diff options
author | Jay Berkenbilt <ejb@ql.org> | 2022-04-30 22:05:28 +0200 |
---|---|---|
committer | Jay Berkenbilt <ejb@ql.org> | 2022-04-30 23:24:15 +0200 |
commit | 8ccd3a8a89d95ae0613679ba7b394a4f87699e12 (patch) | |
tree | 902a42a5bc972c66958ab6ce96260daf5957a78e /include/qpdf/QPDFWriter.hh | |
parent | 2213ed0c3dd1bcc5a62725190cca4a6ad8eb9d7f (diff) | |
download | qpdf-8ccd3a8a89d95ae0613679ba7b394a4f87699e12.tar.zst |
Mark weak encryption with API changes (fixes #576)
Diffstat (limited to 'include/qpdf/QPDFWriter.hh')
-rw-r--r-- | include/qpdf/QPDFWriter.hh | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/include/qpdf/QPDFWriter.hh b/include/qpdf/QPDFWriter.hh index f30a9986..e44839d4 100644 --- a/include/qpdf/QPDFWriter.hh +++ b/include/qpdf/QPDFWriter.hh @@ -366,10 +366,12 @@ class QPDFWriter // functions that could be useful to you, most notably // utf8_to_pdf_doc. - // R3 uses RC4, which is a weak cryptographic algorithm. Don't use - // it unless you have to. + // R2 uses RC4, which is a weak cryptographic algorithm. Don't use + // it unless you have to. See "Weak Cryptography" in the manual. + // This encryption format is deprecated in the PDF 2.0 + // specification. QPDF_DLL - void setR2EncryptionParameters( + void setR2EncryptionParametersInsecure( char const* user_password, char const* owner_password, bool allow_print, @@ -377,9 +379,11 @@ class QPDFWriter bool allow_extract, bool allow_annotate); // R3 uses RC4, which is a weak cryptographic algorithm. Don't use - // it unless you have to. + // it unless you have to. See "Weak Cryptography" in the manual. + // This encryption format is deprecated in the PDF 2.0 + // specification. QPDF_DLL - void setR3EncryptionParameters( + void setR3EncryptionParametersInsecure( char const* user_password, char const* owner_password, bool allow_accessibility, @@ -389,10 +393,13 @@ class QPDFWriter bool allow_form_filling, bool allow_modify_other, qpdf_r3_print_e print); - // R4 uses RC4, which is a weak cryptographic algorithm, when - // use_aes=false. Don't use it unless you have to. + // When use_aes=false, this call enables R4 with RC4, which is a + // weak cryptographic algorithm. Even with use_aes=true, the + // overall encryption scheme is weak. Don't use it unless you have + // to. See "Weak Cryptography" in the manual. This encryption + // format is deprecated in the PDF 2.0 specification. QPDF_DLL - void setR4EncryptionParameters( + void setR4EncryptionParametersInsecure( char const* user_password, char const* owner_password, bool allow_accessibility, @@ -419,6 +426,8 @@ class QPDFWriter bool allow_modify_other, qpdf_r3_print_e print, bool encrypt_metadata); + // This is the only password-based encryption format supported by + // the PDF specification. QPDF_DLL void setR6EncryptionParameters( char const* user_password, |