include/poppler/SecurityHandler.h

0001 //========================================================================
0002 //
0003 // SecurityHandler.h
0004 //
0005 // Copyright 2004 Glyph & Cog, LLC
0006 //
0007 //========================================================================
0008
0009 //========================================================================
0010 //
0011 // Modified under the Poppler project - http://poppler.freedesktop.org
0012 //
0013 // All changes made under the Poppler project to this file are licensed
0014 // under GPL version 2 or later
0015 //
0016 // Copyright (C) 2012, 2018, 2020-2022 Albert Astals Cid <aacid@kde.org>
0017 //
0018 // To see a description of the changes please see the Changelog file that
0019 // came with your tarball or type make ChangeLog if you are building from git
0020 //
0021 //========================================================================
0022
0023 #ifndef SECURITYHANDLER_H
0024 #define SECURITYHANDLER_H
0025
0026 #include "poppler-config.h"
0027
0028 #include "Object.h"
0029
0030 #include <optional>
0031
0032 class GooString;
0033 class PDFDoc;
0034
0035 //------------------------------------------------------------------------
0036 // SecurityHandler
0037 //------------------------------------------------------------------------
0038
0039 class SecurityHandler
0040 {
0041 public:
0042     static SecurityHandler *make(PDFDoc *docA, Object *encryptDictA);
0043
0044     explicit SecurityHandler(PDFDoc *docA);
0045     virtual ~SecurityHandler();
0046
0047     SecurityHandler(const SecurityHandler &) = delete;
0048     SecurityHandler &operator=(const SecurityHandler &) = delete;
0049
0050     // Returns true if the file is actually unencrypted.
0051     virtual bool isUnencrypted() const { return false; }
0052
0053     // Check the document's encryption.  If the document is encrypted,
0054     // this will first try <ownerPassword> and <userPassword> (in
0055     // "batch" mode), and if those fail, it will attempt to request a
0056     // password from the user.  This is the high-level function that
0057     // calls the lower level functions for the specific security handler
0058     // (requesting a password three times, etc.).  Returns true if the
0059     // document can be opened (if it's unencrypted, or if a correct
0060     // password is obtained); false otherwise (encrypted and no correct
0061     // password).
0062     bool checkEncryption(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword);
0063
0064     // Create authorization data for the specified owner and user
0065     // passwords.  If the security handler doesn't support "batch" mode,
0066     // this function should return NULL.
0067     virtual void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) = 0;
0068
0069     // Free the authorization data returned by makeAuthData or
0070     // getAuthData.
0071     virtual void freeAuthData(void *authData) = 0;
0072
0073     // Attempt to authorize the document, using the supplied
0074     // authorization data (which may be NULL).  Returns true if
0075     // successful (i.e., if at least the right to open the document was
0076     // granted).
0077     virtual bool authorize(void *authData) = 0;
0078
0079     // Return the various authorization parameters.  These are only
0080     // valid after authorize has returned true.
0081     virtual int getPermissionFlags() const = 0;
0082     virtual bool getOwnerPasswordOk() const = 0;
0083     virtual const unsigned char *getFileKey() const = 0;
0084     virtual int getFileKeyLength() const = 0;
0085     virtual int getEncVersion() const = 0;
0086     virtual int getEncRevision() const = 0;
0087     virtual CryptAlgorithm getEncAlgorithm() const = 0;
0088
0089 protected:
0090     PDFDoc *doc;
0091 };
0092
0093 //------------------------------------------------------------------------
0094 // StandardSecurityHandler
0095 //------------------------------------------------------------------------
0096
0097 class StandardSecurityHandler : public SecurityHandler
0098 {
0099 public:
0100     StandardSecurityHandler(PDFDoc *docA, Object *encryptDictA);
0101     ~StandardSecurityHandler() override;
0102
0103     bool isUnencrypted() const override;
0104     void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) override;
0105     void freeAuthData(void *authData) override;
0106     bool authorize(void *authData) override;
0107     int getPermissionFlags() const override { return permFlags; }
0108     bool getOwnerPasswordOk() const override { return ownerPasswordOk; }
0109     const unsigned char *getFileKey() const override { return fileKey; }
0110     int getFileKeyLength() const override { return ok ? fileKeyLength : 0; }
0111     int getEncVersion() const override { return encVersion; }
0112     int getEncRevision() const override { return encRevision; }
0113     CryptAlgorithm getEncAlgorithm() const override { return encAlgorithm; }
0114
0115 private:
0116     int permFlags;
0117     bool ownerPasswordOk;
0118     unsigned char fileKey[32];
0119     int fileKeyLength;
0120     int encVersion;
0121     int encRevision;
0122     bool encryptMetadata;
0123     CryptAlgorithm encAlgorithm;
0124
0125     GooString *ownerKey, *userKey;
0126     GooString *ownerEnc, *userEnc;
0127     GooString *fileID;
0128     bool ok;
0129 };
0130
0131 #endif