From 750aca5b94351f730fa768b07caa3fc26c8d27c0 Mon Sep 17 00:00:00 2001 From: Jay Berkenbilt Date: Wed, 10 Nov 2021 17:57:12 -0500 Subject: First increment of improving handling of weak crypto (fixes #358) --- libqpdf/Pl_RC4.cc | 1 + libqpdf/qpdf-c.cc | 40 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) (limited to 'libqpdf') diff --git a/libqpdf/Pl_RC4.cc b/libqpdf/Pl_RC4.cc index 6c8fd3c6..e29551fa 100644 --- a/libqpdf/Pl_RC4.cc +++ b/libqpdf/Pl_RC4.cc @@ -34,6 +34,7 @@ Pl_RC4::write(unsigned char* data, size_t len) size_t bytes = (bytes_left < this->out_bufsize ? bytes_left : out_bufsize); bytes_left -= bytes; + // lgtm[cpp/weak-cryptographic-algorithm] rc4.process(p, bytes, outbuf.getPointer()); p += bytes; getNext()->write(outbuf.getPointer(), bytes); diff --git a/libqpdf/qpdf-c.cc b/libqpdf/qpdf-c.cc index 0d37f732..ea3782ce 100644 --- a/libqpdf/qpdf-c.cc +++ b/libqpdf/qpdf-c.cc @@ -702,10 +702,20 @@ void qpdf_set_r3_encryption_parameters( QPDF_BOOL allow_accessibility, QPDF_BOOL allow_extract, qpdf_r3_print_e print, qpdf_r3_modify_e modify) { +#ifdef _MSC_VER +# pragma warning (disable: 4996) +#endif +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Wdeprecated-declarations" +#endif qpdf->qpdf_writer->setR3EncryptionParameters( user_password, owner_password, allow_accessibility != QPDF_FALSE, allow_extract != QPDF_FALSE, print, modify); +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic pop +#endif } void qpdf_set_r4_encryption_parameters( @@ -714,11 +724,21 @@ void qpdf_set_r4_encryption_parameters( qpdf_r3_print_e print, qpdf_r3_modify_e modify, QPDF_BOOL encrypt_metadata, QPDF_BOOL use_aes) { +#ifdef _MSC_VER +# pragma warning (disable: 4996) +#endif +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Wdeprecated-declarations" +#endif qpdf->qpdf_writer->setR4EncryptionParameters( user_password, owner_password, allow_accessibility != QPDF_FALSE, allow_extract != QPDF_FALSE, print, modify, encrypt_metadata != QPDF_FALSE, use_aes != QPDF_FALSE); +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic pop +#endif } void qpdf_set_r5_encryption_parameters( @@ -727,11 +747,21 @@ void qpdf_set_r5_encryption_parameters( qpdf_r3_print_e print, qpdf_r3_modify_e modify, QPDF_BOOL encrypt_metadata) { +#ifdef _MSC_VER +# pragma warning (disable: 4996) +#endif +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Wdeprecated-declarations" +#endif qpdf->qpdf_writer->setR5EncryptionParameters( user_password, owner_password, allow_accessibility != QPDF_FALSE, allow_extract != QPDF_FALSE, print, modify, encrypt_metadata != QPDF_FALSE); +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic pop +#endif } void qpdf_set_r6_encryption_parameters( @@ -740,10 +770,20 @@ void qpdf_set_r6_encryption_parameters( qpdf_r3_print_e print, qpdf_r3_modify_e modify, QPDF_BOOL encrypt_metadata) { +#ifdef _MSC_VER +# pragma warning (disable: 4996) +#endif +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic push +# pragma GCC diagnostic ignored "-Wdeprecated-declarations" +#endif qpdf->qpdf_writer->setR6EncryptionParameters( user_password, owner_password, allow_accessibility != QPDF_FALSE, allow_extract != QPDF_FALSE, print, modify, encrypt_metadata != QPDF_FALSE); +#if (defined(__GNUC__) || defined(__clang__)) +# pragma GCC diagnostic pop +#endif } void qpdf_set_linearization(qpdf_data qpdf, QPDF_BOOL value) -- cgit v1.2.3-54-g00ecf