypt.h

0001 //========================================================================
0002 //
0003 // Decrypt.h
0004 //
0005 // Copyright 1996-2003 Glyph & Cog, LLC
0006 //
0007 //========================================================================
0008
0009 //========================================================================
0010 //
0011 // Modified under the Poppler project - http://poppler.freedesktop.org
0012 //
0013 // All changes made under the Poppler project to this file are licensed
0014 // under GPL version 2 or later
0015 //
0016 // Copyright (C) 2008 Julien Rebetez <julien@fhtagn.net>
0017 // Copyright (C) 2009 David Benjamin <davidben@mit.edu>
0018 // Copyright (C) 2012 Fabio D'Urso <fabiodurso@hotmail.it>
0019 // Copyright (C) 2013 Adrian Johnson <ajohnson@redneon.com>
0020 // Copyright (C) 2013, 2018, 2019, 2021 Albert Astals Cid <aacid@kde.org>
0021 // Copyright (C) 2013 Thomas Freitag <Thomas.Freitag@alfa.de>
0022 //
0023 // To see a description of the changes please see the Changelog file that
0024 // came with your tarball or type make ChangeLog if you are building from git
0025 //
0026 //========================================================================
0027
0028 #ifndef DECRYPT_H
0029 #define DECRYPT_H
0030
0031 #include "goo/GooString.h"
0032 #include "Object.h"
0033 #include "Stream.h"
0034
0035 //------------------------------------------------------------------------
0036 // Decrypt
0037 //------------------------------------------------------------------------
0038
0039 class Decrypt
0040 {
0041 public:
0042     // Generate a file key.  The <fileKey> buffer must have space for at
0043     // least 16 bytes.  Checks <ownerPassword> and then <userPassword>
0044     // and returns true if either is correct.  Sets <ownerPasswordOk> if
0045     // the owner password was correct.  Either or both of the passwords
0046     // may be NULL, which is treated as an empty string.
0047     static bool makeFileKey(int encVersion, int encRevision, int keyLength, const GooString *ownerKey, const GooString *userKey, const GooString *ownerEnc, const GooString *userEnc, int permissions, const GooString *fileID,
0048                             const GooString *ownerPassword, const GooString *userPassword, unsigned char *fileKey, bool encryptMetadata, bool *ownerPasswordOk);
0049
0050 private:
0051     static bool makeFileKey2(int encVersion, int encRevision, int keyLength, const GooString *ownerKey, const GooString *userKey, int permissions, const GooString *fileID, const GooString *userPassword, unsigned char *fileKey,
0052                              bool encryptMetadata);
0053 };
0054
0055 //------------------------------------------------------------------------
0056 // Helper classes
0057 //------------------------------------------------------------------------
0058
0059 /* DecryptRC4State, DecryptAESState, DecryptAES256State are named like this for
0060  * historical reasons, but they're used for encryption too.
0061  * In case of decryption, the cbc field in AES and AES-256 contains the previous
0062  * input block or the CBC initialization vector (IV) if the stream has just been
0063  * reset). In case of encryption, it always contains the IV, whereas the
0064  * previous output is kept in buf. The paddingReached field is only used in
0065  * case of encryption. */
0066 struct DecryptRC4State
0067 {
0068     unsigned char state[256];
0069     unsigned char x, y;
0070 };
0071
0072 struct DecryptAESState
0073 {
0074     unsigned int w[44];
0075     unsigned char state[16];
0076     unsigned char cbc[16];
0077     unsigned char buf[16];
0078     bool paddingReached; // encryption only
0079     int bufIdx;
0080 };
0081
0082 struct DecryptAES256State
0083 {
0084     unsigned int w[60];
0085     unsigned char state[16];
0086     unsigned char cbc[16];
0087     unsigned char buf[16];
0088     bool paddingReached; // encryption only
0089     int bufIdx;
0090 };
0091
0092 class BaseCryptStream : public FilterStream
0093 {
0094 public:
0095     BaseCryptStream(Stream *strA, const unsigned char *fileKey, CryptAlgorithm algoA, int keyLength, Ref ref);
0096     ~BaseCryptStream() override;
0097     StreamKind getKind() const override { return strCrypt; }
0098     void reset() override;
0099     int getChar() override;
0100     int lookChar() override = 0;
0101     Goffset getPos() override;
0102     bool isBinary(bool last) const override;
0103     Stream *getUndecodedStream() override { return this; }
0104     void setAutoDelete(bool val);
0105
0106 protected:
0107     CryptAlgorithm algo;
0108     int objKeyLength;
0109     unsigned char objKey[32];
0110     Goffset charactersRead; // so that getPos() can be correct
0111     int nextCharBuff; // EOF means not read yet
0112     bool autoDelete;
0113
0114     union {
0115         DecryptRC4State rc4;
0116         DecryptAESState aes;
0117         DecryptAES256State aes256;
0118     } state;
0119 };
0120
0121 //------------------------------------------------------------------------
0122 // EncryptStream / DecryptStream
0123 //------------------------------------------------------------------------
0124
0125 class EncryptStream : public BaseCryptStream
0126 {
0127 public:
0128     EncryptStream(Stream *strA, const unsigned char *fileKey, CryptAlgorithm algoA, int keyLength, Ref ref);
0129     ~EncryptStream() override;
0130     void reset() override;
0131     int lookChar() override;
0132 };
0133
0134 class DecryptStream : public BaseCryptStream
0135 {
0136 public:
0137     DecryptStream(Stream *strA, const unsigned char *fileKey, CryptAlgorithm algoA, int keyLength, Ref ref);
0138     ~DecryptStream() override;
0139     void reset() override;
0140     int lookChar() override;
0141 };
0142
0143 //------------------------------------------------------------------------
0144
0145 extern void md5(const unsigned char *msg, int msgLen, unsigned char *digest);
0146
0147 #endif