Convert additional library files to TypeScript

- Convert pdfsecurity.ts: PDF encryption with typed class and permissions
- Convert FileSaver.ts: File saving utilities with proper option types
- Convert rgbcolor.ts: Color parsing class with TypeScript types

All conversions use ES6 classes instead of constructor functions,
add proper type annotations for parameters and return values, and
maintain backward compatibility with original functionality.

Author: claude

src/libs/FileSaver.ts

@@ -0,0 +1,202 @@
+/**
+ * @license
+ * FileSaver.js
+ * A saveAs() FileSaver implementation.
+ *
+ * By Eli Grey, http://eligrey.com
+ *
+ * License : https://github.com/eligrey/FileSaver.js/blob/master/LICENSE.md (MIT)
+ * source  : http://purl.eligrey.com/github/FileSaver.js
+ */
+
+import { globalObject as _global } from "./globalObject.js";
+import { console } from "./console.js";
+
+interface SaveAsOptions {
+  autoBom?: boolean;
+}
+
+function bom(blob: Blob, opts?: SaveAsOptions | boolean): Blob {
+  let options: SaveAsOptions;
+  if (typeof opts === "undefined") {
+    options = { autoBom: false };
+  } else if (typeof opts !== "object") {
+    console.warn("Deprecated: Expected third argument to be a object");
+    options = { autoBom: !opts };
+  } else {
+    options = opts;
+  }
+
+  // prepend BOM for UTF-8 XML and text/* types (including HTML)
+  // note: your browser will automatically convert UTF-16 U+FEFF to EF BB BF
+  if (
+    options.autoBom &&
+    /^\s*(?:text\/\S*|application\/xml|\S*\/\S*\+xml)\s*;.*charset\s*=\s*utf-8/i.test(
+      blob.type
+    )
+  ) {
+    return new Blob([String.fromCharCode(0xfeff), blob], { type: blob.type });
+  }
+  return blob;
+}
+
+function download(url: string, name: string, opts?: SaveAsOptions): void {
+  const xhr = new XMLHttpRequest();
+  xhr.open("GET", url);
+  xhr.responseType = "blob";
+  xhr.onload = function() {
+    saveAs(xhr.response, name, opts);
+  };
+  xhr.onerror = function() {
+    console.error("could not download file");
+  };
+  xhr.send();
+}
+
+function corsEnabled(url: string): boolean {
+  const xhr = new XMLHttpRequest();
+  // use sync to avoid popup blocker
+  xhr.open("HEAD", url, false);
+  try {
+    xhr.send();
+  } catch (e) {}
+  return xhr.status >= 200 && xhr.status <= 299;
+}
+
+// `a.click()` doesn't work for all browsers (#465)
+function click(node: HTMLAnchorElement): void {
+  try {
+    node.dispatchEvent(new MouseEvent("click"));
+  } catch (e) {
+    const evt = document.createEvent("MouseEvents");
+    evt.initMouseEvent(
+      "click",
+      true,
+      true,
+      window,
+      0,
+      0,
+      0,
+      80,
+      20,
+      false,
+      false,
+      false,
+      false,
+      0,
+      null
+    );
+    node.dispatchEvent(evt);
+  }
+}
+
+type SaveAsFunction = (blob: Blob | string, name?: string, opts?: SaveAsOptions, popup?: Window | null) => void;
+
+const saveAs: SaveAsFunction =
+  _global.saveAs ||
+  // probably in some web worker
+  (typeof window !== "object" || window !== _global
+    ? function saveAs(): void {
+        /* noop */
+      }
+    : // Use download attribute first if possible (#193 Lumia mobile) unless this is a native app
+    typeof HTMLAnchorElement !== "undefined" &&
+      "download" in HTMLAnchorElement.prototype
+    ? function saveAs(blob: Blob | string, name?: string, opts?: SaveAsOptions): void {
+        const URL = _global.URL || _global.webkitURL;
