diff options
| author | Jay Berkenbilt <ejb@ql.org> | 2021-11-10 23:57:12 +0100 |
|---|---|---|
| committer | Jay Berkenbilt <ejb@ql.org> | 2021-11-11 18:24:15 +0100 |
| commit | 750aca5b94351f730fa768b07caa3fc26c8d27c0 (patch) | |
| tree | 2f95b4770973da7f1fb530cb1b5c8dd7e25401e7 /include | |
| parent | 37916f392568c84570ae0a6afb33a62d8c9e3a10 (diff) | |
| download | qpdf-750aca5b94351f730fa768b07caa3fc26c8d27c0.tar.zst | |
First increment of improving handling of weak crypto (fixes #358)
Diffstat (limited to 'include')
| -rw-r--r-- | include/qpdf/QPDFCryptoImpl.hh | 3 | ||||
| -rw-r--r-- | include/qpdf/QPDFWriter.hh | 21 |
2 files changed, 19 insertions, 5 deletions
diff --git a/include/qpdf/QPDFCryptoImpl.hh b/include/qpdf/QPDFCryptoImpl.hh index ff25d594..ee37b233 100644 --- a/include/qpdf/QPDFCryptoImpl.hh +++ b/include/qpdf/QPDFCryptoImpl.hh @@ -69,6 +69,9 @@ class QPDF_DLL_CLASS QPDFCryptoImpl // Encryption/Decryption + // QPDF must support RC4 to be able to work with older PDF files + // and readers. Search for RC4 in README.md + // key_len of -1 means treat key_data as a null-terminated string QPDF_DLL virtual void RC4_init(unsigned char const* key_data, int key_len = -1) = 0; diff --git a/include/qpdf/QPDFWriter.hh b/include/qpdf/QPDFWriter.hh index 819198cc..8044d054 100644 --- a/include/qpdf/QPDFWriter.hh +++ b/include/qpdf/QPDFWriter.hh @@ -359,6 +359,16 @@ class QPDFWriter // this from your own application, QUtil contains many transcoding // functions that could be useful to you, most notably // utf8_to_pdf_doc. + + // R3 uses RC4, which is a weak cryptographic algorithm. Don't use + // it unless you have to. + QPDF_DLL + void setR2EncryptionParameters( + char const* user_password, char const* owner_password, + bool allow_print, bool allow_modify, + bool allow_extract, bool allow_annotate); + // R3 uses RC4, which is a weak cryptographic algorithm. Don't use + // it unless you have to. QPDF_DLL void setR3EncryptionParameters( char const* user_password, char const* owner_password, @@ -366,6 +376,8 @@ class QPDFWriter bool allow_assemble, bool allow_annotate_and_form, bool allow_form_filling, bool allow_modify_other, qpdf_r3_print_e print); + // R4 uses RC4, which is a weak cryptographic algorithm, when + // use_aes=false. Don't use it unless you have to. QPDF_DLL void setR4EncryptionParameters( char const* user_password, char const* owner_password, @@ -392,28 +404,27 @@ class QPDFWriter qpdf_r3_print_e print, bool encrypt_metadata_aes); // Pre qpdf 8.4.0 API - QPDF_DLL - void setR2EncryptionParameters( - char const* user_password, char const* owner_password, - bool allow_print, bool allow_modify, - bool allow_extract, bool allow_annotate); + [[deprecated("see newer API above")]] QPDF_DLL void setR3EncryptionParameters( char const* user_password, char const* owner_password, bool allow_accessibility, bool allow_extract, qpdf_r3_print_e print, qpdf_r3_modify_e modify); + [[deprecated("see newer API above")]] QPDF_DLL void setR4EncryptionParameters( char const* user_password, char const* owner_password, bool allow_accessibility, bool allow_extract, qpdf_r3_print_e print, qpdf_r3_modify_e modify, bool encrypt_metadata, bool use_aes); + [[deprecated("see newer API above")]] QPDF_DLL void setR5EncryptionParameters( char const* user_password, char const* owner_password, bool allow_accessibility, bool allow_extract, qpdf_r3_print_e print, qpdf_r3_modify_e modify, bool encrypt_metadata); + [[deprecated("see newer API above")]] QPDF_DLL void setR6EncryptionParameters( char const* user_password, char const* owner_password, |