diff options
author | Philipp Lohmann [pl] <Philipp.Lohmann@Oracle.COM> | 2010-09-27 19:58:20 +0200 |
---|---|---|
committer | Philipp Lohmann [pl] <Philipp.Lohmann@Oracle.COM> | 2010-09-27 19:58:20 +0200 |
commit | c73eb35e21eaf9a4c062da475af36b806741285b (patch) | |
tree | daa607eb30b81d3d7e6e6a9dd167b97e4edd1779 /filter/source/pdf | |
parent | 4c227c8eb3b025438557cb817f8e406d205b75ae (diff) |
limit password life time
Diffstat (limited to 'filter/source/pdf')
-rw-r--r-- | filter/source/pdf/impdialog.cxx | 43 | ||||
-rw-r--r-- | filter/source/pdf/impdialog.hxx | 11 | ||||
-rw-r--r-- | filter/source/pdf/pdfexport.cxx | 22 |
3 files changed, 51 insertions, 25 deletions
diff --git a/filter/source/pdf/impdialog.cxx b/filter/source/pdf/impdialog.cxx index d24606d2b2b6..d542d47ec449 100644 --- a/filter/source/pdf/impdialog.cxx +++ b/filter/source/pdf/impdialog.cxx @@ -382,8 +382,8 @@ Sequence< PropertyValue > ImpPDFTabDialog::GetFilterData() nElementAdded--; // add the open password - aRet[ aRet.getLength() - nElementAdded ].Name = OUString( RTL_CONSTASCII_USTRINGPARAM( "DocumentOpenPassword" ) ); - aRet[ aRet.getLength() - nElementAdded ].Value <<= OUString( msUserPassword ); + aRet[ aRet.getLength() - nElementAdded ].Name = OUString( RTL_CONSTASCII_USTRINGPARAM( "PreparedPasswords" ) ); + aRet[ aRet.getLength() - nElementAdded ].Value <<= mxPreparedPasswords; nElementAdded--; //the restrict permission flag (needed to have the scripting consistent with the dialog) @@ -1043,6 +1043,8 @@ ImpPDFTabSecurityPage::ImpPDFTabSecurityPage( Window* i_pParent, maCbEnableAccessibility( this, PDFFilterResId( CB_ENAB_ACCESS ) ), msUserPwdTitle( PDFFilterResId( STR_PDF_EXPORT_UDPWD ) ), + mbHaveOwnerPassword( false ), + mbHaveUserPassword( false ), msOwnerPwdTitle( PDFFilterResId( STR_PDF_EXPORT_ODPWD ) ) { @@ -1102,13 +1104,11 @@ void ImpPDFTabSecurityPage::GetFilterConfigItem( ImpPDFTabDialog* paParent ) { // please note that in PDF/A-1a mode even if this are copied back, // the security settings are forced disabled in PDFExport::Export - paParent->mbEncrypt = (msUserPassword.Len() > 0); - if( paParent->mbEncrypt ) - paParent->msUserPassword = msUserPassword; + paParent->mbEncrypt = mbHaveUserPassword; + paParent->mxPreparedPasswords = mxPreparedPasswords; - paParent->mbRestrictPermissions = (msOwnerPassword.Len() > 0); - if( msOwnerPassword.Len() > 0 ) - paParent->msOwnerPassword = msOwnerPassword; + paParent->mbRestrictPermissions = mbHaveOwnerPassword; + paParent->msOwnerPassword = msOwnerPassword; //verify print status paParent->mnPrint = 0; @@ -1192,8 +1192,26 @@ IMPL_LINK( ImpPDFTabSecurityPage, ClickmaPbSetPwdHdl, void*, EMPTYARG ) aPwdDialog.AllowAsciiOnly(); if( aPwdDialog.Execute() == RET_OK ) //OK issued get password and set it { - msUserPassword = aPwdDialog.GetPassword(); - msOwnerPassword = aPwdDialog.GetPassword2(); + rtl::OUString aUserPW( aPwdDialog.GetPassword() ); + rtl::OUString aOwnerPW( aPwdDialog.GetPassword2() ); + + mbHaveUserPassword = (aUserPW.getLength() != 0); + mbHaveOwnerPassword = (aOwnerPW.getLength() != 0); + + mxPreparedPasswords = vcl::PDFWriter::InitEncryption( aOwnerPW, aUserPW, true ); + + // FIXME: used as parameter for hybrid PDF + if( mbHaveOwnerPassword ) + { + // force deep copy, not ref count + msOwnerPassword = rtl::OUString( aOwnerPW.getStr(), aOwnerPW.getLength() ); + } + else + msOwnerPassword = rtl::OUString(); + + // trash clear text passwords string memory + rtl_zeroMemory( (void*)aUserPW.getStr(), aUserPW.getLength() ); + rtl_zeroMemory( (void*)aOwnerPW.getStr(), aOwnerPW.getLength() ); } enablePermissionControls(); return 0; @@ -1201,10 +1219,9 @@ IMPL_LINK( ImpPDFTabSecurityPage, ClickmaPbSetPwdHdl, void*, EMPTYARG ) void ImpPDFTabSecurityPage::enablePermissionControls() { - maFtUserPwd.SetText( (msUserPassword.Len() > 0 && IsEnabled()) ? maUserPwdSet : maUserPwdUnset ); - - sal_Bool bLocalEnable = (msOwnerPassword.Len() > 0) && IsEnabled(); + maFtUserPwd.SetText( (mbHaveUserPassword && IsEnabled()) ? maUserPwdSet : maUserPwdUnset ); + sal_Bool bLocalEnable = mbHaveOwnerPassword && IsEnabled(); maFtOwnerPwd.SetText( bLocalEnable ? maOwnerPwdSet : maOwnerPwdUnset ); maFlPrintPermissions.Enable( bLocalEnable ); diff --git