Skip to main content

StandardSecurityHandler

oxidize_pdf::encryption

Struct StandardSecurityHandler 

Source 
pub struct StandardSecurityHandler {
    pub revision: SecurityHandlerRevision,
    pub key_length: usize,
}
Expand description

Standard Security Handler

Fields§

§revision: SecurityHandlerRevision

Revision

§key_length: usize

Key length in bytes

Implementations§

Source§

impl StandardSecurityHandler

Source

pub fn rc4_40bit() -> Self

Create handler for RC4 40-bit encryption

Source

pub fn rc4_128bit() -> Self

Create handler for RC4 128-bit encryption

Source

pub fn aes_256_r5() -> Self

Create handler for AES-256 encryption (Revision 5)

Source

pub fn aes_256_r6() -> Self

Create handler for AES-256 encryption (Revision 6)

Source

pub fn compute_owner_hash( &self, owner_password: &OwnerPassword, user_password: &UserPassword, ) -> Vec<u8>

Compute owner password hash (O entry)

Source

pub fn compute_user_hash( &self, user_password: &UserPassword, owner_hash: &[u8], permissions: Permissions, file_id: Option<&[u8]>, ) -> Result<Vec<u8>>

Compute user password hash (U entry)

Source

pub fn compute_encryption_key( &self, user_password: &UserPassword, owner_hash: &[u8], permissions: Permissions, file_id: Option<&[u8]>, ) -> Result<EncryptionKey>

Compute encryption key from user password

Source

pub fn encrypt_string( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Vec<u8>

Encrypt a string

Source

pub fn decrypt_string( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Vec<u8>

Decrypt a string

Source

pub fn encrypt_stream( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Vec<u8>

Encrypt a stream

Source

pub fn decrypt_stream( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Vec<u8>

Decrypt a stream

Source

pub fn encrypt_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Encrypt data using AES (for Rev 5/6)

Source

pub fn decrypt_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Decrypt data using AES (for Rev 5/6)

Source

pub fn compute_aes_encryption_key( &self, user_password: &UserPassword, owner_hash: &[u8], permissions: Permissions, file_id: Option<&[u8]>, ) -> Result<EncryptionKey>

Compute encryption key for AES Rev 5/6

Source

pub fn validate_aes_user_password( &self, password: &UserPassword, user_hash: &[u8], permissions: Permissions, file_id: Option<&[u8]>, ) -> Result<bool>

Validate user password for AES Rev 5/6

Source

pub fn compute_r5_user_hash( &self, user_password: &UserPassword, ) -> Result<Vec<u8>>

Compute R5 user password hash (U entry) - Algorithm 8

Returns 48 bytes: hash(32) + validation_salt(8) + key_salt(8)

§Algorithm
  1. Generate random validation_salt (8 bytes)
  2. Generate random key_salt (8 bytes)
  3. Compute hash: SHA-256(password + validation_salt)
  4. Apply 64 iterations of SHA-256
  5. Return hash[0..32] + validation_salt + key_salt
Source

pub fn validate_r5_user_password( &self, password: &UserPassword, u_entry: &[u8], ) -> Result<bool>

Validate R5 user password - Algorithm 11

Returns Ok(true) if password is correct, Ok(false) if incorrect.

§Algorithm
  1. Extract validation_salt from U[32..40]
  2. Compute hash: SHA-256(password + validation_salt)
  3. Apply 64 iterations of SHA-256
  4. Compare result with U[0..32] using constant-time comparison
§Security

Uses constant-time comparison (subtle::ConstantTimeEq) to prevent timing side-channel attacks that could leak password information.

Source

pub fn compute_r5_ue_entry( &self, user_password: &UserPassword, u_entry: &[u8], encryption_key: &EncryptionKey, ) -> Result<Vec<u8>>

Compute R5 UE entry (encrypted encryption key)

The UE entry stores the encryption key encrypted with a key derived from the user password.

