pdf-reader 2.7.0 → 2.9.2

data/lib/pdf/reader/font.rb

@@ -43,6 +43,7 @@ class PDF::Reader
       @tounicode = nil
 
       extract_base_info(obj)
+      extract_type3_info(obj)
       extract_descriptor(obj)
       extract_descendants(obj)
       @width_calc = build_width_calculator
@@ -73,8 +74,44 @@ class PDF::Reader
       @cached_widths[code_point] ||= @width_calc.glyph_width(code_point)
     end
 
+    # In most cases glyph width is converted into text space with a simple divide by 1000.
+    #
+    # However, Type3 fonts provide their own FontMatrix that's used for the transformation.
+    #
+    def glyph_width_in_text_space(code_point)
+      glyph_width_in_glyph_space = glyph_width(code_point)
+
+      if @subtype == :Type3
+        x1, y1 = font_matrix_transform(0,0)
+        x2, y2 = font_matrix_transform(glyph_width_in_glyph_space, 0)
+        (x2 - x1).abs.round(2)
+      else
+        glyph_width_in_glyph_space / 1000.0
+      end
+    end
+
     private
 
+    # Only valid for Type3 fonts
+    def font_matrix_transform(x, y)
+      return x, y if @font_matrix.nil?
+
+      matrix = TransformationMatrix.new(
+        @font_matrix[0], @font_matrix[1],
+        @font_matrix[2], @font_matrix[3],
+        @font_matrix[4], @font_matrix[5],
+      )
+
+      if x == 0 && y == 0
+        [matrix.e, matrix.f]
+      else
+        [
+          (matrix.a * x) + (matrix.c * y) + (matrix.e),
+          (matrix.b * x) + (matrix.d * y) + (matrix.f)
+        ]
+      end
+    end
+
     def default_encoding(font_name)
       case font_name.to_s
       when "Symbol" then
@@ -112,37 +149,55 @@ class PDF::Reader
       end
     end
 
-    def extract_base_info(obj)
-      @subtype  = @ohash.object(obj[:Subtype])
-      @basefont = @ohash.object(obj[:BaseFont])
-      if @ohash.object(obj[:Encoding])
-        @encoding = PDF::Reader::Encoding.new(@ohash.object(obj[:Encoding]))
+    def build_encoding(obj)
+      if obj[:Encoding].is_a?(Symbol)
+        # one of the standard encodings, referenced by name
+        # TODO pass in a standard shape, always a Hash
+        PDF::Reader::Encoding.new(obj[:Encoding])
+      elsif obj[:Encoding].is_a?(Hash) || obj[:Encoding].is_a?(PDF::Reader::Stream)
+        PDF::Reader::Encoding.new(obj[:Encoding])
+      elsif obj[:Encoding].nil?
+        default_encoding(@basefont)
       else
-        @encoding = default_encoding(@basefont)
+        raise MalformedPDFError, "Unexpected type for Encoding (#{obj[:Encoding].class})"
       end
-      @widths   = @ohash.object(obj[:Widths]) || []
-      @first_char = @ohash.object(obj[:FirstChar])
-      @last_char = @ohash.object(obj[:LastChar])
+    end
+
+    def extract_base_info(obj)
+      @subtype  = @ohash.deref_name(obj[:Subtype])
+      @basefont = @ohash.deref_name(obj[:BaseFont])
+      @encoding = build_encoding(obj)
+      @widths   = @ohash.deref_array_of_numbers(obj[:Widths]) || []
+      @first_char = @ohash.deref_integer(obj[:FirstChar])
+      @last_char = @ohash.deref_integer(obj[:LastChar])
 