a/filter/source/pdf/impdialog.hxx b/filter/source/pdf/impdialog.hxx index e450009ca822..743a41fcc032 100644 --- a/filter/source/pdf/impdialog.hxx +++ b/filter/source/pdf/impdialog.hxx @@ -126,14 +126,14 @@ protected: sal_Bool mbFirstPageLeft; sal_Bool mbEncrypt; - String msUserPassword; sal_Bool mbRestrictPermissions; - String msOwnerPassword; + rtl::OUString msOwnerPassword; sal_Int32 mnPrint; sal_Int32 mnChangesAllowed; sal_Bool mbCanCopyOrExtract; sal_Bool mbCanExtractForAccessibility; + com::sun::star::uno::Reference< com::sun::star::beans::XMaterialHolder > mxPreparedPasswords; sal_Bool mbIsRangeChecked; String msPageRange; @@ -340,12 +340,15 @@ class ImpPDFTabSecurityPage : public SfxTabPage CheckBox maCbEnableCopy; CheckBox maCbEnableAccessibility; - String msUserPassword; String msUserPwdTitle; - String msOwnerPassword; + bool mbHaveOwnerPassword; + bool mbHaveUserPassword; + rtl::OUString msOwnerPassword; String msOwnerPwdTitle; + com::sun::star::uno::Reference< com::sun::star::beans::XMaterialHolder > mxPreparedPasswords; + long nWidth; DECL_LINK( ClickmaPbSetPwdHdl, void* ); diff --git a/filter/source/pdf/pdfexport.cxx b/filter/source/pdf/pdfexport.cxx index 77be4cc81415..4124c726fbfd 100644 --- a/filter/source/pdf/pdfexport.cxx +++ b/filter/source/pdf/pdfexport.cxx @@ -386,6 +386,7 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue Any aSelection; PDFWriter::PDFWriterContext aContext; rtl::OUString aOpenPassword, aPermissionPassword; + Reference< beans::XMaterialHolder > xEnc; // getting the string for the creator @@ -511,6 +512,8 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue rFilterData[ nData ].Value >>= mbRestrictPermissions; else if ( rFilterData[ nData ].Name == OUString( RTL_CONSTASCII_USTRINGPARAM( "PermissionPassword" ) ) ) rFilterData[ nData ].Value >>= aPermissionPassword; + else if ( rFilterData[ nData ].Name == OUString( RTL_CONSTASCII_USTRINGPARAM( "PreparedPasswords" ) ) ) + rFilterData[ nData ].Value >>= xEnc; else if ( rFilterData[ nData ].Name == OUString( RTL_CONSTASCII_USTRINGPARAM( "Printing" ) ) ) rFilterData[ nData ].Value >>= mnPrintAllowed; else if ( rFilterData[ nData ].Name == OUString( RTL_CONSTASCII_USTRINGPARAM( "Changes" ) ) ) @@ -545,14 +548,17 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue break; case 1: aContext.Version = PDFWriter::PDF_A_1; -//force the tagged PDF as well + //force the tagged PDF as well mbUseTaggedPDF = sal_True; -//force embedding of standard fonts + //force embedding of standard fonts mbEmbedStandardFonts = sal_True; -//force disabling of form conversion + //force disabling of form conversion mbExportFormFields = sal_False; -// PDF/A does not allow transparencies + // PDF/A does not allow transparencies mbRemoveTransparencies = sal_True; + // no encryption + mbEncrypt = sal_False; + xEnc.clear(); break; } @@ -636,7 +642,7 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue //set check for permission change password // if not enabled and no permission password, force permissions to default as if PDF where without encryption - if( mbRestrictPermissions && aPermissionPassword.getLength() > 0 ) + if( mbRestrictPermissions && (xEnc.is() || aPermissionPassword.getLength() > 0) ) { mbEncrypt = sal_True; //permission set as desired, done after @@ -686,8 +692,8 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue aContext.Encryption.CanCopyOrExtract = mbCanCopyOrExtract; aContext.Encryption.CanExtractForAccessibility = mbCanExtractForAccessibility; - if( mbEncrypt ) - PDFWriter::InitEncryption( aContext.Encryption, aPermissionPassword, aOpenPassword, aContext.DocumentInfo ); + if( mbEncrypt && ! xEnc.is() ) + xEnc = PDFWriter::InitEncryption( aPermissionPassword, aOpenPassword, aContext.Encryption.Security128bit ); } /* * FIXME: the entries are only implicitly defined by the resource file. Should there @@ -751,7 +757,7 @@ sal_Bool PDFExport::Export( const OUString& rFile, const Sequence< PropertyValue //<--- } // all context data set, time to create the printing device - PDFWriter* pPDFWriter = new PDFWriter( aContext ); + PDFWriter* pPDFWriter = new PDFWriter( aContext, xEnc ); OutputDevice* pOut = pPDFWriter->GetReferenceDevice(); vcl::PDFExtOutDevData* pPDFExtOutDevData = NULL; |