Home » Adobe Manuals » Computer Software » Adobe 12020596 » Manual Viewer

Adobe 12020596 User Guide - Page 20

Algorithm 3.8, Algorithm 3.9, Algorithm 3.10

View all Adobe 12020596 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 20 highlights

Adobe Acrobat SDK Adobe® Supplement to the ISO 32000 Syntax (Chapter 3 in PDF Reference) 3.5.2 Standard Security Handler 20 (user password) entries for encryption revision 4 and earlier, and the O, U, OE (owner encryption key), UE (user encryption key) and Perms (permissions) values for encryption revision 5 require more explanation. Algorithms 3.3 through 3.5 show how the values of the owner password and user password are computed for revision 4 and earlier. Algorithms 3.6 and 3.7 show how to determine if a password is valid. Algorithms 3.8 through 3.10 show how the values for revision 5 are computed. Algorithms 3.11 through 3.13 show how to determine if a revision 5 password is valid. Passwords for revision 4 and earlier are up to 32 characters in length, and are limited to characters in the PDFDocEncoding character set (see Appendix D). Following the above paragraphs comes the listing of algorithms 3.3-3.7. These algorithms and accompanying text remain unchanged. Then insert the following paragraphs. In revision 4 and earlier, the result of running the password algorithm was exactly the file encryption key. In revision 5, the file encryption key is decoupled from the password algorithm to make the owner and user keys independent. For the algorithms below, first generate a 256-bit (32 byte) encryption key for the file using a strong random number generator. All passwords for revision 5 are based on Unicode. Preprocessing of a user-entered password consists first of normalizing its representation by applying the "SASLPrep" profile (see RFC 4013) of the "stringprep" algorithm (see RFC 3454) to the supplied password using the Normalize and BIDI options. Next, convert the password string to UTF-8 encoding, and then truncate to the first 127 bytes if the string is longer than 127 bytes. Algorithm 3.8 Computing the encryption dictionary's U (user password) and UE (user encryption key) values 1. Generate 16 random bytes of data using a strong random number generator. The first 8 bytes are the User Validation Salt. The second 8 bytes are the User Key Salt. Compute the 32-byte SHA-256 hash of the password concatenated with the User Validation Salt. The 48-byte string consisting of the 32-byte hash followed by the User Validation Salt followed by the User Key Salt is stored as the U key. 2. Compute the 32-byte SHA-256 hash of the password concatenated with the User Key Salt. Using this hash as the key, encrypt the file encryption key using AES-256 in CBC mode with no padding and an initialization vector of zero. The resulting 32-byte string is stored as the UE key. Algorithm 3.9 Computing the encryption dictionary's O (owner password) and OE (owner encryption key) values 1. Generate 16 random bytes of data using a strong random number generator. The first 8 bytes are the Owner Validation Salt. The second 8 bytes are the Owner Key Salt. Compute the 32-byte SHA-256 hash of the password concatenated with the Owner Validation Salt and then concatenated with the 48-byte U string as generated in Algorithm 3.8. The 48-byte string consisting of the 32-byte hash followed by the Owner Validation Salt followed by the Owner Key Salt is stored as the O key. 2. Compute the 32-byte SHA-256 hash of the password concatenated with the Owner Key Salt and then concatenated with the 48-byte U string as generated in Algorithm 3.8. Using this hash as the key, encrypt the file encryption key using AES-256 in CBC mode with no padding and an initialization vector of zero. The resulting 32-byte string is stored as the OE key. Algorithm 3.10 Computing the encryption dictionary's Perms (permissions) value Fill a 16-byte block as follows:

Section	Page
Contents	3
Preface	5
What’s in this guide?	5
Who should read this guide?	5
Related documentation	5
Transitioning the PDF Specification to ISO	6
Extensions to the PDF specification	6
Behavior of PDF consumers that does not support an extension	6
Subsequent extensions to a BaseVersion	6
Plans related to the first version of ISO 32000	7
Plans related to subsequent versions of ISO 32000	7
Part I: Extensions to the PDF Specification	8
What’s New	9
Adobe BaseVersion 1.7 and ExtensionLevel 3	9
Extension identification	9
Bates numbering page artifact	9
Features for Architecture, Engineering and Construction	9
Enforced viewer preferences	9
Persistence of 3D measurements and markup	9
Accessibility	10
Portable collections	10
Rich media	10
Seed values and locking a document for digital signatures	10
Encryption and passwords	10
Barcode form fields	11
PDF/A-2 and XML form data	11
Adobe BaseVersion 1.7 and ExtensionLevel 1	11
PRC in 3D annotations	11
Other	11
Universal 3D file format	11
Support for rich text conventions	12
Syntax (Chapter 3 in PDF Reference)	13
3.5 Encryption	13
3.5.1 General Encryption Algorithm	15
Algorithm 3.1a Encryption of data using the AES algorithm	16
3.5.2 Standard Security Handler	16
Standard Encryption Dictionary	16
Encryption Key Algorithm	18
Algorithm 3.2 Computing an encryption key	18
Algorithm 3.2a Computing an encryption key	19
Password Algorithms	19
Algorithm 3.8 Computing the encryption dictionary’s U (user password) and UE (user encryption key) values	20
Algorithm 3.9 Computing the encryption dictionary’s O (owner password) and OE (owner encryption key) values	20
Algorithm 3.10 Computing the encryption dictionary’s Perms (permissions) value	20
Algorithm 3.11 Authenticating the User Password	21
Algorithm 3.12 Authenticating the Owner Password	21
Algorithm 3.13 Validating the Permissions	21
3.5.3 Public-Key Security Handlers	21
Public-Key Encryption Algorithms	21
3.5.4 Crypt Filters	22
3.6 Document Structure	23
3.6.1 Document Catalog	23
3.6.2 Page Tree	23
3.6.3 Name Dictionary	23
3.6.4 Extensions to PDF	23
3.10 File Specifications	26
3.10.2 File Specification Dictionaries	26
Graphics (Chapter 4 in PDF Reference)	27
4.8 Images	27
4.8.4 Image Dictionaries	27
4.9 Form XObjects	27
4.9.1 Form Dictionaries	27
Interactive Features (Chapter 8 in PDF Reference)	28
8.2 Document-Level Navigation	28
8.1 Viewer Preferences	28
8.2.4 Collections	28
Navigators	34
Resources name tree	36
String table	37
8.4 Annotations	37
8.4.5 Annotation Types	38
Markup Annotations	38
Widget Annotations	39
Projection Annotations	39
8.5 Actions	40
8.5.3 Action Types	40
Rich-Media-Execute Actions	40
8.6 Interactive Forms	42
8.6.3 Field Types	43
Signature Fields	43
Barcode Fields	45
8.6.7 XFA Forms	48
Incorporation of XFA Datasets into a PDF/A-2 Conforming File	48
8.8 Measurement Properties	48
8.8.1 Geospatial Features	49
Geospatial Measure Dictionary	49
Geographic Coordinate System Dictionary	51
Projected Coordinate System Dictionary	52
Example: A WKT describing a geographic coordinate system	52
Example: A WKT describing a projected coordinate system	53
Point Data Dictionary	53
Multimedia Features (Chapter 9 in PDF Reference)	55
9.5 3D Artwork	55
9.5.1 3D Annotations	55
9.5.2 3D Streams	56
9.5.3 3D Views	57
9.5.3 3D Views (Node Dictionaries)	57
9.5.6 Persistence of 3D Measurements and Markups	59
The 3D Units Dictionary	59
3D Measurement/Markup Dictionary	62
3D Linear Dimension Measurement	63
3D Perpendicular Dimension Measurement	65
3D Angular Dimension Measurement	67
3D Radial Dimension	71
3D Comment Note	74
3D Measurements and Projection Annotations	75
9.6 Rich Media	76
9.6.1 RichMedia Annotations	76
RichMediaSettings Dictionary	78
RichMediaActivation Dictionary	78
RichMediaDeactivation Dictionary	80
RichMediaAnimation Dictionary	80
Example: A RichMediaSettings dictionary	81
RichMediaPresentation Dictionary	82
RichMediaWindow Dictionary	84
Example: A RichMediaPresentation Dictionary	85
RichMediaContent dictionary	86
The Assets name tree	87
Example: Assets name tree	87
RichMediaConfiguration Dictionary	88
RichMediaInstance Dictionary	88
Example: RichMediaInstance dictionaries	89
RichMediaParams Dictionary	90
CuePoint Dictionary	91
Example: The RichMediaParams Dictionary	92
View Dictionary	92
View Params Dictionary	93
Extended Example	94
Document Interchange (Chapter 10 in PDF Reference)	100
10.7 Tagged PDF	100
10.7.1 Tagged PDF and Page Content	100
Real Content and Artifacts	100
Bibliography	102
Resources from Adobe Systems Incorporated	102
