Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.11/site-packages/pypdf/_crypt_providers/_cryptography.py: 3%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

75 statements  

1# Copyright (c) 2023, exiledkingcc 

2# All rights reserved. 

3# 

4# Redistribution and use in source and binary forms, with or without 

5# modification, are permitted provided that the following conditions are 

6# met: 

7# 

8# * Redistributions of source code must retain the above copyright notice, 

9# this list of conditions and the following disclaimer. 

10# * Redistributions in binary form must reproduce the above copyright notice, 

11# this list of conditions and the following disclaimer in the documentation 

12# and/or other materials provided with the distribution. 

13# * The name of the author may not be used to endorse or promote products 

14# derived from this software without specific prior written permission. 

15# 

16# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 

17# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 

18# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 

19# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 

20# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 

21# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 

22# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 

23# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 

24# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 

25# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 

26# POSSIBILITY OF SUCH DAMAGE. 

27 

28import secrets 

29 

30from cryptography import __version__ 

31from cryptography.hazmat.primitives.ciphers.algorithms import AES 

32from cryptography.hazmat.primitives.padding import PKCS7 

33 

34from pypdf._utils import logger_warning 

35from pypdf.errors import PdfStreamError 

36 

37try: 

38 # 43.0.0 - https://cryptography.io/en/latest/changelog/#v43-0-0 

39 from cryptography.hazmat.decrepit.ciphers.algorithms import ARC4 

40except ImportError: 

41 from cryptography.hazmat.primitives.ciphers.algorithms import ARC4 

42from cryptography.hazmat.primitives.ciphers.base import Cipher 

43from cryptography.hazmat.primitives.ciphers.modes import CBC, ECB 

44 

45from pypdf._crypt_providers._base import CryptBase 

46 

47crypt_provider = ("cryptography", __version__) 

48 

49 

50class CryptRC4(CryptBase): 

51 def __init__(self, key: bytes) -> None: 

52 self.cipher = Cipher(ARC4(key), mode=None) 

53 

54 def encrypt(self, data: bytes) -> bytes: 

55 encryptor = self.cipher.encryptor() 

56 return encryptor.update(data) + encryptor.finalize() 

57 

58 def decrypt(self, data: bytes, *, strict: bool = True) -> bytes: 

59 decryptor = self.cipher.decryptor() 

60 return decryptor.update(data) + decryptor.finalize() 

61 

62 

63class CryptAES(CryptBase): 

64 def __init__(self, key: bytes) -> None: 

65 self.alg = AES(key) 

66 

67 def encrypt(self, data: bytes) -> bytes: 

68 iv = secrets.token_bytes(16) 

69 padder = PKCS7(128).padder() 

70 padded_data = padder.update(data) + padder.finalize() 

71 

72 cipher = Cipher(self.alg, CBC(iv)) 

73 encryptor = cipher.encryptor() 

74 return iv + encryptor.update(padded_data) + encryptor.finalize() 

75 

76 def decrypt(self, data: bytes, *, strict: bool = True) -> bytes: 

77 iv = data[:16] 

78 data = data[16:] 

79 # for empty encrypted data 

80 if not data: 

81 return data 

82 

83 if not strict and len(data) % 16 != 0: 

84 logger_warning("Adding missing padding.", src=__name__) 

85 padder = PKCS7(128).padder() 

86 data = padder.update(data) + padder.finalize() 

87 

88 cipher = Cipher(self.alg, CBC(iv)) 

89 decryptor = cipher.decryptor() 

90 try: 

91 padded_data = decryptor.update(data) + decryptor.finalize() 

92 except ValueError as exception: 

93 # Only raised in strict mode. Non-strict mode fixes padding. 

94 raise PdfStreamError(exception) 

95 

96 unpadder = PKCS7(128).unpadder() 

97 try: 

98 return unpadder.update(padded_data) + unpadder.finalize() 

99 except ValueError as exception: 

100 if strict: 

101 raise PdfStreamError(exception) 

102 logger_warning(f"Ignoring padding error: {exception}", src=__name__) 

103 return padded_data[: -padded_data[-1]] 

104 

105 

106def rc4_encrypt(key: bytes, data: bytes) -> bytes: 

107 encryptor = Cipher(ARC4(key), mode=None).encryptor() 

108 return encryptor.update(data) + encryptor.finalize() 

109 

110 

111def rc4_decrypt(key: bytes, data: bytes) -> bytes: 

112 decryptor = Cipher(ARC4(key), mode=None).decryptor() 

113 return decryptor.update(data) + decryptor.finalize() 

114 

115 

116def aes_ecb_encrypt(key: bytes, data: bytes) -> bytes: 

117 encryptor = Cipher(AES(key), mode=ECB()).encryptor() 

118 return encryptor.update(data) + encryptor.finalize() 

119 

120 

121def aes_ecb_decrypt(key: bytes, data: bytes) -> bytes: 

122 decryptor = Cipher(AES(key), mode=ECB()).decryptor() 

123 return decryptor.update(data) + decryptor.finalize() 

124 

125 

126def aes_cbc_encrypt(key: bytes, iv: bytes, data: bytes) -> bytes: 

127 encryptor = Cipher(AES(key), mode=CBC(iv)).encryptor() 

128 return encryptor.update(data) + encryptor.finalize() 

129 

130 

131def aes_cbc_decrypt(key: bytes, iv: bytes, data: bytes) -> bytes: 

132 decryptor = Cipher(AES(key), mode=CBC(iv)).decryptor() 

133 return decryptor.update(data) + decryptor.finalize()