From f7e1c05ffedf547eddeb444bc494269456825be8 Mon Sep 17 00:00:00 2001 From: Iru Cai Date: Tue, 20 Nov 2018 13:48:48 +0800 Subject: some fix - still not work --- source/pdf/pdf-crypt.c | 118 ++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 116 insertions(+), 2 deletions(-) diff --git a/source/pdf/pdf-crypt.c b/source/pdf/pdf-crypt.c index e98f8989..36ddab0d 100644 --- a/source/pdf/pdf-crypt.c +++ b/source/pdf/pdf-crypt.c @@ -15,6 +15,65 @@ typedef struct static void fcn_40c060(mt19937 *ctx) { + uint32_t eax, ecx, edx; + ecx = 227; + uint32_t *edi_ptr = &ctx->MT[624]; + + do { + edx = edi_ptr[1]; + edi_ptr++; + edx ^= edi_ptr[-1]; + edx &= 0x7fffffff; + edx ^= edi_ptr[-1]; + eax = edx & 1; + if (eax) + eax = 0x9908b0df; + else + eax = 0; + edx >>= 1; + eax ^= edi_ptr[396]; + eax ^= edx; + edi_ptr[-625] = eax; + ecx--; + } while (ecx); + + uint32_t *esi = ctx->MT[851]; + + int edi = 396; + do { + uint32_t ecx = esi[0]; + esi++; + ecx ^= esi[0]; + ecx &= 0x7fffffff; + ecx ^= esi[-1]; + uint32_t eax = ecx & 1; + if (eax) { + eax = 0x9908b0df; + } else { + eax = 0; + } + ecx >>= 1; + eax ^= esi[-852]; + eax ^= ecx; + esi[-625] = eax; + edi--; + } while (edi); + + ecx = ctx->MT[1247] ^ ctx->MT[0]; + ecx &= 0x7fffffff; + ecx ^= ctx->MT[1247]; + eax = ecx & 1; + if (eax) { + eax = 0x9908b0df; + } else { + eax = 0; + } + ecx >>= 1; + eax ^= ctx->MT[396]; + eax ^= ecx; + ctx->MT[623] = eax; + ctx->n = edi; +#if 0 uint32_t *edi = &ctx->MT[624]; uint32_t eax, ecx, edx; @@ -52,10 +111,35 @@ static void fcn_40c060(mt19937 *ctx) ecx >>= 1; ctx->MT[623] = eax ^ ctx->MT[396] ^ ecx; ctx->n = 0; +#endif } static void fcn_40c120(mt19937* ctx) { + uint32_t * eax = &ctx->MT[1]; + uint32_t esi = 624; + uint32_t ecx, edx; + + do { + edx = eax[-1]; + eax++; + edx ^= eax[-1]; + edx &= 0x7fffffff; + edx ^= eax[-2]; + ecx = edx & 1; + if (ecx) { + ecx = 0x9908b0df; + } else { + ecx = 0; + } + edx >>= 1; + ecx ^= eax[395]; + ecx ^= edx; + eax[622] = ecx; + esi--; + } while (esi); + +#if 0 uint32_t *mt = ctx->MT; uint32_t ecx, edx; @@ -74,10 +158,38 @@ static void fcn_40c120(mt19937* ctx) mt[i + 624] = ecx; } +#endif } uint32_t mt19937_next(mt19937 *ctx) { + uint32_t eax = ctx->n; + if (eax == 624) { + fcn_40c120(ctx); + } else if (eax >= 1248) { + fcn_40c060(ctx); + } + eax = ctx->n; + uint32_t edx = ctx->MT[eax]; + eax++; + ctx->n = eax; + uint32_t ecx = edx; + eax = ctx->cc; + ecx >>= 11; + eax &= ecx; + edx ^= eax; + eax = edx & 0xff3a58ad; + eax <<= 7; + edx ^= eax; + eax = edx; + eax &= 0xffffdf8c; + eax <<= 15; + edx ^= eax; + eax = edx; + eax >>= 0x12; + eax ^= edx; + return eax; +#if 0 int n = ctx->n; uint32_t eax, edx; @@ -95,6 +207,7 @@ uint32_t mt19937_next(mt19937 *ctx) edx ^= eax; eax = edx >> 18; return eax ^ edx; +#endif } void mt19937_init(mt19937 *ctx, uint32_t seed) @@ -104,7 +217,7 @@ void mt19937_init(mt19937 *ctx, uint32_t seed) ctx->MT[0] = seed; for (int i = 1; i < 624; i++) { - ctx->MT[i] = 0x6c078965UL * (ctx->MT[i] ^ (ctx->MT[i-1] >> 30)) + i; + ctx->MT[i] = 0x6c078965UL * (ctx->MT[i-1] ^ (ctx->MT[i-1] >> 30)) + i; } } @@ -414,7 +527,8 @@ pdf_new_crypt(fz_context *ctx, pdf_obj *dict, pdf_obj *id) fz_warn(ctx, "crypt method: %d, crypt length: %d, crypt perm: %x", crypt->stmf.method, crypt->length, crypt->p); fz_sha256_update(&sha256, &crypt->stmf.method, 4); - fz_sha256_update(&sha256, &crypt->length, 4); + unsigned char lenbytes[4] = { crypt->length / 8, 0, 0, 0 }; + fz_sha256_update(&sha256, lenbytes, 4); fz_sha256_update(&sha256, &crypt->p, 4); obj = pdf_dict_gets(ctx, dict, "Recipients"); -- cgit v1.2.3