summaryrefslogtreecommitdiff
blob: 0f77e556253afc9f8a0b9adca91798a7d6116612 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
% Copyright (C) 2001-2019 Artifex Software, Inc.
% All Rights Reserved.
%
% This software is provided AS-IS with no warranty, either express or
% implied.
%
% This software is distributed under license and may not be copied,
% modified or distributed except as expressly authorized under the terms
% of the license contained in the file LICENSE in this distribution.
%
% Refer to licensing information at http://www.artifex.com or contact
% Artifex Software, Inc.,  1305 Grant Avenue - Suite 200, Novato,
% CA 94945, U.S.A., +1(415)492-9861, for further information.
%
% Copyright (C) 1996-1998 Geoffrey Keating.
% Copyright (C) 2001-2008 Artifex Software, Inc.
% This file may be freely distributed with or without modifications,
% so long as modified versions are marked as such and copyright notices are
% not removed.

% Implementation of security hooks for PDF reader.

% This file contains the procedures that have to take encryption into
% account when reading a PDF file. It was originally distributed
% separately by Geoffrey Keating as an add-on to version 6 and earlier.

% Modified by Alex Cherepanov to work with GS 6.60 and higher.
% New versions of GS require explicit checks for /true, /false, and /null
% in .decpdfrun. This fix is backward-compatible.

% Modified by Raph Levien and Ralph Giles to use the new C
% implementations of md5 and arcfour in ghostscript 7.01, and to
% be compatible with PDF 1.4 128-bit encryption.

% Modified by Ralph Giles for PDF 1.6 AES encryption.

% Modified by Michael Constant for PDF 1.7 ExtensionLevel 3
% AES-256 encryption.

/.setlanguagelevel where { pop 2 .setlanguagelevel } if
.currentglobal //true .setglobal
pdfdict begin

% Older ghostscript versions do not have .pdftoken, so we use 'token' instead.
/.pdftoken where { pop } { /.pdftoken /token load def } ifelse

% take a stream and arc4 decrypt it.
% <stream> <key> arc4decodefilter <stream>
/arc4decodefilter {
  1 dict begin
  /Key exch def
  currentdict end /ArcfourDecode filter
} bind executeonly def

% <ciphertext> <key> arc4decode <plaintext>
/arc4decode {
  1 index length 0 eq {
    pop
  } {
    1 index length string 3 1 roll arc4decodefilter exch readstring pop
  } ifelse
} bind executeonly def

% take a stream and aes decrypt it.
% <stream> <key> aesdecodefilter <stream>
/aesdecodefilter {
  1 dict begin
  /Key exch def
  currentdict end
  /AESDecode filter
} bind executeonly def

% AES decrypt a string, returning a string.  The second argument can
% be a dictionary of the form << /Key key /Padding false >>, which
% specifies the key and any options for the AESDecode filter, or it
% can just be a string (the key).
%
% <ciphertext> <dict> aesdecode <plaintext>
% <ciphertext> <key> aesdecode <plaintext>
/aesdecode {
  1 index length 0 eq {
    pop
  } {
    1 index length string 3 1 roll

    % If our second argument is a dictionary, it's the full set
    % of decoding options (including the key); pass it directly
    % to the AESDecode filter.  Otherwise, it's just the key, so
    % call aesdecodefilter to construct the dictionary.
    dup type /dicttype eq { /AESDecode filter } { aesdecodefilter } ifelse

    exch readstring pop
  } ifelse
} bind executeonly def

/md5 {
  16 string dup /MD5Encode filter dup 4 3 roll writestring closefile
} bind executeonly def

/md5_trunk {
  md5 0 pdf_key_length getinterval
} bind executeonly def

/sha256 {
  32 string dup /SHA256Encode filter dup 4 3 roll writestring closefile
} bind executeonly def

% <string> contains_non_ascii <bool>
/contains_non_ascii {
  //false exch { 128 ge { pop //true exit } if } forall
} bind executeonly def

/pdf_padding_string
   <28bf4e5e4e758a41 64004e56fffa0108
    2e2e00b6d0683e80 2f0ca9fe6453697a>
def

% Pad a key out to 32 bytes.
/pdf_pad_key {         % <key> pdf_pad_key <padded key>
  dup length 32 gt { 0 32 getinterval } if
  pdf_padding_string
  0 32 3 index length sub getinterval
  concatstrings
} bind executeonly def

