vcl/inc/pdf/PDFEncryptorR6.hxx

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /*
   3  * This file is part of the LibreOffice project.
   4  *
   5  * This Source Code Form is subject to the terms of the Mozilla Public
   6  * License, v. 2.0. If a copy of the MPL was not distributed with this
   7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
   8  */
   9
  10 #pragma once
  11
  12 #include <rtl/ustring.hxx>
  13 #include <string_view>
  14 #include <vector>
  15 #include <vcl/dllapi.h>
  16 #include <pdf/IPDFEncryptor.hxx>
  17
  18 namespace vcl::pdf
  19 {
  20 class EncryptionHashTransporter;
  21
  22 /** Algorithm 2.B: Computing a hash (revision 6 and later)
  23  *
  24  * Described in ISO 32000-2:2020(E) - 7.6.4.3.4
  25  */
  26 VCL_DLLPUBLIC std::vector<sal_uInt8>
  27 computeHashR6(const sal_uInt8* pPassword, size_t nPasswordLength,
  28               std::vector<sal_uInt8> const& rValidationSalt,
  29               std::vector<sal_uInt8> const& rUserKey = std::vector<sal_uInt8>());
  30
  31 /** Algorithm 11: Authenticating the user password (Security handlers of revision 6)
  32  *
  33  * Described in ISO 32000-2:2020(E) - 7.6.4.4.10
  34  */
  35 VCL_DLLPUBLIC bool validateUserPassword(const sal_uInt8* pUserPass, size_t nPasswordLength,
  36                                         std::vector<sal_uInt8>& U);
  37
  38 /** Algorithm 12: Authenticating the owner password (Security handlers of revision 6)
  39  *
  40  * Described in ISO 32000-2:2020(E) - 7.6.4.4.11
  41  */
  42 VCL_DLLPUBLIC bool validateOwnerPassword(const sal_uInt8* pUserPass, size_t nPasswordLength,
  43                                          std::vector<sal_uInt8>& U, std::vector<sal_uInt8>& O);
  44
  45 /** Generates the encryption key - random data 32-byte */
  46 VCL_DLLPUBLIC std::vector<sal_uInt8> generateKey();
  47
  48 /** Algorithm 8: U and UE
  49  *
  50  * Computing the encryption dictionary’s U (user password) and UE (user encryption) values
  51  * (Security handlers of revision 6)
  52  *
  53  * Described in ISO 32000-2:2020(E) - 7.6.4.4.7
  54  */
  55 VCL_DLLPUBLIC void generateUandUE(const sal_uInt8* pUserPass, size_t nPasswordLength,
  56                                   std::vector<sal_uInt8>& rFileEncryptionKey,
  57                                   std::vector<sal_uInt8>& U, std::vector<sal_uInt8>& UE);
  58
  59 /** Algorithm 9: O and OE
  60  *
  61  * Computing the encryption dictionary’s O (owner password) and OE (owner encryption) values
  62  * (Security handlers of revision 6)
  63  *
  64  * Described in ISO 32000-2:2020(E) - 7.6.4.4.8
  65  */
  66 VCL_DLLPUBLIC void generateOandOE(const sal_uInt8* pUserPass, size_t nPasswordLength,
  67                                   std::vector<sal_uInt8>& rFileEncryptionKey,
  68                                   std::vector<sal_uInt8>& U, std::vector<sal_uInt8>& O,
  69                                   std::vector<sal_uInt8>& OE);
  70
  71 /** Algorithm 8 step b) in reverse
  72  *
  73  * Described in ISO 32000-2:2020(E) - 7.6.4.4.7
  74  *
  75  * - compute the hash with password and user key salt
  76  * - decrypt with hash as key and zero IV
  77  */
  78 VCL_DLLPUBLIC std::vector<sal_uInt8> decryptKey(const sal_uInt8* pUserPass, size_t nPasswordLength,
  79                                                 std::vector<sal_uInt8>& U,
  80                                                 std::vector<sal_uInt8>& UE);
  81
  82 /** Algorithm 13: Validating the permissions (Security handlers of revision 6)