Other Resources	103
Part II: Reference Errors and Implementation Notes	105
Implementation Notes	106
Implementation Notes to the PDF Reference, sixth edition	106
1.2 Introduction to PDF 1.7 Features	106
3.1.2 Comments	106
3.2.4 Name Objects	106
3.2.7 Stream Objects	107
3.2.9 Indirect Objects	107
3.3 Filters	107
3.3.7 DCTDecode Filter	108
3.4 File Structure	108
3.4.1 File Header	108
3.4.3 Cross-Reference Table	109
3.4.4 File Trailer	109
3.4.6 Object Streams	109
3.4.7 Cross-Reference Streams (Cross-Reference Stream Dictionary)	109
3.4.7 Cross-Reference Streams (Compatibility with PDF 1.4)	109
3.5 Encryption	109
3.5.2 Standard Security Handler (Standard Encryption Dictionary)	109
3.5.2 Standard Security Handler (Encryption Key Algorithm)	110
3.5.2 Standard Security Handler (Password Algorithms)	110
3.5.4 Crypt Filters	110
3.6.1 Document Catalog	110
3.6.2 Page Tree (Page Objects)	110
3.7.1 Content Streams	111
3.9.1 Type 0 (Sampled) Functions	111
3.9.2 Type 2 (Exponential Interpolation) Functions	111
3.9.3 Type 3 (Stitching) Functions	111
3.9.4 Type 4 (PostScript Calculator) Functions	111
3.10.2 File Specification Dictionaries	111
Example: Acrobat does not correctly interpret a file specification.	111
4.5.2 Color Space Families	112
4.5.5 Special Color Spaces (DeviceN Color Spaces)	112
4.5.5 Special Color Spaces (Multitone Examples)	112
4.6 Patterns	112
4.7 External Objects	112
4.8.4 Image Dictionaries	112
4.8.5 Masked Images	113
4.9.1 Form Dictionaries	113
4.9.3 Reference XObjects	113
5.2.5 Text Rendering Mode	113
5.3.2 Text-Showing Operators	113
5.5.1 Type 1 Fonts	113
5.5.1 Type 1 Fonts (Standard Type 1 Fonts (Standard 14 Fonts))	114
5.5.3 Font Subsets	115
5.5.4 Type 3 Fonts	115
5.6.4 CMaps	115
5.7 Font Descriptors	115
5.8 Embedded Font Programs	115
6.4.2 Spot Functions	115
6.5.4 Automatic Stroke Adjustment	116
7.5.2 Specifying Blending Color Space and Blend Mode	116
7.5.3 Specifying Shape and Opacity (Mask Shape and Opacity)	116
8.2.2 Document Outline	116
8.3.1 Page Labels	116
8.4 Annotations	116
Interaction between accessibility preference and annotation tab order	117
Accessibility preference selected (default setting)	117
Accessibility preference not selected	117
Reordering of annotations	118
8.4.1 Annotation Dictionaries	118
8.4.2 Annotation Flags	118
8.4.3 Border Styles	119
8.4.4 Appearance Streams	119
8.4.5 Annotation Types	119
8.4.5 Annotation Types (Link Annotations)	119
8.4.5 Annotation Types (Polygon and Polyline Annotations)	119
8.4.5 Annotation Types (Text Markup Annotations)	119
8.4.5 Annotation Types (Ink Annotations)	119
8.4.5 Annotation Types (File Attachment Annotations)	119
8.4.5 Annotation Types (Markup Annotations)	120
8.4.5 Annotation Types (Watermark Annotations)	120
8.5.2 Trigger Events	120
8.5.3 Action Types (Launch Actions)	120
8.5.3 Action Types (URI Actions)	120
8.5.3 Action Types (Sound Actions)	120
8.5.3 Action Types (Movie Actions)	120
8.5.3 Action Types (Hide Actions)	121
8.5.3 Action Types (Named Actions)	121
8.6.1 Interactive Form Dictionary	121
8.6.2 Field Dictionaries (Field Names)	121
8.6.2 Field Dictionaries (Variable Text)	121
8.6.2 Field Dictionaries (Rich Text Strings)	121
8.6.3 Field Dictionaries (Button Fields)	122
8.6.3 Field Types (Choice Fields)	122
8.6.4 Form Actions (Submit-Form Actions)	122
8.6.4 “Form Actions (Import-Data Actions)	122
8.6.4 Form Actions (JavaScript Actions)	122
8.6.6 Forms Data Format (FDF Header)	122
8.6.6 Forms Data Format (FDF Catalog)	123
8.6.6 Forms Data Format (FDF Fields)	123
8.6.6 Forms Data Format (FDF Pages)	123
8.7 Digital Signatures	124
8.7.1 Transform Methods	124
8.7.2 Signature Interoperability	124
8.9 Document Requirements	125
9.1 Multimedia	125
9.1.3 Media Clip Objects (Media Clip Data)	125
9.2 Sounds	125
9.3 Movies	125
9.4 Alternate Presentations	126
9.5 3D Artwork	126
10.1 Procedure Sets	126
10.2 Metadata	127
10.2.2 Metadata Streams	127
10.3 File Identifiers	127
10.9.2 Content Database (Digital Identifiers)	127
10.9.3 Content Sets (Image Sets)	127
10.9.4 Source Information (URL Alias Dictionaries)	127
10.10.1 Page Boundaries	128
10.10.4 Output Intents	128
10.10.5 Trapping Support (Trap Network Annotations)	128
10.10.6 Open Prepress Interface (OPI)	128
Appendix C Implementation Limits	129
F.2.2 Linearization Parameter Dictionary (Part 2)	129
F.2.6 First-Page Section (Part 6)	129
F.2.8 Shared Objects (Part 8)	129
F.3.1 Page Offset Hint Table	129
F.3.2 Shared Object Hint Table	129
Implementation Notes to Adobe Extensions to ISO 32000	130

