/src/poppler/poppler/SecurityHandler.h

Source
//========================================================================
//
// SecurityHandler.h
//
// Copyright 2004 Glyph & Cog, LLC
//
//========================================================================

//========================================================================
//
// Modified under the Poppler project - http://poppler.freedesktop.org
//
// All changes made under the Poppler project to this file are licensed
// under GPL version 2 or later
//
// Copyright (C) 2012, 2018, 2020-2022, 2024, 2025 Albert Astals Cid <aacid@kde.org>
//
// To see a description of the changes please see the Changelog file that
// came with your tarball or type make ChangeLog if you are building from git
//
//========================================================================

#ifndef SECURITYHANDLER_H
#define SECURITYHANDLER_H

#include "Object.h"

#include <optional>

class GooString;
class PDFDoc;

//------------------------------------------------------------------------
// SecurityHandler
//------------------------------------------------------------------------

class SecurityHandler
{
public:
    static SecurityHandler *make(PDFDoc *docA, Object *encryptDictA);

    explicit SecurityHandler(PDFDoc *docA);
    virtual ~SecurityHandler();

    SecurityHandler(const SecurityHandler &) = delete;
    SecurityHandler &operator=(const SecurityHandler &) = delete;

    // Returns true if the file is actually unencrypted.
    virtual bool isUnencrypted() const { return false; }

    // Check the document's encryption.  If the document is encrypted,
    // this will first try <ownerPassword> and <userPassword> (in
    // "batch" mode), and if those fail, it will attempt to request a
    // password from the user.  This is the high-level function that
    // calls the lower level functions for the specific security handler
    // (requesting a password three times, etc.).  Returns true if the
    // document can be opened (if it's unencrypted, or if a correct
    // password is obtained); false otherwise (encrypted and no correct
    // password).
    bool checkEncryption(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword);

    // Create authorization data for the specified owner and user
    // passwords.  If the security handler doesn't support "batch" mode,
    // this function should return NULL.
    virtual void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) = 0;

    // Free the authorization data returned by makeAuthData or
    // getAuthData.
    virtual void freeAuthData(void *authData) = 0;

    // Attempt to authorize the document, using the supplied
    // authorization data (which may be NULL).  Returns true if
    // successful (i.e., if at least the right to open the document was
    // granted).
    virtual bool authorize(void *authData) = 0;

    // Return the various authorization parameters.  These are only
    // valid after authorize has returned true.
    virtual int getPermissionFlags() const = 0;
    virtual bool getOwnerPasswordOk() const = 0;
    virtual const unsigned char *getFileKey() const = 0;
    virtual int getFileKeyLength() const = 0;
    virtual int getEncVersion() const = 0;
    virtual int getEncRevision() const = 0;
    virtual CryptAlgorithm getEncAlgorithm() const = 0;

protected:
    PDFDoc *doc;
};

//------------------------------------------------------------------------
// StandardSecurityHandler
//------------------------------------------------------------------------

class StandardSecurityHandler : public SecurityHandler
{
public:
    StandardSecurityHandler(PDFDoc *docA, Object *encryptDictA);
    ~StandardSecurityHandler() override;

    bool isUnencrypted() const override;
    void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) override;
    void freeAuthData(void *authData) override;
    bool authorize(void *authData) override;
    int getPermissionFlags() const override { return permFlags; }
    bool getOwnerPasswordOk() const override { return ownerPasswordOk; }
    const unsigned char *getFileKey() const override { return fileKey; }
    int getFileKeyLength() const override { return ok ? fileKeyLength : 0; }
    int getEncVersion() const override { return encVersion; }
    int getEncRevision() const override { return encRevision; }
    CryptAlgorithm getEncAlgorithm() const override { return encAlgorithm; }

private:
    int permFlags;
    bool ownerPasswordOk;
    unsigned char fileKey[32];
    int fileKeyLength;
    int encVersion;
    int encRevision;
    bool encryptMetadata;
    CryptAlgorithm encAlgorithm;

    std::unique_ptr<GooString> ownerKey, userKey;
    std::unique_ptr<GooString> ownerEnc, userEnc;
    std::unique_ptr<GooString> fileID;
    bool ok;
};