  83  *
  84  * Described in ISO 32000-2:2020(E) - 7.6.4.4.12
  85  */
  86 VCL_DLLPUBLIC std::vector<sal_uInt8> decryptPerms(std::vector<sal_uInt8>& rPermsEncrypted,
  87                                                   std::vector<sal_uInt8>& rFileEncryptionKey);
  88
  89 /** Algorithm 10 step f)
  90  *
  91  * Computing the encryption dictionary’s Perms (permissions) value (Security handlers of revision 6)
  92  *
  93  * Described in ISO 32000-2:2020(E) - 7.6.4.4.9
  94  */
  95 VCL_DLLPUBLIC std::vector<sal_uInt8> encryptPerms(std::vector<sal_uInt8>& rPerms,
  96                                                   std::vector<sal_uInt8>& rFileEncryptionKey);
  97
  98 /** Algorithm 10 steps a) - e)
  99  *
 100  * Computing the encryption dictionary’s Perms (permissions) value (Security handlers of revision 6)
 101  *
 102  * Described in ISO 32000-2:2020(E) - 7.6.4.4.9
 103  */
 104 VCL_DLLPUBLIC std::vector<sal_uInt8> createPerms(sal_Int32 nAccessPermissions,
 105                                                  bool bEncryptMetadata);
 106
 107 /** Padding as described in Internet RFC 8018
 108  *
 109  * Described in ISO 32000-2:2020(E) - 7.6.3.1
 110  */
 111 VCL_DLLPUBLIC size_t addPaddingToVector(std::vector<sal_uInt8>& rVector, size_t nBlockSize);
 112
 113 class EncryptionContext;
 114
 115 /** IPDFEncryptor implementation of PDF encryption version 5 revision 6 added in PDF 2.0
 116  *
 117  * The complete algorithm is defined in PDF 2.0 specification ISO 32000-2:2020(E)
 118  */
 119 class VCL_DLLPUBLIC PDFEncryptorR6 : public IPDFEncryptor
 120 {
 121     std::unique_ptr<EncryptionContext> m_pEncryptionContext;
 122     sal_Int32 m_nAccessPermissions = 0;
 123
 124 public:
 125     PDFEncryptorR6();
 126     ~PDFEncryptorR6();
 127
 128     sal_Int32 getVersion() override { return 5; }
 129     sal_Int32 getRevision() override { return 6; }
 130     sal_Int32 getAccessPermissions() override { return m_nAccessPermissions; }
 131     bool isMetadataEncrypted() override { return true; }
 132     /** Key length - AES 256 bit */
 133     sal_Int32 getKeyLength() override { return 256 / 8; }
 134
 135     std::vector<sal_uInt8> getEncryptedAccessPermissions(std::vector<sal_uInt8>& rKey) override;
 136
 137     static void initEncryption(EncryptionHashTransporter& rEncryptionHashTransporter,
 138                                const OUString& i_rOwnerPassword, const OUString& i_rUserPassword);
 139
 140     bool prepareEncryption(
 141         const css::uno::Reference<css::beans::XMaterialHolder>& xEncryptionMaterialHolder,
 142         PDFEncryptionProperties& rProperties) override;
 143
 144     void setupKeysAndCheck(PDFEncryptionProperties& rProperties) override;
 145
 146     sal_uInt64 calculateSizeIncludingHeader(sal_uInt64 nSize) override;
 147
 148     void setupEncryption(std::vector<sal_uInt8>& rEncryptionKey, sal_Int32 nObject) override;
 149
 150     /** Encrypts using Algorithm 1.A: Encryption of data using the AES algorithms
 151      *
 152      * Described in ISO 32000-2:2020(E) - 7.6.3.3
 153      */
 154     void encrypt(const void* pInput, sal_uInt64 nInputSize, std::vector<sal_uInt8>& rOutput,
 155                  sal_uInt64 nOutputsSize) override;
 156
 157     void encryptWithIV(const void* pInput, sal_uInt64 nInputSize, std::vector<sal_uInt8>& rOutput,
 158                        std::vector<sal_uInt8>& rIV);
 159 };
 160
 161 } // end vcl::pdf
 162
 163 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */