Adobe 12020596 User Guide - Page 18
Encryption Key Algorithm
View all Adobe 12020596 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 18 highlights
Adobe Acrobat SDK Adobe® Supplement to the ISO 32000 Syntax (Chapter 3 in PDF Reference) 3.5.2 Standard Security Handler 18 TABLE 3.19 Additional encryption dictionary entries for the standard security handler KEY TYPE VALUE Perms string (ExtensionLevel 3; required if R is 5) A16-byte string, encrypted with the file encryption key, that contains an encrypted copy of the permission flags. For more information, see "Password Algorithms" on page 126. EncryptMetadata boolean (Optional; meaningful only when the value of V is 4 or 5; PDF 1.5) Indicates whether the document-level metadata stream (see Section 10.2.2, "Metadata Streams") is to be encrypted. Applications should respect this value. Default value: true. Encryption Key Algorithm Modify the first paragraph of this section as shown. As noted earlier, one function of a security handler is to generate an encryption key for use in encrypting and decrypting the contents of a document. Given a password string, the standard security handler computes an encryption key. For revision 4 and earlier, the algorithm is as shown in Algorithm 3.2. For revision 5, the algorithm is as shown in Algorithm 3.2a. Algorithm 3.2 Computing an encryption key 1. The password string is generated from OS codepage characters by first converting the string to PDFDocEncoding. If the input is Unicode, first convert to a codepage encoding, and then to PDFDocEncoding for backward compatibility. 2. Initialize the MD5 hash function and pass the result of step 1 as input to this function. 3. Pass the value of the encryption dictionary's O entry to the MD5 hash function. (Algorithm 3.3 shows how the O value is computed.) 4. Treat the value of the P entry as an unsigned 4-byte integer and pass these bytes to the MD5 hash function, low-order byte first. 5. Pass the first element of the file's file identifier array (the value of the ID entry in the document's trailer dictionary; see Table 3.13 on page 97) to the MD5 hash function. (See implementation note 26 in Appendix H.) 6. (Revision 4 or greater) If document metadata is not being encrypted, pass 4 bytes with the value 0xFFFFFFFF to the MD5 hash function. 7. Finish the hash. 8. (Revision 3 or greater) Do the following 50 times: Take the output from the previous MD5 hash and pass the first n bytes of the output as input into a new MD5 hash, where n is the number of bytes of the encryption key as defined by the value of the encryption dictionary's Length entry.