#endif

Line	Count	Source
1		//========================================================================
2		//
3		// SecurityHandler.h
4		//
5		// Copyright 2004 Glyph & Cog, LLC
6		//
7		//========================================================================
8
9		//========================================================================
10		//
11		// Modified under the Poppler project - http://poppler.freedesktop.org
12		//
13		// All changes made under the Poppler project to this file are licensed
14		// under GPL version 2 or later
15		//
16		// Copyright (C) 2012, 2018, 2020-2022, 2024, 2025 Albert Astals Cid <aacid@kde.org>
17		//
18		// To see a description of the changes please see the Changelog file that
19		// came with your tarball or type make ChangeLog if you are building from git
20		//
21		//========================================================================
22
23		#ifndef SECURITYHANDLER_H
24		#define SECURITYHANDLER_H
25
26		#include "Object.h"
27
28		#include <optional>
29
30		class GooString;
31		class PDFDoc;
32
33		//------------------------------------------------------------------------
34		// SecurityHandler
35		//------------------------------------------------------------------------
36
37		class SecurityHandler
38		{
39		public:
40		static SecurityHandler make(PDFDoc docA, Object *encryptDictA);
41
42		explicit SecurityHandler(PDFDoc *docA);
43		virtual ~SecurityHandler();
44
45		SecurityHandler(const SecurityHandler &) = delete;
46		SecurityHandler &operator=(const SecurityHandler &) = delete;
47
48		// Returns true if the file is actually unencrypted.
49	0	virtual bool isUnencrypted() const { return false; }
50
51		// Check the document's encryption. If the document is encrypted,
52		// this will first try <ownerPassword> and <userPassword> (in
53		// "batch" mode), and if those fail, it will attempt to request a
54		// password from the user. This is the high-level function that
55		// calls the lower level functions for the specific security handler
56		// (requesting a password three times, etc.). Returns true if the
57		// document can be opened (if it's unencrypted, or if a correct
58		// password is obtained); false otherwise (encrypted and no correct
59		// password).
60		bool checkEncryption(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword);
61
62		// Create authorization data for the specified owner and user
63		// passwords. If the security handler doesn't support "batch" mode,
64		// this function should return NULL.
65		virtual void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) = 0;
66
67		// Free the authorization data returned by makeAuthData or
68		// getAuthData.
69		virtual void freeAuthData(void *authData) = 0;
70
71		// Attempt to authorize the document, using the supplied
72		// authorization data (which may be NULL). Returns true if
73		// successful (i.e., if at least the right to open the document was
74		// granted).
75		virtual bool authorize(void *authData) = 0;
76
77		// Return the various authorization parameters. These are only
78		// valid after authorize has returned true.
79		virtual int getPermissionFlags() const = 0;
80		virtual bool getOwnerPasswordOk() const = 0;
81		virtual const unsigned char *getFileKey() const = 0;
82		virtual int getFileKeyLength() const = 0;
83		virtual int getEncVersion() const = 0;
84		virtual int getEncRevision() const = 0;
85		virtual CryptAlgorithm getEncAlgorithm() const = 0;
86
87		protected:
88		PDFDoc *doc;
89		};
90
91		//------------------------------------------------------------------------
92		// StandardSecurityHandler
93		//------------------------------------------------------------------------
94
95		class StandardSecurityHandler : public SecurityHandler
96		{
97		public:
98		StandardSecurityHandler(PDFDoc docA, Object encryptDictA);
99		~StandardSecurityHandler() override;
100
101		bool isUnencrypted() const override;
102		void *makeAuthData(const std::optional<GooString> &ownerPassword, const std::optional<GooString> &userPassword) override;
103		void freeAuthData(void *authData) override;
104		bool authorize(void *authData) override;
105	2.65k	int getPermissionFlags() const override { return permFlags; }
106	2.65k	bool getOwnerPasswordOk() const override { return ownerPasswordOk; }
107	2.71k	const unsigned char *getFileKey() const override { return fileKey; }
108	2.71k	int getFileKeyLength() const override { return ok ? fileKeyLength : 0; }
109	2.65k	int getEncVersion() const override { return encVersion; }
110	2.65k	int getEncRevision() const override { return encRevision; }
111	2.71k	CryptAlgorithm getEncAlgorithm() const override { return encAlgorithm; }
112
113		private:
114		int permFlags;
115		bool ownerPasswordOk;
116		unsigned char fileKey[32];
117		int fileKeyLength;
118		int encVersion;
119		int encRevision;
120		bool encryptMetadata;
121		CryptAlgorithm encAlgorithm;
122
123		std::unique_ptr<GooString> ownerKey, userKey;
124		std::unique_ptr<GooString> ownerEnc, userEnc;
125		std::unique_ptr<GooString> fileID;
126		bool ok;
127		};
128
129		#endif

Coverage Report

Created: 2026-06-07 08:13