2
1
mirror of https://github.com/qpdf/qpdf.git synced 2025-01-08 17:24:06 +00:00
qpdf/TODO
Jay Berkenbilt c13bc66de8 checkpoint -- partially implemented /V=4 encryption
git-svn-id: svn+q:///qpdf/trunk@811 71b93d88-0707-0410-a8cf-f5a4172ac649
2009-10-17 18:54:51 +00:00

171 lines
7.3 KiB
Plaintext

2.1
===
* Update documentation to reflect new command line flags and any
other relevant changes. Should read through ChangeLog and the
manual before releasing 2.1.
* Update release documentation to remember not to include debugging
in the Windows release and to strip the DLL and executables.
Consider making the "install" target do something useful for
Windows. Update README.windows in this case including taking out
the mention of strip since it should be handled by the install
step. Determine whether -g with strip is different from not -g
with strip.
* Add comments for the security functions that map them back to the
items in Adobe's products.
* Have force version at least turn off object streams and maybe
change security settings?
* Add error codes to QPDFException. Change the error interface so
that warnings and errors are pointers that can be queried using
more C API functions. We need a way to get a full string as well
as an error code, file name, offset, and message. We should go
through all error messages to try to include all these fields as
appropriate. Make sure invalid password is specifically
detectable. I/O errors and so forth should also be
distinguishable. Make sure all errors include information about
the most recent read location including byte offset and
object/generation number.
* It might be nice to be able to trap I/O errors separately from
other errors; especially be able to separate errors that the user
can fix (like permission errors) from errors that they probably
can't fix like corrupted PDF files, unsupported filters, or
internal errors. However, only QPDF::processFile(), which does the
initial read, and QPDFWriter::QPDFWriter(), which does the initial
write, are at all likely to generate such errors for a case other
than a catastrophic failure.
* "Delphi wrapper unit 'qpdf.pas' created by Zarko Gajic
(http://delphi.about.com). .. use at your own risk and for whatever
the purpose you want .. no support provided. Sample code provided."
* Implement as much of R = 4 encryption as possible. Already able to
decode AES-128-CBC and check passwords.
aes test suite: use fips-197 test vector with cbc disabled; encrypt
and decrypt some other files including multiples of 16 and not to
test cbc mode.
/Encrypt keys (if V == 4)
/StmF - name of crypt filter for streams; default /Identity
/StrF - name of crypt filter for strings; default /Identity
/EFF - crypt filter for embedded files without their own crypt
filters; default is to use /StmF
/CF - keys are crypt filter names, values are are crypt
dictionaries
Individual streams may also have crypt filters. Filter type
/Crypt; /DecodeParms must contain a Crypt filter decode
parameters dictionary whose /Name entry specifies the particular
filter to be used. If /Name is missing, use /Identity.
/DecodeParms << /Crypt << /Name /XYZ >> >> where /XYZ is
/Identity or a key in /CF.
/Identity means not to encrypt.
Crypt Dictionaries
/Type (optional) /CryptFilter
/CFM:
/V2 - use rc4
/AESV2 - use aes
/Length - supposed to be key length, but the one file I have
has a bogus value for it, so I'm ignoring it.
We will ignore remaining fields and values.
Remember to honor /EncryptMetadata; applies to streams of /Type
/Metadata
When we write encrypted files, we must remember to omit any
encryption filter settings from original streams.
2.2
===
* Add ability to create new streams or replace stream data. Consider
stream data sources to include a file and offset, a buffer, or a
some kind of callback mechanism. Find messages exchanged with
Stefan Heinsen <stefan.heinsen@gmx.de> in August, 2009. He seems
to like to send encrypted mail. (key 01FCC336)
* Look at page splitting.
General
=======
* The second xref stream for linearized files has to be padded only
because we need file_size as computed in pass 1 to be accurate. If
we were not allowing writing to a pipe, we could seek back to the
beginning and fill in the value of /L in the linearization
dictionary as an optimization to alleviate the need for this
padding. Doing so would require us to pad the /L value
individually and also to save the file descriptor and determine
whether it's seekable. This is probably not worth bothering with.
* The whole xref handling code in the QPDF object allows the same
object with more than one generation to coexist, but a lot of logic
assumes this isn't the case. Anything that creates mappings only
with the object number and not the generation is this way,
including most of the interaction between QPDFWriter and QPDF. If
we wanted to allow the same object with more than one generation to
coexist, which I'm not sure is allowed, we could fix this by
changing xref_table. Alternatively, we could detect and disallow
that case. In fact, it appears that Adobe reader and other PDF
viewing software silently ignores objects of this type, so this is
probably not a big deal.
* Pl_PNGFilter is only partially implemented. If we ever decoded
images, we'd have to finish implementing it along with the other
filter decode parameters and types. For just handling xref
streams, there's really no need as it wouldn't make sense to use
any kind of predictor other than 12 (PNG UP filter).
* If we ever want to have check mode check the integrity of the free
list, this can be done by looking at the code from prior to the
object stream support of 4/5/2008. It's in an if (0) block and
there's a comment about it. There's also something about it in
qpdf.test -- search for "free table". On the other hand, the value
of doing this seems very low since no viewer seems to care, so it's
probably not worth it.
* Embedded file streams: figure out why running qpdf over the pdf 1.7
spec results in a file that crashes acrobat reader when you try to
save nested documents.
* QPDFObjectHandle::getPageImages() doesn't notice images in
inherited resource dictionaries. See comments in that function.
* Based on an idea suggested by user "Atom Smasher", consider
providing some mechanism to recover earlier versions of a file
embedded prior to appended sections.
Splitting by Pages
==================
Although qpdf does not currently support splitting a file into pages,
the work done for linearization covers almost all the work. To do
page splitting. If this functionality is needed, study
obj_user_to_objects and object_to_obj_users created in
QPDF_optimization for ideas. It's quite possible that the information
computed by calculateLinearizationData is actually sufficient to do
page splitting in many circumstances. That code knows which objects
are used by which pages, though it doesn't do anything page-specific
with outlines, thumbnails, page labels, or anything else.
Another approach would be to traverse only pages that are being output
taking care not to traverse into the pages tree, and then to fabricate
a new pages tree.
Either way, care must be taken to handle other things such as
outlines, page labels, thumbnails, threads, zones, etc. in a sensible
way. This may include simply omitting information other than page
content.