Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify AES-256 encryption support #380

Open
thmclellan opened this issue Apr 5, 2024 · 1 comment
Open

Clarify AES-256 encryption support #380

thmclellan opened this issue Apr 5, 2024 · 1 comment

Comments

@thmclellan
Copy link
Contributor

thmclellan commented Apr 5, 2024
edited

Does Muhammara support AES-256 encryption? That seems to be recommended as part of PDF 2.0 standard, and I see references to AES-256 here, but it doesn't seem to work with a test file:

MuhammaraJS/src/deps/LibAesgm/aescpp.h

Line 45 in 3392b8f

#if defined(AES_256)

For example, an AES-256 encrypted file opens fine in Mac Preview, but generates an error when you try to open it with a user password in the muhammara 4.x.

I wondered if maybe there's existing support for AES-256 in CBC (Cipher Block Chaining) mode or CFB (Cipher Feedback) mode but not both, if it's an environment dependency issue (running on Ubuntu / Heroku), or some other known issue related to some of these encrypted files. I can spend some time on this if you could point me in the right direction. Thanks
@thmclellan
Copy link
Contributor Author

thmclellan commented Apr 5, 2024
edited

I did a bit more digging and should have realized that earlier AES-256 reference was just to do a crypto dependency. Looking at PDFWriter's DecryptionHelper.cpp L127, you can see that only encryption algorithms of V1, V2, and V4 are supported:

MuhammaraJS/src/deps/PDFWriter/DecryptionHelper.cpp

Line 127 in 3392b8f

if (mV != 1 && mV != 2 && mV != 4) {

QPdf has a nice summary of the encryption algorithm parameters V and R at https://qpdf.readthedocs.io/en/stable/encryption.html#pdf-encryption-details.

Muhammara/PDFWriter seems to support RC4 (legacy encryption 40 to 128 bits) and AES-128 encryption but not AES-256.

The example file I sent earlier had V = 5 and R = 6 but was actually PDF 1.7 (removed). I found a better set of test files on PDF Association site at https://pdfa.org/wp-content/uploads/2023/01/crypto-extensions-samples.zip with background at https://pdfa.org/pdf-2-0-modernizes-cryptographic-support/. It seems like AES-256 CBC support is the most popular encryption method with the PDF 2.0 spec and AES-256 GCM was added to the spec in June 2023 (https://pdfa.org/pdf-20-adds-aes-gcm-support/). AES-256 GCM doesn't seem to be supported by Acrobat Reader or Mac Preview yet.

It sounds like there's some extra complexity around whether the userpassword and ownerpassword are the same or different, per the above QPDF page and the PDF Association's sample files.

Anyway, I'm realizing adding more encryption support might be a bigger effort and require more C++ skills, but in any case wanted to share what I'm seeing. Here attached are the PDF 2.0 AES 256 CBC file (both user and owner passwords are 'secret') and the AES 128 file (pass 123123, works fine in Muhammara).

aes-128-v4-r4-pass-123123.pdf
aes-cbc-256-v5-r6-standard-pass-secret.pdf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@thmclellan