RubyGems - pdf-reader - Versions diffs - 2.8.0 → 2.9.0 - Mend

pdf-reader 2.8.0 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

checksums.yaml +4 -4
data/CHANGELOG +5 -0
data/lib/pdf/reader/aes_v2_security_handler.rb +41 -0
data/lib/pdf/reader/aes_v3_security_handler.rb +38 -0
data/lib/pdf/reader/buffer.rb +36 -34
data/lib/pdf/reader/cmap.rb +64 -51
data/lib/pdf/reader/error.rb +8 -0
data/lib/pdf/reader/filter/ascii85.rb +1 -1
data/lib/pdf/reader/filter/ascii_hex.rb +1 -1
data/lib/pdf/reader/filter/depredict.rb +1 -1
data/lib/pdf/reader/filter/flate.rb +3 -3
data/lib/pdf/reader/filter/lzw.rb +1 -1
data/lib/pdf/reader/filter/null.rb +1 -2
data/lib/pdf/reader/filter/run_length.rb +1 -1
data/lib/pdf/reader/filter.rb +1 -1
data/lib/pdf/reader/font.rb +29 -17
data/lib/pdf/reader/font_descriptor.rb +18 -17
data/lib/pdf/reader/form_xobject.rb +14 -5
data/lib/pdf/reader/key_builder_v5.rb +138 -0
data/lib/pdf/reader/null_security_handler.rb +0 -4
data/lib/pdf/reader/object_hash.rb +247 -42
data/lib/pdf/reader/page.rb +38 -20
data/lib/pdf/reader/page_state.rb +1 -1
data/lib/pdf/reader/page_text_receiver.rb +4 -1
data/lib/pdf/reader/parser.rb +9 -6
data/lib/pdf/reader/point.rb +1 -1
data/lib/pdf/reader/rc4_security_handler.rb +38 -0
data/lib/pdf/reader/rectangle.rb +2 -2
data/lib/pdf/reader/{resource_methods.rb → resources.rb} +15 -13
data/lib/pdf/reader/security_handler_factory.rb +79 -0
data/lib/pdf/reader/{standard_security_handler.rb → standard_key_builder.rb} +23 -95
data/lib/pdf/reader/stream.rb +2 -2
data/lib/pdf/reader/type_check.rb +52 -0
data/lib/pdf/reader/validating_receiver.rb +262 -0
data/lib/pdf/reader/width_calculator/true_type.rb +1 -1
data/lib/pdf/reader/xref.rb +20 -3
data/lib/pdf/reader.rb +17 -9
data/rbi/pdf-reader.rbi +388 -173
metadata +15 -9
data/lib/pdf/reader/standard_security_handler_v5.rb +0 -92

