filter/source/pdf/impdialog.cxx | 3 + filter/source/pdf/pdfexport.cxx | 3 + include/vcl/pdf/PDFEncryptionInitialization.hxx | 31 +++++++++++++++++++ include/vcl/pdfwriter.hxx | 39 ++++++++++-------------- vcl/Library_vcl.mk | 1 vcl/inc/pdf/PDFEncryptor.hxx | 12 +++---- vcl/source/gdi/pdfwriter.cxx | 3 + vcl/source/gdi/pdfwriter_impl.cxx | 10 +++--- vcl/source/gdi/pdfwriter_impl2.cxx | 4 +- vcl/source/pdf/PDFEncryptionInitialization.cxx | 32 +++++++++++++++++++ vcl/source/pdf/PDFEncryptor.cxx | 23 ++++---------- 11 files changed, 106 insertions(+), 55 deletions(-)
New commits: commit 9b6be690a22ebfbacd05a6567e9904f4db3449a1 Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Mon Nov 11 22:48:34 2024 +0100 Commit: Tomaž Vajngerl <qui...@gmail.com> CommitDate: Mon Dec 9 08:41:40 2024 +0100 pdf: cleanup and improve PDFEncryptionProperties Add clear method to clear the variables that we usually want to be cleared. Also rename Encrypt to canEncrypt - which is more clear what it means. Cleanup initializers. Change-Id: I96735eb6f73a699fb0759496fc8781bcff3854de Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176455 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com> Reviewed-by: Miklos Vajna <vmik...@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177874 Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> Tested-by: Jenkins diff --git a/include/vcl/pdfwriter.hxx b/include/vcl/pdfwriter.hxx index a863b17c1879..14c6265f3d88 100644 --- a/include/vcl/pdfwriter.hxx +++ b/include/vcl/pdfwriter.hxx @@ -77,15 +77,16 @@ class VCL_DLLPUBLIC PDFOutputStream struct PDFEncryptionProperties { //for both 40 and 128 bit security, see 3.5.2 PDF v 1.4 table 3.15, v 1.5 and v 1.6 table 3.20. - bool CanPrintTheDocument; - bool CanModifyTheContent; - bool CanCopyOrExtract; - bool CanAddOrModify; + bool CanPrintTheDocument = false; + bool CanModifyTheContent = false; + bool CanCopyOrExtract = false; + bool CanAddOrModify = false; + //for revision 3 (bit 128 security) only - bool CanFillInteractive; - bool CanExtractForAccessibility; - bool CanAssemble; - bool CanPrintFull; + bool CanFillInteractive = false; + bool CanExtractForAccessibility = true; + bool CanAssemble = false; + bool CanPrintFull = false; // encryption will only happen if EncryptionKey is not empty // EncryptionKey is actually a construct out of OValue, UValue and DocumentIdentifier @@ -98,22 +99,16 @@ struct PDFEncryptionProperties std::vector<sal_uInt8> EncryptionKey; std::vector<sal_uInt8> DocumentIdentifier; - //permission default set for 128 bit, accessibility only - PDFEncryptionProperties() : - CanPrintTheDocument ( false ), - CanModifyTheContent ( false ), - CanCopyOrExtract ( false ), - CanAddOrModify ( false ), - CanFillInteractive ( false ), - CanExtractForAccessibility ( true ), - CanAssemble ( false ), - CanPrintFull ( false ) - {} - + bool canEncrypt() const + { + return !OValue.empty() && !UValue.empty() && !DocumentIdentifier.empty(); + } - bool Encrypt() const + void clear() { - return ! OValue.empty() && ! UValue.empty() && ! DocumentIdentifier.empty(); + OValue.clear(); + UValue.clear(); + EncryptionKey.clear(); } }; diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx index f41309685cc1..0570e49b6a16 100644 --- a/vcl/source/gdi/pdfwriter_impl.cxx +++ b/vcl/source/gdi/pdfwriter_impl.cxx @@ -1461,7 +1461,7 @@ PDFWriterImpl::PDFWriterImpl( const PDFWriter::PDFWriterContext& rContext, m_pPDFEncryptor->prepareEncryption(xEncryptionMaterialHolder, m_aContext.Encryption); } - if (m_pPDFEncryptor && m_aContext.Encryption.Encrypt()) + if (m_pPDFEncryptor && m_aContext.Encryption.canEncrypt()) { m_pPDFEncryptor->setupKeysAndCheck(m_aContext.Encryption); } @@ -1597,7 +1597,7 @@ append the string as unicode hex, encrypted if needed inline void PDFWriterImpl::appendUnicodeTextStringEncrypt( const OUString& rInString, const sal_Int32 nInObjectNumber, OStringBuffer& rOutBuffer ) { rOutBuffer.append( "<" ); - if (m_aContext.Encryption.Encrypt()) + if (m_aContext.Encryption.canEncrypt()) { const sal_Unicode* pStr = rInString.getStr(); sal_Int32 nLen = rInString.getLength(); @@ -1631,7 +1631,7 @@ inline void PDFWriterImpl::appendLiteralStringEncrypt( std::string_view rInStrin rOutBuffer.append( "(" ); sal_Int32 nChars = rInString.size(); //check for encryption, if ok, encrypt the string, then convert with appndLiteralString - if (m_aContext.Encryption.Encrypt()) + if (m_aContext.Encryption.canEncrypt()) { m_vEncryptionBuffer.resize(nChars); //encrypt the string in a buffer, then append it @@ -6184,7 +6184,7 @@ bool PDFWriterImpl::emitTrailer() sal_Int32 nSecObject = 0; - if( m_aContext.Encryption.Encrypt() ) + if (m_aContext.Encryption.canEncrypt()) { nSecObject = emitEncrypt(); } @@ -9806,7 +9806,7 @@ bool PDFWriterImpl::writeBitmapObject( const BitmapEmit& rObject, bool bMask ) aLine.append( "[ /Indexed/DeviceRGB " ); aLine.append( static_cast<sal_Int32>(pAccess->GetPaletteEntryCount()-1) ); aLine.append( " <" ); - if( m_aContext.Encryption.Encrypt() ) + if (m_aContext.Encryption.canEncrypt()) { enableStringEncryption(rObject.m_nObject); //check encryption buffer size diff --git a/vcl/source/gdi/pdfwriter_impl2.cxx b/vcl/source/gdi/pdfwriter_impl2.cxx index 3efc67a32b61..ec4adefa47c7 100644 --- a/vcl/source/gdi/pdfwriter_impl2.cxx +++ b/vcl/source/gdi/pdfwriter_impl2.cxx @@ -1079,7 +1079,7 @@ void PDFWriterImpl::playMetafile( const GDIMetaFile& i_rMtf, vcl::PDFExtOutDevDa void PDFWriterImpl::checkAndEnableStreamEncryption(sal_Int32 nObject) { - if (!m_aContext.Encryption.Encrypt() || !m_pPDFEncryptor) + if (!m_aContext.Encryption.canEncrypt() || !m_pPDFEncryptor) return; m_pPDFEncryptor->enableStreamEncryption(); @@ -1094,7 +1094,7 @@ void PDFWriterImpl::disableStreamEncryption() void PDFWriterImpl::enableStringEncryption(sal_Int32 nObject) { - if (!m_aContext.Encryption.Encrypt() || !m_pPDFEncryptor) + if (!m_aContext.Encryption.canEncrypt() || !m_pPDFEncryptor) return; m_pPDFEncryptor->setupEncryption(m_aContext.Encryption.EncryptionKey, nObject); diff --git a/vcl/source/pdf/PDFEncryptor.cxx b/vcl/source/pdf/PDFEncryptor.cxx index 183e66e8e713..63bb49c05425 100644 --- a/vcl/source/pdf/PDFEncryptor.cxx +++ b/vcl/source/pdf/PDFEncryptor.cxx @@ -369,9 +369,7 @@ bool PDFEncryptor::prepareEncryption( if (!bSuccess) { - rProperties.OValue.clear(); - rProperties.UValue.clear(); - rProperties.EncryptionKey.clear(); + rProperties.clear(); } return bSuccess; } @@ -386,8 +384,7 @@ void PDFEncryptor::setupKeysAndCheck(vcl::PDFEncryptionProperties& rProperties) { // the field lengths are invalid ? This was not setup by initEncryption. // do not encrypt after all - rProperties.OValue.clear(); - rProperties.UValue.clear(); + rProperties.clear(); OSL_ENSURE(false, "encryption data failed sanity check, encryption disabled"); } else // setup key lengths commit 6e049433e409a7cd0e5213f367947fedf752bd5c Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Mon Nov 11 19:14:49 2024 +0100 Commit: Tomaž Vajngerl <qui...@gmail.com> CommitDate: Mon Dec 9 08:41:29 2024 +0100 pdf: refactor and move encryption init. to a common function This is needed because we have to separate the init. for both encryption methods and we have to init both when the password is entered. Currently we only prepared this, to make this possible when we introduce the other encryption method. Change-Id: Id6556ddc6a6218164a93bb689f03d6ec6dbad8b9 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176454 Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com> Reviewed-by: Miklos Vajna <vmik...@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177873 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> diff --git a/filter/source/pdf/impdialog.cxx b/filter/source/pdf/impdialog.cxx index ab84bdb95933..8584dd1a698e 100644 --- a/filter/source/pdf/impdialog.cxx +++ b/filter/source/pdf/impdialog.cxx @@ -23,6 +23,7 @@ #include <vcl/errinf.hxx> #include <vcl/graphic/GraphicMetadata.hxx> #include <vcl/svapp.hxx> +#include <vcl/pdf/PDFEncryptionInitialization.hxx> #include <vcl/weld.hxx> #include <sfx2/passwd.hxx> #include <comphelper/diagnose_ex.hxx> @@ -1418,7 +1419,7 @@ IMPL_LINK_NOARG(ImpPDFTabSecurityPage, ClickmaPbSetPwdHdl, weld::Button&, void) mbHaveUserPassword = !aUserPW.isEmpty(); mbHaveOwnerPassword = !aOwnerPW.isEmpty(); - mxPreparedPasswords = vcl::PDFWriter::InitEncryption( aOwnerPW, aUserPW ); + mxPreparedPasswords = vcl::pdf::initEncryption(aOwnerPW, aUserPW); if (!mxPreparedPasswords.is()) { OUString msg; diff --git a/filter/source/pdf/pdfexport.cxx b/filter/source/pdf/pdfexport.cxx index 5956933154c6..cca7703c50c8 100644 --- a/filter/source/pdf/pdfexport.cxx +++ b/filter/source/pdf/pdfexport.cxx @@ -28,6 +28,7 @@ #include <vcl/mapmod.hxx> #include <vcl/gdimtf.hxx> #include <vcl/graphic/GraphicMetadata.hxx> +#include <vcl/pdf/PDFEncryptionInitialization.hxx> #include <rtl/ustring.hxx> #include <comphelper/propertyvalue.hxx> #include <comphelper/sequence.hxx> @@ -931,7 +932,7 @@ bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue >& aContext.Encryption.CanCopyOrExtract = bCanCopyOrExtract; aContext.Encryption.CanExtractForAccessibility = bCanExtractForAccessibility; if( bEncrypt && ! xEnc.is() ) - xEnc = vcl::PDFWriter::InitEncryption( aPermissionPassword, aOpenPassword ); + xEnc = vcl::pdf::initEncryption(aPermissionPassword, aOpenPassword); if( bEncrypt && !aPermissionPassword.isEmpty() && ! aPreparedPermissionPassword.hasElements() ) aPreparedPermissionPassword = comphelper::OStorageHelper::CreatePackageEncryptionData( aPermissionPassword ); } diff --git a/include/vcl/pdf/PDFEncryptionInitialization.hxx b/include/vcl/pdf/PDFEncryptionInitialization.hxx new file mode 100644 index 000000000000..93b57476d7e4 --- /dev/null +++ b/include/vcl/pdf/PDFEncryptionInitialization.hxx @@ -0,0 +1,31 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#pragma once + +#include <rtl/ustring.hxx> +#include <vcl/dllapi.h> + +namespace com::sun::star::beans +{ +class XMaterialHolder; +} +namespace com::sun::star::uno +{ +template <typename> class Reference; +} + +namespace vcl::pdf +{ +VCL_DLLPUBLIC css::uno::Reference<css::beans::XMaterialHolder> +initEncryption(const OUString& i_rOwnerPassword, const OUString& i_rUserPassword); +} + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/vcl/Library_vcl.mk b/vcl/Library_vcl.mk index 420024cc2ab2..c410b94fddd5 100644 --- a/vcl/Library_vcl.mk +++ b/vcl/Library_vcl.mk @@ -511,6 +511,7 @@ $(eval $(call gb_Library_add_exception_objects,vcl,\ vcl/source/pdf/EncryptionHashTransporter \ vcl/source/pdf/ExternalPDFStreams \ vcl/source/pdf/PDFiumTools \ + vcl/source/pdf/PDFEncryptionInitialization \ vcl/source/pdf/PDFEncryptor \ vcl/source/pdf/PDFEncryptorR6 \ vcl/source/pdf/PdfConfig \ diff --git a/vcl/inc/pdf/PDFEncryptor.hxx b/vcl/inc/pdf/PDFEncryptor.hxx index be4b99f9b7d6..e4134605c194 100644 --- a/vcl/inc/pdf/PDFEncryptor.hxx +++ b/vcl/inc/pdf/PDFEncryptor.hxx @@ -20,10 +20,6 @@ namespace vcl struct PDFEncryptionProperties; } -namespace com::sun::star::beans -{ -class XMaterialHolder; -} namespace com::sun::star::uno { template <typename> class Reference; @@ -31,6 +27,8 @@ template <typename> class Reference; namespace vcl::pdf { +class EncryptionHashTransporter; + class PDFEncryptor : public IPDFEncryptor { private: @@ -60,10 +58,10 @@ public: sal_Int32 getKeyLength() override { return m_nKeyLength; } sal_Int32 getRC4KeyLength() { return m_nRC4KeyLength; } - static css::uno::Reference<css::beans::XMaterialHolder> - initEncryption(const OUString& i_rOwnerPassword, const OUString& i_rUserPassword); + static void initEncryption(EncryptionHashTransporter& rEncryptionHashTransporter, + const OUString& i_rOwnerPassword, const OUString& i_rUserPassword); - virtual bool prepareEncryption( + bool prepareEncryption( const css::uno::Reference<css::beans::XMaterialHolder>& xEncryptionMaterialHolder, PDFEncryptionProperties& rProperties) override; diff --git a/vcl/source/gdi/pdfwriter.cxx b/vcl/source/gdi/pdfwriter.cxx index ee762e2fca47..ca91054c53de 100644 --- a/vcl/source/gdi/pdfwriter.cxx +++ b/vcl/source/gdi/pdfwriter.cxx @@ -20,6 +20,7 @@ #include <vcl/bitmapex.hxx> #include <pdf/pdfwriter_impl.hxx> +#include <vcl/pdf/PDFEncryptionInitialization.hxx> using namespace vcl; @@ -471,7 +472,7 @@ std::set< PDFWriter::ErrorCode > const & PDFWriter::GetErrors() const css::uno::Reference< css::beans::XMaterialHolder > PDFWriter::InitEncryption(const OUString& i_rOwnerPassword, const OUString& i_rUserPassword) { - return PDFEncryptor::initEncryption(i_rOwnerPassword, i_rUserPassword); + return vcl::pdf::initEncryption(i_rOwnerPassword, i_rUserPassword); } void PDFWriter::PlayMetafile( const GDIMetaFile& i_rMTF, const vcl::PDFWriter::PlayMetafileContext& i_rPlayContext, PDFExtOutDevData* i_pData ) diff --git a/vcl/source/pdf/PDFEncryptionInitialization.cxx b/vcl/source/pdf/PDFEncryptionInitialization.cxx new file mode 100644 index 000000000000..df06968fc290 --- /dev/null +++ b/vcl/source/pdf/PDFEncryptionInitialization.cxx @@ -0,0 +1,32 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#include <vcl/pdf/PDFEncryptionInitialization.hxx> +#include <pdf/EncryptionHashTransporter.hxx> +#include <com/sun/star/beans/XMaterialHolder.hpp> +#include <rtl/ref.hxx> +#include <pdf/PDFEncryptor.hxx> +#include <pdf/PDFEncryptorR6.hxx> + +using namespace css; + +namespace vcl::pdf +{ +css::uno::Reference<css::beans::XMaterialHolder> initEncryption(const OUString& i_rOwnerPassword, + const OUString& i_rUserPassword) +{ + rtl::Reference<EncryptionHashTransporter> pTransporter = new EncryptionHashTransporter; + PDFEncryptor::initEncryption(*pTransporter, i_rOwnerPassword, i_rUserPassword); + return pTransporter; +} + +} // end vcl::pdf + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/vcl/source/pdf/PDFEncryptor.cxx b/vcl/source/pdf/PDFEncryptor.cxx index d97e671247de..183e66e8e713 100644 --- a/vcl/source/pdf/PDFEncryptor.cxx +++ b/vcl/source/pdf/PDFEncryptor.cxx @@ -327,32 +327,26 @@ PDFEncryptor::~PDFEncryptor() { rtl_cipher_destroyARCFOUR(m_aCipher); } 1. init the document id, used both for building the document id and for building the encryption key(s) 2. build the encryption key following algorithms described in the PDF specification */ -uno::Reference<beans::XMaterialHolder> -PDFEncryptor::initEncryption(const OUString& i_rOwnerPassword, const OUString& i_rUserPassword) +void PDFEncryptor::initEncryption(EncryptionHashTransporter& rEncryptionHashTransporter, + const OUString& i_rOwnerPassword, const OUString& i_rUserPassword) { - uno::Reference<beans::XMaterialHolder> xResult; if (!i_rOwnerPassword.isEmpty() || !i_rUserPassword.isEmpty()) { - rtl::Reference<EncryptionHashTransporter> pTransporter = new EncryptionHashTransporter; - xResult = pTransporter; - // get padded passwords sal_uInt8 aPadUPW[ENCRYPTED_PWD_SIZE], aPadOPW[ENCRYPTED_PWD_SIZE]; padPassword(i_rOwnerPassword.isEmpty() ? i_rUserPassword : i_rOwnerPassword, aPadOPW); padPassword(i_rUserPassword, aPadUPW); - if (computeODictionaryValue(aPadOPW, aPadUPW, pTransporter->getOValue(), SECUR_128BIT_KEY)) + if (computeODictionaryValue(aPadOPW, aPadUPW, rEncryptionHashTransporter.getOValue(), + SECUR_128BIT_KEY)) { - pTransporter->getUDigest()->update(aPadUPW, ENCRYPTED_PWD_SIZE); + rEncryptionHashTransporter.getUDigest()->update(aPadUPW, ENCRYPTED_PWD_SIZE); } - else - xResult.clear(); // trash temporary padded cleartext PWDs rtl_secureZeroMemory(aPadOPW, sizeof(aPadOPW)); rtl_secureZeroMemory(aPadUPW, sizeof(aPadUPW)); } - return xResult; } bool PDFEncryptor::prepareEncryption(