//
// Copyright 2020 FoxyUtils ehf. All rights reserved.
//
// This is a commercial product and requires a license to operate.
// A trial license can be obtained at https://unidoc.io
//
// DO NOT EDIT: generated by unitwist Go source code obfuscator.
//
// Use of this source code is governed by the UniDoc End User License Agreement
// terms that can be accessed at https://unidoc.io/eula/

package security ;import (_ab "bytes";_g "crypto/aes";_d "crypto/cipher";_dc "crypto/md5";_bc "crypto/rand";_gc "crypto/rc4";_b "crypto/sha256";_a "crypto/sha512";_bb "encoding/binary";_df "errors";_bf "fmt";_fg "github.com/unidoc/unipdf/v3/common";_e "hash";_db "io";_f "math";);func (_add *ecbEncrypter )BlockSize ()int {return _add ._dcg };func (_bbd *ecbEncrypter )CryptBlocks (dst ,src []byte ){if len (src )%_bbd ._dcg !=0{_fg .Log .Error ("\u0045\u0052\u0052\u004f\u0052:\u0020\u0045\u0043\u0042\u0020\u0065\u006e\u0063\u0072\u0079\u0070\u0074\u003a \u0069\u006e\u0070\u0075\u0074\u0020\u006e\u006f\u0074\u0020\u0066\u0075\u006c\u006c\u0020\u0062\u006c\u006f\u0063\u006b\u0073");return ;};if len (dst )< len (src ){_fg .Log .Error ("\u0045R\u0052\u004fR\u003a\u0020\u0045C\u0042\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u003a\u0020\u006f\u0075\u0074p\u0075\u0074\u0020\u0073\u006d\u0061\u006c\u006c\u0065\u0072\u0020t\u0068\u0061\u006e\u0020\u0069\u006e\u0070\u0075\u0074");return ;};for len (src )> 0{_bbd ._cb .Encrypt (dst ,src [:_bbd ._dcg ]);src =src [_bbd ._dcg :];dst =dst [_bbd ._dcg :];};};func (_ga stdHandlerR4 )alg2 (_cg *StdEncryptDict ,_be []byte )[]byte {_fg .Log .Trace ("\u0061\u006c\u0067\u0032");_de :=_ga .paddedPass (_be );_aa :=_dc .New ();_aa .Write (_de );_aa .Write (_cg .O );var _ddg [4]byte ;_bb .LittleEndian .PutUint32 (_ddg [:],uint32 (_cg .P ));_aa .Write (_ddg [:]);_fg .Log .Trace ("\u0067o\u0020\u0050\u003a\u0020\u0025\u0020x",_ddg );_aa .Write ([]byte (_ga .ID0 ));_fg .Log .Trace ("\u0074\u0068\u0069\u0073\u002e\u0052\u0020\u003d\u0020\u0025d\u0020\u0065\u006e\u0063\u0072\u0079\u0070t\u004d\u0065\u0074\u0061\u0064\u0061\u0074\u0061\u0020\u0025\u0076",_cg .R ,_cg .EncryptMetadata );if (_cg .R >=4)&&!_cg .EncryptMetadata {_aa .Write ([]byte {0xff,0xff,0xff,0xff});};_dde :=_aa .Sum (nil );if _cg .R >=3{_aa =_dc .New ();for _bdf :=0;_bdf < 50;_bdf ++{_aa .Reset ();_aa .Write (_dde [0:_ga .Length /8]);_dde =_aa .Sum (nil );};};if _cg .R >=3{return _dde [0:_ga .Length /8];};return _dde [0:5];};func _ebe (_bbf []byte )(_d .Block ,error ){_bce ,_ebcc :=_g .NewCipher (_bbf );if _ebcc !=nil {_fg .Log .Error ("\u0045\u0052\u0052\u004f\u0052\u003a\u0020\u0063\u006f\u0075\u006c\u0064\u0020\u006e\u006f\u0074\u0020\u0063\u0072\u0065\u0061\u0074\u0065\u0020A\u0045\u0053\u0020\u0063\u0069p\u0068\u0065r\u003a\u0020\u0025\u0076",_ebcc );return nil ,_ebcc ;};return _bce ,nil ;};

// NewHandlerR6 creates a new standard security handler for R=5 and R=6.
func NewHandlerR6 ()StdHandler {return stdHandlerR6 {}};

// Permissions is a bitmask of access permissions for a PDF file.
