o vhz @sddlZddlZddlZddlZddlmZddlmZmZm Z ddl m Z m Z m Z mZddlmZddlmZmZmZddlmZmZdd lmZmZmZmZmZdd lmZm Z m!Z!dd l"m#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+dd l,m-Z-m.Z.dd l/m0Z0m1Z1m2Z2ddl3m4Z4eGdddZ5dee6e7fde7fddZ8 d>de7de5de e7fddZ9 d>de7de5de7de e7fddZ:dddZ;d e7fd!d"Z< d>de7d#e7de e7de7fd$d%Z=ej>Gd&d'd'ej?Z@Gd(d)d)ejAe-ZBGd*d+d+e%ejCZDGd,d-d-eDe0ZEGd.d/d/eDe1ZFGd0d1d1eDe2ZGeHd2ZId3d4ZJd5d6ZKd7d8ZLd9ejMfd:d;ZNe*jOGdencode)r<r>r3r3r4_r6_normalise_pw5s   rDpw_bytesr,u_entrycCst||j|}||jkSN) _r6_hash_algor*r))rEr,rFpurported_hashr3r3r4_r6_password_authenticate@s rJe_entrycCs2t||j|}t|dksJt||tdddS)Nr/Fkeydataiv use_padding)rHr+r1rr9)rEr,rKrF interm_keyr3r3r4_r6_derive_file_keyGs  rSTF)TF input_bytescCstdd|DdS)Ncss|]}|dVqdS)Nr3.0br3r3r4 Yz_bytes_mod_3..rW)sum)rVr3r3r4 _bytes_mod_3Wsr^ current_saltc Cst|}t|dks J|||r t|dksJ|||}tttf}d}}|dks7||dkry|||p=dd}t|dd||ddd d d } |t| dd} | | }| t| d }|d 7}|dks7||dks7|ddS) u3 Algorithm 2.B in ISO 32000-2 § 7.6.4.3.4 r.r@r/r=NrLFrMr)rr1updatedigestrrrr^) rEr_rF initial_hashkhashesround_no last_byte_valk1e next_hashr3r3r4rH\s,     rHc@sHeZdZdZdZdZdZdZdZdZ de j fd d Z e d d d ZdS) StandardSecuritySettingsRevisionz;Indicate the standard security handler revision to emulate.rWNr-cCs |j}|dur tSt|SrG)valuer NullObject NumberObject)selfvalr3r3r4 as_pdf_objects z.StandardSecuritySettingsRevision.as_pdf_objectcCs$zt|WStytjYSwrG)rl ValueErrorOTHER)r2rqr3r3r4 from_numbers    z,StandardSecuritySettingsRevision.from_number)r-rl)r6r7r8__doc__ RC4_BASIC RC4_EXTENDED RC4_OR_AES128AES256AES_GCMrxr PdfObjectrvr;ryr3r3r3r4rlzsrlc@sXeZdZdejfdejddifgZedefddZde fdd Z ed e fd d Z d S)_PasswordCredential pwd_bytesid1optionalTr-cCsdS)Nrr3r2r3r3r4get_namesz_PasswordCredential.get_namecCs|SrG)dumprtr3r3r4 _ser_valuesz_PasswordCredential._ser_valuerOcCs&zt|WStytdw)Nz)Failed to deserialise password credential)rloadrwr PdfReadError)r2rOr3r3r4 _deser_values    z _PasswordCredential._deser_valueN) r6r7r8r OctetString_fieldsr;rArr9rrr3r3r3r4rsrcsXeZdZUdZdZeded<eddZfddZ d e fd d Z fd d Z Z S)StandardCryptFilterzB Crypt filter for use with the standard security handler. NStandardSecurityHandler_handlercCst|jtr |jjStrG)r@rr _auth_failedNotImplementedErrorrr3r3r4rs z StandardCryptFilter._auth_failedcs$t|tstt|d|_dSrG)r@r TypeErrorsuper_set_security_handler _shared_key)rthandler __class__r3r4rs   z)StandardCryptFilter._set_security_handlerr-cCs|jsJ|jSrG)rget_file_encryption_keyrr3r3r4derive_shared_encryption_keys  z0StandardCryptFilter.derive_shared_encryption_keycst}t|j|d<|S)N/Length)rrvrrskeylenrtresultrr3r4rvs z!StandardCryptFilter.as_pdf_object)r6r7r8rzrrr:propertyrrr9rrv __classcell__r3r3rr4rs   rc@eZdZdZdS)StandardAESCryptFilterz= AES crypt filter for the standard security handler. Nr6r7r8rzr3r3r3r4rrc@r)StandardAESGCMCryptFilterzA AES-GCM crypt filter for the standard security handler. Nrr3r3r3r4rrrc@r)StandardRC4CryptFilterz= RC4 crypt filter for the standard security handler. Nrr3r3r3r4rrrz/StdCFcCttt|dittdSNrdefault_stream_filterdefault_string_filter)rSTD_CFrrr3r3r4_std_rc4_config  rcCrr)rrrrr3r3r4_std_aes_configrrcCstttittdS)Nr)rrrr3r3r3r4_std_gcm_configs rcfdictcCs|dd}t|ddS)Nrr0r`r)getr)r_acts_as_default