Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pad rev 4 encryption keys to be >= 16 bytes (issue 19484) #19555

Merged
merged 1 commit into from
Feb 25, 2025
Merged

Pad rev 4 encryption keys to be >= 16 bytes (issue 19484) #19555

merged 1 commit into from
Feb 25, 2025

Conversation

rossj
Copy link
Contributor

@rossj rossj commented Feb 24, 2025

This PR fixes issue #19484 by extending too-short keys to 16 bytes (padded with 0s) for revision 4 encryption. This key-extension behavior seems undocumented, but is necessary to properly decrypt string & stream data of problematic files found in the wild (supposedly generated by InDesign).

@Snuffleupagus
Copy link
Collaborator

Snuffleupagus commented Feb 24, 2025
edited
Loading

  • Does this patch pass all existing, i.e. npx gulp test, tests locally?

  • Since I believe that you created those PDFs yourself, could we perhaps commit them to repository instead of relying on links (since that's always preferable where possible)?

  • Can you please add more context to the commit message, i.e. what you included in Pad rev 4 encryption keys to be >= 16 bytes (issue 19484) #19555 (comment), to make the patch understandable on e.g. the git command line as well?

@Snuffleupagus Snuffleupagus changed the title Pad rev 4 encryption keys to be >= 16 bytes. Fixes issue #19484. Pad rev 4 encryption keys to be >= 16 bytes (issue 19484) Feb 24, 2025
@Snuffleupagus Snuffleupagus linked an issue Feb 24, 2025 that may be closed by this pull request
[Feature]: Support rare RC4 encryption where R=4, key length < 128 bits #19484
Closed
Snuffleupagus
Snuffleupagus reviewed Feb 24, 2025
View reviewed changes
@rossj
Copy link
Contributor Author

rossj commented Feb 24, 2025

  • Does this patch pass all existing, i.e. npx gulp test, tests locally?

Mostly, except for:

  • issue5939.pdf - cannot download as link is 404
  • Repeated failure for caches image resources at the document/page level, with main-thread copying of complex images (issue 11518) | in chrome | Expected 1160 to be less than 1064.5. - seems like a timing / perf check, so may be a flaky test
  • I have a number of pages that don't match ref in Chrome, even if I generate fresh refs. Looks like minor single-pixel color differences in the diff viewer. Firefox refs all match.
  • Since I believe that you created those PDFs yourself, could we perhaps commit them to repository instead of relying on links (since that's always preferable where possible)?

Updated

Updated

@Snuffleupagus
Copy link
Collaborator

Snuffleupagus commented Feb 24, 2025
edited
Loading

  • issue5939.pdf - cannot download as link is 404

That one should have been fixed by a PR earlier today.

  • Repeated failure for caches image resources at the document/page level, with main-thread copying of complex images (issue 11518) | in chrome | Expected 1160 to be less than 1064.5. - seems like a timing / perf check, so may be a flaky test

We've seen that occasionally failing on the bots, but as long as Firefox works that's fine.

  • I have a number of pages that don't match ref in Chrome, even if I generate fresh refs. Looks like minor single-pixel color differences in the diff viewer. Firefox refs all match.

We actually had so much trouble with unstable reference tests in Chrome that we nowadays only test in Firefox for that reason.

@Snuffleupagus
Copy link
Collaborator

/botio unittest

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Received

Command cmd_unittest from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.241.84.105:8877/b675d134bbf2b40/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Received

Command cmd_unittest from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.193.163.58:8877/4c0dec0495c1e79/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Success

Full output at http://54.241.84.105:8877/b675d134bbf2b40/output.txt

Total script time: 2.35 mins

  • Unit Tests: Passed

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Success

Full output at http://54.193.163.58:8877/4c0dec0495c1e79/output.txt

Total script time: 7.63 mins

  • Unit Tests: Passed

@Snuffleupagus
Copy link
Collaborator

/botio browsertest

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Received

Command cmd_browsertest from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.241.84.105:8877/2fd0ab3b5122714/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Received

Command cmd_browsertest from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.193.163.58:8877/7ed13e22fbb43d1/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Success

Full output at http://54.241.84.105:8877/2fd0ab3b5122714/output.txt

Total script time: 16.86 mins

  • Regression tests: Passed

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Failed

Full output at http://54.193.163.58:8877/7ed13e22fbb43d1/output.txt

Total script time: 30.49 mins

  • Regression tests: FAILED
  different ref/snapshot: 1

Image differences available at: http://54.193.163.58:8877/7ed13e22fbb43d1/reftest-analyzer.html#web=eq.log

Snuffleupagus
Snuffleupagus approved these changes Feb 25, 2025
View reviewed changes
Copy link
Collaborator

@Snuffleupagus Snuffleupagus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hopefully we have enough test-coverage for this part of the code-base, since we're trying to match unspecified Adobe Reader behaviour here (rather than fixing an "actual" bug).
However, I suppose that we have to land this to actually find out if there's any breakage :-)

r=me, thank you.

@Snuffleupagus Snuffleupagus merged commit aa70b28 into mozilla:master Feb 25, 2025
9 checks passed
@Snuffleupagus
Copy link
Collaborator

/botio makeref

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Received

Command cmd_makeref from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.241.84.105:8877/a652726527fb822/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Received

Command cmd_makeref from @Snuffleupagus received. Current queue size: 0

Live output at: http://54.193.163.58:8877/4855bcef8426829/output.txt

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Linux m4)

Success

Full output at http://54.241.84.105:8877/a652726527fb822/output.txt

Total script time: 16.81 mins

  • Make references: Passed
  • Check references: Passed

@moz-tools-bot
Copy link
Collaborator

From: Bot.io (Windows)

Success

Full output at http://54.193.163.58:8877/4855bcef8426829/output.txt

Total script time: 30.33 mins

  • Make references: Passed
  • Check references: Passed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Snuffleupagus Snuffleupagus Snuffleupagus approved these changes

Assignees
No one assigned
Labels
core
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Feature]: Support rare RC4 encryption where R=4, key length < 128 bits
3 participants
@rossj @Snuffleupagus @moz-tools-bot