data/lib/pdf/reader/page.rb CHANGED Viewed

@@ -14,7 +14,7 @@ module PDF
     # objects accessor to help walk the page dictionary in any useful way.
     #
     class Page
-      include ResourceMethods
+      extend Forwardable
       # lowlevel hash-like access to all objects in the underlying PDF
       attr_reader :objects
@@ -27,6 +27,15 @@ module PDF
       # operations
       attr_reader :cache
+      def_delegators :resources, :color_spaces
+      def_delegators :resources, :fonts
+      def_delegators :resources, :graphic_states
+      def_delegators :resources, :patterns
+      def_delegators :resources, :procedure_sets
+      def_delegators :resources, :properties
+      def_delegators :resources, :shadings
+      def_delegators :resources, :xobjects
       # creates a new page wrapper.
       #
       # * objects - an ObjectHash instance that wraps a PDF file
@@ -34,7 +43,7 @@ module PDF
       #
       def initialize(objects, pagenum, options = {})
         @objects, @pagenum = objects, pagenum
-        @page_object = objects.deref(objects.page_references[pagenum - 1])
+        @page_object = objects.deref_hash(objects.page_references[pagenum - 1])
         @cache       = options[:cache] || {}
         unless @page_object.is_a?(::Hash)
@@ -60,7 +69,7 @@ module PDF
       def attributes
         @attributes ||= {}.tap { |hash|
           page_with_ancestors.reverse.each do |obj|
-            hash.merge!(@objects.deref(obj))
+            hash.merge!(@objects.deref_hash(obj) || {})
           end
         }
         # This shouldn't be necesary, but some non compliant PDFs leave MediaBox
@@ -143,6 +152,9 @@ module PDF
       # the program in the correct order and calls out to your implementation.
       #
       def walk(*receivers)
+        receivers = receivers.map { |receiver|
+          ValidatingReceiver.new(receiver)
+        }
         callback(receivers, :page=, [self])
         content_stream(receivers, raw_content)
       end
@@ -151,10 +163,10 @@ module PDF
       # see here unless you're a PDF nerd like me.
       #
       def raw_content
-        contents = objects.deref(@page_object[:Contents])
+        contents = objects.deref_stream_or_array(@page_object[:Contents])
         [contents].flatten.compact.map { |obj|
-          objects.deref(obj)
-        }.map { |obj|
+          objects.deref_stream(obj)
+        }.compact.map { |obj|
           obj.unfiltered_data
         }.join(" ")
       end
@@ -185,17 +197,22 @@ module PDF
       # values are defaulted according to section 7.7.3.3 of the PDF Spec 1.7
       #
       def rectangles
-        mediabox = objects.deref!(attributes[:MediaBox])
-        cropbox = objects.deref!(attributes[:Cropbox]) || mediabox
-        bleedbox = objects.deref!(attributes[:BleedBox]) || cropbox
-        trimbox = objects.deref!(attributes[:TrimBox]) || cropbox
-        artbox = objects.deref!(attributes[:ArtBox]) || cropbox
-        mediarect = Rectangle.new(*mediabox)
-        croprect = Rectangle.new(*cropbox)
-        bleedrect = Rectangle.new(*bleedbox)
-        trimrect = Rectangle.new(*trimbox)
-        artrect = Rectangle.new(*artbox)
+        # attributes[:MediaBox] can never be nil, but I have no easy way to tell sorbet that atm
+        mediabox = objects.deref_array_of_numbers(attributes[:MediaBox]) || []
+        cropbox = objects.deref_array_of_numbers(attributes[:CropBox]) || mediabox
+        bleedbox = objects.deref_array_of_numbers(attributes[:BleedBox]) || cropbox
+        trimbox = objects.deref_array_of_numbers(attributes[:TrimBox]) || cropbox
+        artbox = objects.deref_array_of_numbers(attributes[:ArtBox]) || cropbox
+        begin
+          mediarect = Rectangle.from_array(mediabox)
+          croprect = Rectangle.from_array(cropbox)
+          bleedrect = Rectangle.from_array(bleedbox)
+          trimrect = Rectangle.from_array(trimbox)
+          artrect = Rectangle.from_array(artbox)
+        rescue ArgumentError => e
+          raise MalformedPDFError, e.message
+        end
         if rotate > 0
           mediarect.apply_rotation(rotate)
@@ -217,14 +234,14 @@ module PDF
       private
       def root
-       @root ||= objects.deref(@objects.trailer[:Root])
+        @root ||= objects.deref_hash(@objects.trailer[:Root]) || {}
       end
       # Returns the resources that accompany this page. Includes
       # resources inherited from parents.
       #
       def resources
-        @resources ||= @objects.deref(attributes[:Resources]) || {}
+        @resources ||= Resources.new(@objects, @objects.deref_hash(attributes[:Resources]) || {})
       end
       def content_stream(receivers, instructions)
@@ -260,7 +277,8 @@ module PDF
         if origin.nil?
           []
         else
-          obj = objects.deref(origin)
+          obj = objects.deref_hash(origin)
+          PDF::Reader::Error.validate_not_nil_as_malformed(obj, "parent")
           [ select_inheritable(obj) ] + ancestors(obj[:Parent])
         end
       end

data/lib/pdf/reader/page_state.rb CHANGED Viewed

@@ -384,7 +384,7 @@ class PDF::Reader
       #
       def build_fonts(raw_fonts)
         wrapped_fonts = raw_fonts.map { |label, font|
-          [label, PDF::Reader::Font.new(@objects, @objects.deref(font))]
+          [label, PDF::Reader::Font.new(@objects, @objects.deref_hash(font) || {})]
         }
         ::Hash[wrapped_fonts]

data/lib/pdf/reader/page_text_receiver.rb CHANGED Viewed

@@ -87,8 +87,10 @@ module PDF
         params.each do |arg|
           if arg.is_a?(String)
             internal_show_text(arg)
-          else
+          elsif arg.is_a?(Numeric)
             @state.process_glyph_displacement(0, arg, false)
+          else
+            # skip it
           end
         end
       end
@@ -119,6 +121,7 @@ module PDF
       private
       def internal_show_text(string)
+        PDF::Reader::Error.validate_type_as_malformed(string, "string", String)
         if @state.current_font.nil?
           raise PDF::Reader::MalformedPDFError, "current font is invalid"
         end

data/lib/pdf/reader/parser.rb CHANGED Viewed

@@ -80,8 +80,8 @@ class PDF::Reader
         token
       elsif operators.has_key? token
         Token.new(token)
-      elsif token.respond_to?(:to_token)
-        token.to_token
+      elsif token.frozen?
+        token
       elsif token =~ /\d*\.\d/
         token.to_f
       else
@@ -103,7 +103,7 @@ class PDF::Reader
       obj = parse_token
       post_obj = parse_token
-      if post_obj == "stream"
+      if obj.is_a?(Hash) && post_obj == "stream"
         stream(obj)
       else
         obj
@@ -121,7 +121,7 @@ class PDF::Reader
         key = parse_token
         break if key.kind_of?(Token) and key == ">>"
         raise MalformedPDFError, "unterminated dict" if @buffer.empty?
-        raise MalformedPDFError, "Dictionary key (#{key.inspect}) is not a name" unless key.kind_of?(Symbol)
+        PDF::Reader::Error.validate_type_as_malformed(key, "Dictionary key", Symbol)
         value = parse_token
         value.kind_of?(Token) and Error.str_assert_not(value, ">>")
@@ -209,13 +209,16 @@ class PDF::Reader
     def stream(dict)
       raise MalformedPDFError, "PDF malformed, missing stream length" unless dict.has_key?(:Length)
       if @objects
-        length = @objects.deref(dict[:Length])
+        length = @objects.deref_integer(dict[:Length])
         if dict[:Filter]
-          dict[:Filter] = @objects.deref(dict[:Filter])
+          dict[:Filter] = @objects.deref_name_or_array(dict[:Filter])
         end
       else
         length = dict[:Length] || 0
       end
+      PDF::Reader::Error.validate_type_as_malformed(length, "length", Numeric)
       data = @buffer.read(length, :skip_eol => true)
       Error.str_assert(parse_token, "endstream")

data/lib/pdf/reader/point.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 module PDF

data/lib/pdf/reader/rc4_security_handler.rb ADDED Viewed

@@ -0,0 +1,38 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+require 'digest/md5'
+require 'rc4'
+class PDF::Reader
+  # Decrypts data using the RC4 algorithim defined in the PDF spec. Requires
+  # a decryption key, which is usually generated by PDF::Reader::StandardKeyBuilder
+  #
+  class Rc4SecurityHandler
+    def initialize(key)
+      @encrypt_key = key
+    end
+    ##7.6.2 General Encryption Algorithm
+    #
+    # Algorithm 1: Encryption of data using the RC4 algorithm
+    #
+    # version <=3 or (version == 4 and CFM == V2)
+    #
+    # buf - a string to decrypt
+    # ref - a PDF::Reader::Reference for the object to decrypt
+    #
+    def decrypt( buf, ref )
+      objKey = @encrypt_key.dup
+      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
+      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
+      length = objKey.length < 16 ? objKey.length : 16
+      rc4 = RC4.new( Digest::MD5.digest(objKey)[0,length] )
+      rc4.decrypt(buf)
+    end
+  end
+end

data/lib/pdf/reader/rectangle.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 module PDF
@@ -85,7 +85,7 @@ module PDF
           new_x2 = bottom_left.x
           new_y2 = bottom_left.y + width
         end
-        set_corners(new_x1, new_y1, new_x2, new_y2)
+        set_corners(new_x1 || 0, new_y1 || 0, new_x2 || 0, new_y2 || 0)
       end
       private