/pdf_xorbytes {      % <iter-num> <key> pdf_xorbytes <xored-key>
  dup length dup string
  exch 1 sub 0 1 3 2 roll {
    % <iter-num> <key> <new-key> <byte-num>
    dup 3 index exch get 4 index xor
    % <iter-num> <key> <new-key> <byte-num> <byte>
    3 copy put pop pop
  } for
  3 1 roll pop pop
} bind executeonly def

% Get length of encryption key in bytes
/pdf_key_length {    % pdf_key_length <key_length>
  Trailer /Encrypt oget
  dup /V knownoget not { 0 } if 1 eq
  { pop 5 }	% If V == 1 then always use 40 bits
  { /Length knownoget { -3 bitshift } { 5 } ifelse }
  ifelse
} bind executeonly def

% Algorithm 3.2
/pdf_compute_encryption_key {  % <password> pdf_compute_encryption_key <key>
  % Step 1.
  pdf_pad_key

  % Step 2, 3.
  Trailer /Encrypt oget dup /O oget
  % <padded-key> <encrypt> <O>

  % Step 4.
  exch /P oget 4 string exch
  2 copy 255 and 0 exch put
  2 copy -8 bitshift 255 and 1 exch put
  2 copy -16 bitshift 255 and 2 exch put
  2 copy -24 bitshift 255 and 3 exch put pop
  % <padded-key> <O> <P>

  % Step 5.
  Trailer /ID knownoget { 0 oget } {
    ()
    (   **** Error: ID key in the trailer is required for encrypted files.\n) pdfformaterror
    (               File may not be possible to decrypt.\n) pdfformaterror
  } ifelse
  3 { concatstrings } repeat
  % We will finish step 5 after possibly including step 6.

  % The following only executed for /R equal to 3 or more
  Trailer /Encrypt oget dup /R oget dup 3 ge {

     % Step 6.  If EncryptMetadata is false, pass 0xFFFFFFFF to md5 function
     % The PDF 1.5 Spec says that EncryptMetadata is an undocumented
     % feature of PDF 1.4.  That implies that this piece of logic should
     % be executed if R >= 3.  However testing with Acrobat 5.0 and 6.0 shows
     % that this step is not executed if R equal to 3.  Thus we have a test for
     % R being >= 4.
     4 ge {
       /EncryptMetadata knownoget	% Get EncryptMetadata (if present)
       not { //true } if		% Default is true
       not {				% If EncryptMetadata is false
         <ff ff ff ff> concatstrings	% Add 0xFFFFFFFF to working string
       } if
     } {
       pop				% Remove Encrypt dict
     } ifelse
     md5_trunk				% Finish step 5 and 6.

     % Step 7.  Executed as part of step 6
     % Step 8.  (This step is defintely a part of PDF 1.4.)
     50 { md5_trunk } repeat
  } {
     pop pop md5_trunk			% Remove R, Encrypt dict, finish step 5
  } ifelse

  % Step 9 - Done in md5_trunk.
} bind executeonly def

% Algorithm 3.4
/pdf_gen_user_password_R2 { % <filekey> pdf_gen_user_password_R2 <U>

  % Step 2.
  pdf_padding_string exch arc4decode
} bind executeonly def

% Algorithm 3.5
/pdf_gen_user_password_R3 { % <filekey> pdf_gen_user_password_R3 <U>

  % Step 2.
  pdf_padding_string

  % Step 3.
  Trailer /ID knownoget { 0 oget } {
    ()
    (   **** Error: ID key in the trailer is required for encrypted files.\n) pdfformaterror
    (               File may not be possible to decrypt.\n) pdfformaterror
  } ifelse
  concatstrings md5

  % Step 4.
  1 index arc4decode

  % Step 5.
  1 1 19 {
    2 index pdf_xorbytes arc4decode
  } for
  exch pop

} bind executeonly def

/pdf_gen_user_password { % <password> pdf_gen_user_password <filekey> <U>
  % common Step 1 of Algorithms 3.4 and 3.5.
  pdf_compute_encryption_key dup

  Trailer /Encrypt oget

  /R oget dup 2 eq {
    pop pdf_gen_user_password_R2
  } {
    dup 3 eq {
      pop pdf_gen_user_password_R3
    } {
      dup 4 eq {	% 4 uses the algorithm as 3
        pop pdf_gen_user_password_R3
      } {
        % This procedure is only used if R is between 2 and 4,
        % so we should never get here.
        /pdf_gen_user_password cvx /undefined signalerror
      } ifelse
    } ifelse
  } ifelse
} bind executeonly def

% Algorithm 3.6
% <password> pdf_check_pre_r5_user_password <filekey> true
% <password> pdf_check_pre_r5_user_password false
/pdf_check_pre_r5_user_password {
  pdf_gen_user_password

  Trailer /Encrypt oget /U oget

  0 2 index length getinterval eq {
    //true
  } {
    pop //false
  } ifelse
} bind executeonly def

% Compute an owner key, ie the result of step 4 of Algorithm 3.3
/pdf_owner_key % <password> pdf_owner_key <owner-key>
{
  % Step 1.
  pdf_pad_key

  % Step 2.
  md5_trunk

  % 3.3 Step 3.  Only executed for /R equal to 3 or more
  Trailer /Encrypt oget /R oget 3 ge {
    50 { md5_trunk } repeat
  } if

  % Step 4 - Done in md5_trunk.
} bind executeonly def

% Algorithm 3.7
% <password> pdf_check_pre_r5_owner_password <filekey> true
% <password> pdf_check_pre_r5_owner_password false
/pdf_check_pre_r5_owner_password {
  % Step 1.
  pdf_owner_key

  % Step 2.
  Trailer /Encrypt oget dup /O oget 2 index arc4decode
  % <encryption-key> <encrypt-dict> <decrypted-O>

  % Step 3.  Only executed for /R equal to 3 or more
  exch /R oget 3 ge {
    1 1 19 {
      2 index pdf_xorbytes arc4decode
    } for
  } if
  exch pop
  % <result-of-step-3>

  pdf_check_pre_r5_user_password
} bind executeonly def

% Algorithm 3.2a
% <password> pdf_check_r5_password <filekey> true
% <password> pdf_check_r5_password false
/pdf_check_r5_password {
  10 dict begin                   % temporary dict for local variables

  % Step 1.
  % If the .saslprep operator isn't available (because ghostscript
  % wasn't built with libidn support), just skip this step.  ASCII
  % passwords will still work fine, and even most non-ASCII passwords
  % will be okay; any non-ASCII passwords that fail will produce a
  % warning from pdf_process_Encrypt.
  /.saslprep where { pop .saslprep } if

  % Step 2.
  dup length 127 gt { 0 127 getinterval } if
  /Password exch def

  % Step 3.
  /O Trailer /Encrypt oget /O oget def
  /U Trailer /Encrypt oget /U oget def

  Password O 32 8 getinterval concatstrings
  U 0 48 getinterval concatstrings sha256

  O 0 32 getinterval eq {
    % Step 3, second paragraph.

    Password O 40 8 getinterval concatstrings
    U 0 48 getinterval concatstrings sha256

    16 string Trailer /Encrypt oget /OE oget concatstrings
    << /Key 4 -1 roll /Padding //false >> aesdecode //true
  } {
    % Step 4.
    Password U 32 8 getinterval concatstrings sha256
    U 0 32 getinterval eq {
      % Step 4, second paragraph.
      Password U 40 8 getinterval concatstrings sha256

      16 string Trailer /Encrypt oget /UE oget concatstrings
      << /Key 4 -1 roll /Padding //false >> aesdecode //true
    } {
      //false
    } ifelse
  } ifelse

  % Step 5.
  dup {
    % Adobe says to decrypt the Perms string using "ECB mode with
    % an initialization vector of zero", which must be a mistake --
    % ECB mode doesn't use initialization vectors.  It looks like
    % they meant "ECB mode, or CBC mode with an initialization
    % vector of zero", since the two are equivalent for a single-
    % block message.  We use the latter.
    16 string Trailer /Encrypt oget /Perms oget concatstrings
    << /Key 4 index /Padding //false >> aesdecode

    9 3 getinterval (adb) eq not {
      (   **** Error: Failed to decrypt Perms string.\n) pdfformaterror
      (               Cannot decrypt PDF file.\n) pdfformaterror
      printProducer
      /pdf_check_r5_password cvx /rangecheck signalerror
    } if
  } if

  end
} bind executeonly def

% <password> pdf_check_password <filekey> true
% <password> pdf_check_password false
/pdf_check_password {
  % If R is 2, 3, or 4, use Algorithms 3.6 and 3.7 to see if this is
  % a valid user or owner password.  Following historical practice,
  % we treat the password as an arbitrary string of bytes and don't
  % interpret it in any way.  (If the password fails, it would be
  % nice to try some plausible character set conversions, but this
  % gets complicated.  Even Adobe products don't seem to handle it
  % consistently.)
  %
  % If R is 5, use Algorithm 3.2a.  The password should be text, in
  % either UTF-8 or the current locale's charset.

  Trailer /Encrypt oget /R oget

  dup dup 2 ge exch 4 le and {
    pop
    dup pdf_check_pre_r5_user_password {
      exch pop //true
    } {
      pdf_check_pre_r5_owner_password
    } ifelse
  } {
    dup 5 eq {
      pop
      % First, try the password as UTF-8.
      dup pdf_check_r5_password {
        exch pop //true
      } {
        % The password didn't work as UTF-8, so maybe it's in the
        % locale character set instead.  If possible, convert it to
        % UTF-8 and try again.
        /.locale_to_utf8 where {
          pop .locale_to_utf8 pdf_check_r5_password
        } {
          pop //false
        } ifelse
      } ifelse
    } {
      dup 6 eq {
        pop
        % First, try the password as UTF-8.
        dup Trailer /Encrypt oget //check_r6_password exec {
          exch pop //true
        } {
          % The password didn't work as UTF-8, so maybe it's in the
          % locale character set instead.  If possible, convert it to
          % UTF-8 and try again.
          /.locale_to_utf8 where {
            pop .locale_to_utf8 Trailer /Encrypt oget //check_r6_password exec
          } {
            pop //false
          } ifelse
        } ifelse
      } {
        (   **** Warning: This file uses an unknown standard security handler revision: )
        exch =string cvs concatstrings (\n) concatstrings pdfformatwarning
        (                 Cannot decrypt PDF file.\n) pdfformaterror
        printProducer
        /pdf_check_password cvx /undefined signalerror
      } ifelse
    } ifelse
  } ifelse
} bind executeonly def
systemdict /check_r6_password .forceundef

% Process the encryption information in the Trailer.
/pdf_process_Encrypt {
  Trailer /Encrypt oget
  /Filter oget /Standard eq not {
    (   **** Warning: This file uses an unknown security handler.\n) pdfformatwarning
    (                 Cannot decrypt PDF file.\n) pdfformaterror
    printProducer
    /pdf_process_Encrypt cvx /undefined signalerror
  } if
  () pdf_check_password
  {
    /FileKey exch def
  } {
    /PDFPassword where {
       pop PDFPassword pdf_check_password
       {
         /FileKey exch def
       } {
         (   **** Error: Password did not work.\n) pdfformaterror
         (               Cannot decrypt PDF file.\n) pdfformaterror

         % If ghostscript was built without libidn, it's missing the
         % .saslprep operator and thus can't do proper Unicode password
         % normalization.  Similarly, if the system provides neither
         % iconv nor the Windows MultiByteToWideChar function, then we
         % won't have the .locale_to_utf8 operator to convert passwords
         % from the locale character set to UTF-8.
         %
         % It's not a huge problem if you're missing either or both of
         % these.  ASCII passwords will work fine regardless, and even
         % Unicode passwords will often be okay.
         %
         % However, if .saslprep or .locale_to_utf8 is missing, and the
         % user enters a non-ASCII password that doesn't work, we give
         % a warning message.
         PDFPassword contains_non_ascii {
           /.saslprep where not {
             (   **** WARNING: Ghostscript was configured without libidn,\n)
             (   **** so non-ASCII passwords aren't supported!\n)
             concatstrings pdfformaterror
           } {
             pop
             /.locale_to_utf8 where not {
               (   **** WARNING: Ghostscript was configured without iconv,\n)
               (   **** so non-ASCII passwords aren't supported!\n)
               concatstrings pdfformaterror
             } {
               pop
             } ifelse
           } ifelse
         } if

         /pdf_process_Encrypt cvx /invalidfileaccess signalerror
       } ifelse
    } {
      (   **** This file requires a password for access.\n) pdfformaterror
      /pdf_process_Encrypt cvx /invalidfileaccess signalerror
    } ifelse
  } ifelse

%   Trailer /Encrypt oget /P oget 4 and 0 eq #? and
%    { (   ****This owner of this file has requested you do not print it.\n)
%      pdfformaterror printProducer
%      /pdf_process_Encrypt cvx /invalidfileaccess signalerror
%    }
%   if
} bind executeonly def

% Calculate the key used to decrypt an object (to pass to .decpdfrun or
% put into a stream dictionary).
/computeobjkey	% <object#> <generation#> computeobjkey <keystring>
{
  Trailer /Encrypt oget /V oget 5 eq {
    % Encrypt version 5 doesn't use object keys; everything is
    % encrypted with the file key.
    pop pop FileKey
  } {
    exch
    FileKey length 5 add string
    dup 0 FileKey putinterval
    exch
                  % stack:  gen# string obj#
      2 copy 255 and FileKey length exch put
      2 copy -8 bitshift 255 and FileKey length 1 add exch put
      2 copy -16 bitshift 255 and FileKey length 2 add exch put
    pop exch
      2 copy 255 and FileKey length 3 add exch put
      2 copy -8 bitshift 255 and FileKey length 4 add exch put
    pop
      % this step is for the AES cipher only
      Trailer /Encrypt oget
      dup /StmF knownoget {
        %% Treat StmF of 'Identity' the same as if it is missing.
        dup /Identity eq {
          pop pop
        } {
          exch /CF knownoget {
            exch oget /CFM oget /AESV2 eq {
              (sAlT) concatstrings
            } if
          } {
            pop
          } ifelse
        } ifelse
      } {
        pop
      } ifelse
    md5 0 FileKey length 5 add 2 index length .min getinterval
  } ifelse
} bind executeonly def

% As .pdfrun, but decrypt strings with key <key>.
/PDFScanRules_true << /PDFScanRules //true >> def
/PDFScanRules_null << /PDFScanRules //null >> def
/.decpdfrun			% <file> <keystring> <opdict> .decpdfrun -
 {     % Construct a procedure with the file, opdict and key bound into it.
   2 index cvlit mark
   /PDFScanRules .getuserparam //null eq {
     //PDFScanRules_true { setuserparams } 0 get % force PDF scanning mode
     mark 7 4 roll
   } {
     mark 5 2 roll
   } ifelse
    { .pdftoken not { (%%EOF) cvn cvx } if
      dup xcheck
       { PDFDEBUG { dup //== exec flush } if
         3 -1 roll pop
         2 copy .knownget
          { exch pop exch pop exec
          }
          { exch pop
            dup /true eq
              { pop //true
              }
              { dup /false eq
                  { pop //false
                  }
                  { dup /null eq
                      { pop //null
                      }
                      { (   **** Error: Unknown operator: )
                        exch =string cvs concatstrings (\n) concatstrings
                        pdfformaterror
                        (               Output may be incorrect.\n) pdfformaterror
                      }
                    ifelse
                  }
                ifelse
              }
            ifelse
          }
         ifelse
       }
       { exch pop PDFDEBUG { dup ==only ( ) print flush } if
         dup type /stringtype eq
          {
        % Check if we have encrypted strings R>=4 allows for
        % selection of encryption on streams and strings
            Trailer /Encrypt oget	% Get encryption dictionary
            dup /R oget 4 lt		% only >=4 has selectable
             {				% R < 4 --> arc4 strings
               pop 1 index arc4decode	% Decrypt string
               PDFDEBUG { (%Decrypted: ) print dup //== exec flush } if
             } {			% Else R >= 4
               /StrF knownoget		% Get StrF (if present)
                {			% If StrF is present ...
                  dup /Identity eq not	% Check if StrF != Identity
                   { /StdCF eq
                       { Trailer /Encrypt oget /CF knownoget {
                           /StdCF oget /CFM oget
                           dup /AESV2 eq exch /AESV3 eq or
                         } {
                           //false
                         } ifelse {     % Decrypt string
                           1 index aesdecode
                         } {
                           1 index arc4decode
                         } ifelse
                       }
                       { 1 index arc4decode }
                     ifelse		% If StrF != StdCF
                     PDFDEBUG { (%Decrypted: ) print dup //== exec flush } if
                   }
                   { pop }
                  ifelse		% If StrF != identity
                }
               if			% If StrF is known
             }
            ifelse			% Ifelse R < 4
          } {
            dup type /nametype eq {
              .pdffixname
            } if
          }
         ifelse
         exch pop
       }
      ifelse
    }
   aload pop //.packtomark exec cvx
   { loop } 0 get 2 packedarray cvx
    { stopped } 0 get
   /PDFScanRules .getuserparam //null eq {
     //PDFScanRules_null { setuserparams } 0 get % reset PDF scannig mode if it was off
   } if
   /PDFsource PDFsource
    { store { stop } if } aload pop //.packtomark exec cvx
   /PDFsource 3 -1 roll store exec
 } bind executeonly def
currentdict /PDFScanRules_true undef
currentdict /PDFScanRules_null undef

% Run the code to resolve an object reference.
/pdf_run_resolve
{ /FileKey where			% Check if the file is encrypted
  { pop					% File is encrypted
    2 copy computeobjkey dup 4 1 roll
    PDFfile exch resolveopdict .decpdfrun
    dup dup dup 5 2 roll
        % stack: object object key object object
    {	% Use loop to provide an exitable context.
      xcheck exch type /dicttype eq and % Check if executable dictionary
      not {				% If object is not ...
        pop pop				% ignore object
        exit				% Exit 'loop' context
      } if				% If not possible stream
        % Starting with PDF 1.4 (R = 3), there are some extra features
        % which control encryption of streams.  The EncryptMetadata entry
        % in the Encrypt dict controls the encryption of metadata streams.
      Trailer /Encrypt oget		% Get encryption dictionary
      dup /R oget dup 3 lt		% Only PDF 1.4 and higher has options
      {					% R < 3 --> all streams encrypted
        pop pop /StreamKey exch put	% Insert StreamKey in dictionary
        exit				% Exit 'loop' context
      } if
        % Check EncryptMeta.  stack: object object key Encrypt R
      exch dup /EncryptMetadata knownoget % Get EncryptMetadata (if present)
      not { //true } if			% If not present default = true
      not				% Check if EncryptMetadata = false
      {					% if false we need to check the stream type
        3 index /Type knownoget		% Get stream type (if present)
        not { //null } if		% If type not present use fake name
        /Metadata eq			% Check if the type is Metadata
        { pop pop pop pop		% Type == Metadata --> no encryption
          exit				% Exit 'loop' context
        } if
      } if
        % PDF 1.5 encryption (R == 4) has selectable encryption handlers.  If
        % this is not PDF 1.5 encryption (R < 4) then we are done checking and
        % we need to decrypt the stream.  stack: object object key R Encrypt
      exch 4 lt				% Check for less than PDF 1.5
      { pop /StreamKey exch put		% Insert StreamKey in dictionary
        exit				% Exit 'loop' context
      } if
        % Check if the stream encryption handler (StmF) == Identity.
      PDFDEBUG {
        Trailer /Encrypt oget /CF knownoget {
          /StdCF oget /CFM oget
          (Encrypt StmF is StdCF with CFM ) print =
        } if
      } if
      /StmF knownoget			% Get StmF (if present)
      not { /Identity } if		% If StmF not present default = Identity
      /Identity eq			% Check if StmF == Identity
      { pop pop				% Identity --> no encryption
        exit				% Exit 'loop' context
      } if
        % If we get here then we need to decrypt the stream.
      /StreamKey exch put		% Insert StreamKey into dictionary
      exit				% Exit 'loop' context, never loop
    } loop				% End of loop exitable context
  } {					% Else file is not encrypted
    PDFfile resolveopdict .pdfrun
  } ifelse				% Ifelse encrypted
} bind executeonly def

% Prefix a decryption filter to a stream if needed.
% Stack: readdata? dict parms file/string filternames
% (both before and after).
/pdf_decrypt_stream
 { 3 index /StreamKey known	% Check if the file is encrypted
   {
      exch
        % Stack: readdata? dict parms filternames file/string
      3 index /StreamKey get
      Trailer /Encrypt oget
      dup /StmF knownoget
       {                        % stack: key Encrypt StmF
        exch /CF knownoget {
          exch oget /CFM oget	% stack: key StmF-CFM
          dup /AESV2 eq exch /AESV3 eq or
        } { pop //false } ifelse
         { aesdecodefilter }	% install the requested filter
         { arc4decodefilter }
        ifelse
       }
       { pop arc4decodefilter }	% fallback for no StmF
      ifelse
      exch
   } if
 } bind executeonly def

end			% pdfdict

systemdict /pdfdict .forceundef		% hide pdfdict

.setglobal