pdf-reader 2.5.0 → 2.9.0

data/lib/pdf/reader/glyphlist-zapfdingbats.txt

@@ -0,0 +1,245 @@
+# -----------------------------------------------------------
+# Copyright 2002-2019 Adobe (http://www.adobe.com/).
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the
+# following conditions are met:
+#
+# Redistributions of source code must retain the above
+# copyright notice, this list of conditions and the following
+# disclaimer.
+#
+# Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
+#
+# Neither the name of Adobe nor the names of its contributors
+# may be used to endorse or promote products derived from this
+# software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+# -----------------------------------------------------------
+# Name:          ITC Zapf Dingbats Glyph List
+# Table version: 2.0
+# Date:          September 20, 2002
+# URL:           https://github.com/adobe-type-tools/agl-aglfn
+#
+# Format: two semicolon-delimited fields:
+#   (1) glyph name--upper/lowercase letters and digits
+#   (2) Unicode scalar value--four uppercase hexadecimal digits
+#
+a100;275E
+a101;2761
+a102;2762
+a103;2763
+a104;2764
+a105;2710
+a106;2765
+a107;2766
+a108;2767
+a109;2660
+a10;2721
+a110;2665
+a111;2666
+a112;2663
+a117;2709
+a118;2708
+a119;2707
+a11;261B
+a120;2460
+a121;2461
+a122;2462
+a123;2463
+a124;2464
+a125;2465
+a126;2466
+a127;2467
+a128;2468
+a129;2469
+a12;261E
+a130;2776
+a131;2777
+a132;2778
+a133;2779
+a134;277A
+a135;277B
+a136;277C
+a137;277D
+a138;277E
+a139;277F
+a13;270C
+a140;2780
+a141;2781
+a142;2782
+a143;2783
+a144;2784
+a145;2785
+a146;2786
+a147;2787
+a148;2788
+a149;2789
+a14;270D
+a150;278A
+a151;278B
+a152;278C
+a153;278D
+a154;278E
+a155;278F
+a156;2790
+a157;2791
+a158;2792
+a159;2793
+a15;270E
+a160;2794
+a161;2192
+a162;27A3
+a163;2194
+a164;2195
+a165;2799
+a166;279B
+a167;279C
+a168;279D
+a169;279E
+a16;270F
+a170;279F
+a171;27A0
+a172;27A1
+a173;27A2
+a174;27A4
+a175;27A5
+a176;27A6
+a177;27A7
+a178;27A8
+a179;27A9
+a17;2711
+a180;27AB
+a181;27AD
+a182;27AF
+a183;27B2
+a184;27B3
+a185;27B5
+a186;27B8
+a187;27BA
+a188;27BB
+a189;27BC
+a18;2712
+a190;27BD
+a191;27BE
+a192;279A
+a193;27AA
+a194;27B6
+a195;27B9
+a196;2798
+a197;27B4
+a198;27B7
+a199;27AC
+a19;2713
+a1;2701
+a200;27AE
+a201;27B1
+a202;2703
+a203;2750
+a204;2752
+a205;276E
+a206;2770
+a20;2714
+a21;2715
+a22;2716
+a23;2717
+a24;2718
+a25;2719
+a26;271A
+a27;271B
+a28;271C
+a29;2722
+a2;2702
+a30;2723
+a31;2724
+a32;2725
+a33;2726
+a34;2727
+a35;2605
+a36;2729
+a37;272A
+a38;272B
+a39;272C
+a3;2704
+a40;272D
+a41;272E
+a42;272F
+a43;2730
+a44;2731
+a45;2732
+a46;2733
+a47;2734
+a48;2735
+a49;2736
+a4;260E
+a50;2737
+a51;2738
+a52;2739
+a53;273A
+a54;273B
+a55;273C
+a56;273D
+a57;273E
+a58;273F
+a59;2740
+a5;2706
+a60;2741
+a61;2742
+a62;2743
+a63;2744
+a64;2745
+a65;2746
+a66;2747
+a67;2748
+a68;2749
+a69;274A
+a6;271D
+a70;274B
+a71;25CF
+a72;274D
+a73;25A0
+a74;274F
+a75;2751
+a76;25B2
+a77;25BC
+a78;25C6
+a79;2756
+a7;271E
+a81;25D7
+a82;2758
+a83;2759
+a84;275A
+a85;276F
+a86;2771
+a87;2772
+a88;2773
+a89;2768
+a8;271F
+a90;2769
+a91;276C
+a92;276D
+a93;276A
+a94;276B
+a95;2774
+a96;2775
+a97;275B
+a98;275C
+a99;275D
+a9;2720
+# END

