mirror of
https://github.com/unidoc/unipdf.git
synced 2025-04-27 13:48:51 +08:00
58 lines
24 KiB
Go
58 lines
24 KiB
Go
//
|
|
// Copyright 2020 FoxyUtils ehf. All rights reserved.
|
|
//
|
|
// This is a commercial product and requires a license to operate.
|
|
// A trial license can be obtained at https://unidoc.io
|
|
//
|
|
// DO NOT EDIT: generated by unitwist Go source code obfuscator.
|
|
//
|
|
// Use of this source code is governed by the UniDoc End User License Agreement
|
|
// terms that can be accessed at https://unidoc.io/eula/
|
|
|
|
package security ;import (_bc "bytes";_cb "crypto/aes";_c "crypto/cipher";_ga "crypto/md5";_ab "crypto/rand";_g "crypto/rc4";_dc "crypto/sha256";_f "crypto/sha512";_be "encoding/binary";_ff "errors";_ec "fmt";_cc "github.com/unidoc/unipdf/v3/common";_a "hash";_b "io";_e "math";);
|
|
|
|
// GenerateParams generates and sets O and U parameters for the encryption dictionary.
|
|
// It expects R, P and EncryptMetadata fields to be set.
|
|
func (_efg stdHandlerR4 )GenerateParams (d *StdEncryptDict ,opass ,upass []byte )([]byte ,error ){O ,_debc :=_efg .alg3 (d .R ,upass ,opass );if _debc !=nil {_cc .Log .Debug ("\u0045R\u0052\u004fR\u003a\u0020\u0045r\u0072\u006f\u0072\u0020\u0067\u0065\u006ee\u0072\u0061\u0074\u0069\u006e\u0067 \u004f\u0020\u0066\u006f\u0072\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u0069\u006f\u006e\u0020\u0028\u0025\u0073\u0029",_debc );return nil ,_debc ;};d .O =O ;_cc .Log .Trace ("\u0067\u0065\u006e\u0020\u004f\u003a\u0020\u0025\u0020\u0078",O );_aeb :=_efg .alg2 (d ,upass );U ,_debc :=_efg .alg5 (_aeb ,upass );if _debc !=nil {_cc .Log .Debug ("\u0045R\u0052\u004fR\u003a\u0020\u0045r\u0072\u006f\u0072\u0020\u0067\u0065\u006ee\u0072\u0061\u0074\u0069\u006e\u0067 \u004f\u0020\u0066\u006f\u0072\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u0069\u006f\u006e\u0020\u0028\u0025\u0073\u0029",_debc );return nil ,_debc ;};d .U =U ;_cc .Log .Trace ("\u0067\u0065\u006e\u0020\u0055\u003a\u0020\u0025\u0020\u0078",U );return _aeb ,nil ;};func (_fca stdHandlerR6 )alg11 (_efcg *StdEncryptDict ,_gdc []byte )([]byte ,error ){if _ada :=_ee ("\u0061\u006c\u00671\u0031","\u0055",48,_efcg .U );_ada !=nil {return nil ,_ada ;};_gc :=make ([]byte ,len (_gdc )+8);_ceba :=copy (_gc ,_gdc );_ceba +=copy (_gc [_ceba :],_efcg .U [32:40]);_gcf ,_aagb :=_fca .alg2b (_efcg .R ,_gc ,_gdc ,nil );if _aagb !=nil {return nil ,_aagb ;};_gcf =_gcf [:32];if !_bc .Equal (_gcf ,_efcg .U [:32]){return nil ,nil ;};return _gcf ,nil ;};func (_agd stdHandlerR6 )alg2a (_fbb *StdEncryptDict ,_fef []byte )([]byte ,Permissions ,error ){if _gda :=_ee ("\u0061\u006c\u00672\u0061","\u004f",48,_fbb .O );_gda !=nil {return nil ,0,_gda ;};if _fbc :=_ee ("\u0061\u006c\u00672\u0061","\u0055",48,_fbb .U );_fbc !=nil {return nil ,0,_fbc ;};if len (_fef )> 127{_fef =_fef [:127];};_afde ,_bag :=_agd .alg12 (_fbb ,_fef );if _bag !