type Permissions uint32 ;func (_ccf stdHandlerR4 )alg3Key (R int ,_eg []byte )[]byte {_ca :=_dc .New ();_ea :=_ccf .paddedPass (_eg );_ca .Write (_ea );if R >=3{for _ag :=0;_ag < 50;_ag ++{_bee :=_ca .Sum (nil );_ca =_dc .New ();_ca .Write (_bee );};};_ef :=_ca .Sum (nil );if R ==2{_ef =_ef [0:5];}else {_ef =_ef [0:_ccf .Length /8];};return _ef ;};func (_dbfb stdHandlerR4 )alg5 (_eb []byte ,_eab []byte )([]byte ,error ){_caf :=_dc .New ();_caf .Write ([]byte (_bfc ));_caf .Write ([]byte (_dbfb .ID0 ));_fb :=_caf .Sum (nil );_fg .Log .Trace ("\u0061\u006c\u0067\u0035");_fg .Log .Trace ("\u0065k\u0065\u0079\u003a\u0020\u0025\u0020x",_eb );_fg .Log .Trace ("\u0049D\u003a\u0020\u0025\u0020\u0078",_dbfb .ID0 );if len (_fb )!=16{return nil ,_df .New ("\u0068a\u0073\u0068\u0020\u006c\u0065\u006e\u0067\u0074\u0068\u0020\u006eo\u0074\u0020\u0031\u0036\u0020\u0062\u0079\u0074\u0065\u0073");};_aaf ,_ccb :=_gc .NewCipher (_eb );if _ccb !=nil {return nil ,_df .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_agd :=make ([]byte ,16);_aaf .XORKeyStream (_agd ,_fb );_ebd :=make ([]byte ,len (_eb ));for _gbf :=0;_gbf < 19;_gbf ++{for _af :=0;_af < len (_eb );_af ++{_ebd [_af ]=_eb [_af ]^byte (_gbf +1);};_aaf ,_ccb =_gc .NewCipher (_ebd );if _ccb !=nil {return nil ,_df .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_aaf .XORKeyStream (_agd ,_agd );_fg .Log .Trace ("\u0069\u0020\u003d\u0020\u0025\u0064\u002c\u0020\u0065\u006b\u0065\u0079:\u0020\u0025\u0020\u0078",_gbf ,_ebd );_fg .Log .Trace ("\u0069\u0020\u003d\u0020\u0025\u0064\u0020\u002d\u003e\u0020\u0025\u0020\u0078",_gbf ,_agd );};_fdd :=make ([]byte ,32);for _dda :=0;_dda < 16;_dda ++{_fdd [_dda ]=_agd [_dda ];};_ ,_ccb =_bc .Read (_fdd [16:32]);if _ccb !=nil {return nil ,_df .New ("\u0066a\u0069\u006c\u0065\u0064 \u0074\u006f\u0020\u0067\u0065n\u0020r\u0061n\u0064\u0020\u006e\u0075\u006d\u0062\u0065r");};return _fdd ,nil ;};

// Authenticate implements StdHandler interface.
func (_fcgc stdHandlerR6 )Authenticate (d *StdEncryptDict ,pass []byte )([]byte ,Permissions ,error ){return _fcgc .alg2a (d ,pass );};

// Allowed checks if a set of permissions can be granted.
func (_bfab Permissions )Allowed (p2 Permissions )bool {return _bfab &p2 ==p2 };func (_ceeg stdHandlerR6 )alg13 (_afe *StdEncryptDict ,_ede []byte )error {if _gfa :=_dd ("\u0061\u006c\u00671\u0033","\u004b\u0065\u0079",32,_ede );_gfa !=nil {return _gfa ;};if _fdg :=_dd ("\u0061\u006c\u00671\u0033","\u0050\u0065\u0072m\u0073",16,_afe .Perms );_fdg !=nil {return _fdg ;};_fabf :=make ([]byte ,16);copy (_fabf ,_afe .Perms [:16]);_dded ,_gfd :=_g .NewCipher (_ede [:32]);if _gfd !