       # CID Fonts are not required to have a W or DW entry, if they don't exist,
       # the default cid width = 1000, see Section 9.7.4.1 PDF 32000-1:2008 pp 269
-      @cid_widths         = @ohash.object(obj[:W])  || []
-      @cid_default_width  = @ohash.object(obj[:DW]) || 1000
+      @cid_widths         = @ohash.deref_array(obj[:W])  || []
+      @cid_default_width  = @ohash.deref_number(obj[:DW]) || 1000
 
       if obj[:ToUnicode]
         # ToUnicode is optional for Type1 and Type3
-        stream = @ohash.object(obj[:ToUnicode])
-        if stream.is_a?(PDF::Reader::Stream)
+        stream = @ohash.deref_stream(obj[:ToUnicode])
+        if stream
           @tounicode = PDF::Reader::CMap.new(stream.unfiltered_data)
         end
       end
     end
 
+    def extract_type3_info(obj)
+      if @subtype == :Type3
+        @font_matrix = @ohash.deref_array_of_numbers(obj[:FontMatrix]) || [
+          0.001, 0, 0, 0.001, 0, 0
+        ]
+      end
+    end
+
     def extract_descriptor(obj)
       if obj[:FontDescriptor]
         # create a font descriptor object if we can, in other words, unless this is
         # a CID Font
-        fd = @ohash.object(obj[:FontDescriptor])
+        fd = @ohash.deref_hash(obj[:FontDescriptor])
         @font_descriptor = PDF::Reader::FontDescriptor.new(@ohash, fd)
       else
         @font_descriptor = nil
@@ -154,9 +209,9 @@ class PDF::Reader
       # per PDF 32000-1:2008 pp. 280 :DescendentFonts is:
       # A one-element array specifying the CIDFont dictionary that is the
       # descendant of this Type 0 font.
-      descendants = @ohash.object(obj[:DescendantFonts])
+      descendants = @ohash.deref_array(obj[:DescendantFonts])
       @descendantfonts = descendants.map { |desc|
-        PDF::Reader::Font.new(@ohash, @ohash.object(desc))
+        PDF::Reader::Font.new(@ohash, @ohash.deref_hash(desc))
       }
     end
 

data/lib/pdf/reader/font_descriptor.rb

@@ -15,22 +15,23 @@ class PDF::Reader
                 :x_height, :font_flags
 
     def initialize(ohash, fd_hash)
-      @ascent                = ohash.object(fd_hash[:Ascent])    || 0
-      @descent               = ohash.object(fd_hash[:Descent])   || 0
-      @missing_width         = ohash.object(fd_hash[:MissingWidth]) || 0
-      @font_bounding_box     = ohash.object(fd_hash[:FontBBox])  || [0,0,0,0]
-      @avg_width             = ohash.object(fd_hash[:AvgWidth])  || 0
-      @cap_height            = ohash.object(fd_hash[:CapHeight]) || 0
-      @font_flags            = ohash.object(fd_hash[:Flags])     || 0
-      @italic_angle          = ohash.object(fd_hash[:ItalicAngle])
-      @font_name             = ohash.object(fd_hash[:FontName]).to_s
-      @leading               = ohash.object(fd_hash[:Leading])   || 0
-      @max_width             = ohash.object(fd_hash[:MaxWidth])  || 0
-      @stem_v                = ohash.object(fd_hash[:StemV])
-      @x_height              = ohash.object(fd_hash[:XHeight])
-      @font_stretch          = ohash.object(fd_hash[:FontStretch]) || :Normal
-      @font_weight           = ohash.object(fd_hash[:FontWeight])  || 400
-      @font_family           = ohash.object(fd_hash[:FontFamily])
+      # TODO change these to typed derefs
+      @ascent                = ohash.deref_number(fd_hash[:Ascent])    || 0
+      @descent               = ohash.deref_number(fd_hash[:Descent])   || 0
+      @missing_width         = ohash.deref_number(fd_hash[:MissingWidth]) || 0
+      @font_bounding_box     = ohash.deref_array_of_numbers(fd_hash[:FontBBox])  || [0,0,0,0]
+      @avg_width             = ohash.deref_number(fd_hash[:AvgWidth])  || 0
+      @cap_height            = ohash.deref_number(fd_hash[:CapHeight]) || 0
+      @font_flags            = ohash.deref_integer(fd_hash[:Flags])     || 0
+      @italic_angle          = ohash.deref_number(fd_hash[:ItalicAngle])
+      @font_name             = ohash.deref_name(fd_hash[:FontName]).to_s
+      @leading               = ohash.deref_number(fd_hash[:Leading])   || 0
+      @max_width             = ohash.deref_number(fd_hash[:MaxWidth])  || 0
+      @stem_v                = ohash.deref_number(fd_hash[:StemV])
+      @x_height              = ohash.deref_number(fd_hash[:XHeight])
+      @font_stretch          = ohash.deref_name(fd_hash[:FontStretch]) || :Normal
+      @font_weight           = ohash.deref_number(fd_hash[:FontWeight])  || 400
+      @font_family           = ohash.deref_string(fd_hash[:FontFamily])
 