=nil {return nil ,0,_bag ;};var (_agb []byte ;_efa []byte ;_gb []byte ;);var _ac Permissions ;if len (_afde )!=0{_ac =PermOwner ;_dfe :=make ([]byte ,len (_fef )+8+48);_faaa :=copy (_dfe ,_fef );_faaa +=copy (_dfe [_faaa :],_fbb .O [40:48]);_faaa +=copy (_dfe [_faaa :],_fbb .U [0:48]);_agb =_dfe ;_efa =_fbb .OE ;_gb =_fbb .U [0:48];}else {_afde ,_bag =_agd .alg11 (_fbb ,_fef );if _bag ==nil &&len (_afde )==0{_afde ,_bag =_agd .alg11 (_fbb ,[]byte (""));};if _bag !=nil {return nil ,0,_bag ;}else if len (_afde )==0{return nil ,0,nil ;};_ac =_fbb .P ;_eg :=make ([]byte ,len (_fef )+8);_fdbg :=copy (_eg ,_fef );_fdbg +=copy (_eg [_fdbg :],_fbb .U [40:48]);_agb =_eg ;_efa =_fbb .UE ;_gb =nil ;};if _agdb :=_ee ("\u0061\u006c\u00672\u0061","\u004b\u0065\u0079",32,_efa );_agdb !=nil {return nil ,0,_agdb ;};_efa =_efa [:32];_gec ,_bag :=_agd .alg2b (_fbb .R ,_agb ,_fef ,_gb );if _bag !=nil {return nil ,0,_bag ;};_fcb ,_bag :=_cb .NewCipher (_gec [:32]);if _bag !=nil {return nil ,0,_bag ;};_dae :=make ([]byte ,_cb .BlockSize );_dba :=_c .NewCBCDecrypter (_fcb ,_dae );_cddf :=make ([]byte ,32);_dba .CryptBlocks (_cddf ,_efa );if _fbb .R ==5{return _cddf ,_ac ,nil ;};_bag =_agd .alg13 (_fbb ,_cddf );if _bag !=nil {return nil ,0,_bag ;};return _cddf ,_ac ,nil ;};var _ StdHandler =stdHandlerR4 {};func (_dcb stdHandlerR4 )alg5 (_aac []byte ,_gad []byte )([]byte ,error ){_ccd :=_ga .New ();_ccd .Write ([]byte (_ce ));_ccd .Write ([]byte (_dcb .ID0 ));_dgd :=_ccd .Sum (nil );_cc .Log .Trace ("\u0061\u006c\u0067\u0035");_cc .Log .Trace ("\u0065k\u0065\u0079\u003a\u0020\u0025\u0020x",_aac );_cc .Log .Trace ("\u0049D\u003a\u0020\u0025\u0020\u0078",_dcb .ID0 );if len (_dgd )!=16{return nil ,_ff .New ("\u0068a\u0073\u0068\u0020\u006c\u0065\u006e\u0067\u0074\u0068\u0020\u006eo\u0074\u0020\u0031\u0036\u0020\u0062\u0079\u0074\u0065\u0073");};_afd ,_de :=_g .NewCipher (_aac );if _de !=nil {return nil ,_ff .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_bf :=make ([]byte ,16);_afd .XORKeyStream (_bf ,_dgd );_eeae :=make ([]byte ,len (_aac ));for _bfc :=0;_bfc < 19;_bfc ++{for _gfc :=0;_gfc < len (_aac );_gfc ++{_eeae [_gfc ]=_aac [_gfc ]^byte (_bfc +1);};_afd ,_de =_g .NewCipher (_eeae );if _de !=nil {return nil ,_ff .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_afd .XORKeyStream (_bf ,_bf );_cc .Log .Trace ("\u0069\u0020\u003d\u0020\u0025\u0064\u002c\u0020\u0065\u006b\u0065\u0079:\u0020\u0025\u0020\u0078",_bfc ,_eeae );_cc .Log .Trace ("\u0069\u0020\u003d\u0020\u0025\u0064\u0020\u002d\u003e\u0020\u0025\u0020\u0078",_bfc ,_bf );};_fdg :=make ([]byte ,32);for _bgb :=0;_bgb < 16;_bgb ++{_fdg [_bgb ]=_bf [_bgb ];};_ ,_de =_ab .Read (_fdg [16:32]);if _de !