=nil {return _gfd ;};_gbaa :=_adg (_dded );_gbaa .CryptBlocks (_fabf ,_fabf );if !_ab .Equal (_fabf [9:12],[]byte ("\u0061\u0064\u0062")){return _df .New ("\u0064\u0065\u0063o\u0064\u0065\u0064\u0020p\u0065\u0072\u006d\u0069\u0073\u0073\u0069o\u006e\u0073\u0020\u0061\u0072\u0065\u0020\u0069\u006e\u0076\u0061\u006c\u0069\u0064");};_ccg :=Permissions (_bb .LittleEndian .Uint32 (_fabf [0:4]));if _ccg !=_afe .P {return _df .New ("\u0070\u0065r\u006d\u0069\u0073\u0073\u0069\u006f\u006e\u0073\u0020\u0076\u0061\u006c\u0069\u0064\u0061\u0074\u0069\u006f\u006e\u0020\u0066\u0061il\u0065\u0064");};var _gfc bool ;if _fabf [8]=='T'{_gfc =true ;}else if _fabf [8]=='F'{_gfc =false ;}else {return _df .New ("\u0064\u0065\u0063\u006f\u0064\u0065\u0064 \u006d\u0065\u0074a\u0064\u0061\u0074\u0061 \u0065\u006e\u0063\u0072\u0079\u0070\u0074\u0069\u006f\u006e\u0020\u0066\u006c\u0061\u0067\u0020\u0069\u0073\u0020\u0069\u006e\u0076\u0061\u006c\u0069\u0064");};if _gfc !=_afe .EncryptMetadata {return _df .New ("\u006d\u0065t\u0061\u0064\u0061\u0074a\u0020\u0065n\u0063\u0072\u0079\u0070\u0074\u0069\u006f\u006e \u0076\u0061\u006c\u0069\u0064\u0061\u0074\u0069\u006f\u006e\u0020\u0066a\u0069\u006c\u0065\u0064");};return nil ;};type ecbDecrypter ecb ;func (_ae stdHandlerR4 )alg3 (R int ,_dfa ,_ecg []byte )([]byte ,error ){var _bfac []byte ;if len (_ecg )> 0{_bfac =_ae .alg3Key (R ,_ecg );}else {_bfac =_ae .alg3Key (R ,_dfa );};_ce ,_fe :=_gc .NewCipher (_bfac );if _fe !=nil {return nil ,_df .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_egd :=_ae .paddedPass (_dfa );_gf :=make ([]byte ,len (_egd ));_ce .XORKeyStream (_gf ,_egd );if R >=3{_dbg :=make ([]byte ,len (_bfac ));for _aad :=0;_aad < 19;_aad ++{for _abg :=0;_abg < len (_bfac );_abg ++{_dbg [_abg ]=_bfac [_abg ]^byte (_aad +1);};_fcg ,_adga :=_gc .NewCipher (_dbg );if _adga !=nil {return nil ,_df .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_fcg .XORKeyStream (_gf ,_gf );};};return _gf ,nil ;};const (EventDocOpen =AuthEvent ("\u0044o\u0063\u004f\u0070\u0065\u006e");EventEFOpen =AuthEvent ("\u0045\u0046\u004f\u0070\u0065\u006e"););func (stdHandlerR4 )paddedPass (_dfg []byte )[]byte {_gd :=make ([]byte ,32);_dbf :=copy (_gd ,_dfg );for ;_dbf < 32;_dbf ++{_gd [_dbf ]=_bfc [_dbf -len (_dfg )];};return _gd ;};func _bfff (_cbf []byte )([]byte ,error ){_dad :=_b .New ();_dad .Write (_cbf );return _dad .Sum (nil ),nil ;};const _bfc ="\x28\277\116\136\x4e\x75\x8a\x41\x64\000\x4e\x56\377"+"\xfa\001\010\056\x2e\x00\xb6\xd0\x68\076\x80\x2f\014"+"\251\xfe\x64\x53\x69\172";func (_bfa *ecbDecrypter )BlockSize ()int {return _bfa ._dcg };

// Authenticate implements StdHandler interface.
