1 /*
2 * << Haru Free PDF Library >> -- hpdf_encryor.c
3 *
4 * URL: http://libharu.org
5 *
6 * Copyright (c) 1999-2006 Takeshi Kanno <takeshi_kanno@est.hi-ho.ne.jp>
7 * Copyright (c) 2007-2009 Antony Dovgal <tony@daylessday.org>
8 *
9 * Permission to use, copy, modify, distribute and sell this software
10 * and its documentation for any purpose is hereby granted without fee,
11 * provided that the above copyright notice appear in all copies and
12 * that both that copyright notice and this permission notice appear
13 * in supporting documentation.
14 * It is provided "as is" without express or implied warranty.
15 *
16 *------------------------------------------------------------------------------
17 *
18 * The code implements MD5 message-digest algorithm is based on the code
19 * written by Colin Plumb.
20 * The copyright of it is as follows.
21 *
22 * This code implements the MD5 message-digest algorithm.
23 * The algorithm is due to Ron Rivest. This code was
24 * written by Colin Plumb in 1993, no copyright is claimed.
25 * This code is in the public domain; do with it what you wish.
26 *
27 * Equivalent code is available from RSA Data Security, Inc.
28 * This code has been tested against that, and is equivalent,
29 * except that you don't need to include two pages of legalese
30 * with every copy.
31 *
32 * To compute the message digest of a chunk of bytes, declare an
33 * MD5Context structure, pass it to MD5Init, call MD5Update as
34 * needed on buffers full of bytes, and then call MD5Final, which
35 * will fill a supplied 16-byte array with the digest.
36 *
37 *---------------------------------------------------------------------------*/
38
39 #include "hpdf_conf.h"
40 #include "hpdf_consts.h"
41 #include "hpdf_utils.h"
42 #include "hpdf_encrypt.h"
43
44 static const HPDF_BYTE HPDF_PADDING_STRING[] = {
45 0x28, 0xBF, 0x4E, 0x5E, 0x4E, 0x75, 0x8A, 0x41,
46 0x64, 0x00, 0x4E, 0x56, 0xFF, 0xFA, 0x01, 0x08,
47 0x2E, 0x2E, 0x00, 0xB6, 0xD0, 0x68, 0x3E, 0x80,
48 0x2F, 0x0C, 0xA9, 0xFE, 0x64, 0x53, 0x69, 0x7A
49 };
50
51
52 /*---------------------------------------------------------------------------*/
53 /*------ MD5 message-digest algorithm ---------------------------------------*/
54
55 static void
56 MD5Transform (HPDF_UINT32 buf[4],
57 const HPDF_UINT32 in[16]);
58
59
60 static void
61 MD5ByteReverse (HPDF_BYTE *buf,
62 HPDF_UINT32 longs);
63
64
65 void
HPDF_MD5Init(struct HPDF_MD5Context * ctx)66 HPDF_MD5Init (struct HPDF_MD5Context *ctx)
67 {
68 ctx->buf[0] = 0x67452301;
69 ctx->buf[1] = 0xefcdab89;
70 ctx->buf[2] = 0x98badcfe;
71 ctx->buf[3] = 0x10325476;
72
73 ctx->bits[0] = 0;
74 ctx->bits[1] = 0;
75 }
76
77
78 void
HPDF_MD5Update(struct HPDF_MD5Context * ctx,const HPDF_BYTE * buf,HPDF_UINT32 len)79 HPDF_MD5Update (struct HPDF_MD5Context *ctx,
80 const HPDF_BYTE *buf,
81 HPDF_UINT32 len)
82 {
83 HPDF_UINT32 t;
84
85 /* Update bitcount */
86
87 t = ctx->bits[0];
88 if ((ctx->bits[0] = t + ((HPDF_UINT32) len << 3)) < t)