=nil {return nil ,_ff .New ("\u0066a\u0069\u006c\u0065\u0064 \u0074\u006f\u0020\u0067\u0065n\u0020r\u0061n\u0064\u0020\u006e\u0075\u006d\u0062\u0065r");};return _fdg ,nil ;};func _cdg (_cef []byte )([]byte ,error ){_ad :=_dc .New ();_ad .Write (_cef );return _ad .Sum (nil ),nil };const (PermOwner =Permissions (_e .MaxUint32 );PermPrinting =Permissions (1<<2);PermModify =Permissions (1<<3);PermExtractGraphics =Permissions (1<<4);PermAnnotate =Permissions (1<<5);PermFillForms =Permissions (1<<8);PermDisabilityExtract =Permissions (1<<9);PermRotateInsert =Permissions (1<<10);PermFullPrintQuality =Permissions (1<<11););func (_dec stdHandlerR4 )alg7 (_bac *StdEncryptDict ,_efc []byte )([]byte ,error ){_fga :=_dec .alg3Key (_bac .R ,_efc );_ffd :=make ([]byte ,len (_bac .O ));if _bac .R ==2{_bcd ,_bce :=_g .NewCipher (_fga );if _bce !=nil {return nil ,_ff .New ("\u0066\u0061\u0069\u006c\u0065\u0064\u0020\u0063\u0069\u0070\u0068\u0065\u0072");};_bcd .XORKeyStream (_ffd ,_bac .O );}else if _bac .R >=3{_bed :=append ([]byte {},_bac .O ...);for _eca :=0;_eca < 20;_eca ++{_geg :=append ([]byte {},_fga ...);for _bgf :=0;_bgf < len (_fga );_bgf ++{_geg [_bgf ]^=byte (19-_eca );};_ceb ,_aag :=_g .NewCipher (_geg );if _aag !=nil {return nil ,_ff .New ("\u0066\u0061\u0069\u006c\u0065\u0064\u0020\u0063\u0069\u0070\u0068\u0065\u0072");};_ceb .XORKeyStream (_ffd ,_bed );_bed =append ([]byte {},_ffd ...);};}else {return nil ,_ff .New ("\u0069n\u0076\u0061\u006c\u0069\u0064\u0020R");};_ebd ,_ddg :=_dec .alg6 (_bac ,_ffd );if _ddg !=nil {return nil ,nil ;};return _ebd ,nil ;};func (stdHandlerR4 )paddedPass (_fd []byte )[]byte {_eff :=make ([]byte ,32);_gd :=copy (_eff ,_fd );for ;_gd < 32;_gd ++{_eff [_gd ]=_ce [_gd -len (_fd )];};return _eff ;};var _ StdHandler =stdHandlerR6 {};
|
|
|
|
// GenerateParams is the algorithm opposite to alg2a (R>=5).
|
|
// It generates U,O,UE,OE,Perms fields using AESv3 encryption.
|
|
// There is no algorithm number assigned to this function in the spec.
|
|
// It expects R, P and EncryptMetadata fields to be set.
|
|
func (_cfgd stdHandlerR6 )GenerateParams (d *StdEncryptDict ,opass ,upass []byte )([]byte ,error ){_efee :=make ([]byte ,32);if _ ,_dce :=_b .ReadFull (_ab .Reader ,_efee );_dce !=nil {return nil ,_dce ;};d .U =nil ;d .O =nil ;d .UE =nil ;d .OE =nil ;d .Perms =nil ;if len (upass )> 127{upass =upass [:127];};if len (opass )> 127{opass =opass [:127];};if _ddde :=_cfgd .alg8 (d ,_efee ,upass );_ddde !=nil {return nil ,_ddde ;};if _bfg :=_cfgd .alg9 (d ,_efee ,opass );_bfg !=nil {return nil ,_bfg ;};if d .R ==5{return _efee ,nil ;};if _eeb :=_cfgd .alg10 (d ,_efee );_eeb !=nil {return nil ,_eeb ;};return _efee ,nil ;};func (_da stdHandlerR4 )alg3Key (R int ,_bbc []byte )[]byte {_fag :=_ga .New ();_af :=_da .paddedPass (_bbc );_fag .Write (_af );if R >=3{for _dd :=0;_dd < 50;_dd ++{_fad :=_fag .Sum (nil );_fag =_ga .New ();_fag .Write (_fad );};};_efe :=_fag .Sum (nil );if R ==2{_efe =_efe [0:5];}else {_efe =_efe [0:_da .Length /8];};return _efe ;};
|
|
|
|
// Permissions is a bitmask of access permissions for a PDF file.
