Completed
Last Updated: 25 Nov 2019 07:52 by ADMIN
Release 2019.3.1125 (11/25/2019)
ADMIN
Deyan
Created on: 10 Jan 2018 12:01
Category: PdfProcessing
Type: Bug Report
2
PdfProcessing: InvalidOperationException is thrown when authenticating user password
The exception is thrown with the message "Password is not correct" even when the user password is correct. This issue occurs for specific encryption algorithm parameters only.
6 comments
ADMIN
Nikolay Demirev
Posted on: 18 Nov 2019 13:51

Hi Chris,

The Revision value was not respected in the algorithm calculating the user password. In the case of revision == 2 the calculation is much more simple compared to revision >= 3. The password is generated by passing only the PasswordPadding to the RC4 function. Also, the EncryptMetadata value was never imported and the encryption key was calculated always for encryptMetatadata = false. 

The changes I have made are described in the spec, but for some reason, they were omitted in the previous implementation. I have tested the fix with all documents we have with encryption and it seems the bug is fixed.

Regards,
Nikolay Demirev
Progress Telerik

Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.
Chris
Posted on: 11 Nov 2019 14:37

Hi

Thanks for looking at the fix and confirming it (mostly) works. I am though interested in what the additional fix was that you had to add and if (and how) it differs from the pdf spec

ADMIN
Nikolay Demirev
Posted on: 11 Nov 2019 14:09

Hi Chris,

Thank you for investing your time in fixing the issue. I have reviewed your fix and it seems correct. I have applied it to our code and I have tested with the test documents we have. The provided fix worked for several documents, but I had to apply another fix in the code in order to fix all the issues we know.

As a token of our appreciation for providing the fix, I am updating your Telerik Points.

Regards,
Nikolay Demirev
Progress Telerik

Get quickly onboarded and successful with your Telerik and/or Kendo UI products with the Virtual Classroom free technical training, available to all active customers. Learn More.
Chris
Posted on: 06 Nov 2019 16:23

I recently encountered a file that gave me this error as well. I did some digging and now have a good idea behind the bug.

Specifically it occurs with encryption algorithm 4, security handler revision 4 and encrypt metadata set to true.

The error is in the function CalculateEncryptionKey in StandardEncrypt.cs

For reference in the pdf spec from Adobe for 1.7 (https://www.adobe.com/content/dam/acom/en/devnet/pdf/PDF32000_2008.pdf) in section 7.6.3.3 in Algorithm 2 (page 61 and 62) point F says

(Security handlers of revision 4 or greater) If document metadata is not being encrypted, pass 4 bytes with the value of 0xFFFFFFFF to the MD5 hash function

Below is the original section of code.

if (revision >= 4 && encryptMetadata)
            {
                byte[] b = new byte[4];
                for (int i = 0; i < 4; ++i)
                {
                    b[i] = 0xFF;
                }

                tmp.AddRange(bytes);
            }

First of all in the IF statement it is meant to be if NOT encrypted

Second of all, the wrong variable is being added to tmp. The variable containing the value 0xFFFFFFFF is named "b" not "bytes"

The variable "bytes" has previously been declared as the bytes of the permissions for the pdf

Below is the fixed section

if (revision >= 4 && !encryptMetadata)
            {
                byte[] b = new byte[4];
                for (int i = 0; i < 4; ++i)
                {
                    b[i] = 0xFF;
                }

                tmp.AddRange(b);
            }

After that the pdf I had worked fine

ADMIN
Tanya
Posted on: 31 May 2018 08:25
Thank you for sharing your feedback. Continue following this item so you can be notified of status changes on it.
GuiGuiGui
Posted on: 30 May 2018 15:36
Our experience for this was with an edit-restricted PDF file. The file opens in Adobe Acrobat but page extraction, document changing, etc are restricted. These restrictions are facilitated by encrypting the PDF.

On attempting to import the PDF with PdfFormatProvider this message is encountered.
System.InvalidOperationException: Password is not correct.