       # A FontDescriptor may have an embedded font program in FontFile
       # (Type 1 Font Program), FontFile2 (TrueType font program), or
@@ -40,7 +41,7 @@ class PDF::Reader
       # 2) CIDFontType0C: Type 0 Font Program in Compact Font Format
       # 3) OpenType:      OpenType Font Program
       # see Section 9.9, PDF 32000-1:2008, pp 288-292
-      @font_program_stream = ohash.object(fd_hash[:FontFile2])
+      @font_program_stream = ohash.deref_stream(fd_hash[:FontFile2])
       #TODO handle FontFile and FontFile3
 
       @is_ttf = true if @font_program_stream

data/lib/pdf/reader/form_xobject.rb

@@ -15,15 +15,24 @@ module PDF
     # This behaves and looks much like a limited PDF::Reader::Page class.
     #
     class FormXObject
-      include ResourceMethods
+      extend Forwardable
 
       attr_reader :xobject
 
+      def_delegators :resources, :color_spaces
+      def_delegators :resources, :fonts
+      def_delegators :resources, :graphic_states
+      def_delegators :resources, :patterns
+      def_delegators :resources, :procedure_sets
+      def_delegators :resources, :properties
+      def_delegators :resources, :shadings
+      def_delegators :resources, :xobjects
+
       def initialize(page, xobject, options = {})
         @page    = page
         @objects = page.objects
         @cache   = options[:cache] || {}
-        @xobject = @objects.deref(xobject)
+        @xobject = @objects.deref_stream(xobject)
       end
 
       # return a hash of fonts used on this form.
@@ -34,9 +43,9 @@ module PDF
       # to most available metrics for each font.
       #
       def font_objects
-        raw_fonts = @objects.deref(resources[:Font] || {})
+        raw_fonts = @objects.deref_hash(fonts)
         ::Hash[raw_fonts.map { |label, font|
-          [label, PDF::Reader::Font.new(@objects, @objects.deref(font))]
+          [label, PDF::Reader::Font.new(@objects, @objects.deref_hash(font))]
         }]
       end
 
@@ -61,7 +70,7 @@ module PDF
       # Returns the resources that accompany this form.
       #
       def resources
-        @resources ||= @objects.deref(@xobject.hash[:Resources]) || {}
+        @resources ||= Resources.new(@objects, @objects.deref_hash(@xobject.hash[:Resources]) || {})
       end
 
       def callback(receivers, name, params=[])