|
|
type Permissions uint32 ;func _ee (_ba ,_ef string ,_eea int ,_aa []byte )error {if len (_aa )< _eea {return errInvalidField {Func :_ba ,Field :_ef ,Exp :_eea ,Got :len (_aa )};};return nil ;};func (_cf *ecbEncrypter )BlockSize ()int {return _cf ._bb };func _fed (_ffdg []byte )(_c .Block ,error ){_dbcf ,_faad :=_cb .NewCipher (_ffdg );if _faad !=nil {_cc .Log .Error ("\u0045\u0052\u0052\u004f\u0052\u003a\u0020\u0063\u006f\u0075\u006c\u0064\u0020\u006e\u006f\u0074\u0020\u0063\u0072\u0065\u0061\u0074\u0065\u0020A\u0045\u0053\u0020\u0063\u0069p\u0068\u0065r\u003a\u0020\u0025\u0076",_faad );return nil ,_faad ;};return _dbcf ,nil ;};func _gg (_cg _c .Block )*ecb {return &ecb {_fg :_cg ,_bb :_cg .BlockSize ()}};func _cfe (_agc []byte ,_bdb int ){_ggc :=_bdb ;for _ggc < len (_agc ){copy (_agc [_ggc :],_agc [:_ggc ]);_ggc *=2;};};func (_dfd stdHandlerR4 )alg6 (_deb *StdEncryptDict ,_dbg []byte )([]byte ,error ){var (_bgec []byte ;_fac error ;);_cecd :=_dfd .alg2 (_deb ,_dbg );if _deb .R ==2{_bgec ,_fac =_dfd .alg4 (_cecd ,_dbg );}else if _deb .R >=3{_bgec ,_fac =_dfd .alg5 (_cecd ,_dbg );}else {return nil ,_ff .New ("\u0069n\u0076\u0061\u006c\u0069\u0064\u0020R");};if _fac !=nil {return nil ,_fac ;};_cc .Log .Trace ("\u0063\u0068\u0065\u0063k:\u0020\u0025\u0020\u0078\u0020\u003d\u003d\u0020\u0025\u0020\u0078\u0020\u003f",string (_bgec ),string (_deb .U ));_cde :=_bgec ;_cad :=_deb .U ;if _deb .R >=3{if len (_cde )> 16{_cde =_cde [0:16];};if len (_cad )> 16{_cad =_cad [0:16];};};if !_bc .Equal (_cde ,_cad ){return nil ,nil ;};return _cecd ,nil ;};
|
|
|
|
// NewHandlerR4 creates a new standard security handler for R<=4.
|
|
func NewHandlerR4 (id0 string ,length int )StdHandler {return stdHandlerR4 {ID0 :id0 ,Length :length }};
|
|
|
|
// NewHandlerR6 creates a new standard security handler for R=5 and R=6.
|
|
func NewHandlerR6 ()StdHandler {return stdHandlerR6 {}};func (_ae *ecbDecrypter )BlockSize ()int {return _ae ._bb };type ecbDecrypter ecb ;func (_gcc stdHandlerR6 )alg13 (_egbc *StdEncryptDict ,_cgeg []byte )error {if _age :=_ee ("\u0061\u006c\u00671\u0033","\u004b\u0065\u0079",32,_cgeg );_age !=nil {return _age ;};if _ggb :=_ee ("\u0061\u006c\u00671\u0033","\u0050\u0065\u0072m\u0073",16,_egbc .Perms );_ggb !=nil {return _ggb ;};_bfce :=make ([]byte ,16);copy (_bfce ,_egbc .Perms [:16]);_bbf ,_cefeb :=_cb .NewCipher (_cgeg [:32]);if _cefeb !=nil {return _cefeb ;};_fea :=_fge (_bbf );_fea .CryptBlocks (_bfce ,_bfce );if !_bc .Equal (_bfce [9:12],[]byte ("\u0061\u0064\u0062")){return _ff .New ("\u0064\u0065\u0063o\u0064\u0065\u0064\u0020p\u0065\u0072\u006d\u0069\u0073\u0073\u0069o\u006e\u0073\u0020\u0061\u0072\u0065\u0020\u0069\u006e\u0076\u0061\u006c\u0069\u0064");};_adac :=Permissions (_be .LittleEndian .Uint32 (_bfce [0:4]));if _adac !=_egbc .P {return _ff .New ("\u0070\u0065r\u006d\u0069\u0073\u0073\u0069\u006f\u006e\u0073\u0020\u0076\u0061\u006c\u0069\u0064\u0061\u0074\u0069\u006f\u006e\u0020\u0066\u0061il\u0065\u0064");};_ecb :=true ;if _bfce [8]=='T'{_ecb =true ;}else if _bfce [8]=='F'{_ecb =false ;}else {return _ff .New ("\u0064\u0065\u0063\u006f\u0064\u0065\u0064 \u006d\u0065\u0074a\u0064\u0061\u0074\u0061 \u0065\u006e\u0063\u0072\u0079\u0070\u0074\u0069\u006f\u006e\u0020\u0066\u006c\u0061\u0067\u0020\u0069\u0073\u0020\u0069\u006e\u0076\u0061\u006c\u0069\u0064");};if _ecb !=_egbc .EncryptMetadata {return _ff .New ("\u006d\u0065t\u0061\u0064\u0061\u0074a\u0020\u0065n\u0063\u0072\u0079\u0070\u0074\u0069\u006f\u006e \u0076\u0061\u006c\u0069\u0064\u0061\u0074\u0069\u006f\u006e\u0020\u0066a\u0069\u006c\u0065\u0064");};return nil ;};const _ce ="\x28\277\116\136\x4e\x75\x8a\x41\x64\000\x4e\x56\377"+"\xfa\001\010\056\x2e\x00\xb6\xd0\x68\076\x80\x2f\014"+"\251\xfe\x64\x53\x69\172";func (_fgg stdHandlerR6 )alg10 (_fede *StdEncryptDict ,_fcc []byte )error {if _acc :=_ee ("\u0061\u006c\u00671\u0030","\u004b\u0065\u0079",32,_fcc );_acc !