data/lib/pdf/reader/key_builder_v5.rb

@@ -0,0 +1,138 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+
+require 'digest/md5'
+require 'rc4'
+
+class PDF::Reader
+
+  # Processes the Encrypt dict from an encrypted PDF and a user provided
+  # password and returns a key that can decrypt the file.
+  #
+  # This can generate a decryption key compatible with the following standard encryption algorithms:
+  #
+  # * Version 5 (AESV3)
+  #
+  class KeyBuilderV5
+
+    def initialize(opts = {})
+      @key_length   = 256
+
+      # hash(32B) + validation salt(8B) + key salt(8B)
+      @owner_key    = opts[:owner_key] || ""
+
+      # hash(32B) + validation salt(8B) + key salt(8B)
+      @user_key     = opts[:user_key] || ""
+
+      # decryption key, encrypted w/ owner password
+      @owner_encryption_key = opts[:owner_encryption_key] || ""
+
+      # decryption key, encrypted w/ user password
+      @user_encryption_key  = opts[:user_encryption_key] || ""
+    end
+
+    # Takes a string containing a user provided password.
+    #
+    # If the password matches the file, then a string containing a key suitable for
+    # decrypting the file will be returned. If the password doesn't match the file,
+    # and exception will be raised.
+    #
+    def key(pass)
+      pass = pass.byteslice(0...127).to_s   # UTF-8 encoded password. first 127 bytes
+
+      encrypt_key   = auth_owner_pass(pass)
+      encrypt_key ||= auth_user_pass(pass)
+      encrypt_key ||= auth_owner_pass_r6(pass)
+      encrypt_key ||= auth_user_pass_r6(pass)
+
+      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
+      encrypt_key
+    end
+
+    private
+
+    # Algorithm 3.2a - Computing an encryption key
+    #
+    # Defined in PDF 1.7 Extension Level 3
+    #
+    # if the string is a valid user/owner password, this will return the decryption key
+    #
+    def auth_owner_pass(password)
+      if Digest::SHA256.digest(password + @owner_key[32..39] + @user_key) == @owner_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = Digest::SHA256.digest(password + @owner_key[40..-1] + @user_key)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@owner_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_user_pass(password)
+      if Digest::SHA256.digest(password + @user_key[32..39]) == @user_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = Digest::SHA256.digest(password + @user_key[40..-1])
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@user_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_owner_pass_r6(password)
+      if r6_digest(password, @owner_key[32..39].to_s, @user_key[0,48].to_s) == @owner_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = r6_digest(password, @owner_key[40,8].to_s, @user_key[0, 48].to_s)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@owner_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_user_pass_r6(password)
+      if r6_digest(password, @user_key[32..39].to_s) == @user_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = r6_digest(password, @user_key[40,8].to_s)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@user_encryption_key) + cipher.final
+      end
+    end
+
+    # PDF 2.0 spec, 7.6.4.3.4
+    # Algorithm 2.B: Computing a hash (revision 6 and later)
+    def r6_digest(password, salt, user_key = '')
+      k = Digest::SHA256.digest(password + salt + user_key)
+      e = ''
+
+      i = 0
+      while i < 64 or e.getbyte(-1).to_i > i - 32
+        k1 = (password + k + user_key) * 64
+
+        aes = OpenSSL::Cipher.new("aes-128-cbc").encrypt
+        aes.key = k[0, 16].to_s
+        aes.iv = k[16, 16].to_s
+        aes.padding = 0
+        e = String.new(aes.update(k1))
+        k = case unpack_128bit_bigendian_int(e) % 3
+            when 0 then Digest::SHA256.digest(e)
+            when 1 then Digest::SHA384.digest(e)
+            when 2 then Digest::SHA512.digest(e)
+            end
+        i = i + 1
+      end
+
+      k[0, 32].to_s
+    end
+
+    def unpack_128bit_bigendian_int(str)
+      ints = str[0,16].to_s.unpack("N*")
+      (ints[0].to_i << 96) + (ints[1].to_i << 64) + (ints[2].to_i << 32) + ints[3].to_i
+    end
+
+  end
+end
+

data/lib/pdf/reader/lzw.rb

@@ -1,4 +1,5 @@
 # coding: utf-8
+# typed: true
 # frozen_string_literal: true
 
 module PDF
@@ -35,9 +36,9 @@ module PDF
 
         def read
           bits_left_in_chunk = @bits_in_chunk
-          chunk = nil
+          chunk = -1
           while bits_left_in_chunk > 0 and @current_pos < @data.size
-            chunk = 0 if chunk.nil?
+            chunk = 0 if chunk < 0
             codepoint = @data[@current_pos, 1].unpack("C*")[0]
             current_byte = codepoint & (2**@bits_left_in_byte - 1) #clear consumed bits
             dif = bits_left_in_chunk - @bits_left_in_byte
@@ -83,6 +84,7 @@ module PDF
       #
       def self.decode(data)
         stream = BitStream.new data.to_s, 9 # size of codes between 9 and 12 bits
+        string_table = StringTable.new
         result = "".dup
         until (code = stream.read) == CODE_EOD
           if code == CODE_CLEAR_TABLE

data/lib/pdf/reader/null_security_handler.rb

@@ -1,4 +1,5 @@
 # coding: utf-8
+# typed: strict
 # frozen_string_literal: true
 
 class PDF::Reader
@@ -6,10 +7,6 @@ class PDF::Reader
   # A null object security handler. Used when a PDF is unencrypted.
   class NullSecurityHandler
 
-    def self.supports?(encrypt)
-      encrypt.nil?
-    end
-
     def decrypt(buf, _ref)
       buf
     end

data/lib/pdf/reader/object_cache.rb

@@ -1,4 +1,5 @@
 # coding: utf-8
+# typed: true
 # frozen_string_literal: true
 
 require 'hashery/lru_hash'