func (_eaf stdHandlerR4 )Authenticate (d *StdEncryptDict ,pass []byte )([]byte ,Permissions ,error ){_fg .Log .Trace ("\u0044\u0065b\u0075\u0067\u0067\u0069n\u0067\u0020a\u0075\u0074\u0068\u0065\u006e\u0074\u0069\u0063a\u0074\u0069\u006f\u006e\u0020\u002d\u0020\u006f\u0077\u006e\u0065\u0072 \u0070\u0061\u0073\u0073");_aeb ,_eccd :=_eaf .alg7 (d ,pass );if _eccd !=nil {return nil ,0,_eccd ;};if _aeb !=nil {_fg .Log .Trace ("\u0074h\u0069\u0073\u002e\u0061u\u0074\u0068\u0065\u006e\u0074i\u0063a\u0074e\u0064\u0020\u003d\u0020\u0054\u0072\u0075e");return _aeb ,PermOwner ,nil ;};_fg .Log .Trace ("\u0044\u0065bu\u0067\u0067\u0069n\u0067\u0020\u0061\u0075the\u006eti\u0063\u0061\u0074\u0069\u006f\u006e\u0020- \u0075\u0073\u0065\u0072\u0020\u0070\u0061s\u0073");_aeb ,_eccd =_eaf .alg6 (d ,pass );if _eccd !=nil {return nil ,0,_eccd ;};if _aeb !=nil {_fg .Log .Trace ("\u0074h\u0069\u0073\u002e\u0061u\u0074\u0068\u0065\u006e\u0074i\u0063a\u0074e\u0064\u0020\u003d\u0020\u0054\u0072\u0075e");return _aeb ,d .P ,nil ;};return nil ,0,nil ;};func (_ebb stdHandlerR6 )alg8 (_cbfd *StdEncryptDict ,_dca []byte ,_cde []byte )error {if _ddb :=_dd ("\u0061\u006c\u0067\u0038","\u004b\u0065\u0079",32,_dca );_ddb !=nil {return _ddb ;};var _gbff [16]byte ;if _ ,_ed :=_db .ReadFull (_bc .Reader ,_gbff [:]);_ed !=nil {return _ed ;};_fagc :=_gbff [0:8];_ccd :=_gbff [8:16];_bac :=make ([]byte ,len (_cde )+len (_fagc ));_faa :=copy (_bac ,_cde );copy (_bac [_faa :],_fagc );_edf ,_ac :=_ebb .alg2b (_cbfd .R ,_bac ,_cde ,nil );if _ac !=nil {return _ac ;};U :=make ([]byte ,len (_edf )+len (_fagc )+len (_ccd ));_faa =copy (U ,_edf [:32]);_faa +=copy (U [_faa :],_fagc );copy (U [_faa :],_ccd );_cbfd .U =U ;_faa =len (_cde );copy (_bac [_faa :],_ccd );_edf ,_ac =_ebb .alg2b (_cbfd .R ,_bac ,_cde ,nil );if _ac !=nil {return _ac ;};_adeb ,_ac :=_ebe (_edf [:32]);if _ac !=nil {return _ac ;};_bfca :=make ([]byte ,_g .BlockSize );_abda :=_d .NewCBCEncrypter (_adeb ,_bfca );UE :=make ([]byte ,32);_abda .CryptBlocks (UE ,_dca [:32]);_cbfd .UE =UE ;return nil ;};func (_fdc stdHandlerR6 )alg10 (_gab *StdEncryptDict ,_aeef []byte )error {if _fef :=_dd ("\u0061\u006c\u00671\u0030","\u004b\u0065\u0079",32,_aeef );_fef !=nil {return _fef ;};_bea :=uint64 (uint32 (_gab .P ))|(_f .MaxUint32 <<32);Perms :=make ([]byte ,16);_bb .LittleEndian .PutUint64 (Perms [:8],_bea );if _gab .EncryptMetadata {Perms [8]='T';}else {Perms [8]='F';};copy (Perms [9:12],"\u0061\u0064\u0062");if _ ,_bcff :=_db .ReadFull (_bc .Reader ,Perms [12:16]);_bcff !=nil {return _bcff ;};_bfadc ,_afdd :=_ebe (_aeef [:32]);if _afdd !=nil {return _afdd ;};_acg :=_ecc (_bfadc );_acg .CryptBlocks (Perms ,Perms );_gab .Perms =Perms [:16];return nil ;};var _ StdHandler =stdHandlerR4 {};

// GenerateParams generates and sets O and U parameters for the encryption dictionary.
// It expects R, P and EncryptMetadata fields to be set.
