From f364d9dce487c2fdfdc40728d80700217222c7c4 Mon Sep 17 00:00:00 2001 From: Markus Wanner Date: Mon, 23 Jan 2023 21:37:09 +0100 Subject: [PATCH] Update aes dependency from 0.7.5 to 0.8.2 and adjust accordingly. --- pdf/Cargo.toml | 4 ++-- pdf/src/crypt.rs | 31 ++++++++++++++----------------- 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/pdf/Cargo.toml b/pdf/Cargo.toml index e208935f..56294afc 100644 --- a/pdf/Cargo.toml +++ b/pdf/Cargo.toml @@ -29,8 +29,8 @@ log = "0.4.14" tempfile = { version = "3.2.0", optional = true } md5 = "0.7" jpeg-decoder = { version = "0.3.0", default-features = false } -aes = "0.7.5" -block-modes = "0.8.1" +aes = "0.8.2" +cbc = "0.1" stringprep = "0.1.2" sha2 = "0.10.2" fax = "0.2.0" diff --git a/pdf/src/crypt.rs b/pdf/src/crypt.rs index 117888da..bfdc4902 100644 --- a/pdf/src/crypt.rs +++ b/pdf/src/crypt.rs @@ -2,9 +2,8 @@ use crate as pdf; use aes::cipher::generic_array::{sequence::Split, GenericArray}; -use aes::{Aes128, Aes256, NewBlockCipher}; -use block_modes::block_padding::{NoPadding, Pkcs7}; -use block_modes::{BlockMode, Cbc}; +use aes::cipher::{BlockDecryptMut, BlockEncryptMut, KeyIvInit}; +use aes::cipher::block_padding::{NoPadding, Pkcs7}; use sha2::{Digest, Sha256, Sha384, Sha512}; use std::fmt; use std::collections::HashMap; @@ -12,7 +11,10 @@ use datasize::DataSize; use crate::object::PlainRef; use crate::primitive::{Dictionary, PdfString, Name}; use crate::error::{PdfError, Result}; -use std::cmp::min; + +type Aes128CbcEnc = cbc::Encryptor; +type Aes128CbcDec = cbc::Decryptor; +type Aes256CbcDec = cbc::Decryptor; const PADDING: [u8; 32] = [ 0x28, 0xBF, 0x4E, 0x5E, 0x4E, 0x75, 0x8A, 0x41, @@ -451,10 +453,8 @@ impl Decoder { }; let zero_iv = GenericArray::from_slice(&[0u8; 16]); - let key_unwrap_cipher: Cbc = - Cbc::new(Aes256::new(&intermediate_key), zero_iv); - let key_slice = t!(key_unwrap_cipher - .decrypt(&mut wrapped_key) + let key_slice = t!(Aes256CbcDec::new(&intermediate_key, zero_iv) + .decrypt_padded_mut::(&mut wrapped_key) .map_err(|_| PdfError::InvalidPassword)); let mut key = [0u8; 32]; key.copy_from_slice(key_slice); @@ -487,8 +487,7 @@ impl Decoder { let mut i = 0; while i < 64 || i < data[data_total_len - 1] as usize + 32 { - let aes: Cbc = Cbc::new(Aes128::new(&key), &iv); - + let aes = Aes128CbcEnc::new(&key, &iv); let data_repeat_len = password.len() + block_size + u.len(); data[..password.len()].copy_from_slice(password); data[password.len()..password.len() + block_size].copy_from_slice(&block[..block_size]); @@ -500,7 +499,7 @@ impl Decoder { // The plaintext length will always be a multiple of the block size, unwrap is okay let encrypted = aes - .encrypt(&mut data[..data_total_len], data_total_len) + .encrypt_padded_mut::(&mut data[..data_total_len], data_total_len) .unwrap(); let sum: usize = encrypted[..16].iter().map(|byte| *byte as usize).sum(); @@ -580,28 +579,26 @@ impl Decoder { let key = *md5::compute(&key[..n + 9]); // d) - type Aes128Cbc = Cbc; let key = &key[..(n + 5).min(16)]; if data.len() < 16 { return Err(PdfError::DecryptionFailure); } let (iv, ciphertext) = data.split_at_mut(16); let cipher = - t!(Aes128Cbc::new_from_slices(key, iv).map_err(|_| PdfError::DecryptionFailure)); + t!(Aes128CbcDec::new_from_slices(key, iv).map_err(|_| PdfError::DecryptionFailure)); Ok(t!(cipher - .decrypt(ciphertext) + .decrypt_padded_mut::(ciphertext) .map_err(|_| PdfError::DecryptionFailure))) } CryptMethod::AESV3 => { - type Aes256Cbc = Cbc; if data.len() < 16 { return Err(PdfError::DecryptionFailure); } let (iv, ciphertext) = data.split_at_mut(16); let cipher = - t!(Aes256Cbc::new_from_slices(self.key(), iv).map_err(|_| PdfError::DecryptionFailure)); + t!(Aes256CbcDec::new_from_slices(self.key(), iv).map_err(|_| PdfError::DecryptionFailure)); Ok(t!(cipher - .decrypt(ciphertext) + .decrypt_padded_mut::(ciphertext) .map_err(|_| PdfError::DecryptionFailure))) } }