Match case Limit results 1 per page

Adobe Acrobat SDK

Syntax (Chapter 3 in PDF Reference)

Adobe® Supplement to the ISO 32000

3.5.2 Standard Security Handler

(user password) entries for encryption revision 4 and earlier, and the

(owner encryption key),

(user encryption key) and

Perms

(permissions) values for encryption revision 5 require more explanation.

Algorithms 3.3 through 3.5 show how the values of the owner password and user password are computed

for revision 4 and earlier. Algorithms 3.6 and 3.7 show how to determine if a password is valid. Algorithms

3.8 through 3.10 show how the values for revision 5 are computed. Algorithms 3.11 through 3.13 show

how to determine if a revision 5 password is valid.

Passwords for revision 4 and earlier are up to 32 characters in length, and are limited to characters in the

PDFDocEncoding character set (see Appendix D).

Following the above paragraphs comes the listing of algorithms 3.3–3.7. These algorithms and accompanying

text remain unchanged. Then insert the following paragraphs.

In revision 4 and earlier, the result of running the password algorithm was exactly the file encryption key.

In revision 5, the file encryption key is decoupled from the password algorithm to make the owner and

user keys independent. For the algorithms below, first generate a 256-bit (32 byte) encryption key for the

file using a strong random number generator.

All passwords for revision 5 are based on Unicode. Preprocessing of a user-entered password consists first

of normalizing its representation by applying the “SASLPrep” profile (see RFC 4013) of the “stringprep”

algorithm (see RFC 3454) to the supplied password using the

Normalize

and

BIDI

options. Next,

convert the password string to UTF-8 encoding, and then truncate to the first 127 bytes if the string is

longer than 127 bytes.

Algorithm 3.8

Computing the encryption dictionary’s U (user password) and UE (user encryption

key) values

Generate 16 random bytes of data using a strong random number generator. The first 8 bytes are the

User Validation Salt. The second 8 bytes are the User Key Salt. Compute the 32-byte SHA-256 hash of

the password concatenated with the User Validation Salt. The 48-byte string consisting of the 32-byte

hash followed by the User Validation Salt followed by the User Key Salt is stored as the

key.

Compute the 32-byte SHA-256 hash of the password concatenated with the User Key Salt. Using this

hash as the key, encrypt the file encryption key using AES-256 in CBC mode with no padding and an

initialization vector of zero. The resulting 32-byte string is stored as the

key.

Algorithm 3.9

Computing the encryption dictionary’s O (owner password) and OE (owner

encryption key) values

Generate 16 random bytes of data using a strong random number generator. The first 8 bytes are the

Owner Validation Salt. The second 8 bytes are the Owner Key Salt. Compute the 32-byte SHA-256 hash

of the password concatenated with the Owner Validation Salt and then concatenated with the 48-byte

U string as generated in Algorithm 3.8. The 48-byte string consisting of the 32-byte hash followed by

the Owner Validation Salt followed by the Owner Key Salt is stored as the

key.

Compute the 32-byte SHA-256 hash of the password concatenated with the Owner Key Salt and then

concatenated with the 48-byte U string as generated in Algorithm 3.8. Using this hash as the key,

encrypt the file encryption key using AES-256 in CBC mode with no padding and an initialization vector

of zero. The resulting 32-byte string is stored as the

key.

Algorithm 3.10

Computing the encryption dictionary’s Perms (permissions) value

Fill a 16-byte block as follows: