Include MAC by default if encryption supports it

DEVSIX-8622

Author: vitali-pr

forms/src/test/java/com/itextpdf/forms/PdfEncryptionTest.java

@@ -22,6 +22,7 @@ This file is part of the iText (R) project.
  */
 package com.itextpdf.forms;
 
+import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
 import com.itextpdf.forms.fields.PdfButtonFormField;
 import com.itextpdf.forms.fields.PdfFormAnnotation;
 import com.itextpdf.forms.fields.PdfFormCreator;
@@ -42,6 +43,7 @@ This file is part of the iText (R) project.
 import com.itextpdf.test.annotations.LogMessage;
 import com.itextpdf.test.annotations.LogMessages;
 
+import java.security.Security;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
@@ -67,6 +69,7 @@ public class PdfEncryptionTest extends ExtendedITextTest {
     @BeforeAll
     public static void beforeClass() {
         createOrClearDestinationFolder(destinationFolder);
+        Security.addProvider(BouncyCastleFactoryCreator.getFactory().getProvider());
     }
 
     // Custom entry in Info dictionary is used because standard entried are gone into metadata in PDF 2.0

forms/src/test/resources/com/itextpdf/forms/PdfEncryptionTest/cmp_encryptAes256Pdf2PermissionsTest01.pdf

@@ -210,14 +210,11 @@ private byte[] getEncodedRecipient(int index) throws IOException, GeneralSecurit
         //constants permissions: PdfWriter.AllowCopy | PdfWriter.AllowPrinting | PdfWriter.AllowScreenReaders |
         // PdfWriter.AllowAssembly;
         int permission = recipient.getPermission();
-        // NOTE! Added while porting to itext
-        // Previous strange code was:
-        // int revision = 3;
-        // permission |= revision == 3 ? 0xfffff0c0 : 0xffffffc0;
-        // revision value never changed, so code have been replaced to this:
-        permission |= 0xfffff0c0;
-        permission &= 0xfffffffc;
-        permission += 1;
+        // Force set 1 to 1, 7, 8 bits and all bits above 13.
+        // Basically to all not used bits.
+        // Bit 13 we do not touch. It's handled separately in PdfEncryption.
+        // Not sure about bit 1. But we always set it to 1 so let's not change for now.
+        permission |= 0xffffe0c1;
 
         byte[] pkcs7input = new byte[24];
 

forms/src/test/resources/com/itextpdf/forms/PdfEncryptionTest/cmp_encryptAes256Pdf2PermissionsTest02.pdf

@@ -92,6 +92,17 @@ public IDecryptor getDecryptor() {
         return new AesDecryptor(nextObjectKey, 0, nextObjectKeySize);
     }
 
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public void setPermissions(int permissions, PdfDictionary encryptionDictionary) {
+        super.setPermissions(permissions, encryptionDictionary);
+
+        byte[] aes256Perms = getAes256Perms(permissions, isEncryptMetadata());
+        encryptionDictionary.put(PdfName.Perms, new PdfLiteral(StreamUtil.createEscapedString(aes256Perms)));
+    }
+
     void setAES256DicEntries(PdfDictionary encryptionDictionary, byte[] oeKey, byte[] ueKey, byte[] aes256Perms,
                                      boolean encryptMetadata, boolean embeddedFilesOnly) {
         int version = 5;
@@ -191,21 +202,7 @@ private void initKeyAndFillDictionary(PdfDictionary encryptionDictionary, byte[]
 
 
             // Algorithm 10
-            byte[] permsp = IVGenerator.getIV(16);
-            permsp[0] = (byte) permissions;
-            permsp[1] = (byte) (permissions >> 8);
-            permsp[2] = (byte) (permissions >> 16);
-            permsp[3] = (byte) (permissions >> 24);
-            permsp[4] = (byte) (255);
-            permsp[5] = (byte) (255);
-            permsp[6] = (byte) (255);
-            permsp[7] = (byte) (255);
-            permsp[8] = encryptMetadata ? (byte) 'T' : (byte) 'F';
-            permsp[9] = (byte) 'a';
-            permsp[10] = (byte) 'd';
-            permsp[11] = (byte) 'b';
-            ac = new AESCipherCBCnoPad(true, nextObjectKey);
-            aes256Perms = ac.processBlock(permsp, 0, permsp.length);
+            aes256Perms = getAes256Perms(permissions, encryptMetadata);
 
             this.permissions = permissions;
             this.encryptMetadata = encryptMetadata;
@@ -216,6 +213,28 @@ private void initKeyAndFillDictionary(PdfDictionary encryptionDictionary, byte[]
         }
     }
 
+    private byte[] getAes256Perms(int permissions, boolean encryptMetadata) {
+        byte[] aes256Perms;
+        AESCipherCBCnoPad ac;
+        byte[] permsp = IVGenerator.getIV(16);
+        permsp[0] = (byte) permissions;
+        permsp[1] = (byte) (permissions >> 8);
+        permsp[2] = (byte) (permissions >> 16);
+        permsp[3] = (byte) (permissions >> 24);
+        permsp[4] = (byte) (255);
+        permsp[5] = (byte) (255);
+        permsp[6] = (byte) (255);
+        permsp[7] = (byte) (255);
+        permsp[8] = encryptMetadata ? (byte) 'T' : (byte) 'F';
+        permsp[9] = (byte) 'a';
+        permsp[10] = (byte) 'd';
+        permsp[11] = (byte) 'b';
+        ac = new AESCipherCBCnoPad(true, nextObjectKey);
+        aes256Perms = ac.processBlock(permsp, 0, permsp.length);
+
+        return aes256Perms;
+    }
+
     private void initKeyAndReadDictionary(PdfDictionary encryptionDictionary, byte[] password) {
         try {
             if (password == null) {
@@ -235,7 +254,7 @@ private void initKeyAndReadDictionary(PdfDictionary encryptionDictionary, byte[]
             byte[] perms = getIsoBytes(encryptionDictionary.getAsString(PdfName.Perms));
             PdfNumber pValue = (PdfNumber) encryptionDictionary.get(PdfName.P);
 
-            this.permissions = pValue.longValue();
+            this.permissions = pValue.intValue();
 
             byte[] hash;
 

kernel/src/main/java/com/itextpdf/kernel/crypto/securityhandler/PubKeySecurityHandler.java

@@ -171,7 +171,7 @@ private void initKeyAndReadDictionary(PdfDictionary encryptionDictionary, byte[]
         byte[] oValue = getIsoBytes(encryptionDictionary.getAsString(PdfName.O));
 
         PdfNumber pValue = (PdfNumber) encryptionDictionary.get(PdfName.P);
-        this.permissions = pValue.longValue();
+        this.permissions = pValue.intValue();
 
         this.documentId = documentId;
         keyLength = getKeyLength(encryptionDictionary);

kernel/src/main/java/com/itextpdf/kernel/crypto/securityhandler/StandardHandlerUsingAes256.java

@@ -33,17 +33,28 @@ This file is part of the iText (R) project.
 
 public abstract class StandardSecurityHandler extends SecurityHandler {
 
-    protected static final int PERMS_MASK_1_FOR_REVISION_2 = -64;
-    protected static final int PERMS_MASK_1_FOR_REVISION_3_OR_GREATER = -8000;
-    protected static final int PERMS_MASK_2 = -4;
+    protected static final int PERMS_MASK_1_FOR_REVISION_2 = 0xffffffc0;
+    protected static final int PERMS_MASK_1_FOR_REVISION_3_OR_GREATER = 0xffffe0c0;
+    protected static final int PERMS_MASK_2 = 0xfffffffc;
 
-    protected long permissions;
+    protected int permissions;
     protected boolean usedOwnerPassword = true;
 
-    public long getPermissions() {
+    public int getPermissions() {
         return permissions;
     }
 
+    /**
+     * Updates encryption dictionary with the security permissions provided.
+     *
+     * @param permissions new permissions to set
+     * @param encryptionDictionary encryption dictionary to update
+     */
+    public void setPermissions(int permissions, PdfDictionary encryptionDictionary) {
+        this.permissions = permissions;
+        encryptionDictionary.put(PdfName.P, new PdfNumber(permissions));
+    }
+
     public boolean isUsedOwnerPassword() {
         return usedOwnerPassword;
     }

kernel/src/main/java/com/itextpdf/kernel/crypto/securityhandler/StandardHandlerUsingStandard40.java