keylen_bitsr3r3r4#_build_legacy_standard_crypt_filters rc seZdZUdZedeedddedddedd ded d diZeeje fe d <e d e fddZ e dddeddfdedefddZe dedddfdededefddZed:ddZ       d;ded ed!ed"eed#eef fd$d% Ze d&ejd efd'd(Ze d&ejfd)d*Zed effd+d, Z d-d.Z!d/efd0d1Z"d/efd2d3Z# dz StandardSecurityHandler.z/AESV3cCr)Nr/rrrr3r3r4rrz/AESV4cCtSrG)rrr3r3r4rz /IdentitycCrrG)rrr3r3r4rr_known_crypt_filtersr-cCs tdS)N /Standard)r NameObjectrr3r3r4rs z StandardSecurityHandler.get_nameNrLTrevpermsc  KsJt|}|dur t|n|}|tjkrt|d|tjkr"d}n |r+|tjkr+d}t|||j|} |tjkrP|tjBtj Btj Btj B}t || ||\} } n t ||j|| ||| \} } |tjkrftj}n |tjkrotj}ntj}|tjkr|dur|rtdd}nt|d}|d||||| | || d| }| |_t||d|_|S) a Initialise a legacy password-based security handler, to attach to a :class:`~.pyhanko.pdf_utils.writer.PdfFileWriter`. Any remaining keyword arguments will be passed to the constructor. .. danger:: The functionality implemented by this handler is deprecated in the PDF standard. We only provide it for testing purposes, and to interface with legacy systems. :param rev: Security handler revision to use, see :class:`.StandardSecuritySettingsRevision`. :param id1: The first part of the document ID. :param desired_owner_pass: Desired owner password. :param desired_user_pass: Desired user password. :param keylen_bytes: Length of the key (in bytes). :param use_aes128: Use AES-128 instead of RC4 (default: ``True``). :param perms: Permission bits to set :param crypt_filter_config: Custom crypt filter configuration. PyHanko will supply a reasonable default if none is specified. :return: A :class:`StandardSecurityHandler` instance. Nz/ is not supported by this bootstrapping method.rLr)versionrevision legacy_keylen perm_flagsodataudatacrypt_filter_configencrypt_metadatarrr3)rrlr}rwr{rrqr'ALLOW_FORM_FILLINGALLOW_ASSISTIVE_TECHNOLOGYALLOW_REASSEMBLYALLOW_HIGH_QUALITY_PRINTINGrrr!RC4_40RC4_LONGER_KEYSrrrr _credential)r2rrdesired_owner_passdesired_user_pass keylen_bytes use_aes128rrrkwargso_entryrFrNrshr3r3r4build_from_pw_legacy!s-             z,StandardSecurityHandler.build_from_pw_legacyFpdf_macuse_gcmc!Kst|}|dur t|n|} td} td} td} t| | } | | | }t| | }t|| tddd\}}t|dksAJtd}td}t|||}|||}t|||}t|| tddd\}}t|dksqJ|ry|tjM}| ddd}|d|rd nd d td }t t | t }|}|||}|rtd}nd}|rtj}tj}ntj}tj}|d||d||||||||d |} | | _td|i| _| S)a Initialise a password-based security handler backed by AES-256, to attach to a :class:`~.pyhanko.pdf_utils.writer.PdfFileWriter`. This handler will use the new PDF 2.0 encryption scheme. Any remaining keyword arguments will be passed to the constructor. :param desired_owner_pass: Desired owner password. :param desired_user_pass: Desired user password. :param perms: Desired usage permissions. :param encrypt_metadata: Whether to set up the security handler for encrypting metadata as well. :param pdf_mac: Include an ISO/TS 32004 MAC. :param use_gcm: Use AES-GCM (ISO/TS 32003) to encrypt strings and streams. .. danger:: Due to the way PDF encryption works, the authentication guarantees of AES-GCM only apply to the content of individual strings and streams. The PDF file structure itself is not authenticated. Document-level integrity protection is provided by the ``pdf_mac=True`` option. .. warning:: This option is disabled by