Just a note that Acrobat 9 includes a new encryption option that is based on AES256, but with a completely different methodology for generating the seed/initialization vector _AND_ which also now supports Unicode passwords. While this is an "Adobe Extension to ISO 32000" - so not something you will need to worry about immediately - you should be aware of it as you design.
Leonard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Vazquez Sent: Wednesday, July 30, 2008 11:04 AM To: pdf-devel@gnu.org Subject: [pdf-devel] Crypt module discussion Hi all I have read the PDF Reference in deeper to define our requirements. The situation is the following. API Reference offers two methods to decrypt data. - V2 method uses the RC4 algorithm, which is a stream cipher. - AESV2 method uses AES128 and Cipher Block Chaining (CBC) operation mode. It requires an initialization vector (IV). (In a pdf, AESV2 encrypted object this vector is the first 16 bytes of the stream or string.) I think pdf-crypt should offer V2 and AESV2 methods, which involve all low level options (i.e: algorithm, key size, etc). What do you think? Should we provide a more detailed API? In PDF, the key used to cipher is obtained from object's id. It means key must be reset for each object. Then my approach for API is: /* Initialize module */ pdf_status_t pdf_crypt_init (void); /* Create a new cipher */ pdf_crypt_t pdf_crypt_new (int method); /* Set key */ pdf_status_t pdf_crypt_setkey (pdf_crypt_t cipher, const void * key, size_t size); /* Set initialization vector (Only for AESV2) */ pdf_status_t pdf_crypt_setiv (pdf_crypt_t cipher, const void * key, size_t size); /* Encrypt and decrypt buffers. This functions allow in-place encryption too */ pdf_status_t pdf_crypt_encrypt (pdf_crypt_t cipher, void *out, size_t outsize, const void *in, size_t insize); pdf_status_t pdf_crypt_decrypt (pdf_crypt_t cipher, void *out, size_t outsize, const void *in, size_t insize); /* Destroy cipher */ void pdf_crypt_destroy (pdf_crypt_t cipher); void pdf_crypt_md5 (const void * buffer, size_t len, void * hash); Finally, I think both crypt stm filter as pdf_text_t encryption can implement on buffer encryption functions. However I have a question about this. Will we store the ciphertext in a pdf_text_t again? It doesn't seem smart for me. Since pdf_text_t functions has not sense in a block cipher. Aleks, what do you think? Could a encryption filter text[1] be written for this indeed? In summary, I think pdf-crypt should export buffer encryption functions and we build up stream and string functions from stream and text module respectively. What do you think? Suggestions are welcome. :-) Footnotes: [1] http://www.gnupdf.org/Lib:Architecture/Base_Layer/Text_Module#Filters --
