octoleo/qpdf
2
1
Fork 0
mirror of https://github.com/qpdf/qpdf.git synced 2025-01-23 15:18:33 +00:00
Code Issues Releases Wiki Activity

Improve password handling

Browse Source 
Use --encryption-file-password, if given, in addition to --password as
a source for passwords for files specified in --pages.
This commit is contained in:
Jay Berkenbilt 2012-07-29 13:22:37 -04:00
parent f83bddf882
commit bde98044f4
5 changed files with 41 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
manual/qpdf-manual.xml
View File

@ -586,20 +586,16 @@ make
</para> </para>
<para> <para>
For each file that pages should be taken from, specify the file, a For each file that pages should be taken from, specify the file, a
password needed to open the file (if needed), and a page range. password needed to open the file (if any), and a page range. The
If the primary input file file requires a password, that password password needs to be given only once per file. If any of the
must be specified outside the <option>--pages</option> option and input files are the same as the primary input file or the file
does not need to be repeated inside the <option>--pages</option>. used to copy encryption parameters (if specified), you do not need
The same file can be repeated multiple times. If a file that is to repeat the password here. The same file can be repeated
repeated has a password, the password only has to be given the multiple times. If a file that is repeated has a password, the
first time. All non-page data (info, outlines, page numbers, password only has to be given the first time. All non-page data
etc.) are taken from the primary input file. To discard these, (info, outlines, page numbers, etc.) are taken from the primary
use <option>--empty</option> as the primary input. One subtlety input file. To discard these, use <option>--empty</option> as the
about specifying passwords is that specifying a password as primary input.
<option>--encryption-file-password</option> doesn't prevent you
from having to repeat that password of that is also one of the
input files. If in doubt, it's never an error to specify the
password multiple times.
</para> </para>
<para> <para>
It is not presently possible to specify the same page from the It is not presently possible to specify the same page from the

30
qpdf/qpdf.cc
View File

@ -152,13 +152,14 @@ starting point, but its pages are replaced with pages as specified.\n\
--pages file [ --password=password ] page-range ... --\n\ --pages file [ --password=password ] page-range ... --\n\
\n\ \n\
For each file that pages should be taken from, specify the file, a\n\ For each file that pages should be taken from, specify the file, a\n\
password needed to open the file (if needed), and a page range. The\n\ password needed to open the file (if any), and a page range. The\n\
password needs to be given only once per file. If the input file file\n\ password needs to be given only once per file. If any of the input\n\
requires a password, that password must be specified outside the\n\ files are the same as the primary input file or the file used to copy\n\
--pages option and does not need to be repeated. The same file can be\n\ encryption parameters (if specified), you do not need to repeat the\n\
repeated multiple times. All non-page data (info, outlines, page numbers,\n\ password here. The same file can be repeated multiple times. All\n\
etc. are taken from the primary input file. To discard this, use --empty\n\ non-page data (info, outlines, page numbers, etc. are taken from the\n\
as the primary input.\n\ primary input file. To discard this, use --empty as the primary\n\
input.\n\
\n\ \n\
The page range is a set of numbers separated by commas, ranges of\n\ The page range is a set of numbers separated by commas, ranges of\n\
numbers separated dashes, or combinations of those. The character\n\ numbers separated dashes, or combinations of those. The character\n\
@ -880,13 +881,13 @@ int main(int argc, char* argv[])
exit(0); exit(0);
} }
char const* password = ""; char const* password = 0;
bool linearize = false; bool linearize = false;
bool decrypt = false; bool decrypt = false;
bool copy_encryption = false; bool copy_encryption = false;
char const* encryption_file = 0; char const* encryption_file = 0;
char const* encryption_file_password = ""; char const* encryption_file_password = 0;
bool encrypt = false; bool encrypt = false;
std::string user_password; std::string user_password;
@ -1282,7 +1283,7 @@ int main(int argc, char* argv[])
if (filter && if (filter &&
(! obj.pipeStreamData(0, true, false, false))) (! obj.pipeStreamData(0, true, false, false)))
{ {
QTC::TC("qpdf", "unable to filter"); QTC::TC("qpdf", "qpdf unable to filter");
std::cerr << "Unable to filter stream data." std::cerr << "Unable to filter stream data."
<< std::endl; << std::endl;
exit(EXIT_ERROR); exit(EXIT_ERROR);
@ -1445,8 +1446,15 @@ int main(int argc, char* argv[])
PointerHolder<QPDF> qpdf_ph = new QPDF(); PointerHolder<QPDF> qpdf_ph = new QPDF();
page_heap.push_back(qpdf_ph); page_heap.push_back(qpdf_ph);
QPDF* qpdf = qpdf_ph.getPointer(); QPDF* qpdf = qpdf_ph.getPointer();
char const* password = page_spec.password;
if (encryption_file && (password == 0) &&
(page_spec.filename == encryption_file))
{
QTC::TC("qpdf", "qpdf pages encryption password");
password = encryption_file_password;
}
qpdf->processFile( qpdf->processFile(
page_spec.filename.c_str(), page_spec.password); page_spec.filename.c_str(), password);
page_spec_qpdfs[page_spec.filename] = qpdf; page_spec_qpdfs[page_spec.filename] = qpdf;
} }