=nil {return _acc ;};_fce :=uint64 (uint32 (_fede .P ))|(_e .MaxUint32 <<32);Perms :=make ([]byte ,16);_be .LittleEndian .PutUint64 (Perms [:8],_fce );if _fede .EncryptMetadata {Perms [8]='T';}else {Perms [8]='F';};copy (Perms [9:12],"\u0061\u0064\u0062");if _ ,_fgd :=_b .ReadFull (_ab .Reader ,Perms [12:16]);_fgd !=nil {return _fgd ;};_cee ,_aef :=_fed (_fcc [:32]);if _aef !=nil {return _aef ;};_eae :=_fa (_cee );_eae .CryptBlocks (Perms ,Perms );_fede .Perms =Perms [:16];return nil ;};type ecb struct{_fg _c .Block ;_bb int ;};type ecbEncrypter ecb ;func (_dbf stdHandlerR6 )alg2b (R int ,_gfd ,_aaec ,_aca []byte )([]byte ,error ){if R ==5{return _cdg (_gfd );};return _aae (_gfd ,_aaec ,_aca );};const (EventDocOpen =AuthEvent ("\u0044o\u0063\u004f\u0070\u0065\u006e");EventEFOpen =AuthEvent ("\u0045\u0046\u004f\u0070\u0065\u006e"););func (_ggd errInvalidField )Error ()string {return _ec .Sprintf ("\u0025s\u003a\u0020e\u0078\u0070\u0065\u0063t\u0065\u0064\u0020%\u0073\u0020\u0066\u0069\u0065\u006c\u0064\u0020\u0074o \u0062\u0065\u0020%\u0064\u0020b\u0079\u0074\u0065\u0073\u002c\u0020g\u006f\u0074 \u0025\u0064",_ggd .Func ,_ggd .Field ,_ggd .Exp ,_ggd .Got );};func (_fb stdHandlerR4 )alg3 (R int ,_bg ,_daf []byte )([]byte ,error ){var _cgf []byte ;if len (_daf )> 0{_cgf =_fb .alg3Key (R ,_daf );}else {_cgf =_fb .alg3Key (R ,_bg );};_dff ,_cec :=_g .NewCipher (_cgf );if _cec !=nil {return nil ,_ff .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_fdb :=_fb .paddedPass (_bg );_cbe :=make ([]byte ,len (_fdb ));_dff .XORKeyStream (_cbe ,_fdb );if R >=3{_ebe :=make ([]byte ,len (_cgf ));for _dg :=0;_dg < 19;_dg ++{for _ddd :=0;_ddd < len (_cgf );_ddd ++{_ebe [_ddd ]=_cgf [_ddd ]^byte (_dg +1);};_ge ,_ddb :=_g .NewCipher (_ebe );if _ddb !=nil {return nil ,_ff .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_ge .XORKeyStream (_cbe ,_cbe );};};return _cbe ,nil ;};
|
|
|
|
// AuthEvent is an event type that triggers authentication.
|
|
type AuthEvent string ;func (_cca stdHandlerR4 )alg2 (_fgf *StdEncryptDict ,_df []byte )[]byte {_cc .Log .Trace ("\u0061\u006c\u0067\u0032");_bd :=_cca .paddedPass (_df );_dfa :=_ga .New ();_dfa .Write (_bd );_dfa .Write (_fgf .O );var _abb [4]byte ;_be .LittleEndian .PutUint32 (_abb [:],uint32 (_fgf .P ));_dfa .Write (_abb [:]);_cc .Log .Trace ("\u0067o\u0020\u0050\u003a\u0020\u0025\u0020x",_abb );_dfa .Write ([]byte (_cca .ID0 ));_cc .Log .Trace ("\u0074\u0068\u0069\u0073\u002e\u0052\u0020\u003d\u0020\u0025d\u0020\u0065\u006e\u0063\u0072\u0079\u0070t\u004d\u0065\u0074\u0061\u0064\u0061\u0074\u0061\u0020\u0025\u0076",_fgf .R ,_fgf .EncryptMetadata );if (_fgf .R >=4)&&!_fgf .EncryptMetadata {_dfa .Write ([]byte {0xff,0xff,0xff,0xff});};_ca :=_dfa .Sum (nil );if _fgf .R >=3{_dfa =_ga .New ();for _faa :=0;_faa < 50;_faa ++{_dfa .Reset ();_dfa .Write (_ca [0:_cca .Length /8]);_ca =_dfa .Sum (nil );};};if _fgf .R >=3{return _ca [0:_cca .Length /8];};return _ca [0:5];};func _fge (_bef _c .Block )_c .BlockMode {return (*ecbDecrypter )(_gg (_bef ))};func (_cfg stdHandlerR4 )alg4 (_gfe []byte ,_fc []byte )([]byte ,error ){_cdd ,_fe :=_g .NewCipher (_gfe );if _fe !=nil {return nil ,_ff .New ("\u0066a\u0069l\u0065\u0064\u0020\u0072\u0063\u0034\u0020\u0063\u0069\u0070\u0068");};_bee :=[]byte (_ce );_cce :=make ([]byte ,len (_bee ));_cdd .XORKeyStream (_cce ,_bee );return _cce ,nil ;};
|
|
|
|
// Authenticate implements StdHandler interface.