§Algorithm
  1. Extract key_salt from U[40..48]
  2. Compute intermediate key: SHA-256(password + key_salt)
  3. Encrypt encryption_key with intermediate_key using AES-256-CBC (zero IV)
Source

pub fn recover_r5_encryption_key( &self, user_password: &UserPassword, u_entry: &[u8], ue_entry: &[u8], ) -> Result<EncryptionKey>

Recover encryption key from R5 UE entry

§Algorithm
  1. Extract key_salt from U[40..48]
  2. Compute intermediate key: SHA-256(password + key_salt)
  3. Decrypt UE with intermediate_key using AES-256-CBC (zero IV)
Source

pub fn compute_r6_user_hash( &self, user_password: &UserPassword, ) -> Result<Vec<u8>>

Compute R6 user password hash (U entry) using SHA-512

R6 uses SHA-512 (first 32 bytes) instead of SHA-256 for stronger security. Returns 48 bytes: hash(32) + validation_salt(8) + key_salt(8)

§Algorithm (ISO 32000-2)
  1. Generate random validation_salt (8 bytes)
  2. Generate random key_salt (8 bytes)
  3. Compute hash using Algorithm 2.B (ISO 32000-2:2020 §7.6.4.3.4)
  4. Return hash[0..32] + validation_salt + key_salt
Source

pub fn validate_r6_user_password( &self, password: &UserPassword, u_entry: &[u8], ) -> Result<bool>

Validate R6 user password using Algorithm 2.B (ISO 32000-2:2020 §7.6.4.3.4)

Returns Ok(true) if password is correct, Ok(false) if incorrect.

§Algorithm
  1. Extract validation_salt from U[32..40]
  2. Compute hash using Algorithm 2.B with the validation_salt
  3. Compare result with U[0..32] using constant-time comparison
§Security

Uses constant-time comparison (subtle::ConstantTimeEq) to prevent timing side-channel attacks that could leak password information.

Source

pub fn compute_r6_ue_entry( &self, user_password: &UserPassword, u_entry: &[u8], encryption_key: &EncryptionKey, ) -> Result<Vec<u8>>

Compute R6 UE entry (encrypted encryption key) using Algorithm 2.B (ISO 32000-2:2020 §7.6.4.3.4)

§Algorithm
  1. Extract key_salt from U[40..48]
  2. Compute intermediate key using Algorithm 2.B(password, key_salt, u_entry)
  3. Encrypt encryption_key using AES-256-CBC with intermediate_key and IV = 0
Source

pub fn recover_r6_encryption_key( &self, user_password: &UserPassword, u_entry: &[u8], ue_entry: &[u8], ) -> Result<EncryptionKey>

Recover encryption key from R6 UE entry using Algorithm 2.B (ISO 32000-2:2020 §7.6.4.3.4)

§Algorithm
  1. Extract key_salt from U[40..48]
  2. Compute intermediate key using Algorithm 2.B(password, key_salt, u_entry)
  3. Decrypt UE using AES-256-CBC with intermediate_key and IV = 0
Source

pub fn compute_r6_perms_entry( &self, permissions: Permissions, encryption_key: &EncryptionKey, encrypt_metadata: bool, ) -> Result<Vec<u8>>

Compute R6 Perms entry (encrypted permissions)

The Perms entry is a 16-byte value that encrypts permissions using AES-256-ECB. This allows verification that permissions haven’t been tampered with.

§Plaintext Structure (16 bytes)
  • Bytes 0-3: Permissions (P value, little-endian)
  • Bytes 4-7: 0xFFFFFFFF (fixed marker)
  • Bytes 8-10: “adb” (literal verification string)
  • Byte 11: ‘T’ or ‘F’ (EncryptMetadata flag)
  • Bytes 12-15: 0x00 (padding)
Source

pub fn validate_r6_perms( &self, perms_entry: &[u8], encryption_key: &EncryptionKey, expected_permissions: Permissions, ) -> Result<bool>

Validate R6 Perms entry by decrypting and checking structure

Returns Ok(true) if the Perms entry is valid and matches expected permissions. Returns Ok(false) if decryption succeeds but structure/permissions don’t match. Returns Err if decryption fails.

§Security

Uses constant-time comparison (subtle::ConstantTimeEq) for permissions comparison to prevent timing side-channel attacks.

Source

pub fn extract_r6_encrypt_metadata( &self, perms_entry: &[u8], encryption_key: &EncryptionKey, ) -> Result<Option<bool>>

Extract EncryptMetadata flag from decrypted Perms entry

Returns Ok(Some(true)) if EncryptMetadata=‘T’, Ok(Some(false)) if ‘F’, Ok(None) if Perms structure is invalid.