data/lib/pdf/reader/key_builder_v5.rb

@@ -0,0 +1,138 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+
+require 'digest/md5'
+require 'rc4'
+
+class PDF::Reader
+
+  # Processes the Encrypt dict from an encrypted PDF and a user provided
+  # password and returns a key that can decrypt the file.
+  #
+  # This can generate a decryption key compatible with the following standard encryption algorithms:
+  #
+  # * Version 5 (AESV3)
+  #
+  class KeyBuilderV5
+
+    def initialize(opts = {})
+      @key_length   = 256
+
+      # hash(32B) + validation salt(8B) + key salt(8B)
+      @owner_key    = opts[:owner_key] || ""
+
+      # hash(32B) + validation salt(8B) + key salt(8B)
+      @user_key     = opts[:user_key] || ""
+
+      # decryption key, encrypted w/ owner password
+      @owner_encryption_key = opts[:owner_encryption_key] || ""
+
+      # decryption key, encrypted w/ user password
+      @user_encryption_key  = opts[:user_encryption_key] || ""
+    end
+
+    # Takes a string containing a user provided password.
+    #
+    # If the password matches the file, then a string containing a key suitable for
+    # decrypting the file will be returned. If the password doesn't match the file,
+    # and exception will be raised.
+    #
+    def key(pass)
+      pass = pass.byteslice(0...127).to_s   # UTF-8 encoded password. first 127 bytes
+
+      encrypt_key   = auth_owner_pass(pass)
+      encrypt_key ||= auth_user_pass(pass)
+      encrypt_key ||= auth_owner_pass_r6(pass)
+      encrypt_key ||= auth_user_pass_r6(pass)
+
+      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
+      encrypt_key
+    end
+
+    private
+
+    # Algorithm 3.2a - Computing an encryption key
+    #
+    # Defined in PDF 1.7 Extension Level 3
+    #
+    # if the string is a valid user/owner password, this will return the decryption key
+    #
+    def auth_owner_pass(password)
+      if Digest::SHA256.digest(password + @owner_key[32..39] + @user_key) == @owner_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = Digest::SHA256.digest(password + @owner_key[40..-1] + @user_key)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@owner_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_user_pass(password)
+      if Digest::SHA256.digest(password + @user_key[32..39]) == @user_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = Digest::SHA256.digest(password + @user_key[40..-1])
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@user_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_owner_pass_r6(password)
+      if r6_digest(password, @owner_key[32..39].to_s, @user_key[0,48].to_s) == @owner_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = r6_digest(password, @owner_key[40,8].to_s, @user_key[0, 48].to_s)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@owner_encryption_key) + cipher.final
+      end
+    end
+
+    def auth_user_pass_r6(password)
+      if r6_digest(password, @user_key[32..39].to_s) == @user_key[0..31]
+        cipher = OpenSSL::Cipher.new('AES-256-CBC')
+        cipher.decrypt
+        cipher.key = r6_digest(password, @user_key[40,8].to_s)
+        cipher.iv = "\x00" * 16
+        cipher.padding = 0
+        cipher.update(@user_encryption_key) + cipher.final
+      end
+    end
+
+    # PDF 2.0 spec, 7.6.4.3.4
+    # Algorithm 2.B: Computing a hash (revision 6 and later)
+    def r6_digest(password, salt, user_key = '')
+      k = Digest::SHA256.digest(password + salt + user_key)
+      e = ''
+
+      i = 0
+      while i < 64 or e.getbyte(-1).to_i > i - 32
+        k1 = (password + k + user_key) * 64
+
+        aes = OpenSSL::Cipher.new("aes-128-cbc").encrypt
+        aes.key = k[0, 16].to_s
+        aes.iv = k[16, 16].to_s
+        aes.padding = 0
+        e = String.new(aes.update(k1))
+        k = case unpack_128bit_bigendian_int(e) % 3
+            when 0 then Digest::SHA256.digest(e)
+            when 1 then Digest::SHA384.digest(e)
+            when 2 then Digest::SHA512.digest(e)
+            end
+        i = i + 1
+      end
+
+      k[0, 32].to_s
+    end
+
+    def unpack_128bit_bigendian_int(str)
+      ints = str[0,16].to_s.unpack("N*")
+      (ints[0].to_i << 96) + (ints[1].to_i << 64) + (ints[2].to_i << 32) + ints[3].to_i
+    end
+
+  end
+end
+

data/lib/pdf/reader/null_security_handler.rb

@@ -7,10 +7,6 @@ class PDF::Reader
   # A null object security handler. Used when a PDF is unencrypted.
   class NullSecurityHandler
 
-    def self.supports?(encrypt)
-      encrypt.nil?
-    end
-
     def decrypt(buf, _ref)
       buf
     end