|
|
func (_ged stdHandlerR6 )Authenticate (d *StdEncryptDict ,pass []byte )([]byte ,Permissions ,error ){return _ged .alg2a (d ,pass );};
|
|
|
|
// StdEncryptDict is a set of additional fields used in standard encryption dictionary.
|
|
type StdEncryptDict struct{R int ;P Permissions ;EncryptMetadata bool ;O ,U []byte ;OE ,UE []byte ;Perms []byte ;};func _aae (_bfa ,_fec ,_ecc []byte )([]byte ,error ){var (_gfb ,_cea ,_effc _a .Hash ;);_gfb =_dc .New ();_cded :=make ([]byte ,64);_ffc :=_gfb ;_ffc .Write (_bfa );K :=_ffc .Sum (_cded [:0]);_caa :=make ([]byte ,64*(127+64+48));_ddc :=func (_ecdf int )([]byte ,error ){_bbe :=len (_fec )+len (K )+len (_ecc );_fdc :=_caa [:_bbe ];_efge :=copy (_fdc ,_fec );_efge +=copy (_fdc [_efge :],K [:]);_efge +=copy (_fdc [_efge :],_ecc );if _efge !=_bbe {_cc .Log .Error ("E\u0052\u0052\u004f\u0052\u003a\u0020u\u006e\u0065\u0078\u0070\u0065\u0063t\u0065\u0064\u0020\u0072\u006f\u0075\u006ed\u0020\u0069\u006e\u0070\u0075\u0074\u0020\u0073\u0069\u007ae\u002e");return nil ,_ff .New ("\u0077\u0072\u006f\u006e\u0067\u0020\u0073\u0069\u007a\u0065");};K1 :=_caa [:_bbe *64];_cfe (K1 ,_bbe );_bba ,_fee :=_fed (K [0:16]);if _fee !=nil {return nil ,_fee ;};_baca :=_c .NewCBCEncrypter (_bba ,K [16:32]);_baca .CryptBlocks (K1 ,K1 );E :=K1 ;_bae :=0;for _acg :=0;_acg < 16;_acg ++{_bae +=int (E [_acg ]%3);};var _cac _a .Hash ;switch _bae %3{case 0:_cac =_gfb ;case 1:if _cea ==nil {_cea =_f .New384 ();};_cac =_cea ;case 2:if _effc ==nil {_effc =_f .New ();};_cac =_effc ;};_cac .Reset ();_cac .Write (E );K =_cac .Sum (_cded [:0]);return E ,nil ;};for _cbef :=0;;{E ,_bde :=_ddc (_cbef );if _bde !=nil {return nil ,_bde ;};_gfbg :=uint8 (E [len (E )-1]);_cbef ++;if _cbef >=64&&_gfbg <=uint8 (_cbef -32){break ;};};return K [:32],nil ;};func _fa (_dcd _c .Block )_c .BlockMode {return (*ecbEncrypter )(_gg (_dcd ))};
|
|
|
|
// Authenticate implements StdHandler interface.
