Lib:Architecture/Base Layer/Crypt Module
From GNUpdf
| Library Module | |
|---|---|
| Crypt Module | |
| Layer | Base |
| API Documentation | Reference Manual |
| Source Files | src/base/pdf-crypt.h |
Contents |
Overview
The Encryption module provides procedures both for encryption and decryption of buffers. Indeed it also provides functions for message-digest.
Initialization
This module is required to be initialized once at startup, when libgnupdf is loaded.
Ciphers
Encryption module provides a new data type named cipher. A cipher turns a plain text buffer to a ciphered text one and vice versa. In order to hide the original content, a encryption key should be provided by the caller. The length of this key depends on algorithm used.
There are two kinds of ciphers, the stream-based ciphers and block-based ones. Stream-based ciphers work on each byte of the input buffer. Meanwhile, a block-based cipher works on a fixed blocks of a certain fixed size. As block ciphers algorithms are designed to work on individual blocks, several modes of operation are defined. They specifies how to a sequence of blocks are encrypted. Finally, padding is a mechanism in order to allow input buffer can have an arbitrary length in a block cipher.
Encryption algorithms
The encryption module provides support for the following encryption algorithm, which are required by the pdf standard.
ARC4
ARC4 is a RC4-compatible algorithm. It is a stream-based cipher.
AES128
It is a block-based cipher. Whether we want to encrypt a buffer whose length is not multiple of this size, then the buffer should be padded before encrypting. In this case, the algorithm described in RFC 2898 is used for this purpose.
A operation mode known as Cipher Block Chaining mode is used. It requires a initialization vector (herein IV) whose length is 16 bytes. This vector is assumed to be at the beginning of the input buffer, and it will put in the same place for the output buffer automatically.
Operations
TBD.
Message-digest
This module provides message-digest md5 function too, since it is usually used in order to get a encryption key.