+        const a = document.createElement("a");
+        name = name || (blob as any).name || "download";
+
+        a.download = name;
+        a.rel = "noopener"; // tabnabbing
+
+        // TODO: detect chrome extensions & packaged apps
+        // a.target = '_blank'
+
+        if (typeof blob === "string") {
+          // Support regular links
+          a.href = blob;
+          if (a.origin !== location.origin) {
+            corsEnabled(a.href)
+              ? download(blob, name, opts)
+              : click(a as any);
+          } else {
+            click(a);
+          }
+        } else {
+          // Support blobs
+          a.href = URL.createObjectURL(blob);
+          setTimeout(function() {
+            URL.revokeObjectURL(a.href);
+          }, 4e4); // 40s
+          setTimeout(function() {
+            click(a);
+          }, 0);
+        }
+      }
+    : // Use msSaveOrOpenBlob as a second approach
+    "msSaveOrOpenBlob" in navigator
+    ? function saveAs(blob: Blob | string, name?: string, opts?: SaveAsOptions): void {
+        name = name || (blob as any).name || "download";
+
+        if (typeof blob === "string") {
+          if (corsEnabled(blob)) {
+            download(blob, name, opts);
+          } else {
+            const a = document.createElement("a");
+            a.href = blob;
+            a.target = "_blank";
+            setTimeout(function() {
+              click(a);
+            });
+          }
+        } else {
+          (navigator as any).msSaveOrOpenBlob(bom(blob, opts), name);
+        }
+      }
+    : // Fallback to using FileReader and a popup
+      function saveAs(blob: Blob | string, name?: string, opts?: SaveAsOptions, popup?: Window | null): void {
+        // Open a popup immediately do go around popup blocker
+        // Mostly only available on user interaction and the fileReader is async so...
+        popup = popup || open("", "_blank");
+        if (popup) {
+          popup.document.title = popup.document.body.innerText =
+            "downloading...";
+        }
+
+        if (typeof blob === "string") return download(blob, name, opts);
+
+        const force = blob.type === "application/octet-stream";
+        const isSafari =
+          /constructor/i.test((_global as any).HTMLElement) || (_global as any).safari;
+        const isChromeIOS = /CriOS\/[\d]+/.test(navigator.userAgent);
+
+        if (
+          (isChromeIOS || (force && isSafari)) &&
+          typeof FileReader === "object"
+        ) {
+          // Safari doesn't allow downloading of blob URLs
+          const reader = new FileReader();
+          reader.onloadend = function() {
+            let url = reader.result as string;
+            url = isChromeIOS
+              ? url
+              : url.replace(/^data:[^;]*;/, "data:attachment/file;");
+            if (popup) popup.location.href = url;
+            else (location as any) = url;
+            popup = null; // reverse-tabnabbing #460
+          };
+          reader.readAsDataURL(blob);
+        } else {
+          const URL = _global.URL || _global.webkitURL;
+          const url = URL.createObjectURL(blob);
+          if (popup) (popup.location as any) = url;
+          else location.href = url;
+          popup = null; // reverse-tabnabbing #460
+          setTimeout(function() {
+            URL.revokeObjectURL(url);
+          }, 4e4); // 40s
+        }
+      });
+
+export { saveAs };

src/libs/pdfsecurity.ts

@@ -0,0 +1,176 @@
+/**
+ * @license
+ * Licensed under the MIT License.
+ * http://opensource.org/licenses/mit-license
+ * Author: Owen Leong (@owenl131)
+ * Date: 15 Oct 2020
+ * References:
+ * https://www.cs.cmu.edu/~dst/Adobe/Gallery/anon21jul01-pdf-encryption.txt
+ * https://github.com/foliojs/pdfkit/blob/master/lib/security.js
+ * http://www.fpdf.org/en/script/script37.php
+ */
+
+import { md5Bin } from "./md5.js";
+import { rc4 } from "./rc4.js";
+
+type Permission = "print" | "modify" | "copy" | "annot-forms";
+
+const permissionOptions: Record<Permission, number> = {
+  print: 4,
+  modify: 8,
+  copy: 16,
+  "annot-forms": 32
+};
+
+/**
+ * Initializes encryption settings
+ *
+ * @name constructor
+ * @function
+ * @param {Array} permissions Permissions allowed for user, "print", "modify", "copy" and "annot-forms".
+ * @param {String} userPassword Permissions apply to this user. Leaving this empty means the document
+ *                              is not password protected but viewer has the above permissions.
+ * @param {String} ownerPassword Owner has full functionalities to the file.
+ * @param {String} fileId As hex string, should be same as the file ID in the trailer.
+ * @example
+ * var security = new PDFSecurity(["print"])
+ */
+class PDFSecurity {
+  v: number;
+  r: number;
+  padding: string;
+  O: string;
+  P: number;
+  encryptionKey: string;
+  U: string;
+
+  constructor(permissions: Permission[], userPassword: string, ownerPassword: string, fileId: string) {
+    this.v = 1; // algorithm 1, future work can add in more recent encryption schemes
+    this.r = 2; // revision 2
+
+    // set flags for what functionalities the user can access
+    let protection = 192;
+    permissions.forEach((perm) => {
+      if (typeof permissionOptions[perm] === "undefined") {
+        throw new Error("Invalid permission: " + perm);
+      }
+      protection += permissionOptions[perm];
+    });
+
+    // padding is used to pad the passwords to 32 bytes, also is hashed and stored in the final PDF
+    this.padding =
+      "\x28\xBF\x4E\x5E\x4E\x75\x8A\x41\x64\x00\x4E\x56\xFF\xFA\x01\x08" +
+      "\x2E\x2E\x00\xB6\xD0\x68\x3E\x80\x2F\x0C\xA9\xFE\x64\x53\x69\x7A";
+    const paddedUserPassword = (userPassword + this.padding).substr(0, 32);
+    const paddedOwnerPassword = (ownerPassword + this.padding).substr(0, 32);
+
+    this.O = this.processOwnerPassword(paddedUserPassword, paddedOwnerPassword);
+    this.P = -((protection ^ 255) + 1);
+    this.encryptionKey = md5Bin(
+      paddedUserPassword +
+        this.O +
+        this.lsbFirstWord(this.P) +
+        this.hexToBytes(fileId)
+    ).substr(0, 5);
+    this.U = rc4(this.encryptionKey, this.padding);
+  }
+
+  /**
+   * Breaks down a 4-byte number into its individual bytes, with the least significant bit first
+   *
+   * @name lsbFirstWord
+   * @function
+   * @param {number} data 32-bit number
+   * @returns {string}
+   */
+  lsbFirstWord(data: number): string {
+    return String.fromCharCode(
+      (data >> 0) & 0xff,
+      (data >> 8) & 0xff,
+      (data >> 16) & 0xff,
+      (data >> 24) & 0xff
+    );
+  }
+
+  /**
+   * Converts a byte string to a hex string
+   *
+   * @name toHexString
+   * @function
+   * @param {string} byteString Byte string
+   * @returns {string}
+   */
+  toHexString(byteString: string): string {
+    return byteString
+      .split("")
+      .map((byte) => {
+        return ("0" + (byte.charCodeAt(0) & 0xff).toString(16)).slice(-2);
+      })
+      .join("");
+  }
+
+  /**
+   * Converts a hex string to a byte string
+   *
+   * @name hexToBytes
+   * @function
+   * @param {string} hex Hex string
+   * @returns {string}
+   */
+  hexToBytes(hex: string): string {
+    const bytes: string[] = [];
+    for (let c = 0; c < hex.length; c += 2) {
+      bytes.push(String.fromCharCode(parseInt(hex.substr(c, 2), 16)));
+    }
+    return bytes.join("");
+  }
+
+  /**
+   * Computes the 'O' field in the encryption dictionary
+   *
+   * @name processOwnerPassword
+   * @function
+   * @param {string} paddedUserPassword Byte string of padded user password
+   * @param {string} paddedOwnerPassword Byte string of padded owner password
+   * @returns {string}
+   */
+  processOwnerPassword(
+    paddedUserPassword: string,
+    paddedOwnerPassword: string
+  ): string {
+    const key = md5Bin(paddedOwnerPassword).substr(0, 5);
+    return rc4(key, paddedUserPassword);
+  }
+
+  /**
+   * Returns an encryptor function which can take in a byte string and returns the encrypted version
+   *
+   * @name encryptor
+   * @function
+   * @param {number} objectId
+   * @param {number} generation Not sure what this is for, you can set it to 0
+   * @returns {Function}
+   * @example
+   * out("stream");
+   * encryptor = security.encryptor(object.id, 0);
+   * out(encryptor(data));
+   * out("endstream");
+   */
+  encryptor(objectId: number, generation: number): (data: string) => string {
+    const key = md5Bin(
+      this.encryptionKey +
+        String.fromCharCode(
+          objectId & 0xff,
+          (objectId >> 8) & 0xff,
+          (objectId >> 16) & 0xff,
+          generation & 0xff,
+          (generation >> 8) & 0xff
+        )
+    ).substr(0, 10);
+    return function(data: string): string {
+      return rc4(key, data);
+    };
+  }
+}
+
+export { PDFSecurity };