89 ctx->bits[1]++; /* Carry from low to high */
90 ctx->bits[1] += len >> 29;
91
92 t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
93
94 /* Handle any leading odd-sized chunks */
95
96 if (t) {
97 HPDF_BYTE *p = (HPDF_BYTE *) ctx->in + t;
98
99 t = 64 - t;
100 if (len < t)
101 {
102 HPDF_MemCpy (p, buf, len);
103 return;
104 }
105 HPDF_MemCpy (p, buf, t);
106 MD5ByteReverse (ctx->in, 16);
107 MD5Transform (ctx->buf, (HPDF_UINT32 *) ctx->in);
108 buf += t;
109 len -= t;
110 }
111 /* Process data in 64-byte chunks */
112
113 while (len >= 64) {
114 HPDF_MemCpy (ctx->in, buf, 64);
115 MD5ByteReverse (ctx->in, 16);
116 MD5Transform (ctx->buf, (HPDF_UINT32 *) ctx->in);
117 buf += 64;
118 len -= 64;
119 }
120
121 /* Handle any remaining bytes of data. */
122
123 HPDF_MemCpy (ctx->in, buf, len);
124 }
125
126
127 /*
128 * Final wrapup - pad to 64-byte boundary with the bit pattern
129 * 1 0* (64-bit count of bits processed, MSB-first)
130 */
131 void
HPDF_MD5Final(HPDF_BYTE digest[16],struct HPDF_MD5Context * ctx)132 HPDF_MD5Final (HPDF_BYTE digest[16],
133 struct HPDF_MD5Context *ctx)
134 {
135 HPDF_UINT32 count;
136 HPDF_BYTE *p;
137
138 /* Compute number of bytes mod 64 */
139 count = (ctx->bits[0] >> 3) & 0x3F;
140
141 /* Set the first char of padding to 0x80. This is safe since there is
142 always at least one byte free */
143 p = ctx->in + count;
144 *p++ = 0x80;
145
146 /* Bytes of padding needed to make 64 bytes */
147 count = 64 - 1 - count;
148
149 /* Pad out to 56 mod 64 */
150 if (count < 8) {
151 /* Two lots of padding: Pad the first block to 64 bytes */
152 HPDF_MemSet (p, 0, count);
153 MD5ByteReverse (ctx->in, 16);
154 MD5Transform (ctx->buf, (HPDF_UINT32 *) ctx->in);
155
156 /* Now fill the next block with 56 bytes */
157 HPDF_MemSet (ctx->in, 0, 56);
158 } else {
159 /* Pad block to 56 bytes */
160 HPDF_MemSet (p, 0, count - 8);
161 }
162 MD5ByteReverse (ctx->in, 14);
163
164 /* Append length in bits and transform */
165 ((HPDF_UINT32 *) ctx->in)[14] = ctx->bits[0];
166 ((HPDF_UINT32 *) ctx->in)[15] = ctx->bits[1];
167
168 MD5Transform (ctx->buf, (HPDF_UINT32 *) ctx->in);
169 MD5ByteReverse ((HPDF_BYTE *) ctx->buf, 4);
170 HPDF_MemCpy ((HPDF_BYTE *)digest, (HPDF_BYTE *)ctx->buf, 16);
171 HPDF_MemSet ((HPDF_BYTE *)ctx, 0, sizeof (ctx)); /* In case it's sensitive */
172 }
173
174 /* The four core functions - F1 is optimized somewhat */
175
176 /* #define F1(x, y, z) (x & y | ~x & z) */
177 #define F1(x, y, z) (z ^ (x & (y ^ z)))
178 #define F2(x, y, z) F1(z, x, y)
179 #define F3(x, y, z) (x ^ y ^ z)
180 #define F4(x, y, z) (y ^ (x | ~z))
181
182 /* This is the central step in the HPDF_MD5 algorithm. */
183 #define HPDF_MD5STEP(f, w, x, y, z, data, s) \
184 ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
185
186
187 /*
188 * The core of the MD5 algorithm, this alters an existing MD5 hash to
189 * reflect the addition of 16 longwords of new data. MD5Update blocks
190 * the data and converts bytes into longwords for this routine.