data/lib/pdf/reader/{resource_methods.rb → resources.rb} RENAMED Viewed

@@ -1,16 +1,18 @@
 # coding: utf-8
-# typed: false
+# typed: true
 # frozen_string_literal: true
-# Setting this file to "typed: true" is difficult because it's a mixin that assumes some things
-# are aavailable from the class, like @objects and resources. Sorbet doesn't know about them.
 module PDF
   class Reader
     # mixin for common methods in Page and FormXobjects
     #
-    module ResourceMethods
+    class Resources
+      def initialize(objects, resources)
+        @objects = objects
+        @resources = resources
+      end
       # Returns a Hash of color spaces that are available to this page
       #
@@ -19,7 +21,7 @@ module PDF
       #       of calling it over and over.
       #
       def color_spaces
-        @objects.deref!(resources[:ColorSpace]) || {}
+        @objects.deref_hash!(@resources[:ColorSpace]) || {}
       end
       # Returns a Hash of fonts that are available to this page
@@ -29,7 +31,7 @@ module PDF
       #       of calling it over and over.
       #
       def fonts
-        @objects.deref!(resources[:Font]) || {}
+        @objects.deref_hash!(@resources[:Font]) || {}
       end
       # Returns a Hash of external graphic states that are available to this
@@ -40,7 +42,7 @@ module PDF
       #       of calling it over and over.
       #
       def graphic_states
-        @objects.deref!(resources[:ExtGState]) || {}
+        @objects.deref_hash!(@resources[:ExtGState]) || {}
       end
       # Returns a Hash of patterns that are available to this page
@@ -50,7 +52,7 @@ module PDF
       #       of calling it over and over.
       #
       def patterns
-        @objects.deref!(resources[:Pattern]) || {}
+        @objects.deref_hash!(@resources[:Pattern]) || {}
       end
       # Returns an Array of procedure sets that are available to this page
@@ -60,7 +62,7 @@ module PDF
       #       of calling it over and over.
       #
       def procedure_sets
-        @objects.deref!(resources[:ProcSet]) || []
+        @objects.deref_array!(@resources[:ProcSet]) || []
       end
       # Returns a Hash of properties sets that are available to this page
@@ -70,7 +72,7 @@ module PDF
       #       of calling it over and over.
       #
       def properties
-        @objects.deref!(resources[:Properties]) || {}
+        @objects.deref_hash!(@resources[:Properties]) || {}
       end
       # Returns a Hash of shadings that are available to this page
@@ -80,7 +82,7 @@ module PDF
       #       of calling it over and over.
       #
       def shadings
-        @objects.deref!(resources[:Shading]) || {}
+        @objects.deref_hash!(@resources[:Shading]) || {}
       end
       # Returns a Hash of XObjects that are available to this page
@@ -90,7 +92,7 @@ module PDF
       #       of calling it over and over.
       #
       def xobjects
-        @objects.deref!(resources[:XObject]) || {}
+        @objects.deref_hash!(@resources[:XObject]) || {}
       end
     end

data/lib/pdf/reader/security_handler_factory.rb ADDED Viewed

@@ -0,0 +1,79 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+class PDF::Reader
+  # Examines the Encrypt entry of a PDF trailer (if any) and returns an object that's
+  # able to decrypt the file.
+  class SecurityHandlerFactory
+    def self.build(encrypt, doc_id, password)
+      doc_id   ||= []
+      password ||= ""
+      if encrypt.nil?
+        NullSecurityHandler.new
+      elsif standard?(encrypt)
+        build_standard_handler(encrypt, doc_id, password)
+      elsif standard_v5?(encrypt)
+        build_v5_handler(encrypt, doc_id, password)
+      else
+        UnimplementedSecurityHandler.new
+      end
+    end
+    def self.build_standard_handler(encrypt, doc_id, password)
+      encmeta = !encrypt.has_key?(:EncryptMetadata) || encrypt[:EncryptMetadata].to_s == "true"
+      key_builder = StandardKeyBuilder.new(
+        key_length: (encrypt[:Length] || 40).to_i,
+        revision: encrypt[:R],
+        owner_key: encrypt[:O],
+        user_key: encrypt[:U],
+        permissions: encrypt[:P].to_i,
+        encrypted_metadata: encmeta,
+        file_id: doc_id.first,
+      )
+      cfm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      if cfm == :AESV2
+        AesV2SecurityHandler.new(key_builder.key(password))
+      else
+        Rc4SecurityHandler.new(key_builder.key(password))
+      end
+    end
+    def self.build_v5_handler(encrypt, doc_id, password)
+      key_builder = KeyBuilderV5.new(
+        owner_key: encrypt[:O],
+        user_key: encrypt[:U],
+        owner_encryption_key: encrypt[:OE],
+        user_encryption_key: encrypt[:UE],
+      )
+      AesV3SecurityHandler.new(key_builder.key(password))
+    end
+    # This handler supports all encryption that follows upto PDF 1.5 spec (revision 4)
+    def self.standard?(encrypt)
+      return false if encrypt.nil?
+      filter = encrypt.fetch(:Filter, :Standard)
+      version = encrypt.fetch(:V, 0)
+      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
+        (version <= 3 || (version == 4 && ((algorithm == :V2) || (algorithm == :AESV2))))
+    end
+    # This handler supports both
+    # - AES-256 encryption defined in PDF 1.7 Extension Level 3 ('revision 5')
+    # - AES-256 encryption defined in PDF 2.0 ('revision 6')
+    def self.standard_v5?(encrypt)
+      return false if encrypt.nil?
+      filter = encrypt.fetch(:Filter, :Standard)
+      version = encrypt.fetch(:V, 0)
+      revision = encrypt.fetch(:R, 0)
+      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
+      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
+          ((version == 5) && (revision == 5 || revision == 6) && (algorithm == :AESV3))
+    end
+  end
+end

