[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[pdf-devel] Crypt module discussion
From: |
David Vazquez |
Subject: |
[pdf-devel] Crypt module discussion |
Date: |
Wed, 30 Jul 2008 17:03:55 +0200 |
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux) |
Hi all
I have read the PDF Reference in deeper to define our
requirements. The situation is the following. API Reference offers two
methods to decrypt data.
- V2 method uses the RC4 algorithm, which is a stream cipher.
- AESV2 method uses AES128 and Cipher Block Chaining (CBC) operation
mode. It requires an initialization vector (IV). (In a pdf, AESV2
encrypted object this vector is the first 16 bytes of the stream
or string.)
I think pdf-crypt should offer V2 and AESV2 methods, which involve all
low level options (i.e: algorithm, key size, etc).
What do you think? Should we provide a more detailed API?
In PDF, the key used to cipher is obtained from object's
id. It means key must be reset for each object. Then my approach for
API is:
/* Initialize module */
pdf_status_t pdf_crypt_init (void);
/* Create a new cipher */
pdf_crypt_t pdf_crypt_new (int method);
/* Set key */
pdf_status_t pdf_crypt_setkey (pdf_crypt_t cipher, const void * key, size_t
size);
/* Set initialization vector (Only for AESV2) */
pdf_status_t pdf_crypt_setiv (pdf_crypt_t cipher, const void * key, size_t
size);
/* Encrypt and decrypt buffers. This functions allow in-place encryption too
*/
pdf_status_t pdf_crypt_encrypt (pdf_crypt_t cipher, void *out, size_t
outsize, const void *in, size_t insize);
pdf_status_t pdf_crypt_decrypt (pdf_crypt_t cipher, void *out, size_t
outsize, const void *in, size_t insize);
/* Destroy cipher */
void pdf_crypt_destroy (pdf_crypt_t cipher);
void pdf_crypt_md5 (const void * buffer, size_t len, void * hash);
Finally, I think both crypt stm filter as pdf_text_t encryption can
implement on buffer encryption functions. However I have a
question about this.
Will we store the ciphertext in a pdf_text_t again? It doesn't seem
smart for me. Since pdf_text_t functions has not sense in a block
cipher. Aleks, what do you think? Could a encryption filter text[1] be written
for this indeed?
In summary, I think pdf-crypt should export buffer encryption
functions and we build up stream and string functions from stream and
text module respectively.
What do you think? Suggestions are welcome.
:-)
Footnotes:
[1] http://www.gnupdf.org/Lib:Architecture/Base_Layer/Text_Module#Filters
--
RE: [pdf-devel] Crypt module discussion, Leonard Rosenthol, 2008/07/30