unipdf/core/security/handlers.go
2019-05-16 20:44:51 +00:00

54 lines
1.8 KiB
Go

/*
* This file is subject to the terms and conditions defined in
* file 'LICENSE.md', which is part of this source code package.
*/
package security
import "fmt"
// StdHandler is an interface for standard security handlers.
type StdHandler interface {
// GenerateParams uses owner and user passwords to set encryption parameters and generate an encryption key.
// It assumes that R, P and EncryptMetadata are already set.
GenerateParams(d *StdEncryptDict, ownerPass, userPass []byte) ([]byte, error)
// Authenticate uses encryption dictionary parameters and the password to calculate
// the document encryption key. It also returns permissions that should be granted to a user.
// In case of failed authentication, it returns empty key and zero permissions with no error.
Authenticate(d *StdEncryptDict, pass []byte) ([]byte, Permissions, error)
}
// StdEncryptDict is a set of additional fields used in standard encryption dictionary.
type StdEncryptDict struct {
R int // (Required) A number specifying which revision of the standard security handler shall be used.
P Permissions
EncryptMetadata bool // Indicates whether the document-level metadata stream shall be encrypted.
// set by security handlers:
O, U []byte
OE, UE []byte // R=6
Perms []byte // An encrypted copy of P (16 bytes). Used to verify permissions. R=6
}
// checkAtLeast checks the size of the bytes field and returns a descriptive error if it doesn't.
func checkAtLeast(fnc, field string, exp int, b []byte) error {
if len(b) < exp {
return errInvalidField{Func: fnc, Field: field, Exp: exp, Got: len(b)}
}
return nil
}
type errInvalidField struct {
Func string
Field string
Exp int
Got int
}
func (e errInvalidField) Error() string {
return fmt.Sprintf("%s: expected %s field to be %d bytes, got %d", e.Func, e.Field, e.Exp, e.Got)
}