diff options
| author | Jay Berkenbilt <ejb@ql.org> | 2009-10-19 02:17:11 +0200 |
|---|---|---|
| committer | Jay Berkenbilt <ejb@ql.org> | 2009-10-19 02:17:11 +0200 |
| commit | 09175e457852c585a68a86d43280f7e0790a4a3b (patch) | |
| tree | 64269f6bb06d53975f4b8fe51a3900f868748629 /TODO | |
| parent | 94131116a90a076c49e799aa5e4c63ce0ecb0391 (diff) | |
| download | qpdf-09175e457852c585a68a86d43280f7e0790a4a3b.tar.zst | |
more testing, bug fix for linearized aes encrypted files
git-svn-id: svn+q:///qpdf/trunk@824 71b93d88-0707-0410-a8cf-f5a4172ac649
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 56 |
1 files changed, 10 insertions, 46 deletions
@@ -1,6 +1,9 @@ 2.1 === + * Really need to handle /Crypt filter for Metadata. Search for crypt + below. + * Update documentation to reflect new command line flags and any other relevant changes. Should read through ChangeLog and the manual before releasing 2.1. @@ -16,9 +19,6 @@ * Add comments for the security functions that map them back to the items in Adobe's products. - * Have force version at least turn off object streams and maybe - change security settings? - * Add error codes to QPDFException. Change the error interface so that warnings and errors are pointers that can be queried using more C API functions. We need a way to get a full string as well @@ -47,49 +47,7 @@ - Update C API for R4 encryption - - When we write encrypted files, we must remember to omit any - encryption filter settings from original streams. - - - test various combinations with and without cleartext-metadata - and aes in compression tests - - - figure out a way to test crypt filters defined on a stream - - - test combinations of linearization and v4 encryption - - - would be nice to test strings and streams with different - encryption types, but without sample data, we'd have to write - them ourselves which is not that useful - - - figure out how to look at the metadata so I can tell whether - /EncryptMetadata is working the way it's supposed to - - - Do something with embedded files, but what and how? - - General notes: - - /CF - keys are crypt filter names, values are are crypt - dictionaries - - Individual streams may also have crypt filters. Filter type - /Crypt; /DecodeParms must contain a Crypt filter decode - parameters dictionary whose /Name entry specifies the particular - filter to be used. If /Name is missing, use /Identity. - /DecodeParms << /Crypt << /Name /XYZ >> >> where /XYZ is - /Identity or a key in /CF. - - /Identity means not to encrypt. - - Crypt Dictionaries - - /Type (optional) /CryptFilter - /CFM: - /V2 - use rc4 - /AESV2 - use aes - /Length - supposed to be key length, but the one file I have - has a bogus value for it, so I'm ignoring it. - - We will ignore remaining fields and values. 2.2 === @@ -127,7 +85,13 @@ General crypt filters, and there are already special cases in the code to handle those. Most likely, it won't be a problem, but someday someone may find a file that qpdf doesn't work on because of crypt - filters. + filters. There is an example in the spec of using a crypt filter + on a metadata stream. + + When we write encrypted files, we must remember to omit any + encryption filter settings from original streams. + + We need a way to test this. * The second xref stream for linearized files has to be padded only because we need file_size as computed in pass 1 to be accurate. If |