func (_ccc stdHandlerR4 )GenerateParams (d *StdEncryptDict ,opass ,upass []byte )([]byte ,error ){O ,_cga :=_ccc .alg3 (d .R ,upass ,opass );if _cga !=nil {_fg .Log .Debug ("\u0045R\u0052\u004fR\u003a\u0020\u0045r\u0072\u006f\u0072\u0020\u0067\u0065\u006ee\u0072\u0061\u0074\u0069\u006e\u0067 \u004f\u0020\u0066\u006f\u0072\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u0069\u006f\u006e\u0020\u0028\u0025\u0073\u0029",_cga );return nil ,_cga ;};d .O =O ;_fg .Log .Trace ("\u0067\u0065\u006e\u0020\u004f\u003a\u0020\u0025\u0020\u0078",O );_abfb :=_ccc .alg2 (d ,upass );U ,_cga :=_ccc .alg5 (_abfb ,upass );if _cga !=nil {_fg .Log .Debug ("\u0045R\u0052\u004fR\u003a\u0020\u0045r\u0072\u006f\u0072\u0020\u0067\u0065\u006ee\u0072\u0061\u0074\u0069\u006e\u0067 \u004f\u0020\u0066\u006f\u0072\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u0069\u006f\u006e\u0020\u0028\u0025\u0073\u0029",_cga );return nil ,_cga ;};d .U =U ;_fg .Log .Trace ("\u0067\u0065\u006e\u0020\u0055\u003a\u0020\u0025\u0020\u0078",U );return _abfb ,nil ;};func (_fac stdHandlerR6 )alg12 (_abde *StdEncryptDict ,_bbdg []byte )([]byte ,error ){if _eacf :=_dd ("\u0061\u006c\u00671\u0032","\u0055",48,_abde .U );_eacf !=nil {return nil ,_eacf ;};if _afda :=_dd ("\u0061\u006c\u00671\u0032","\u004f",48,_abde .O );_afda !=nil {return nil ,_afda ;};_ddd :=make ([]byte ,len (_bbdg )+8+48);_dgg :=copy (_ddd ,_bbdg );_dgg +=copy (_ddd [_dgg :],_abde .O [32:40]);_dgg +=copy (_ddd [_dgg :],_abde .U [0:48]);_bcd ,_bfe :=_fac .alg2b (_abde .R ,_ddd ,_bbdg ,_abde .U [0:48]);if _bfe !=nil {return nil ,_bfe ;};_bcd =_bcd [:32];if !_ab .Equal (_bcd ,_abde .O [:32]){return nil ,nil ;};return _bcd ,nil ;};

// NewHandlerR4 creates a new standard security handler for R<=4.
func NewHandlerR4 (id0 string ,length int )StdHandler {return stdHandlerR4 {ID0 :id0 ,Length :length }};type errInvalidField struct{Func string ;Field string ;Exp int ;Got int ;};type stdHandlerR4 struct{Length int ;ID0 string ;};func _ecc (_ad _d .Block )_d .BlockMode {return (*ecbEncrypter )(_fc (_ad ))};func (_bec stdHandlerR4 )alg6 (_ee *StdEncryptDict ,_cd []byte )([]byte ,error ){var (_bfad []byte ;_bfaf error ;);_dec :=_bec .alg2 (_ee ,_cd );if _ee .R ==2{_bfad ,_bfaf =_bec .alg4 (_dec ,_cd );}else if _ee .R >=3{_bfad ,_bfaf =_bec .alg5 (_dec ,_cd );}else {return nil ,_df .New ("\u0069n\u0076\u0061\u006c\u0069\u0064\u0020R");};if _bfaf !=nil {return nil ,_bfaf ;};_fg .Log .Trace ("\u0063\u0068\u0065\u0063k:\u0020\u0025\u0020\u0078\u0020\u003d\u003d\u0020\u0025\u0020\u0078\u0020\u003f",string (_bfad ),string (_ee .U ));_afd :=_bfad ;_cca :=_ee .U ;if _ee .R >=3{if len (_afd )> 16{_afd =_afd [0:16];};if len (_cca )> 16{_cca =_cca [0:16];};};if !_ab .Equal (_afd ,_cca ){return nil ,nil ;};return _dec ,nil ;};func (_bcf errInvalidField )Error ()string {return _bf .Sprintf ("\u0025s\u003a\u0020e\u0078\u0070\u0065\u0063t\u0065\u0064\u0020%\u0073\u0020\u0066\u0069\u0065\u006c\u0064\u0020\u0074o \u0062\u0065\u0020%\u0064\u0020b\u0079\u0074\u0065\u0073\u002c\u0020g\u006f\u0074 \u0025\u0064",_bcf .Func ,_bcf .Field ,_bcf .Exp ,_bcf .Got );};const (PermOwner =Permissions (_f .MaxUint32 );PermPrinting =Permissions (1<<2);PermModify =Permissions (1<<3);PermExtractGraphics =Permissions (1<<4);PermAnnotate =Permissions (1<<5);PermFillForms =Permissions (1<<8);PermDisabilityExtract =Permissions (1<<9);PermRotateInsert =Permissions (1<<10);PermFullPrintQuality =Permissions (1<<11););var _ StdHandler =stdHandlerR6 {};type ecbEncrypter ecb ;func (_fgd stdHandlerR6 )alg2a (_fea *StdEncryptDict ,_cbg []byte )([]byte ,Permissions ,error ){if _fcf :=_dd ("\u0061\u006c\u00672\u0061","\u004f",48,_fea .O );_fcf !