default because support for ISO/TS 32003 is not available in mainstream PDF software yet. This default may change in the future. :return: A :class:`StandardSecurityHandler` instance. Nr/r`rLF)rQsTFadbrn) rrrrrroeseedueseedencrypted_permsrkdf_saltrr3)rDsecrets token_bytesrHrr9r1r'TOLERATE_MISSING_PDF_MACas_bytesr r AESr ECB encryptorrbfinalizer!rrlr~rrr)!r2rrrrrrrowner_pw_bytes user_pw_bytesencryption_keyu_validation_salt u_key_saltu_hashrF u_interm_keyrue_seedo_validation_salt o_key_salto_hashr o_interm_keyoe_seed perms_bytesextd_perms_bytescipherrrrrrrr3r3r4 build_from_pws.                    z%StandardSecurityHandler.build_from_pwrocCst|t|krdksntd|d|r+|r+t|t|kr*dks4ntd|d|r._get_bytescSs(t|tjr t|Std|d)Nz Cannot parse z as a permission indicator)r@rrsr' from_sint32rrrr3r3r4_parse_permissionss   zNStandardSecurityHandler.gather_encryption_metadata.._parse_permissions/P)defaultNr./OE/UE/Perms/EncryptMetadataT/KDFSaltcSst|tjtjfr |jSdSrG)r@rr r rrr3r3r4rs  zDStandardSecurityHandler.gather_encryption_metadata..) rrrrrrrrr) rrrKeyErrorrrr9r'dict get_and_applyallow_everythingrbool)r2rrrrrrrr3r3r4gather_encryption_metadatams@          z2StandardSecurityHandler.gather_encryption_metadatacCs>t|d}t|d}td||||d||S)N/V/R)rrrr3)r!ryrlrprocess_crypt_filtersr )r2rvrr3r3r4instantiate_from_pdf_objectsz3StandardSecurityHandler.instantiate_from_pdf_objectcstjp|jSrG)rpdf_mac_enabledrrrr3r4r'sz'StandardSecurityHandler.pdf_mac_enabledcCst}td|d<t|j|d<t|j|d<t|j|d<|j r0t|j |d<|j s9|j t j krCt|jd|d<|j |d <|j|d <|j t j krgt|j|d <||j|jtjkrt|j|d <t|j|d <t|j|d<|S)Nrz/Filterr r rrr`rr!r"rrrr)rDictionaryObjectrr rrrsr as_sint32 _kdf_salt_compat_entriesrr!rrrvr BooleanObjectrrbrrlr~rrrrr3r3r4rvs.   z%StandardSecurityHandler.as_pdf_objectrcCst|j}|j}|tjkrt||j|j|\}}nt||j|j |j|j||j \}}|dd}|dd}||k|fS)NrL) rrrlr{rrrrrqrr)rtrr<r user_tokenuser_tok_suppliedrNr3r3r4_auth_user_password_legacys$     z2StandardSecurityHandler._auth_user_password_legacyc st||d}|j}t||j|j}|tjkrt||j}n|j}t dddD]t fdd|D}t||}q'|}| ||\} }| rN||_ t j|fS| ||\} }| r`||_ t j|fSt jdfS)Nrrc3s|]}|AVqdSrGr3rXir3r4r[r\z?StandardSecurityHandler._authenticate_legacy..)rrrrqrrlr{rrranger9r/rrOWNERUSERFAILED) rtrr<credrrN prp_userpassrunew_keyowner_password user_passwordr3r1r4_authenticate_legacys&     z,StandardSecurityHandler._authenticate_legacycCst|tr t|}t|tttfstdt |dt|tr,|dj }|dj }|j }|t j kr<||\}}n|durEtdt|}|||\}}|dur\||_d|_nd|_t||jd S) a Authenticate a user to this security handler. :param credential: The credential to use (a password in this case). :param id1: First part of the document ID. This is mandatory for legacy encryption handlers, but meaningless otherwise. :return: An :class:`AuthResult` object indicating the level of access obtained. z]Standard authentication credential must be a string, byte string or _PasswordCredential, not .rrNz+id1 must be specified for legacy encryptionFT)statuspermission_flags)r@r#r" deserialiserrAr9rrrnativerrlr~_authenticate_r6rr<rrrr)rt credentialrrresrNr3r3r4 authenticate s2      z$StandardSecurityHandler.authenticatec Cs4t|}t|j}t|j}t|||jr$tj}t|||j |j}nt||r4tj }t|||j }ntj dfSt t|t}|}||j|} | dddk} | |jttd| dddkM} zt| d} | | |jkM} Wn tyd} Ynw| std t d |i|_!||fS) N rzs  ,          z