mirror of
https://github.com/unidoc/unipdf.git
synced 2025-05-01 22:17:29 +08:00
54 lines
1.8 KiB
Go
54 lines
1.8 KiB
Go
/*
|
|
* This file is subject to the terms and conditions defined in
|
|
* file 'LICENSE.md', which is part of this source code package.
|
|
*/
|
|
|
|
package security
|
|
|
|
import "fmt"
|
|
|
|
// StdHandler is an interface for standard security handlers.
|
|
type StdHandler interface {
|
|
// GenerateParams uses owner and user passwords to set encryption parameters and generate an encryption key.
|
|
// It assumes that R, P and EncryptMetadata are already set.
|
|
GenerateParams(d *StdEncryptDict, ownerPass, userPass []byte) ([]byte, error)
|
|
|
|
// Authenticate uses encryption dictionary parameters and the password to calculate
|
|
// the document encryption key. It also returns permissions that should be granted to a user.
|
|
// In case of failed authentication, it returns empty key and zero permissions with no error.
|
|
Authenticate(d *StdEncryptDict, pass []byte) ([]byte, Permissions, error)
|
|
}
|
|
|
|
// StdEncryptDict is a set of additional fields used in standard encryption dictionary.
|
|
type StdEncryptDict struct {
|
|
R int // (Required) A number specifying which revision of the standard security handler shall be used.
|
|
|
|
P Permissions
|
|
EncryptMetadata bool // Indicates whether the document-level metadata stream shall be encrypted.
|
|
|
|
// set by security handlers:
|
|
|
|
O, U []byte
|
|
OE, UE []byte // R=6
|
|
Perms []byte // An encrypted copy of P (16 bytes). Used to verify permissions. R=6
|
|
}
|
|
|
|
// checkAtLeast checks the size of the bytes field and returns a descriptive error if it doesn't.
|
|
func checkAtLeast(fnc, field string, exp int, b []byte) error {
|
|
if len(b) < exp {
|
|
return errInvalidField{Func: fnc, Field: field, Exp: exp, Got: len(b)}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type errInvalidField struct {
|
|
Func string
|
|
Field string
|
|
Exp int
|
|
Got int
|
|
}
|
|
|
|
func (e errInvalidField) Error() string {
|
|
return fmt.Sprintf("%s: expected %s field to be %d bytes, got %d", e.Func, e.Field, e.Exp, e.Got)
|
|
}
|