data/lib/pdf/reader/{standard_security_handler.rb → standard_key_builder.rb} RENAMED Viewed

@@ -1,39 +1,19 @@
 # coding: utf-8
-# typed: true
-# frozen_string_literal: true
-################################################################################
-#
-# Copyright (C) 2011 Evan J Brunner (ejbrun@appittome.com)
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-################################################################################
 require 'digest/md5'
-require 'openssl'
 require 'rc4'
 class PDF::Reader
-  # class creates interface to encrypt dictionary for use in Decrypt
-  class StandardSecurityHandler
+  # Processes the Encrypt dict from an encrypted PDF and a user provided
+  # password and returns a key that can decrypt the file.
+  #
+  # This can generate a key compatible with the following standard encryption algorithms:
+  #
+  # * Version 1-3, all variants
+  # * Version 4, V2 (RC4) and AESV2
+  #
+  class StandardKeyBuilder
     ## 7.6.3.3 Encryption Key Algorithm (pp61)
     #
@@ -45,9 +25,6 @@ class PDF::Reader
                      0x2e, 0x2e, 0x00, 0xb6, 0xd0, 0x68, 0x3e, 0x80,
                      0x2f, 0x0c, 0xa9, 0xfe, 0x64, 0x53, 0x69, 0x7a ]
-    attr_reader :key_length, :revision, :encrypt_key
-    attr_reader :owner_key, :user_key, :permissions, :file_id, :password
     def initialize(opts = {})
       @key_length    = opts[:key_length].to_i/8
       @revision      = opts[:revision].to_i
@@ -56,72 +33,30 @@ class PDF::Reader
       @permissions   = opts[:permissions].to_i
       @encryptMeta   = opts.fetch(:encrypted_metadata, true)
       @file_id       = opts[:file_id] || ""
-      @encrypt_key   = build_standard_key(opts[:password] || "")
-      @cfm           = opts[:cfm]
       if @key_length != 5 && @key_length != 16
-        msg = "StandardSecurityHandler only supports 40 and 128 bit\
+        msg = "StandardKeyBuilder only supports 40 and 128 bit\
                encryption (#{@key_length * 8}bit)"
-        raise ArgumentError, msg
+        raise UnsupportedFeatureError, msg
       end
     end
-    # This handler supports all encryption that follows upto PDF 1.5 spec (revision 4)
-    def self.supports?(encrypt)
-      return false if encrypt.nil?
-      filter = encrypt.fetch(:Filter, :Standard)
-      version = encrypt.fetch(:V, 0)
-      algorithm = encrypt.fetch(:CF, {}).fetch(encrypt[:StmF], {}).fetch(:CFM, nil)
-      (filter == :Standard) && (encrypt[:StmF] == encrypt[:StrF]) &&
-        (version <= 3 || (version == 4 && ((algorithm == :V2) || (algorithm == :AESV2))))
-    end
-    ##7.6.2 General Encryption Algorithm
-    #
-    # Algorithm 1: Encryption of data using the RC4 or AES algorithms
-    #
-    # used to decrypt RC4/AES encrypted PDF streams (buf)
+    # Takes a string containing a user provided password.
     #
-    # buf - a string to decrypt
-    # ref - a PDF::Reader::Reference for the object to decrypt
+    # If the password matches the file, then a string containing a key suitable for
+    # decrypting the file will be returned. If the password doesn't match the file,
+    # and exception will be raised.
     #
-    def decrypt( buf, ref )
-      case @cfm
-        when :AESV2
-          decrypt_aes128(buf, ref)
-        else
-          decrypt_rc4(buf, ref)
-      end
-    end
-    private
+    def key(pass)
+      pass ||= ""
+      encrypt_key   = auth_owner_pass(pass)
+      encrypt_key ||= auth_user_pass(pass)
-    # decrypt with RC4 algorithm
-    # version <=3 or (version == 4 and CFM == V2)
-    def decrypt_rc4( buf, ref )
-      objKey = @encrypt_key.dup
-      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
-      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
-      length = objKey.length < 16 ? objKey.length : 16
-      rc4 = RC4.new( Digest::MD5.digest(objKey)[0,length] )
-      rc4.decrypt(buf)
+      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
+      encrypt_key
     end
-    # decrypt with AES-128-CBC algorithm
-    # when (version == 4 and CFM == AESV2)
-    def decrypt_aes128( buf, ref )
-      objKey = @encrypt_key.dup
-      (0..2).each { |e| objKey << (ref.id >> e*8 & 0xFF ) }
-      (0..1).each { |e| objKey << (ref.gen >> e*8 & 0xFF ) }
-      objKey << 'sAlT'  # Algorithm 1, b)
-      length = objKey.length < 16 ? objKey.length : 16
-      cipher = OpenSSL::Cipher.new("AES-#{length << 3}-CBC")
-      cipher.decrypt
-      cipher.key = Digest::MD5.digest(objKey)[0,length]
-      cipher.iv = buf[0..15]
-      cipher.update(buf[16..-1]) + cipher.final
-    end
+    private
     # Pads supplied password to 32bytes using PassPadBytes as specified on
     # pp61 of spec
@@ -153,7 +88,7 @@ class PDF::Reader
       md5 = Digest::MD5.digest(pad_pass(pass))
       if @revision > 2 then
         50.times { md5 = Digest::MD5.digest(md5) }
-        keyBegins = md5[0, key_length]
+        keyBegins = md5[0, @key_length]
         #first iteration decrypt owner_key
         out = @owner_key
         #RC4 keyed with (keyBegins XOR with iteration #) to decrypt previous out
@@ -218,12 +153,5 @@ class PDF::Reader
       end
     end
-    def build_standard_key(pass)
-      encrypt_key   = auth_owner_pass(pass)
-      encrypt_key ||= auth_user_pass(pass)
-      raise PDF::Reader::EncryptedPDFError, "Invalid password (#{pass})" if encrypt_key.nil?
-      encrypt_key
-    end
   end
 end

