implemented writing R4/V4 encryption except that the output files don't open in Adobe reader 9.1.3.

git-svn-id: svn+q:///qpdf/trunk@816 71b93d88-0707-0410-a8cf-f5a4172ac649
author: Jay Berkenbilt <ejb@ql.org> 2009-10-18 04:03:18 +0200
committer: Jay Berkenbilt <ejb@ql.org> 2009-10-18 04:03:18 +0200
commit: b873dc9c59f4445239f68d7138aebb53cc0df648 (patch)
tree: 4a593b056846a5568debca39ecf07d039adf53b4 /qpdf
parent: 5c253d1c13d9d3d4123554d6775090a100f798fa (diff)
download: qpdf-b873dc9c59f4445239f68d7138aebb53cc0df648.tar.zst
1 files changed, 90 insertions, 5 deletions
diff --git a/qpdf/qpdf.cc b/qpdf/qpdf.cc
index 85bbea1c..c54504b8 100644
--- a/qpdf/qpdf.cc
+++ b/qpdf/qpdf.cc
@@ -72,6 +72,9 @@ Additional flags are dependent upon key length.\n\
     --extract=[yn]           allow other text/graphic extraction\n\
     --print=print-opt        control printing access\n\
     --modify=modify-opt      control modify access\n\
+    --cleartext-metadata     prevents encryption of metadata\n\
+    --use-aes=[yn]           indicates whether to use AES encryption\n\
+    --force-V4               forces use of V=4 encryption handler\n\
 \n\
     print-opt may be:\n\
 \n\
@@ -89,6 +92,14 @@ Additional flags are dependent upon key length.\n\
 \n\
 The default for each permission option is to be fully permissive.\n\
 \n\
+Specifying cleartext-metadata forces the PDF version to at least 1.5.\n\
+Specifying use of AES forces the PDF version to at least 1.6.  These\n\
+options are both off by default.\n\
+\n\
+The --force-V4 flag forces the V=4 encryption handler introduced in PDF 1.5\n\
+to be used even if not otherwise needed.  This option is primarily useful\n\
+for testing qpdf and has no other practical use.\n\
+\n\
 \n\
 Advanced Transformation Options\n\
 -------------------------------\n\
@@ -220,7 +231,8 @@ parse_encrypt_options(
     std::string& user_password, std::string& owner_password, int& keylen,
     bool& r2_print, bool& r2_modify, bool& r2_extract, bool& r2_annotate,
     bool& r3_accessibility, bool& r3_extract,
-    QPDFWriter::r3_print_e& r3_print, QPDFWriter::r3_modify_e& r3_modify)
+    QPDFWriter::r3_print_e& r3_print, QPDFWriter::r3_modify_e& r3_modify,
+    bool& force_V4, bool& cleartext_metadata, bool& use_aes)
 {
     if (cur_arg + 3 >= argc)
     {
@@ -450,6 +462,65 @@ parse_encrypt_options(
 		usage("-accessibility invalid for 40-bit keys");
 	    }
 	}
+	else if (strcmp(arg, "cleartext-metadata") == 0)
+	{
+	    if (parameter)
+	    {
+		usage("--cleartext-metadata does not take a parameter");
+	    }
+	    if (keylen == 40)
+	    {
+		usage("--cleartext-metadata is invalid for 40-bit keys");
+	    }
+	    else
+	    {
+		cleartext_metadata = true;
+	    }
+	}
+	else if (strcmp(arg, "force-V4") == 0)
+	{
+	    if (parameter)
+	    {
+		usage("--force-V4 does not take a parameter");
+	    }
+	    if (keylen == 40)
+	    {
+		usage("--force-V4 is invalid for 40-bit keys");
+	    }
+	    else
+	    {
+		force_V4 = true;
+	    }
+	}
+	else if (strcmp(arg, "use-aes") == 0)
+	{
+	    if (parameter == 0)
+	    {
+		usage("--use-aes must be given as --extract=option");
+	    }
+	    std::string val = parameter;
+	    bool result = false;
+	    if (val == "y")
+	    {
+		result = true;
+	    }
+	    else if (val == "n")
+	    {
+		result = false;
+	    }
+	    else
+	    {
+		usage("invalid -use-aes parameter");
+	    }
+	    if (keylen == 40)
+	    {
+		usage("use-aes is invalid for 40-bit keys");
+	    }
+	    else
+	    {
+		use_aes = result;
+	    }
+	}
 	else
 	{
 	    usage(std::string("invalid encryption parameter --") + arg);
@@ -516,6 +587,9 @@ int main(int argc, char* argv[])
     bool r3_extract = true;
     QPDFWriter::r3_print_e r3_print = QPDFWriter::r3p_full;
     QPDFWriter::r3_modify_e r3_modify = QPDFWriter::r3m_all;
+    bool force_V4 = false;
+    bool cleartext_metadata = false;
+    bool use_aes = false;
 
     bool stream_data_set = false;
     QPDFWriter::stream_data_e stream_data_mode = QPDFWriter::s_compress;
@@ -582,7 +656,8 @@ int main(int argc, char* argv[])
 		    argc, argv, ++i,
 		    user_password, owner_password, keylen,
 		    r2_print, r2_modify, r2_extract, r2_annotate,
-		    r3_accessibility, r3_extract, r3_print, r3_modify);
+		    r3_accessibility, r3_extract, r3_print, r3_modify,
+		    force_V4, cleartext_metadata, use_aes);
 		encrypt = true;
 	    }
 	    else if (strcmp(arg, "decrypt") == 0)
@@ -988,9 +1063,19 @@ int main(int argc, char* argv[])
 		}
 		else if (keylen == 128)
 		{
-		    w.setR3EncryptionParameters(
-			user_password.c_str(), owner_password.c_str(),
-			r3_accessibility, r3_extract, r3_print, r3_modify);
+		    if (force_V4 || cleartext_metadata || use_aes)
+		    {
+			w.setR4EncryptionParameters(
+			    user_password.c_str(), owner_password.c_str(),
+			    r3_accessibility, r3_extract, r3_print, r3_modify,
+			    !cleartext_metadata, use_aes);
+		    }
+		    else
+		    {
+			w.setR3EncryptionParameters(
+			    user_password.c_str(), owner_password.c_str(),
+			    r3_accessibility, r3_extract, r3_print, r3_modify);
+		    }
 		}
 		else
 		{
author	Jay Berkenbilt <ejb@ql.org>	2009-10-18 04:03:18 +0200
committer	Jay Berkenbilt <ejb@ql.org>	2009-10-18 04:03:18 +0200
commit	b873dc9c59f4445239f68d7138aebb53cc0df648 (patch)
tree	4a593b056846a5568debca39ecf07d039adf53b4 /qpdf
parent	5c253d1c13d9d3d4123554d6775090a100f798fa (diff)
download	qpdf-b873dc9c59f4445239f68d7138aebb53cc0df648.tar.zst