191 */
192 static void
MD5Transform(HPDF_UINT32 buf[4],const HPDF_UINT32 in[16])193 MD5Transform (HPDF_UINT32 buf[4],
194 const HPDF_UINT32 in[16])
195 {
196 register HPDF_UINT32 a, b, c, d;
197
198 a = buf[0];
199 b = buf[1];
200 c = buf[2];
201 d = buf[3];
202
203 HPDF_MD5STEP (F1, a, b, c, d, in[0] + 0xd76aa478, 7);
204 HPDF_MD5STEP (F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
205 HPDF_MD5STEP (F1, c, d, a, b, in[2] + 0x242070db, 17);
206 HPDF_MD5STEP (F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
207 HPDF_MD5STEP (F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
208 HPDF_MD5STEP (F1, d, a, b, c, in[5] + 0x4787c62a, 12);
209 HPDF_MD5STEP (F1, c, d, a, b, in[6] + 0xa8304613, 17);
210 HPDF_MD5STEP (F1, b, c, d, a, in[7] + 0xfd469501, 22);
211 HPDF_MD5STEP (F1, a, b, c, d, in[8] + 0x698098d8, 7);
212 HPDF_MD5STEP (F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
213 HPDF_MD5STEP (F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
214 HPDF_MD5STEP (F1, b, c, d, a, in[11] + 0x895cd7be, 22);
215 HPDF_MD5STEP (F1, a, b, c, d, in[12] + 0x6b901122, 7);
216 HPDF_MD5STEP (F1, d, a, b, c, in[13] + 0xfd987193, 12);
217 HPDF_MD5STEP (F1, c, d, a, b, in[14] + 0xa679438e, 17);
218 HPDF_MD5STEP (F1, b, c, d, a, in[15] + 0x49b40821, 22);
219
220 HPDF_MD5STEP (F2, a, b, c, d, in[1] + 0xf61e2562, 5);
221 HPDF_MD5STEP (F2, d, a, b, c, in[6] + 0xc040b340, 9);
222 HPDF_MD5STEP (F2, c, d, a, b, in[11] + 0x265e5a51, 14);
223 HPDF_MD5STEP (F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
224 HPDF_MD5STEP (F2, a, b, c, d, in[5] + 0xd62f105d, 5);
225 HPDF_MD5STEP (F2, d, a, b, c, in[10] + 0x02441453, 9);
226 HPDF_MD5STEP (F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
227 HPDF_MD5STEP (F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
228 HPDF_MD5STEP (F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
229 HPDF_MD5STEP (F2, d, a, b, c, in[14] + 0xc33707d6, 9);
230 HPDF_MD5STEP (F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
231 HPDF_MD5STEP (F2, b, c, d, a, in[8] + 0x455a14ed, 20);
232 HPDF_MD5STEP (F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
233 HPDF_MD5STEP (F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
234 HPDF_MD5STEP (F2, c, d, a, b, in[7] + 0x676f02d9, 14);
235 HPDF_MD5STEP (F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
236
237 HPDF_MD5STEP (F3, a, b, c, d, in[5] + 0xfffa3942, 4);
238 HPDF_MD5STEP (F3, d, a, b, c, in[8] + 0x8771f681, 11);
239 HPDF_MD5STEP (F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
