Encryption bugfixing (RC4)

2025-06-05 21:59:17 +02:00 · 2021-05-30 15:37:06 +02:00
parent e3fecc0568
commit e001adc65b
11 changed files with 132 additions and 64 deletions
--- a/Pdf4QtViewer/pdfencryptionsettingsdialog.cpp
+++ b/Pdf4QtViewer/pdfencryptionsettingsdialog.cpp
@@ -24,10 +24,11 @@
 namespace pdfviewer
 {

-PDFEncryptionSettingsDialog::PDFEncryptionSettingsDialog(QWidget* parent) :
+PDFEncryptionSettingsDialog::PDFEncryptionSettingsDialog(QByteArray documentId, QWidget* parent) :
    QDialog(parent),
    ui(new Ui::PDFEncryptionSettingsDialog),
-    m_isUpdatingUi(false)
+    m_isUpdatingUi(false),
+    m_documentId(documentId)
 {
    ui->setupUi(this);

@@ -175,6 +176,7 @@ void PDFEncryptionSettingsDialog::accept()
        encryptContents = pdf::PDFSecurityHandlerFactory::EmbeddedFiles;
    }

+    settings.id = m_documentId;
    settings.algorithm = static_cast<const pdf::PDFSecurityHandlerFactory::Algorithm>(ui->algorithmComboBox->currentData().toInt());
    settings.encryptContents = encryptContents;
    settings.userPassword = ui->userPasswordEdit->text();
--- a/Pdf4QtViewer/pdfencryptionsettingsdialog.h
+++ b/Pdf4QtViewer/pdfencryptionsettingsdialog.h
@@ -38,9 +38,11 @@ class PDFEncryptionSettingsDialog : public QDialog
    Q_OBJECT

 public:
-    explicit PDFEncryptionSettingsDialog(QWidget* parent);
+    explicit PDFEncryptionSettingsDialog(QByteArray documentId, QWidget* parent);
    virtual ~PDFEncryptionSettingsDialog() override;

+    pdf::PDFSecurityHandlerPointer getUpdatedSecurityHandler() const { return m_updatedSecurityHandler; }
+
 public slots:
    virtual void accept() override;

@@ -53,6 +55,7 @@ private:
    bool m_isUpdatingUi;
    std::map<QCheckBox*, pdf::PDFSecurityHandler::Permission> m_checkBoxToPermission;
    pdf::PDFSecurityHandlerPointer m_updatedSecurityHandler;
+    QByteArray m_documentId;
 };

 }   // namespace pdfviewer
--- a/Pdf4QtViewer/pdfprogramcontroller.cpp
+++ b/Pdf4QtViewer/pdfprogramcontroller.cpp
@@ -24,6 +24,7 @@
 #include "pdfdrawspacecontroller.h"
 #include "pdfwidgetutils.h"
 #include "pdfconstants.h"
+#include "pdfdocumentbuilder.h"

 #include "pdfviewersettings.h"
 #include "pdfundoredomanager.h"
@@ -1133,7 +1134,15 @@ void PDFProgramController::onActionOptimizeTriggered()

 void PDFProgramController::onActionEncryptionTriggered()
 {
-    // Check that we have owner acces to the document
+    auto queryPassword = [this](bool* ok)
+    {
+        QString result;
+        *ok = false;
+        onQueryPasswordRequest(&result, ok);
+        return result;
+    };
+
+    // Check that we have owner access to the document
    const pdf::PDFSecurityHandler* securityHandler =  m_pdfDocument->getStorage().getSecurityHandler();
    pdf::PDFSecurityHandler::AuthorizationResult authorizationResult = securityHandler->getAuthorizationResult();
    if (authorizationResult != pdf::PDFSecurityHandler::AuthorizationResult::OwnerAuthorized &&
@@ -1142,15 +1151,6 @@ void PDFProgramController::onActionEncryptionTriggered()
        // Jakub Melka: we must authorize as owner, otherwise we can't continue,
        // because we don't have sufficient permissions.
        pdf::PDFSecurityHandlerPointer clonedSecurityHandler(securityHandler->clone());
-
-        auto queryPassword = [this](bool* ok)
-        {
-            QString result;
-            *ok = false;
-            onQueryPasswordRequest(&result, ok);
-            return result;
-        };
-
        authorizationResult = clonedSecurityHandler->authenticate(queryPassword, true);

        if (authorizationResult != pdf::PDFSecurityHandler::AuthorizationResult::OwnerAuthorized)
@@ -1167,8 +1167,30 @@ void PDFProgramController::onActionEncryptionTriggered()
        onDocumentModified(qMove(document));
    }

-    PDFEncryptionSettingsDialog dialog(m_mainWindow);
-    dialog.exec();
+    PDFEncryptionSettingsDialog dialog(m_pdfDocument->getIdPart(0), m_mainWindow);
+    if (dialog.exec() == QDialog::Accepted)
+    {
+        pdf::PDFSecurityHandlerPointer updatedSecurityHandler = dialog.getUpdatedSecurityHandler();
+
+        // Jakub Melka: If we changed encryption (password), recheck, that user doesn't
+        // forgot (or accidentally entered wrong) password. So, we require owner authentization
+        // to continue.
+        if (updatedSecurityHandler->getMode() != pdf::EncryptionMode::None)
+        {
+            if (updatedSecurityHandler->authenticate(queryPassword, true) != pdf::PDFSecurityHandler::AuthorizationResult::OwnerAuthorized)
+            {
+                QMessageBox::critical(m_mainWindow, QApplication::applicationDisplayName(), tr("Reauthorization is required to change document encryption."));
+                return;
+            }
+        }
+
+        pdf::PDFDocumentBuilder builder(m_pdfDocument.data());
+        builder.setSecurityHandler(qMove(updatedSecurityHandler));
+
+        pdf::PDFDocumentPointer pointer(new pdf::PDFDocument(builder.build()));
+        pdf::PDFModifiedDocument document(qMove(pointer), m_optionalContentActivity, pdf::PDFModifiedDocument::Reset);
+        onDocumentModified(qMove(document));
+    }
 }

 void PDFProgramController::onActionFitPageTriggered()