3
qpdf/qpdf.testcov
View File

@ -113,7 +113,7 @@ QPDFObjectHandle indirect to unknown 0
QPDF_Stream pipeStreamData with null pipeline 0 QPDF_Stream pipeStreamData with null pipeline 0
QPDFWriter not recompressing /FlateDecode 0 QPDFWriter not recompressing /FlateDecode 0
QPDF_encryption xref stream from encrypted file 0 QPDF_encryption xref stream from encrypted file 0
unable to filter 0 qpdf unable to filter 0
QPDF_String non-trivial UTF-16 0 QPDF_String non-trivial UTF-16 0
QPDF xref overwrite object 0 QPDF xref overwrite object 0
QPDF decoding error warning 0 QPDF decoding error warning 0
@ -237,3 +237,4 @@ QPDFWriter foreign object 0
QPDFWriter copy use_aes 1 QPDFWriter copy use_aes 1
QPDFObjectHandle indirect without context 0 QPDFObjectHandle indirect without context 0
QPDFObjectHandle trailing data in parse 0 QPDFObjectHandle trailing data in parse 0
qpdf pages encryption password 0

11
qpdf/qtest/qpdf.test
View File

@ -424,7 +424,7 @@ foreach my $d (@nrange_tests)
# ---------- # ----------
$td->notify("--- Merging and Splitting ---"); $td->notify("--- Merging and Splitting ---");
$n_tests += 4; $n_tests += 6;
# Select pages from the same file multiple times including selecting # Select pages from the same file multiple times including selecting
# twice from an encrypted file and specifying the password only the # twice from an encrypted file and specifying the password only the
@ -460,6 +460,15 @@ $td->runtest("merge three files",
$td->runtest("check output", $td->runtest("check output",
{$td->FILE => "a.pdf"}, {$td->FILE => "a.pdf"},
{$td->FILE => "merge-three-files-2.pdf"}); {$td->FILE => "merge-three-files-2.pdf"});
$td->runtest("avoid respecification of password",
{$td->COMMAND =>
"qpdf --empty a.pdf --copy-encryption=20-pages.pdf" .
" --encryption-file-password=user" .
" --pages 20-pages.pdf 1,z -- --static-id"},
{$td->STRING => "", $td->EXIT_STATUS => 0});
$td->runtest("check output",
{$td->FILE => "a.pdf"},
{$td->FILE => "pages-copy-encryption.pdf"});
# ---------- # ----------
$td->notify("--- PDF From Scratch ---"); $td->notify("--- PDF From Scratch ---");
$n_tests += 2; $n_tests += 2;

BIN
qpdf/qtest/qpdf/pages-copy-encryption.pdf Normal file
View File

Binary file not shown.