Kaydet (Commit) db944ee5 authored tarafından Philipp Lohmann [pl]'s avatar Philipp Lohmann [pl]

vcl119: #163136# do not pass a clear text password to xpdf

üst 5d1335e1
......@@ -718,6 +718,8 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
// trash password string on heap
rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
}
if( ! bAuthenticated )
{
......@@ -745,6 +747,8 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
// trash password string on heap
rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
......
......@@ -260,6 +260,8 @@ struct PDFFile : public PDFContainer
bool decrypt( const sal_uInt8* pInBuffer, sal_uInt32 nLen,
sal_uInt8* pOutBuffer,
unsigned int nObject, unsigned int nGeneration ) const;
rtl::OUString getDecryptionKey() const;
};
struct PDFObject : public PDFContainer
......
......@@ -32,6 +32,7 @@
#include <rtl/strbuf.hxx>
#include <rtl/ustring.hxx>
#include <rtl/ustrbuf.hxx>
#include <rtl/alloc.h>
#include <rtl/digest.h>
#include <rtl/cipher.h>
......@@ -1277,6 +1278,23 @@ bool PDFFile::setupDecryptionData( const OString& rPwd ) const
return bValid;
}
rtl::OUString PDFFile::getDecryptionKey() const
{
rtl::OUStringBuffer aBuf( ENCRYPTION_KEY_LEN * 2 );
if( impl_getData()->m_bIsEncrypted )
{
for( sal_uInt32 i = 0; i < m_pData->m_nKeyLength; i++ )
{
static const sal_Unicode pHexTab[16] = { '0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
aBuf.append( pHexTab[(m_pData->m_aDecryptionKey[i] >> 4) & 0x0f] );
aBuf.append( pHexTab[(m_pData->m_aDecryptionKey[i] & 0x0f)] );
}
}
return aBuf.makeStringAndClear();
}
PDFFileImplData* PDFFile::impl_getData() const
{
if( m_pData )
......
......@@ -913,6 +913,8 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
// trash password string on heap
rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
}
if( bAuthenticated )
bSuccess = true;
......@@ -927,12 +929,23 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
// trash password string on heap
rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
OSL_TRACE( "password: %s\n", bAuthenticated ? "matches" : "does not match" );
bSuccess = bAuthenticated;
}
// trash password string on heap
rtl_zeroMemory( (void*)io_rPwd.getStr(), io_rPwd.getLength()*sizeof(sal_Unicode) );
if( bAuthenticated )
{
rtl::OUStringBuffer aBuf( 128 );
aBuf.appendAscii( "_OOO_pdfi_Credentials_" );
aBuf.append( pPDFFile->getDecryptionKey() );
io_rPwd = aBuf.makeStringAndClear();
}
}
else
bSuccess = true;
......
......@@ -107,8 +107,8 @@ int main(int argc, char **argv)
#endif
// try to read a possible open password form stdin
char aPwBuf[34];
aPwBuf[33] = 0;
char aPwBuf[129];
aPwBuf[128] = 0;
if( ! fgets( aPwBuf, sizeof(aPwBuf)-1, stdin ) )
aPwBuf[0] = 0; // mark as empty
else
......@@ -132,14 +132,14 @@ int main(int argc, char **argv)
// check for password string(s)
GooString* pOwnerPasswordStr( ownerPassword[0] != '\001'
? new GooString(ownerPassword)
: (GooString *)NULL );
GooString* pUserPasswordStr( aPwBuf[0] != 0
GooString* pOwnerPasswordStr( aPwBuf[0] != 0
? new GooString( aPwBuf )
: ( userPassword[0] != '\001'
? new GooString(userPassword)
: (GooString *)NULL ) );
: (ownerPassword[0] != '\001'
? new GooString(ownerPassword)
: (GooString *)NULL ) );
GooString* pUserPasswordStr( userPassword[0] != '\001'
? new GooString(userPassword)
: (GooString *)NULL );
if( outputFile[0] != '\001' )
g_binary_out = fopen(outputFile,"wb");
......@@ -188,7 +188,6 @@ int main(int argc, char **argv)
}
else
{
pdfi::PDFOutDev* pOutDev( new pdfi::PDFOutDev(&aDoc) );
// tell receiver early - needed for proper progress calculation
......