@@ -53,9 +53,9 @@ public class PdfDocumentEvent extends Event {
     public static final String END_PAGE = "EndPdfPage";
 
     /**
-     * Dispatched before writer is flushed to a document.
+     * Dispatched before writer is closed.
      */
-    public static final String END_WRITER_FLUSH = "EndWriterFlush";
+    public static final String START_WRITER_CLOSING = "StartWriterClosing";
     /**
      * Dispatched after writer is flushed to a document.
      */

kernel/src/main/java/com/itextpdf/kernel/crypto/securityhandler/StandardSecurityHandler.java

@@ -283,6 +283,7 @@ public final class KernelExceptionMessageConstant {
     public static final String MAC_VALIDATION_EXCEPTION = "Unexpected exception occurred during MAC token validation.";
     public static final String MAC_VALIDATION_FAILED =
             "MAC integrity protection was compromised. Document content was modified.";
+    public static final String MAC_VALIDATION_NO_SALT = "MAC token validation failed. Salt is not found.";
     public static final String MISSING_REQUIRED_FIELD_IN_FONT_DICTIONARY
             = "Missing required field {0} in font dictionary.";
     public static final String MUST_BE_A_TAGGED_DOCUMENT = "Must be a tagged document.";

kernel/src/main/java/com/itextpdf/kernel/events/PdfDocumentEvent.java

@@ -122,6 +122,9 @@ public void setKdfSalt(byte[] kdfSalt) {
      * introduced to the document in question, after MAC container is integrated.
      */
     public void validateMacToken() {
+        if (kdfSalt == null) {
+            throw new MacValidationException(KernelExceptionMessageConstant.MAC_VALIDATION_NO_SALT);
+        }
         try {
             byte[] macKey = generateDecryptedKey(macContainerReader.parseMacKey());
             long[] byteRange = macContainerReader.getByteRange();
@@ -143,12 +146,12 @@ public void validateMacToken() {
 
             if (!Arrays.equals(expectedMac, actualMac) ||
                     !Arrays.equals(expectedMessageDigest, actualMessageDigest)) {
-                throw new PdfException(KernelExceptionMessageConstant.MAC_VALIDATION_FAILED);
+                throw new MacValidationException(KernelExceptionMessageConstant.MAC_VALIDATION_FAILED);
             }
         } catch (PdfException e) {
             throw e;
         } catch (Exception e) {
-            throw new PdfException(KernelExceptionMessageConstant.MAC_VALIDATION_EXCEPTION, e);
+            throw new MacValidationException(KernelExceptionMessageConstant.MAC_VALIDATION_EXCEPTION, e);
         }
     }
 
@@ -187,7 +190,7 @@ protected byte[] digestBytes(InputStream inputStream)
             return null;
         }
         final String algorithm = MacProperties.macDigestAlgorithmToString(macProperties.getMacDigestAlgorithm());
-        MessageDigest digest = DigestAlgorithms.getMessageDigest(algorithm, null);
+        MessageDigest digest = DigestAlgorithms.getMessageDigest(algorithm, BC_FACTORY.getProviderName());
         byte[] buf = new byte[8192];
         int rd;
         while ((rd = inputStream.read(buf, 0, buf.length)) > 0) {
@@ -311,7 +314,7 @@ private IDERSequence createMessageDigestSequence(byte[] messageBytes)
 
         final String algorithm = MacProperties.macDigestAlgorithmToString(macProperties.getMacDigestAlgorithm());
         // Hash messageBytes to get messageDigest attribute
-        MessageDigest digest = DigestAlgorithms.getMessageDigest(algorithm, null);
+        MessageDigest digest = DigestAlgorithms.getMessageDigest(algorithm, BC_FACTORY.getProviderName());
         digest.update(messageBytes);
         byte[] messageDigest = digestBytes(messageBytes);