=nil {return nil ,0,_fcf ;};if _cef :=_dd ("\u0061\u006c\u00672\u0061","\u0055",48,_fea .U );_cef !=nil {return nil ,0,_cef ;};if len (_cbg )> 127{_cbg =_cbg [:127];};_fdb ,_dcfd :=_fgd .alg12 (_fea ,_cbg );if _dcfd !=nil {return nil ,0,_dcfd ;};var (_egf []byte ;_afb []byte ;_cgf []byte ;);var _gbd Permissions ;if len (_fdb )!=0{_gbd =PermOwner ;_bfd :=make ([]byte ,len (_cbg )+8+48);_dce :=copy (_bfd ,_cbg );_dce +=copy (_bfd [_dce :],_fea .O [40:48]);copy (_bfd [_dce :],_fea .U [0:48]);_egf =_bfd ;_afb =_fea .OE ;_cgf =_fea .U [0:48];}else {_fdb ,_dcfd =_fgd .alg11 (_fea ,_cbg );if _dcfd ==nil &&len (_fdb )==0{_fdb ,_dcfd =_fgd .alg11 (_fea ,[]byte (""));};if _dcfd !=nil {return nil ,0,_dcfd ;}else if len (_fdb )==0{return nil ,0,nil ;};_gbd =_fea .P ;_dge :=make ([]byte ,len (_cbg )+8);_dgc :=copy (_dge ,_cbg );copy (_dge [_dgc :],_fea .U [40:48]);_egf =_dge ;_afb =_fea .UE ;_cgf =nil ;};if _bba :=_dd ("\u0061\u006c\u00672\u0061","\u004b\u0065\u0079",32,_afb );_bba !=nil {return nil ,0,_bba ;};_afb =_afb [:32];_ceg ,_dcfd :=_fgd .alg2b (_fea .R ,_egf ,_cbg ,_cgf );if _dcfd !=nil {return nil ,0,_dcfd ;};_bcee ,_dcfd :=_g .NewCipher (_ceg [:32]);if _dcfd !=nil {return nil ,0,_dcfd ;};_dfd :=make ([]byte ,_g .BlockSize );_fab :=_d .NewCBCDecrypter (_bcee ,_dfd );_deb :=make ([]byte ,32);_fab .CryptBlocks (_deb ,_afb );if _fea .R ==5{return _deb ,_gbd ,nil ;};_dcfd =_fgd .alg13 (_fea ,_deb );if _dcfd !=nil {return nil ,0,_dcfd ;};return _deb ,_gbd ,nil ;};func (_ead stdHandlerR6 )alg2b (R int ,_fba ,_gbb ,_bddb []byte )([]byte ,error ){if R ==5{return _bfff (_fba );};return _addgb (_fba ,_gbb ,_bddb );};func (_egg stdHandlerR4 )alg4 (_da []byte ,_eac []byte )([]byte ,error ){_bab ,_fd :=_gc .NewCipher (_da );if _fd !=nil {return nil ,_df .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_bef :=[]byte (_bfc );_gcd :=make ([]byte ,len (_bef ));_bab .XORKeyStream (_gcd ,_bef );return _gcd ,nil ;};

// StdEncryptDict is a set of additional fields used in standard encryption dictionary.
type StdEncryptDict struct{R int ;P Permissions ;EncryptMetadata bool ;O ,U []byte ;OE ,UE []byte ;Perms []byte ;};func _fc (_ec _d .Block )*ecb {return &ecb {_cb :_ec ,_dcg :_ec .BlockSize ()}};func (_fcd *ecbDecrypter )CryptBlocks (dst ,src []byte ){if len (src )%_fcd ._dcg !=0{_fg .Log .Error ("\u0045\u0052\u0052\u004f\u0052:\u0020\u0045\u0043\u0042\u0020\u0064\u0065\u0063\u0072\u0079\u0070\u0074\u003a \u0069\u006e\u0070\u0075\u0074\u0020\u006e\u006f\u0074\u0020\u0066\u0075\u006c\u006c\u0020\u0062\u006c\u006f\u0063\u006b\u0073");return ;};if len (dst )< len (src ){_fg .Log .Error ("\u0045R\u0052\u004fR\u003a\u0020\u0045C\u0042\u0020\u0064\u0065\u0063\u0072\u0079p\u0074\u003a\u0020\u006f\u0075\u0074p\u0075\u0074\u0020\u0073\u006d\u0061\u006c\u006c\u0065\u0072\u0020t\u0068\u0061\u006e\u0020\u0069\u006e\u0070\u0075\u0074");return ;};for len (src )> 0{_fcd ._cb .Decrypt (dst ,src [:_fcd ._dcg ]);src =src [_fcd ._dcg :];dst =dst [_fcd ._dcg :];};};type stdHandlerR6 struct{};func (_bfg stdHandlerR6 )alg11 (_fgde *StdEncryptDict ,_ccca []byte )([]byte ,error ){if _cac :=_dd ("\u0061\u006c\u00671\u0031","\u0055",48,_fgde .U );_cac !