......@@ -48,7 +48,7 @@ dummy:
TARFILE_NAME=xpdf-3.02
TARFILE_MD5=599dc4cc65a07ee868cf92a667a913d2
PATCH_FILES=$(TARFILE_NAME).patch xpdf-3.02-sec.patch
PATCH_FILES=$(TARFILE_NAME).patch xpdf-3.02-sec.patch xpdf-3.02-ooopwd.patch
CONFIGURE_DIR=
BUILD_DIR=$(CONFIGURE_DIR)
......
--- misc/xpdf-3.02/xpdf/SecurityHandler.cc 2007-02-27 23:05:52.000000000 +0100
+++ misc/build/xpdf-3.02/xpdf/SecurityHandler.cc 2011-02-03 16:41:49.000000000 +0100
@@ -40,7 +40,7 @@
encryptDictA->dictLookup("Filter", &filterObj);
if (filterObj.isName("Standard")) {
- secHdlr = new StandardSecurityHandler(docA, encryptDictA);
+ secHdlr = new OOoImportSecurityhandler(docA, encryptDictA);
} else if (filterObj.isName()) {
#ifdef ENABLE_PLUGINS
if ((xsh = globalParams->getSecurityHandler(filterObj.getName()))) {
@@ -310,6 +310,60 @@
return gTrue;
}
+//------------------------------------------------------------------------
+// OOoImportSecurityhandler
+//------------------------------------------------------------------------
+
+OOoImportSecurityhandler::~OOoImportSecurityhandler()
+{
+}
+
+inline Guchar toNum( Guchar digit )
+{
+ return (digit >= '0') && digit <= '9'
+ ? digit - '0'
+ : (digit >= 'A' && digit <= 'F')
+ ? digit - 'A' + 10
+ : (digit >= 'a' && digit <= 'f')
+ ? digit - 'a' + 10
+ : Guchar(0xff);
+}
+
+GBool OOoImportSecurityhandler::authorize(void* authData)
+{
+ if( !ok )
+ return gFalse;
+ if( authData )
+ {
+ GString* ownerPassword = ((StandardAuthData *)authData)->ownerPassword;
+ if( ownerPassword )
+ {
+ const char* pStr = ownerPassword->getCString();
+ if( strncmp( pStr, "_OOO_pdfi_Credentials_", 22 ) == 0 )
+ {
+ // a hex encoded byte sequence should follow until end of string
+ // the length must match fileKeyLength
+ // if this is the case we can assume that the password checked out
+ // and the file key is valid
+ // max len is 16 (the size of the fileKey array)
+ pStr += 22;
+ size_t i = 0;
+ while( pStr[0] && pStr[1] && i < sizeof( fileKey ) )
+ {
+ fileKey[i++] = (toNum( *pStr++ ) << 4)
+ | (toNum( *pStr++ ));
+ }
+ if( i == size_t(fileKeyLength) )
+ {
+ ownerPasswordOk = gTrue;
+ return gTrue;
+ }
+ }
+ }
+ }
+ return StandardSecurityHandler::authorize( authData );
+}
+
#ifdef ENABLE_PLUGINS
//------------------------------------------------------------------------
--- misc/xpdf-3.02/xpdf/SecurityHandler.h 2007-02-27 23:05:52.000000000 +0100
+++ misc/build/xpdf-3.02/xpdf/SecurityHandler.h 2011-02-03 16:26:17.000000000 +0100
@@ -103,7 +103,7 @@
virtual int getEncVersion() { return encVersion; }
virtual CryptAlgorithm getEncAlgorithm() { return encAlgorithm; }
-private:
+protected:
int permFlags;
GBool ownerPasswordOk;
@@ -119,6 +119,17 @@
GBool ok;
};
+class OOoImportSecurityhandler : public StandardSecurityHandler
+{
+public:
+ OOoImportSecurityhandler( PDFDoc* docA, Object* encryptDictA )
+ : StandardSecurityHandler( docA, encryptDictA )
+ {}
+ virtual ~OOoImportSecurityhandler();
+
+ virtual GBool authorize(void* authData);
+};
+
#ifdef ENABLE_PLUGINS
//------------------------------------------------------------------------
// ExternalSecurityHandler
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment