From 5da146c8b53bb5a12c514f83fb52265e4922b5e1 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Sat, 24 Aug 2019 09:34:48 -0400
Subject: Track separately whether password was user/owner (fixes #159)

---
 libqpdf/QPDF.cc            |  4 +++-
 libqpdf/QPDF_encryption.cc | 60 ++++++++++++++++++++++++++++++++++++----------
 2 files changed, 50 insertions(+), 14 deletions(-)

(limited to 'libqpdf')

diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
index 1d54ef44..fd661ba0 100644
--- a/libqpdf/QPDF.cc
+++ b/libqpdf/QPDF.cc
@@ -132,7 +132,9 @@ QPDF::EncryptionParameters::EncryptionParameters() :
     cf_string(e_none),
     cf_file(e_none),
     cached_key_objid(0),
-    cached_key_generation(0)
+    cached_key_generation(0),
+    user_password_matched(false),
+    owner_password_matched(false)
 {
 }
 
diff --git a/libqpdf/QPDF_encryption.cc b/libqpdf/QPDF_encryption.cc
index 3b1bb619..5a6735ee 100644
--- a/libqpdf/QPDF_encryption.cc
+++ b/libqpdf/QPDF_encryption.cc
@@ -1041,21 +1041,43 @@ QPDF::initializeEncryption()
     {
         // ignore passwords in file
     }
-    else if (check_owner_password(
-                 this->m->encp->user_password,
-                 this->m->encp->provided_password, data))
-    {
-	// password supplied was owner password; user_password has
-	// been initialized for V < 5
-    }
-    else if (check_user_password(this->m->encp->provided_password, data))
-    {
-	this->m->encp->user_password = this->m->encp->provided_password;
-    }
     else
     {
-	throw QPDFExc(qpdf_e_password, this->m->file->getName(),
-		      "", 0, "invalid password");
+        this->m->encp->owner_password_matched = check_owner_password(
+            this->m->encp->user_password,
+            this->m->encp->provided_password, data);
+        if (this->m->encp->owner_password_matched && (V < 5))
+        {
+            // password supplied was owner password; user_password has
+            // been initialized for V < 5
+            if (getTrimmedUserPassword() == this->m->encp->provided_password)
+            {
+                this->m->encp->user_password_matched = true;
+                QTC::TC("qpdf", "QPDF_encryption user matches owner V < 5");
+            }
+        }
+        else
+        {
+            this->m->encp->user_password_matched = check_user_password(
+                this->m->encp->provided_password, data);
+            if (this->m->encp->user_password_matched)
+            {
+                this->m->encp->user_password =
+                    this->m->encp->provided_password;
+            }
+        }
+        if (this->m->encp->user_password_matched &&
+            this->m->encp->owner_password_matched)
+        {
+            QTC::TC("qpdf", "QPDF_encryption same password",
+                    (V < 5) ? 0 : 1);
+        }
+        if (! (this->m->encp->owner_password_matched ||
+               this->m->encp->user_password_matched))
+        {
+            throw QPDFExc(qpdf_e_password, this->m->file->getName(),
+                          "", 0, "invalid password");
+        }
     }
 
     if (this->m->provided_password_is_hex_key)
@@ -1440,6 +1462,18 @@ QPDF::isEncrypted(int& R, int& P, int& V,
     }
 }
 
+bool
+QPDF::ownerPasswordMatched() const
+{
+    return this->m->encp->owner_password_matched;
+}
+
+bool
+QPDF::userPasswordMatched() const
+{
+    return this->m->encp->user_password_matched;
+}
+
 static bool
 is_bit_set(int P, int bit)
 {
-- 
cgit v1.2.3-54-g00ecf