=nil {return nil ,_cac ;};_fde :=make ([]byte ,len (_ccca )+8);_aced :=copy (_fde ,_ccca );_aced +=copy (_fde [_aced :],_fgde .U [32:40]);_fca ,_dfe :=_bfg .alg2b (_fgde .R ,_fde ,_ccca ,nil );if _dfe !=nil {return nil ,_dfe ;};_fca =_fca [:32];if !_ab .Equal (_fca ,_fgde .U [:32]){return nil ,nil ;};return _fca ,nil ;};func (_aee stdHandlerR6 )alg9 (_dab *StdEncryptDict ,_dae []byte ,_bbg []byte )error {if _fdf :=_dd ("\u0061\u006c\u0067\u0039","\u004b\u0065\u0079",32,_dae );_fdf !=nil {return _fdf ;};if _beff :=_dd ("\u0061\u006c\u0067\u0039","\u0055",48,_dab .U );_beff !=nil {return _beff ;};var _cgd [16]byte ;if _ ,_dea :=_db .ReadFull (_bc .Reader ,_cgd [:]);_dea !=nil {return _dea ;};_ace :=_cgd [0:8];_ggf :=_cgd [8:16];_dcae :=_dab .U [:48];_dff :=make ([]byte ,len (_bbg )+len (_ace )+len (_dcae ));_dcd :=copy (_dff ,_bbg );_dcd +=copy (_dff [_dcd :],_ace );_dcd +=copy (_dff [_dcd :],_dcae );_dbb ,_bda :=_aee .alg2b (_dab .R ,_dff ,_bbg ,_dcae );if _bda !=nil {return _bda ;};O :=make ([]byte ,len (_dbb )+len (_ace )+len (_ggf ));_dcd =copy (O ,_dbb [:32]);_dcd +=copy (O [_dcd :],_ace );_dcd +=copy (O [_dcd :],_ggf );_dab .O =O ;_dcd =len (_bbg );_dcd +=copy (_dff [_dcd :],_ggf );_dbb ,_bda =_aee .alg2b (_dab .R ,_dff ,_bbg ,_dcae );if _bda !=nil {return _bda ;};_eaba ,_bda :=_ebe (_dbb [:32]);if _bda !=nil {return _bda ;};_agdg :=make ([]byte ,_g .BlockSize );_fcb :=_d .NewCBCEncrypter (_eaba ,_agdg );OE :=make ([]byte ,32);_fcb .CryptBlocks (OE ,_dae [:32]);_dab .OE =OE ;return nil ;};func _adg (_ba _d .Block )_d .BlockMode {return (*ecbDecrypter )(_fc (_ba ))};func _dd (_ge ,_ada string ,_bd int ,_fa []byte )error {if len (_fa )< _bd {return errInvalidField {Func :_ge ,Field :_ada ,Exp :_bd ,Got :len (_fa )};};return nil ;};

// StdHandler is an interface for standard security handlers.
type StdHandler interface{

// GenerateParams uses owner and user passwords to set encryption parameters and generate an encryption key.
// It assumes that R, P and EncryptMetadata are already set.
GenerateParams (_bcc *StdEncryptDict ,_cc ,_gg []byte )([]byte ,error );

// Authenticate uses encryption dictionary parameters and the password to calculate
// the document encryption key. It also returns permissions that should be granted to a user.
// In case of failed authentication, it returns empty key and zero permissions with no error.
Authenticate (_dg *StdEncryptDict ,_gb []byte )([]byte ,Permissions ,error );};func (_ade stdHandlerR4 )alg7 (_dcf *StdEncryptDict ,_fddd []byte )([]byte ,error ){_fbf :=_ade .alg3Key (_dcf .R ,_fddd );_bad :=make ([]byte ,len (_dcf .O ));if _dcf .R ==2{_abf ,_bdd :=_gc .NewCipher (_fbf );if _bdd !=nil {return nil ,_df .New ("\u0066\u0061\u0069\u006c\u0065\u0064\u0020\u0063\u0069\u0070\u0068\u0065\u0072");};_abf .XORKeyStream (_bad ,_dcf .O );}else if _dcf .R >=3{_ecd :=append ([]byte {},_dcf .O ...);for _gcg :=0;_gcg < 20;_gcg ++{_abd :=append ([]byte {},_fbf ...);for _ebg :=0;_ebg < len (_fbf );_ebg ++{_abd [_ebg ]^=byte (19-_gcg );};_ggg ,_bcb :=_gc .NewCipher (_abd );if _bcb !=nil {return nil ,_df .New ("\u0066\u0061\u0069\u006c\u0065\u0064\u0020\u0063\u0069\u0070\u0068\u0065\u0072");};_ggg .XORKeyStream (_bad ,_ecd );_ecd =append ([]byte {},_bad ...);};}else {return nil ,_df .New ("\u0069n\u0076\u0061\u006c\u0069\u0064\u0020R");};_feb ,_baa :=_ade .alg6 (_dcf ,_bad );if _baa !=nil {return nil ,nil ;};return _feb ,nil ;};

// GenerateParams is the algorithm opposite to alg2a (R>=5).
