Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ownerPassword not set if userPassword if not provided #180

Open
rafikhamid opened this issue Apr 28, 2020 · 2 comments
Open

ownerPassword not set if userPassword if not provided #180

rafikhamid opened this issue Apr 28, 2020 · 2 comments

Comments

@rafikhamid
Copy link

rafikhamid commented Apr 28, 2020
edited

hummusRecipe/lib/encrypt.js

Line 91 in 54d334f

this.encryption_ = this._getEncryptOptions(options);

I need to protect my PDF that has a watermark from being removed, while the PDF should not require a password when opened for read, I achieved that in HummusJS by setting ownerPassword with an empty userPassword like this :

hummus.recrypt('in.pdf', 'out.pdf', {
    userPassword: '',
    ownerPassword: 'secret',
    userProtectionFlag: 4
    });

Now with hummusRecipe, when I try the following code, the out.pdf is not protected in modification

recipe
    .encrypt({
        userPassword: '',
        ownerPassword: 'secret',
        userProtectionFlag: 4
    })
    .endPDF();

because 'userPassword' is not being provided to hummus in 'encryption_' in encrypt.js line 106 :

// At this stage : this.encryption_ = { password: 'secret', ownerPassword: 'secret', userProtectionFlag: 4 }
hummus.recrypt(tmp, this.output, this.encryption_);

and on documentation of HummusJS it is clearly mentionned that ownerPassword is only used when we pass userPassword:

/*
    hummus.recrypt(
        inOriginalPath/inOriginalStream,
        inNewPath/inNewStream,
        [options])

    options = 
    {
        password:
        version:
        compress:
        log:
        userPassword:
        ownerPassword: // must pass userPassword!
        userProtectionFlag: // must pass userPassword!
    }
*/

A workaround is to pass the options as is to HummusJS and not use the _getEncryptOptions method

/**
 * Encrypt the pdf
 * @name encrypt
 * @function
 * @memberof Recipe
 * @param {Object} options - The options
 * @param {string} [options.password] - The permission password.
 * @param {string} [options.ownerPassword] - The password for editing.
 * @param {string} [options.userPassword] - The password for viewing & encryption.
 * @param {number} [options.userProtectionFlag] - The flag for the security level.
 */
exports.encrypt = function encrypt(options = {}) {
    this.needToEncrypt = true;
    this.encryption_ = options; //this._getEncryptOptions(options); // THE WORKAROUND

    return this;
};

Can you please fix. Thanks
@chunyenHuang
Copy link
Owner

Would you mimd put a PR for this since you already have investigated, thanks! @rafikhamid

@rafikhamid
Copy link
Author

Hi @chunyenHuang I did not want to create a PR for this because my fix is to completely remove the method _getEncryptOptions(options); and I am not sure about the purpose of it, so removing it might break something.
If you want me to remove it I can create a PR for it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rafikhamid @chunyenHuang