|
|
func (_faaf stdHandlerR4 )Authenticate (d *StdEncryptDict ,pass []byte )([]byte ,Permissions ,error ){_cc .Log .Trace ("\u0044\u0065b\u0075\u0067\u0067\u0069n\u0067\u0020a\u0075\u0074\u0068\u0065\u006e\u0074\u0069\u0063a\u0074\u0069\u006f\u006e\u0020\u002d\u0020\u006f\u0077\u006e\u0065\u0072 \u0070\u0061\u0073\u0073");_dbc ,_ddf :=_faaf .alg7 (d ,pass );if _ddf !=nil {return nil ,0,_ddf ;};if _dbc !=nil {_cc .Log .Trace ("\u0074h\u0069\u0073\u002e\u0061u\u0074\u0068\u0065\u006e\u0074i\u0063a\u0074e\u0064\u0020\u003d\u0020\u0054\u0072\u0075e");return _dbc ,PermOwner ,nil ;};_cc .Log .Trace ("\u0044\u0065bu\u0067\u0067\u0069n\u0067\u0020\u0061\u0075the\u006eti\u0063\u0061\u0074\u0069\u006f\u006e\u0020- \u0075\u0073\u0065\u0072\u0020\u0070\u0061s\u0073");_dbc ,_ddf =_faaf .alg6 (d ,pass );if _ddf !=nil {return nil ,0,_ddf ;};if _dbc !=nil {_cc .Log .Trace ("\u0074h\u0069\u0073\u002e\u0061u\u0074\u0068\u0065\u006e\u0074i\u0063a\u0074e\u0064\u0020\u003d\u0020\u0054\u0072\u0075e");return _dbc ,d .P ,nil ;};return nil ,0,nil ;};type errInvalidField struct{Func string ;Field string ;Exp int ;Got int ;};func (_ecf stdHandlerR6 )alg9 (_ggdd *StdEncryptDict ,_dfae []byte ,_ccc []byte )error {if _ea :=_ee ("\u0061\u006c\u0067\u0039","\u004b\u0065\u0079",32,_dfae );_ea !=nil {return _ea ;};if _eef :=_ee ("\u0061\u006c\u0067\u0039","\u0055",48,_ggdd .U );_eef !=nil {return _eef ;};var _ccb [16]byte ;if _ ,_egbg :=_b .ReadFull (_ab .Reader ,_ccb [:]);_egbg !=nil {return _egbg ;};_cdgb :=_ccb [0:8];_gge :=_ccb [8:16];_debf :=_ggdd .U [:48];_bacc :=make ([]byte ,len (_ccc )+len (_cdgb )+len (_debf ));_fbd :=copy (_bacc ,_ccc );_fbd +=copy (_bacc [_fbd :],_cdgb );_fbd +=copy (_bacc [_fbd :],_debf );_fff ,_gdb :=_ecf .alg2b (_ggdd .R ,_bacc ,_ccc ,_debf );if _gdb !=nil {return _gdb ;};O :=make ([]byte ,len (_fff )+len (_cdgb )+len (_gge ));_fbd =copy (O ,_fff [:32]);_fbd +=copy (O [_fbd :],_cdgb );_fbd +=copy (O [_fbd :],_gge );_ggdd .O =O ;_fbd =len (_ccc );_fbd +=copy (_bacc [_fbd :],_gge );_fff ,_gdb =_ecf .alg2b (_ggdd .R ,_bacc ,_ccc ,_debf );if _gdb !=nil {return _gdb ;};_agg ,_gdb :=_fed (_fff [:32]);if _gdb !=nil {return _gdb ;};_gdd :=make ([]byte ,_cb .BlockSize );_abf :=_c .NewCBCEncrypter (_agg ,_gdd );OE :=make ([]byte ,32);_abf .CryptBlocks (OE ,_dfae [:32]);_ggdd .OE =OE ;return nil ;};
|
|
|
|
// Allowed checks if a set of permissions can be granted.
|
|
func (_gf Permissions )Allowed (p2 Permissions )bool {return _gf &p2 ==p2 };type stdHandlerR4 struct{Length int ;ID0 string ;};func (_abe *ecbDecrypter )CryptBlocks (dst ,src []byte ){if len (src )%_abe ._bb !=0{_cc .Log .Error ("\u0045\u0052\u0052\u004f\u0052:\u0020\u0045\u0043\u0042\u0020\u0064\u0065\u0063\u0072\u0079\u0070\u0074\u003a \u0069\u006e\u0070\u0075\u0074\u0020\u006e\u006f\u0074\u0020\u0066\u0075\u006c\u006c\u0020\u0062\u006c\u006f\u0063\u006b\u0073");return ;};if len (dst )< len (src ){_cc .Log .Error ("\u0045R\u0052\u004fR\u003a\u0020\u0045C\u0042\u0020\u0064\u0065\u0063\u0072\u0079p\u0074\u003a\u0020\u006f\u0075\u0074p\u0075\u0074\u0020\u0073\u006d\u0061\u006c\u006c\u0065\u0072\u0020t\u0068\u0061\u006e\u0020\u0069\u006e\u0070\u0075\u0074");return ;};for len (src )> 0{_abe ._fg .Decrypt (dst ,src [:_abe ._bb ]);src =src [_abe ._bb :];dst =dst [_abe ._bb :];};};func (_fgb stdHandlerR6 )alg8 (_ecg *StdEncryptDict ,_egb []byte ,_ecdd []byte )error {if _agbd :=_ee ("\u0061\u006c\u0067\u0038","\u004b\u0065\u0079",32,_egb );_agbd !