[pdf-devel] Crypt module discussion

pdf-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[pdf-devel] Crypt module discussion

From:	David Vazquez
Subject:	[pdf-devel] Crypt module discussion
Date:	Wed, 30 Jul 2008 17:03:55 +0200
User-agent:	Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux)

Hi all

I have read the PDF Reference in deeper to define our
requirements. The situation is the following. API Reference offers two
methods to decrypt data.

  - V2 method uses the RC4 algorithm, which is a stream cipher.

  - AESV2 method uses AES128 and Cipher Block Chaining (CBC) operation
    mode. It requires an initialization vector (IV). (In a pdf, AESV2
    encrypted object this vector is the first 16 bytes of the stream
    or string.)


I think pdf-crypt should offer V2 and AESV2 methods, which involve all
low level options (i.e: algorithm, key size, etc).

What do you think? Should we provide a more detailed API?

In PDF, the key used to cipher is obtained from object's
id. It means key must be reset for each object. Then my approach for
API is:


   /* Initialize module */
   pdf_status_t pdf_crypt_init (void);

   /* Create a new cipher */
   pdf_crypt_t pdf_crypt_new (int method);

   /* Set key */
   pdf_status_t pdf_crypt_setkey (pdf_crypt_t cipher, const void * key, size_t 
size);

   /* Set initialization vector (Only for AESV2) */
   pdf_status_t pdf_crypt_setiv  (pdf_crypt_t cipher, const void * key, size_t 
size);

   /* Encrypt and decrypt buffers. This functions allow in-place encryption too 
*/
   pdf_status_t pdf_crypt_encrypt (pdf_crypt_t cipher, void *out, size_t 
outsize, const void *in, size_t insize);
   pdf_status_t pdf_crypt_decrypt (pdf_crypt_t cipher, void *out, size_t 
outsize, const void *in, size_t insize);

   /* Destroy cipher */
   void pdf_crypt_destroy (pdf_crypt_t cipher);

   void pdf_crypt_md5 (const void * buffer, size_t len, void * hash);


Finally, I think both crypt stm filter as pdf_text_t encryption can
implement on buffer encryption functions. However I have a
question about this.

Will we store the ciphertext in a pdf_text_t again? It doesn't seem
smart for me. Since pdf_text_t functions has not sense in a block
cipher. Aleks, what do you think? Could a encryption filter text[1] be written
for this indeed?
 
In summary, I think pdf-crypt should export buffer encryption
functions and we build up stream and string functions from stream and
text module respectively.

What do you think? Suggestions are welcome.

:-)


Footnotes: 
[1] http://www.gnupdf.org/Lib:Architecture/Base_Layer/Text_Module#Filters

--

[Prev in Thread]

Current Thread

[Next in Thread]

[pdf-devel] Crypt module discussion, David Vazquez <=
- Re: [pdf-devel] Crypt module discussion, Ralph Giles, 2008/07/30
- Re: [pdf-devel] Crypt module discussion, jemarch, 2008/07/30
  - Re: [pdf-devel] Crypt module discussion, David Vazquez, 2008/07/30
    - Re: [pdf-devel] Crypt module discussion, Ralph Giles, 2008/07/30
    - Message not available
    - Re: [pdf-devel] Crypt module discussion, David Vázquez, 2008/07/31
  - Re: [pdf-devel] Crypt module discussion, Aleksander Morgado, 2008/07/31
- RE: [pdf-devel] Crypt module discussion, Leonard Rosenthol, 2008/07/30

Prev by Date: [pdf-devel] Encryption module
Next by Date: [pdf-devel] bzr error
Previous by thread: [pdf-devel] Encryption module
Next by thread: Re: [pdf-devel] Crypt module discussion
Index(es):
- Date
- Thread