OpenSSL::Cipher::CipherError: bad decrypt

yob / pdf-reader

The PDF::Reader library implements a PDF parser conforming as much as possible to the PDF specification from Adobe.

MIT License

1.81k stars 271 forks source link

OpenSSL::Cipher::CipherError: bad decrypt #534

Open krystof-k opened 7 months ago

krystof-k commented 7 months ago

I have the following PDF, which is not encrypted, only locked for edits.

bad_decrypt.pdf

When trying to read it, it raises OpenSSL::Cipher::CipherError: bad decrypt error:

PDF::Reader.new("./bad_decrypt.pdf").pages
/app/vendor/bundle/ruby/3.1.0/gems/pdf-reader-2.12.0/lib/pdf/reader/aes_v2_security_handler.rb:37:in `final': bad decrypt (OpenSSL::Cipher::CipherError)

Is there a way how to skip the decrypt and try to read it without decrypting?

yob commented 7 months ago

I believe PDFs that are "locked for edit" are actually encrypted, although with a very weak scheme.

Looking at the raw file confirmed it is encrypted, but evince is able to decrypt and display it so this is definitely a bug in pdf-reader. Unfortunately there's no way skip the decryption.

krystof-k commented 7 months ago

I see, I have no deep insight into the PDFs structure itself. Any idea how to investigate? I'd be happy to help but don't know where to start.