240 HPDF_MD5STEP (F3, b, c, d, a, in[14] + 0xfde5380c, 23);
241 HPDF_MD5STEP (F3, a, b, c, d, in[1] + 0xa4beea44, 4);
242 HPDF_MD5STEP (F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
243 HPDF_MD5STEP (F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
244 HPDF_MD5STEP (F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
245 HPDF_MD5STEP (F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
246 HPDF_MD5STEP (F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
247 HPDF_MD5STEP (F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
248 HPDF_MD5STEP (F3, b, c, d, a, in[6] + 0x04881d05, 23);
249 HPDF_MD5STEP (F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
250 HPDF_MD5STEP (F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
251 HPDF_MD5STEP (F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
252 HPDF_MD5STEP (F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
253
254 HPDF_MD5STEP (F4, a, b, c, d, in[0] + 0xf4292244, 6);
255 HPDF_MD5STEP (F4, d, a, b, c, in[7] + 0x432aff97, 10);
256 HPDF_MD5STEP (F4, c, d, a, b, in[14] + 0xab9423a7, 15);
257 HPDF_MD5STEP (F4, b, c, d, a, in[5] + 0xfc93a039, 21);
258 HPDF_MD5STEP (F4, a, b, c, d, in[12] + 0x655b59c3, 6);
259 HPDF_MD5STEP (F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
260 HPDF_MD5STEP (F4, c, d, a, b, in[10] + 0xffeff47d, 15);
261 HPDF_MD5STEP (F4, b, c, d, a, in[1] + 0x85845dd1, 21);
262 HPDF_MD5STEP (F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
263 HPDF_MD5STEP (F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
264 HPDF_MD5STEP (F4, c, d, a, b, in[6] + 0xa3014314, 15);
265 HPDF_MD5STEP (F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
266 HPDF_MD5STEP (F4, a, b, c, d, in[4] + 0xf7537e82, 6);
267 HPDF_MD5STEP (F4, d, a, b, c, in[11] + 0xbd3af235, 10);
268 HPDF_MD5STEP (F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
269 HPDF_MD5STEP (F4, b, c, d, a, in[9] + 0xeb86d391, 21);
270
271 buf[0] += a;
272 buf[1] += b;
273 buf[2] += c;
274 buf[3] += d;
275 }
276
277
278 static void
MD5ByteReverse(HPDF_BYTE * buf,HPDF_UINT32 longs)279 MD5ByteReverse (HPDF_BYTE *buf,
280 HPDF_UINT32 longs)
281 {
282 HPDF_UINT32 t;
283 do
284 {
285 t = (HPDF_UINT32) ((HPDF_UINT32) buf[3] << 8 | buf[2]) << 16 |
286 ((HPDF_UINT32) buf[1] << 8 | buf[0]);
287 *(HPDF_UINT32 *) buf = t;
288 buf += 4;
289 }
290 while (--longs);
291 }
292
293 /*----- encrypt-obj ---------------------------------------------------------*/
294
295 static void
296 ARC4Init (HPDF_ARC4_Ctx_Rec *ctx,
297 const HPDF_BYTE *key,
298 HPDF_UINT key_len);
299
300
301 static void
302 ARC4CryptBuf (HPDF_ARC4_Ctx_Rec *ctx,
303 const HPDF_BYTE *in,
304 HPDF_BYTE *out,
305 HPDF_UINT len);
306
307
308 /*---------------------------------------------------------------------------*/
309
310 void
HPDF_PadOrTrancatePasswd(const char * pwd,HPDF_BYTE * new_pwd)311 HPDF_PadOrTrancatePasswd (const char *pwd,
312 HPDF_BYTE *new_pwd)
313 {
314 HPDF_UINT len = HPDF_StrLen (pwd, HPDF_PASSWD_LEN + 1);
315
316 HPDF_PTRACE((" HPDF_PadOrTrancatePasswd\n"));
317
318 HPDF_MemSet (new_pwd, 0x00, HPDF_PASSWD_LEN);
319
320 if (len >= HPDF_PASSWD_LEN) {
321 HPDF_MemCpy (new_pwd, (HPDF_BYTE *)pwd, HPDF_PASSWD_LEN);
322 } else {
323 if (len > 0) {
324 HPDF_MemCpy (new_pwd, (HPDF_BYTE *)pwd, len);
325 }
326 HPDF_MemCpy (new_pwd + len, HPDF_PADDING_STRING, HPDF_PASSWD_LEN - len);
327 }
328 }
329
330
331 void
HPDF_Encrypt_Init(HPDF_Encrypt attr)332 HPDF_Encrypt_Init (HPDF_Encrypt attr)
333 {
334 HPDF_MemSet (attr, 0, sizeof(HPDF_Encrypt_Rec));
335 attr->mode = HPDF_ENCRYPT_R2;
336 attr->key_len = 5;
337 HPDF_MemCpy (attr->owner_passwd, HPDF_PADDING_STRING, HPDF_PASSWD_LEN);
338 HPDF_MemCpy (attr->user_passwd, HPDF_PADDING_STRING, HPDF_PASSWD_LEN);
339 attr->permission = HPDF_ENABLE_PRINT | HPDF_ENABLE_EDIT_ALL |
340 HPDF_ENABLE_COPY | HPDF_ENABLE_EDIT | HPDF_PERMISSION_PAD;
341 }
342
343
344 void
HPDF_Encrypt_CreateOwnerKey(HPDF_Encrypt attr)345 HPDF_Encrypt_CreateOwnerKey (HPDF_Encrypt attr)
346 {
347 HPDF_ARC4_Ctx_Rec rc4_ctx;
348 HPDF_MD5_CTX md5_ctx;
349 HPDF_BYTE digest[HPDF_MD5_KEY_LEN];
350 HPDF_BYTE tmppwd[HPDF_PASSWD_LEN];
351
352 HPDF_PTRACE((" HPDF_Encrypt_CreateOwnerKey\n"));
353
354 /* create md5-digest using the value of owner_passwd */
355
356 /* Algorithm 3.3 step 2 */
357 HPDF_MD5Init(&md5_ctx);
358 HPDF_MD5Update(&md5_ctx, attr->owner_passwd, HPDF_PASSWD_LEN);
359
360 HPDF_PTRACE(("@ Algorithm 3.3 step 2\n"));
361
362 HPDF_MD5Final(digest, &md5_ctx);
363
364 /* Algorithm 3.3 step 3 (Revision 3 only) */
365 if (attr->mode == HPDF_ENCRYPT_R3) {
366 HPDF_UINT i;
367
368 for (i = 0; i < 50; i++) {
369 HPDF_MD5Init(&md5_ctx);
370
371 /* HPDF_MD5Update (&md5_ctx, digest, HPDF_MD5_KEY_LEN); */
372 HPDF_MD5Update (&md5_ctx, digest, attr->key_len);
373 HPDF_MD5Final(digest, &md5_ctx);
374
375 HPDF_PTRACE(("@ Algorithm 3.3 step 3 loop %u\n", i));
376 }
377 }
378
379 /* Algorithm 3.3 step 4 */
380 HPDF_PTRACE(("@ Algorithm 3.3 step 7 loop 0\n"));
381
382 ARC4Init (&rc4_ctx, digest, attr->key_len);
383
384 HPDF_PTRACE(("@ Algorithm 3.3 step 5\n"));
385
386 /* Algorithm 3.3 step 6 */
387 HPDF_PTRACE(("@ Algorithm 3.3 step 6\n"));
388 ARC4CryptBuf (&rc4_ctx, attr->user_passwd, tmppwd, HPDF_PASSWD_LEN);
389
390 /* Algorithm 3.3 step 7 */
391 HPDF_PTRACE(("@ Algorithm 3.3 step 7\n"));
392 if (attr->mode == HPDF_ENCRYPT_R3) {
393 HPDF_BYTE tmppwd2[HPDF_PASSWD_LEN];
394 HPDF_UINT i;
395
396 for (i = 1; i <= 19; i++) {
397 HPDF_UINT j;
398 HPDF_BYTE new_key[HPDF_MD5_KEY_LEN];
399
400 for (j = 0; j < attr->key_len; j++)
401 new_key[j] = (HPDF_BYTE)(digest[j] ^ i);
402
403 HPDF_PTRACE(("@ Algorithm 3.3 step 7 loop %u\n", i));
404
405 HPDF_MemCpy (tmppwd2, tmppwd, HPDF_PASSWD_LEN);
406 ARC4Init(&rc4_ctx, new_key, attr->key_len);
407 ARC4CryptBuf(&rc4_ctx, tmppwd2, tmppwd, HPDF_PASSWD_LEN);
408 }
409 }
410
411 /* Algorithm 3.3 step 8 */
412 HPDF_PTRACE(("@ Algorithm 3.3 step 8\n"));
413 HPDF_MemCpy (attr->owner_key, tmppwd, HPDF_PASSWD_LEN);
414 }
415
416
417 void
HPDF_Encrypt_CreateEncryptionKey(HPDF_Encrypt attr)418 HPDF_Encrypt_CreateEncryptionKey (HPDF_Encrypt attr)
419 {
420 HPDF_MD5_CTX md5_ctx;
421 HPDF_BYTE tmp_flg[4];
422
423 HPDF_PTRACE((" HPDF_Encrypt_CreateEncryptionKey\n"));
424
425 /* Algorithm3.2 step2 */
426 HPDF_MD5Init(&md5_ctx);
427 HPDF_MD5Update(&md5_ctx, attr->user_passwd, HPDF_PASSWD_LEN);
428
429 /* Algorithm3.2 step3 */
430 HPDF_MD5Update(&md5_ctx, attr->owner_key, HPDF_PASSWD_LEN);
431
432
433 /* Algorithm3.2 step4 */
434 HPDF_PTRACE(("@@@ permission =%d\n", attr->permission));
435 tmp_flg[0] = (HPDF_BYTE)(attr->permission);
436 tmp_flg[1] = (HPDF_BYTE)(attr->permission >> 8);
437 tmp_flg[2] = (HPDF_BYTE)(attr->permission >> 16);
438 tmp_flg[3] = (HPDF_BYTE)(attr->permission >> 24);
439
440 HPDF_MD5Update(&md5_ctx, tmp_flg, 4);
441
442 /* Algorithm3.2 step5 */
443 HPDF_PTRACE(("@ Algorithm 3.2 step 5\n"));
444
445 HPDF_MD5Update(&md5_ctx, attr->encrypt_id, HPDF_ID_LEN);
446 HPDF_MD5Final(attr->encryption_key, &md5_ctx);
447
448 /* Algorithm 3.2 step6 (Revision 3 only) */
449 if (attr->mode == HPDF_ENCRYPT_R3) {
450 HPDF_UINT i;
451
452 for (i = 0; i < 50; i++) {
453 HPDF_PTRACE(("@ Algorithm 3.3 step 6 loop %u\n", i));
454 HPDF_MD5Init(&md5_ctx);
455 HPDF_MD5Update (&md5_ctx, attr->encryption_key, attr->key_len);
456 HPDF_MD5Final(attr->encryption_key, &md5_ctx);
457 }
458 }
459 }
460
461
462 void
HPDF_Encrypt_CreateUserKey(HPDF_Encrypt attr)463 HPDF_Encrypt_CreateUserKey (HPDF_Encrypt attr)
464 {
465 HPDF_ARC4_Ctx_Rec ctx;
466
467 HPDF_PTRACE((" HPDF_Encrypt_CreateUserKey\n"));
468
469 /* Algorithm 3.4/5 step1 */
470
471 /* Algorithm 3.4 step2 */
472 ARC4Init(&ctx, attr->encryption_key, attr->key_len);
473 ARC4CryptBuf(&ctx, HPDF_PADDING_STRING, attr->user_key, HPDF_PASSWD_LEN);
474
475 if (attr->mode == HPDF_ENCRYPT_R3) {
476 HPDF_MD5_CTX md5_ctx;
477 HPDF_BYTE digest[HPDF_MD5_KEY_LEN];
478 HPDF_BYTE digest2[HPDF_MD5_KEY_LEN];
479 HPDF_UINT i;
480
481 /* Algorithm 3.5 step2 (same as Algorithm3.2 step2) */
482 HPDF_MD5Init(&md5_ctx);
483 HPDF_MD5Update(&md5_ctx, HPDF_PADDING_STRING, HPDF_PASSWD_LEN);
484
485 /* Algorithm 3.5 step3 */
486 HPDF_MD5Update(&md5_ctx, attr->encrypt_id, HPDF_ID_LEN);
487 HPDF_MD5Final(digest, &md5_ctx);
488
489 HPDF_PTRACE(("@ Algorithm 3.5 step 3\n"));
490
491 /* Algorithm 3.5 step4 */
492 ARC4Init(&ctx, attr->encryption_key, attr->key_len);
493 ARC4CryptBuf(&ctx, digest, digest2, HPDF_MD5_KEY_LEN);
494
495 HPDF_PTRACE(("@ Algorithm 3.5 step 4\n"));
496
497 /* Algorithm 3.5 step5 */
498 for (i = 1; i <= 19; i++) {
499 HPDF_UINT j;
500 HPDF_BYTE new_key[HPDF_MD5_KEY_LEN];
501
502 HPDF_PTRACE(("@ Algorithm 3.5 step 5 loop %u\n", i));
503
504 for (j = 0; j < attr->key_len; j++)
505 new_key[j] = (HPDF_BYTE)(attr->encryption_key[j] ^ i);
506
507 HPDF_MemCpy (digest, digest2, HPDF_MD5_KEY_LEN);
508
509 ARC4Init(&ctx, new_key, attr->key_len);
510 ARC4CryptBuf(&ctx, digest, digest2, HPDF_MD5_KEY_LEN);
511 }
512
513 /* use the result of Algorithm 3.4 as 'arbitrary padding' */
514 HPDF_MemSet (attr->user_key, 0, HPDF_PASSWD_LEN);
515 HPDF_MemCpy (attr->user_key, digest2, HPDF_MD5_KEY_LEN);
516 }
517 }
518
519
520 void
ARC4Init(HPDF_ARC4_Ctx_Rec * ctx,const HPDF_BYTE * key,HPDF_UINT key_len)521 ARC4Init (HPDF_ARC4_Ctx_Rec *ctx,
522 const HPDF_BYTE *key,
523 HPDF_UINT key_len)
524 {
525 HPDF_BYTE tmp_array[HPDF_ARC4_BUF_SIZE];
526 HPDF_UINT i;
527 HPDF_UINT j = 0;
528
529 HPDF_PTRACE((" ARC4Init\n"));
530
531 for (i = 0; i < HPDF_ARC4_BUF_SIZE; i++)
532 ctx->state[i] = (HPDF_BYTE)i;
533
534 for (i = 0; i < HPDF_ARC4_BUF_SIZE; i++)
535 tmp_array[i] = key[i % key_len];
536
537 for (i = 0; i < HPDF_ARC4_BUF_SIZE; i++) {
538 HPDF_BYTE tmp;
539
540 j = (j + ctx->state[i] + tmp_array[i]) % HPDF_ARC4_BUF_SIZE;
541
542 tmp = ctx->state[i];
543 ctx->state[i] = ctx->state[j];
544 ctx->state[j] = tmp;
545 }
546
547 ctx->idx1 = 0;
548 ctx->idx2 = 0;
549 }
550
551
552 void
ARC4CryptBuf(HPDF_ARC4_Ctx_Rec * ctx,const HPDF_BYTE * in,HPDF_BYTE * out,HPDF_UINT len)553 ARC4CryptBuf (HPDF_ARC4_Ctx_Rec *ctx,
554 const HPDF_BYTE *in,
555 HPDF_BYTE *out,
556 HPDF_UINT len)
557 {
558 HPDF_UINT i;
559 HPDF_UINT t;
560 HPDF_BYTE K;
561
562 HPDF_PTRACE((" ARC4CryptBuf\n"));
563
564 for (i = 0; i < len; i++) {
565 HPDF_BYTE tmp;
566
567 ctx->idx1 = (HPDF_BYTE)((ctx->idx1 + 1) % 256);
568 ctx->idx2 = (HPDF_BYTE)((ctx->idx2 + ctx->state[ctx->idx1]) % 256);
569
570 tmp = ctx->state[ctx->idx1];
571 ctx->state[ctx->idx1] = ctx->state[ctx->idx2];
572 ctx->state[ctx->idx2] = tmp;
573
574 t = (ctx->state[ctx->idx1] + ctx->state[ctx->idx2]) % 256;
575 K = ctx->state[t];
576
577 out[i] = (HPDF_BYTE)(in[i] ^ K);
578 }
579 }
580
581
582 void
HPDF_Encrypt_InitKey(HPDF_Encrypt attr,HPDF_UINT32 object_id,HPDF_UINT16 gen_no)583 HPDF_Encrypt_InitKey (HPDF_Encrypt attr,
584 HPDF_UINT32 object_id,
585 HPDF_UINT16 gen_no)
586 {
587 HPDF_MD5_CTX ctx;
588 HPDF_UINT key_len;
589
590 HPDF_PTRACE((" HPDF_Encrypt_Init\n"));
591
592 attr->encryption_key[attr->key_len] = (HPDF_BYTE)object_id;
593 attr->encryption_key[attr->key_len + 1] = (HPDF_BYTE)(object_id >> 8);
594 attr->encryption_key[attr->key_len + 2] = (HPDF_BYTE)(object_id >> 16);
595 attr->encryption_key[attr->key_len + 3] = (HPDF_BYTE)gen_no;
596 attr->encryption_key[attr->key_len + 4] = (HPDF_BYTE)(gen_no >> 8);
597
598 HPDF_PTRACE(("@@@ OID=%u, gen_no=%u\n", (HPDF_INT)object_id, gen_no));
599
600 HPDF_MD5Init(&ctx);
601 HPDF_MD5Update(&ctx, attr->encryption_key, attr->key_len + 5);
602 HPDF_MD5Final(attr->md5_encryption_key, &ctx);
603
604 key_len = (attr->key_len + 5 > HPDF_ENCRYPT_KEY_MAX) ?
605 HPDF_ENCRYPT_KEY_MAX : attr->key_len + 5;
606
607 ARC4Init(&attr->arc4ctx, attr->md5_encryption_key, key_len);
608 }
609
610
611 void
HPDF_Encrypt_Reset(HPDF_Encrypt attr)612 HPDF_Encrypt_Reset (HPDF_Encrypt attr)
613 {
614 HPDF_UINT key_len = (attr->key_len + 5 > HPDF_ENCRYPT_KEY_MAX) ?
615 HPDF_ENCRYPT_KEY_MAX : attr->key_len + 5;
616
617 HPDF_PTRACE((" HPDF_Encrypt_Reset\n"));
618
619 ARC4Init(&attr->arc4ctx, attr->md5_encryption_key, key_len);
620 }
621
622
623 void
HPDF_Encrypt_CryptBuf(HPDF_Encrypt attr,const HPDF_BYTE * src,HPDF_BYTE * dst,HPDF_UINT len)624 HPDF_Encrypt_CryptBuf (HPDF_Encrypt attr,
625 const HPDF_BYTE *src,
626 HPDF_BYTE *dst,
627 HPDF_UINT len)
628 {
629 ARC4CryptBuf(&attr->arc4ctx, src, dst, len);
630 }
631
632
633 /*--------------------------------------------------------------------------*/
634 /*--------------------------------------------------------------------------*/
635
636