// It generates U,O,UE,OE,Perms fields using AESv3 encryption.
// There is no algorithm number assigned to this function in the spec.
// It expects R, P and EncryptMetadata fields to be set.
func (_ggaa stdHandlerR6 )GenerateParams (d *StdEncryptDict ,opass ,upass []byte )([]byte ,error ){_ccdb :=make ([]byte ,32);if _ ,_dcdd :=_db .ReadFull (_bc .Reader ,_ccdb );_dcdd !=nil {return nil ,_dcdd ;};d .U =nil ;d .O =nil ;d .UE =nil ;d .OE =nil ;d .Perms =nil ;if len (upass )> 127{upass =upass [:127];};if len (opass )> 127{opass =opass [:127];};if _aab :=_ggaa .alg8 (d ,_ccdb ,upass );_aab !=nil {return nil ,_aab ;};if _fga :=_ggaa .alg9 (d ,_ccdb ,opass );_fga !=nil {return nil ,_fga ;};if d .R ==5{return _ccdb ,nil ;};if _eed :=_ggaa .alg10 (d ,_ccdb );_eed !=nil {return nil ,_eed ;};return _ccdb ,nil ;};type ecb struct{_cb _d .Block ;_dcg int ;};

// AuthEvent is an event type that triggers authentication.
type AuthEvent string ;func _addgb (_gbc ,_cgfc ,_aac []byte )([]byte ,error ){var (_fcdd ,_gga ,_fec _e .Hash ;);_fcdd =_b .New ();_cccb :=make ([]byte ,64);_gcf :=_fcdd ;_gcf .Write (_gbc );K :=_gcf .Sum (_cccb [:0]);_gbg :=make ([]byte ,64*(127+64+48));_gdc :=func (_gad int )([]byte ,error ){_ecdg :=len (_cgfc )+len (K )+len (_aac );_gba :=_gbg [:_ecdg ];_cf :=copy (_gba ,_cgfc );_cf +=copy (_gba [_cf :],K [:]);_cf +=copy (_gba [_cf :],_aac );if _cf !=_ecdg {_fg .Log .Error ("E\u0052\u0052\u004f\u0052\u003a\u0020u\u006e\u0065\u0078\u0070\u0065\u0063t\u0065\u0064\u0020\u0072\u006f\u0075\u006ed\u0020\u0069\u006e\u0070\u0075\u0074\u0020\u0073\u0069\u007ae\u002e");return nil ,_df .New ("\u0077\u0072\u006f\u006e\u0067\u0020\u0073\u0069\u007a\u0065");};K1 :=_gbg [:_ecdg *64];_cee (K1 ,_ecdg );_gfe ,_adc :=_ebe (K [0:16]);if _adc !=nil {return nil ,_adc ;};_bbc :=_d .NewCBCEncrypter (_gfe ,K [16:32]);_bbc .CryptBlocks (K1 ,K1 );E :=K1 ;_fag :=0;for _babg :=0;_babg < 16;_babg ++{_fag +=int (E [_babg ]%3);};var _cff _e .Hash ;switch _fag %3{case 0:_cff =_fcdd ;case 1:if _gga ==nil {_gga =_a .New384 ();};_cff =_gga ;case 2:if _fec ==nil {_fec =_a .New ();};_cff =_fec ;};_cff .Reset ();_cff .Write (E );K =_cff .Sum (_cccb [:0]);return E ,nil ;};for _gae :=0;;{E ,_cgad :=_gdc (_gae );if _cgad !=nil {return nil ,_cgad ;};_gggg :=E [len (E )-1];_gae ++;if _gae >=64&&_gggg <=uint8 (_gae -32){break ;};};return K [:32],nil ;};func _cee (_ece []byte ,_eafg int ){_addg :=_eafg ;for _addg < len (_ece ){copy (_ece [_addg :],_ece [:_addg ]);_addg *=2;};};