Package com.itextpdf.kernel.pdf
Class EncryptionProperties
- java.lang.Object
-
- com.itextpdf.kernel.pdf.EncryptionProperties
-
public class EncryptionProperties extends java.lang.Object
Allows configuration of output PDF encryption.
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static MacProperties
DEFAULT_MAC_PROPERTIES
protected int
encryptionAlgorithm
protected MacProperties
macProperties
MacProperties
class to configure MAC integrity protection properties.protected byte[]
ownerPassword
protected java.security.cert.Certificate[]
publicCertificates
protected int[]
publicKeyEncryptPermissions
protected int
standardEncryptPermissions
protected byte[]
userPassword
-
Constructor Summary
Constructors Constructor Description EncryptionProperties()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private void
clearEncryption()
(package private) boolean
isPublicKeyEncryptionUsed()
(package private) boolean
isStandardEncryptionUsed()
private static void
randomBytes(byte[] bytes)
EncryptionProperties
setPublicKeyEncryption(java.security.cert.Certificate[] certs, int[] permissions, int encryptionAlgorithm, MacProperties macProperties)
Sets the certificate encryption options for the document.EncryptionProperties
setStandardEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionAlgorithm)
Sets the encryption options for the document.EncryptionProperties
setStandardEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionAlgorithm, MacProperties macProperties)
Sets the encryption options for the document.
-
-
-
Field Detail
-
encryptionAlgorithm
protected int encryptionAlgorithm
-
userPassword
protected byte[] userPassword
-
ownerPassword
protected byte[] ownerPassword
-
standardEncryptPermissions
protected int standardEncryptPermissions
-
publicCertificates
protected java.security.cert.Certificate[] publicCertificates
-
publicKeyEncryptPermissions
protected int[] publicKeyEncryptPermissions
-
macProperties
protected MacProperties macProperties
MacProperties
class to configure MAC integrity protection properties.
-
DEFAULT_MAC_PROPERTIES
static final MacProperties DEFAULT_MAC_PROPERTIES
-
-
Method Detail
-
setStandardEncryption
public EncryptionProperties setStandardEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionAlgorithm)
Sets the encryption options for the document.- Parameters:
userPassword
- the user password. Can be null or of zero length, which is equal to omitting the user passwordownerPassword
- the owner password. If it's null or empty, iText will generate a random string to be used as the owner passwordpermissions
- the user permissions. The open permissions for the document can beEncryptionConstants.ALLOW_PRINTING
,EncryptionConstants.ALLOW_MODIFY_CONTENTS
,EncryptionConstants.ALLOW_COPY
,EncryptionConstants.ALLOW_MODIFY_ANNOTATIONS
,EncryptionConstants.ALLOW_FILL_IN
,EncryptionConstants.ALLOW_SCREENREADERS
,EncryptionConstants.ALLOW_ASSEMBLY
andEncryptionConstants.ALLOW_DEGRADED_PRINTING
. The permissions can be combined by ORing themencryptionAlgorithm
- the type of encryption. It can be one ofEncryptionConstants.STANDARD_ENCRYPTION_40
,EncryptionConstants.STANDARD_ENCRYPTION_128
,EncryptionConstants.ENCRYPTION_AES_128
,EncryptionConstants.ENCRYPTION_AES_256
orEncryptionConstants.ENCRYPTION_AES_GCM
. OptionallyEncryptionConstants.DO_NOT_ENCRYPT_METADATA
can be OEed to output the metadata in cleartext.EncryptionConstants.EMBEDDED_FILES_ONLY
can be ORed as well. Please be aware that the passed encryption types may override permissions:EncryptionConstants.STANDARD_ENCRYPTION_40
implicitly setsEncryptionConstants.DO_NOT_ENCRYPT_METADATA
andEncryptionConstants.EMBEDDED_FILES_ONLY
as false;EncryptionConstants.STANDARD_ENCRYPTION_128
implicitly setsEncryptionConstants.EMBEDDED_FILES_ONLY
as false;- Returns:
- this
EncryptionProperties
-
setStandardEncryption
public EncryptionProperties setStandardEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionAlgorithm, MacProperties macProperties)
Sets the encryption options for the document.- Parameters:
userPassword
- the user password. Can be null or of zero length, which is equal to omitting the user passwordownerPassword
- the owner password. If it's null or empty, iText will generate a random string to be used as the owner passwordpermissions
- the user permissions. The open permissions for the document can beEncryptionConstants.ALLOW_PRINTING
,EncryptionConstants.ALLOW_MODIFY_CONTENTS
,EncryptionConstants.ALLOW_COPY
,EncryptionConstants.ALLOW_MODIFY_ANNOTATIONS
,EncryptionConstants.ALLOW_FILL_IN
,EncryptionConstants.ALLOW_SCREENREADERS
,EncryptionConstants.ALLOW_ASSEMBLY
andEncryptionConstants.ALLOW_DEGRADED_PRINTING
. The permissions can be combined by ORing themencryptionAlgorithm
- the type of encryption. It can be one ofEncryptionConstants.STANDARD_ENCRYPTION_40
,EncryptionConstants.STANDARD_ENCRYPTION_128
,EncryptionConstants.ENCRYPTION_AES_128
,EncryptionConstants.ENCRYPTION_AES_256
orEncryptionConstants.ENCRYPTION_AES_GCM
. OptionallyEncryptionConstants.DO_NOT_ENCRYPT_METADATA
can be OEed to output the metadata in cleartext.EncryptionConstants.EMBEDDED_FILES_ONLY
can be ORed as well. Please be aware that the passed encryption types may override permissions:EncryptionConstants.STANDARD_ENCRYPTION_40
implicitly setsEncryptionConstants.DO_NOT_ENCRYPT_METADATA
andEncryptionConstants.EMBEDDED_FILES_ONLY
as false;EncryptionConstants.STANDARD_ENCRYPTION_128
implicitly setsEncryptionConstants.EMBEDDED_FILES_ONLY
as false;macProperties
-MacProperties
class to configure MAC integrity protection properties. Passnull
if you want to disable MAC protection for any reason- Returns:
- this
EncryptionProperties
-
setPublicKeyEncryption
public EncryptionProperties setPublicKeyEncryption(java.security.cert.Certificate[] certs, int[] permissions, int encryptionAlgorithm, MacProperties macProperties)
Sets the certificate encryption options for the document.An array of one or more public certificates must be provided together with an array of the same size for the permissions for each certificate.
- Parameters:
certs
- the public certificates to be used for the encryptionpermissions
- the user permissions for each of the certificates The open permissions for the document can beEncryptionConstants.ALLOW_PRINTING
,EncryptionConstants.ALLOW_MODIFY_CONTENTS
,EncryptionConstants.ALLOW_COPY
,EncryptionConstants.ALLOW_MODIFY_ANNOTATIONS
,EncryptionConstants.ALLOW_FILL_IN
,EncryptionConstants.ALLOW_SCREENREADERS
,EncryptionConstants.ALLOW_ASSEMBLY
andEncryptionConstants.ALLOW_DEGRADED_PRINTING
. The permissions can be combined by ORing themencryptionAlgorithm
- the type of encryption. It can be one ofEncryptionConstants.STANDARD_ENCRYPTION_40
,EncryptionConstants.STANDARD_ENCRYPTION_128
,EncryptionConstants.ENCRYPTION_AES_128
,EncryptionConstants.ENCRYPTION_AES_256
orEncryptionConstants.ENCRYPTION_AES_GCM
. OptionallyEncryptionConstants.DO_NOT_ENCRYPT_METADATA
can be ORed to output the metadata in cleartext.EncryptionConstants.EMBEDDED_FILES_ONLY
can be ORed as well. Please be aware that the passed encryption types may override permissions:EncryptionConstants.STANDARD_ENCRYPTION_40
implicitly setsEncryptionConstants.DO_NOT_ENCRYPT_METADATA
andEncryptionConstants.EMBEDDED_FILES_ONLY
as false;EncryptionConstants.STANDARD_ENCRYPTION_128
implicitly setsEncryptionConstants.EMBEDDED_FILES_ONLY
as false;macProperties
-MacProperties
class to configure MAC integrity protection properties. Passnull
if you want to disable MAC protection for any reason- Returns:
- this
EncryptionProperties
-
isStandardEncryptionUsed
boolean isStandardEncryptionUsed()
-
isPublicKeyEncryptionUsed
boolean isPublicKeyEncryptionUsed()
-
clearEncryption
private void clearEncryption()
-
randomBytes
private static void randomBytes(byte[] bytes)
-
-