=nil {return _agbd ;};var _fgab [16]byte ;if _ ,_cecc :=_b .ReadFull (_ab .Reader ,_fgab [:]);_cecc !=nil {return _cecc ;};_cbc :=_fgab [0:8];_bbaa :=_fgab [8:16];_cge :=make ([]byte ,len (_ecdd )+len (_cbc ));_caf :=copy (_cge ,_ecdd );_caf +=copy (_cge [_caf :],_cbc );_gbf ,_fda :=_fgb .alg2b (_ecg .R ,_cge ,_ecdd ,nil );if _fda !=nil {return _fda ;};U :=make ([]byte ,len (_gbf )+len (_cbc )+len (_bbaa ));_caf =copy (U ,_gbf [:32]);_caf +=copy (U [_caf :],_cbc );_caf +=copy (U [_caf :],_bbaa );_ecg .U =U ;_caf =len (_ecdd );_caf +=copy (_cge [_caf :],_bbaa );_gbf ,_fda =_fgb .alg2b (_ecg .R ,_cge ,_ecdd ,nil );if _fda !=nil {return _fda ;};_dgc ,_fda :=_fed (_gbf [:32]);if _fda !=nil {return _fda ;};_dbac :=make ([]byte ,_cb .BlockSize );_ccea :=_c .NewCBCEncrypter (_dgc ,_dbac );UE :=make ([]byte ,32);_ccea .CryptBlocks (UE ,_egb [:32]);_ecg .UE =UE ;return nil ;};type stdHandlerR6 struct{};func (_bad stdHandlerR6 )alg12 (_bdc *StdEncryptDict ,_cgd []byte )([]byte ,error ){if _cag :=_ee ("\u0061\u006c\u00671\u0032","\u0055",48,_bdc .U );_cag !=nil {return nil ,_cag ;};if _bbg :=_ee ("\u0061\u006c\u00671\u0032","\u004f",48,_bdc .O );_bbg !=nil {return nil ,_bbg ;};_gadd :=make ([]byte ,len (_cgd )+8+48);_egg :=copy (_gadd ,_cgd );_egg +=copy (_gadd [_egg :],_bdc .O [32:40]);_egg +=copy (_gadd [_egg :],_bdc .U [0:48]);_cefe ,_dddc :=_bad .alg2b (_bdc .R ,_gadd ,_cgd ,_bdc .U [0:48]);if _dddc !=nil {return nil ,_dddc ;};_cefe =_cefe [:32];if !_bc .Equal (_cefe ,_bdc .O [:32]){return nil ,nil ;};return _cefe ,nil ;};
|
|
|
|
// StdHandler is an interface for standard security handlers.
|
|
type StdHandler interface{
|
|
|
|
// GenerateParams uses owner and user passwords to set encryption parameters and generate an encryption key.
|
|
// It assumes that R, P and EncryptMetadata are already set.
|
|
GenerateParams (_ffe *StdEncryptDict ,_cd ,_eb []byte )([]byte ,error );
|
|
|
|
// Authenticate uses encryption dictionary parameters and the password to calculate
|
|
// the document encryption key. It also returns permissions that should be granted to a user.
|
|
// In case of failed authentication, it returns empty key and zero permissions with no error.
|
|
Authenticate (_ecd *StdEncryptDict ,_db []byte )([]byte ,Permissions ,error );};func (_bca *ecbEncrypter )CryptBlocks (dst ,src []byte ){if len (src )%_bca ._bb !=0{_cc .Log .Error ("\u0045\u0052\u0052\u004f\u0052:\u0020\u0045\u0043\u0042\u0020\u0065\u006e\u0063\u0072\u0079\u0070\u0074\u003a \u0069\u006e\u0070\u0075\u0074\u0020\u006e\u006f\u0074\u0020\u0066\u0075\u006c\u006c\u0020\u0062\u006c\u006f\u0063\u006b\u0073");return ;};if len (dst )< len (src ){_cc .Log .Error ("\u0045R\u0052\u004fR\u003a\u0020\u0045C\u0042\u0020\u0065\u006e\u0063\u0072\u0079p\u0074\u003a\u0020\u006f\u0075\u0074p\u0075\u0074\u0020\u0073\u006d\u0061\u006c\u006c\u0065\u0072\u0020t\u0068\u0061\u006e\u0020\u0069\u006e\u0070\u0075\u0074");return ;};for len (src )> 0{_bca ._fg .Encrypt (dst ,src [:_bca ._bb ]);src =src [_bca ._bb :];dst =dst [_bca ._bb :];};}; |