Source

pub fn compute_r5_owner_hash( &self, owner_password: &OwnerPassword, _user_password: &UserPassword, ) -> Result<Vec<u8>>

Compute R5 owner password hash (O entry)

Algorithm 9 (ISO 32000-1): Creates 48-byte O entry

  • Bytes 0-31: SHA-256(owner_password || validation_salt)
  • Bytes 32-39: validation_salt (8 random bytes)
  • Bytes 40-47: key_salt (8 random bytes)
Source

pub fn validate_r5_owner_password( &self, owner_password: &OwnerPassword, o_entry: &[u8], ) -> Result<bool>

Validate R5 owner password

Algorithm 12 (ISO 32000-1): Validates owner password against O entry

Source

pub fn compute_r5_oe_entry( &self, owner_password: &OwnerPassword, o_entry: &[u8], encryption_key: &[u8], ) -> Result<Vec<u8>>

Compute R5 OE entry (encrypted encryption key with owner password)

OE = AES-256-CBC(encryption_key, key=intermediate_key, iv=zeros) where intermediate_key = SHA-256(owner_password || key_salt)

Source

pub fn recover_r5_owner_encryption_key( &self, owner_password: &OwnerPassword, o_entry: &[u8], oe_entry: &[u8], ) -> Result<Vec<u8>>

Recover encryption key from R5 OE entry using owner password

Source

pub fn compute_r6_owner_hash( &self, owner_password: &OwnerPassword, u_entry: &[u8], ) -> Result<Vec<u8>>

Compute R6 owner password hash (O entry)

R6 uses Algorithm 2.B (complex hash) for owner password too

Source

pub fn validate_r6_owner_password( &self, owner_password: &OwnerPassword, o_entry: &[u8], u_entry: &[u8], ) -> Result<bool>

Validate R6 owner password

Uses Algorithm 2.B to validate owner password

Source

pub fn compute_r6_oe_entry( &self, owner_password: &OwnerPassword, o_entry: &[u8], u_entry: &[u8], encryption_key: &[u8], ) -> Result<Vec<u8>>

Compute R6 OE entry (encrypted encryption key with owner password)

Uses Algorithm 2.B to derive intermediate key

Source

pub fn recover_r6_owner_encryption_key( &self, owner_password: &OwnerPassword, o_entry: &[u8], u_entry: &[u8], oe_entry: &[u8], ) -> Result<Vec<u8>>

Recover encryption key from R6 OE entry using owner password

Source

pub fn compute_object_key( &self, key: &EncryptionKey, obj_id: &ObjectId, ) -> Vec<u8>

Compute object-specific encryption key (Algorithm 1, ISO 32000-1 §7.6.2)

Source

pub fn validate_user_password( &self, password: &UserPassword, user_hash: &[u8], owner_hash: &[u8], permissions: Permissions, file_id: Option<&[u8]>, ) -> Result<bool>

Validate user password (Algorithm 6, ISO 32000-1 §7.6.3.4)

Returns Ok(true) if password is correct, Ok(false) if incorrect. Returns Err only on internal errors.

Source

pub fn validate_owner_password( &self, owner_password: &OwnerPassword, owner_hash: &[u8], _user_password: &UserPassword, _permissions: Permissions, _file_id: Option<&[u8]>, u_entry: Option<&[u8]>, ) -> Result<bool>

Validate owner password (Algorithm 7, ISO 32000-1 §7.6.3.4)

Returns Ok(true) if password is correct, Ok(false) if incorrect. Returns Err only on internal errors.

Note: For owner password validation, we first decrypt the user password from the owner hash, then validate that user password.

§Parameters
  • owner_password: The owner password to validate
  • owner_hash: The O entry from the encryption dictionary
  • _user_password: Unused for R2-R4 (recovered from owner_hash), ignored for R5/R6
  • _permissions: Unused for R5/R6 (not part of validation)
  • _file_id: Unused for R5/R6 (not part of validation)
  • u_entry: Required for R6 (U entry needed for Algorithm 2.B), ignored for R2-R5

Trait Implementations§

Source§

impl SecurityHandler for StandardSecurityHandler

Standard Security Handler implementation

Source§

fn encrypt_string( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Encrypt string
Source§

fn decrypt_string( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Decrypt string
Source§

fn encrypt_stream( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Encrypt stream
Source§

fn decrypt_stream( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, ) -> Result<Vec<u8>>

Decrypt stream
Source§

fn encrypt_string_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, bits: u32, ) -> Result<Vec<u8>>

Encrypt string with AES
Source§

fn decrypt_string_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, bits: u32, ) -> Result<Vec<u8>>

Decrypt string with AES
Source§

fn encrypt_stream_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, bits: u32, ) -> Result<Vec<u8>>

Encrypt stream with AES
Source§

fn decrypt_stream_aes( &self, data: &[u8], key: &EncryptionKey, obj_id: &ObjectId, bits: u32, ) -> Result<Vec<u8>>

Decrypt stream with AES

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more