diff options
author | Stephan Bergmann <sbergman@redhat.com> | 2018-08-24 10:27:01 +0200 |
---|---|---|
committer | Caolán McNamara <caolanm@redhat.com> | 2018-08-25 20:27:44 +0200 |
commit | 68ffc5c83ca73c58439b7c9935283541f007db44 (patch) | |
tree | e14fadc128c87b2aabed9f96b662977b03076ac8 /sdext | |
parent | f675adc55e9dee1185b57d8e51df7ad3c9364753 (diff) |
iRelated rhbz#1618703: Properly handle failure en-/decoding PDF file
...when e.g. FIPS mode makes the various calls to rtl_cipher_initARCFOUR fail.
Change-Id: Id1b2222249c151470e233ab814b21228f3a8b561
Reviewed-on: https://gerrit.libreoffice.org/59543
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
(cherry picked from commit 185a14525f114e58b48236284ed8e8644bc40e48)
Reviewed-on: https://gerrit.libreoffice.org/59573
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
Diffstat (limited to 'sdext')
-rw-r--r-- | sdext/source/pdfimport/pdfparse/pdfentries.cxx | 42 |
1 files changed, 31 insertions, 11 deletions
diff --git a/sdext/source/pdfimport/pdfparse/pdfentries.cxx b/sdext/source/pdfimport/pdfparse/pdfentries.cxx index a55c45e7a093..37225ccf3aaf 100644 --- a/sdext/source/pdfimport/pdfparse/pdfentries.cxx +++ b/sdext/source/pdfimport/pdfparse/pdfentries.cxx @@ -1156,9 +1156,13 @@ static bool check_user_password( const OString& rPwd, PDFFileImplData* pData ) memset( nEncryptedEntry, 0, sizeof(nEncryptedEntry) ); // see PDF reference 1.4 Algorithm 3.4 // encrypt pad string - rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, - aKey, nKeyLen, - nullptr, 0 ); + if (rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, + aKey, nKeyLen, + nullptr, 0 ) + != rtl_Cipher_E_None) + { + return false; //TODO: differentiate "failed to decrypt" from "wrong password" + } rtl_cipher_encodeARCFOUR( pData->m_aCipher, nPadString, sizeof( nPadString ), nEncryptedEntry, sizeof( nEncryptedEntry ) ); bValid = (memcmp( nEncryptedEntry, pData->m_aUEntry, 32 ) == 0); @@ -1170,8 +1174,12 @@ static bool check_user_password( const OString& rPwd, PDFFileImplData* pData ) aDigest.update(nPadString, sizeof(nPadString)); aDigest.update(reinterpret_cast<unsigned char const*>(pData->m_aDocID.getStr()), pData->m_aDocID.getLength()); ::std::vector<unsigned char> nEncryptedEntry(aDigest.finalize()); - rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, - aKey, sizeof(aKey), nullptr, 0 ); + if (rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, + aKey, sizeof(aKey), nullptr, 0 ) + != rtl_Cipher_E_None) + { + return false; //TODO: differentiate "failed to decrypt" from "wrong password" + } rtl_cipher_encodeARCFOUR( pData->m_aCipher, nEncryptedEntry.data(), 16, nEncryptedEntry.data(), 16 ); // encrypt in place @@ -1181,8 +1189,12 @@ static bool check_user_password( const OString& rPwd, PDFFileImplData* pData ) for( sal_uInt32 j = 0; j < sizeof(aTempKey); j++ ) aTempKey[j] = static_cast<sal_uInt8>( aKey[j] ^ i ); - rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, - aTempKey, sizeof(aTempKey), nullptr, 0 ); + if (rtl_cipher_initARCFOUR( pData->m_aCipher, rtl_Cipher_DirectionEncode, + aTempKey, sizeof(aTempKey), nullptr, 0 ) + != rtl_Cipher_E_None) + { + return false; //TODO: differentiate "failed to decrypt" from "wrong password" + } rtl_cipher_encodeARCFOUR( pData->m_aCipher, nEncryptedEntry.data(), 16, nEncryptedEntry.data(), 16 ); // encrypt in place @@ -1226,8 +1238,12 @@ bool PDFFile::setupDecryptionData( const OString& rPwd ) const sal_uInt32 nKeyLen = password_to_key( rPwd, aKey, m_pData.get(), true ); if( m_pData->m_nStandardRevision == 2 ) { - rtl_cipher_initARCFOUR( m_pData->m_aCipher, rtl_Cipher_DirectionDecode, - aKey, nKeyLen, nullptr, 0 ); + if (rtl_cipher_initARCFOUR( m_pData->m_aCipher, rtl_Cipher_DirectionDecode, + aKey, nKeyLen, nullptr, 0 ) + != rtl_Cipher_E_None) + { + return false; //TODO: differentiate "failed to decrypt" from "wrong password" + } rtl_cipher_decodeARCFOUR( m_pData->m_aCipher, m_pData->m_aOEntry, 32, nPwd, 32 ); @@ -1240,8 +1256,12 @@ bool PDFFile::setupDecryptionData( const OString& rPwd ) const sal_uInt8 nTempKey[ENCRYPTION_KEY_LEN]; for( unsigned int j = 0; j < sizeof(nTempKey); j++ ) nTempKey[j] = sal_uInt8(aKey[j] ^ i); - rtl_cipher_initARCFOUR( m_pData->m_aCipher, rtl_Cipher_DirectionDecode, - nTempKey, nKeyLen, nullptr, 0 ); + if (rtl_cipher_initARCFOUR( m_pData->m_aCipher, rtl_Cipher_DirectionDecode, + nTempKey, nKeyLen, nullptr, 0 ) + != rtl_Cipher_E_None) + { + return false; //TODO: differentiate "failed to decrypt" from "wrong password" + } rtl_cipher_decodeARCFOUR( m_pData->m_aCipher, nPwd, 32, nPwd, 32 ); // decrypt inplace |