svn commit: r1924051 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java

Wed, 26 Feb 2025 04:08:25 -0800 

Author: tilman
Date: Wed Feb 26 12:08:18 2025
New Revision: 1924051

URL: http://svn.apache.org/viewvc?rev=1924051&view=rev
Log:
PDFBOX-5955: pad encryption key as suggested by Ross Johnson

Modified:
    
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java

Modified: 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: 
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1924051&r1=1924050&r2=1924051&view=diff
==============================================================================
--- 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
 (original)
+++ 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
 Wed Feb 26 12:08:18 2025
@@ -258,15 +258,20 @@ public final class StandardSecurityHandl
                         ownerKey, dicRevision, dicLength );
             }
             
-            setEncryptionKey(
-                computeEncryptedKey(
+            byte[] encryptedKey = computeEncryptedKey(
                     computedPassword,
                     ownerKey, userKey, oe, ue,
                     dicPermissions,
                     documentIDBytes,
                     dicRevision,
                     dicLength,
-                    encryptMetadata, true));
+                    encryptMetadata, true);
+            if (dicRevision == REVISION_4 && encryptedKey.length < 16)
+            {
+                LOG.info("PDFBOX-5955: padding RC4 key to length 16");
+                encryptedKey = Arrays.copyOf(encryptedKey, 16);
+            }
+            setEncryptionKey(encryptedKey);
         }
         else if( isUserPassword(password.getBytes(passwordCharset), userKey, 
ownerKey,
                            dicPermissions, documentIDBytes, dicRevision,
@@ -276,15 +281,20 @@ public final class StandardSecurityHandl
             currentAccessPermission.setReadOnly();
             setCurrentAccessPermission(currentAccessPermission);
             
-            setEncryptionKey(
-                computeEncryptedKey(
+            byte[] encryptedKey = computeEncryptedKey(
                     password.getBytes(passwordCharset),
                     ownerKey, userKey, oe, ue,
                     dicPermissions,
                     documentIDBytes,
                     dicRevision,
                     dicLength,
-                    encryptMetadata, false));
+                    encryptMetadata, false);
+            if (dicRevision == REVISION_4 && encryptedKey.length < 16)
+            {
+                LOG.info("PDFBOX-5955: padding RC4 key to length 16");
+                encryptedKey = Arrays.copyOf(encryptedKey, 16);
+            }
+            setEncryptionKey(encryptedKey);
         }
         else
         {

Reply via email to