data/lib/pdf/reader/stream.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # coding: utf-8
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 ################################################################################
@@ -62,7 +62,7 @@ class PDF::Reader
         end
         Array(hash[:Filter]).each_with_index do |filter, index|
-          @udata = Filter.with(filter, options[index]).filter(@udata)
+          @udata = Filter.with(filter, options[index] || {}).filter(@udata)
         end
       end
       @udata

data/lib/pdf/reader/type_check.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# coding: utf-8
+# typed: strict
+# frozen_string_literal: true
+module PDF
+  class Reader
+    # Cast untrusted input (usually parsed out of a PDF file) to a known type
+    #
+    class TypeCheck
+      def self.cast_to_numeric!(obj)
+        if obj.is_a?(Numeric)
+          obj
+        elsif obj.nil?
+          0
+        elsif obj.respond_to?(:to_f)
+          obj.to_f
+        elsif obj.respond_to?(:to_i)
+          obj.to_i
+        else
+          raise MalformedPDFError, "Unable to cast to numeric"
+        end
+      end
+      def self.cast_to_string!(string)
+        if string.is_a?(String)
+          string
+        elsif string.nil?
+          ""
+        elsif string.respond_to?(:to_s)
+          string.to_s
+        else
+          raise MalformedPDFError, "Unable to cast to string"
+        end
+      end
+      def self.cast_to_symbol(obj)
+        if obj.is_a?(Symbol)
+          obj
+        elsif obj.nil?
+          nil
+        elsif obj.respond_to?(:to_sym)
+          obj.to_sym
+        else
+          raise MalformedPDFError, "Unable to cast to symbol"
+        end
+      end
+    end
+  end
+end