Class AbstractMacIntegrityProtector

    • Method Detail

      • setFileEncryptionKey

        public void setFileEncryptionKey​(byte[] fileEncryptionKey)
        Sets file encryption key to be used during MAC calculation.
        Parameters:
        fileEncryptionKey - byte[] file encryption key bytes
      • getKdfSalt

        public byte[] getKdfSalt()
        Gets KDF salt bytes, which are used during MAC key encryption.
        Returns:
        byte[] KDF salt bytes.
      • setKdfSalt

        public void setKdfSalt​(byte[] kdfSalt)
        Sets KDF salt bytes, to be used during MAC key encryption.
        Parameters:
        kdfSalt - byte[] KDF salt bytes.
      • validateMacToken

        public void validateMacToken()
        Validates MAC container integrity. This method throws PdfException in case of any modifications, introduced to the document in question, after MAC container is integrated.
      • digestBytes

        protected byte[] digestBytes​(byte[] bytes)
                              throws java.security.NoSuchAlgorithmException,
                                     java.io.IOException,
                                     java.security.NoSuchProviderException
        Digests provided bytes based on hash algorithm, specified for this class instance.
        Parameters:
        bytes - byte[] to be digested
        Returns:
        digested bytes.
        Throws:
        java.security.NoSuchAlgorithmException - in case of digesting algorithm related exceptions
        java.io.IOException - in case of input-output related exceptions
        java.security.NoSuchProviderException - thrown when a particular security provider is requested but is not available in the environment
      • digestBytes

        protected byte[] digestBytes​(java.io.InputStream inputStream)
                              throws java.security.NoSuchAlgorithmException,
                                     java.io.IOException,
                                     java.security.NoSuchProviderException
        Digests provided input stream based on hash algorithm, specified for this class instance.
        Parameters:
        inputStream - InputStream to be digested
        Returns:
        digested bytes.
        Throws:
        java.security.NoSuchAlgorithmException - in case of digesting algorithm related exceptions
        java.io.IOException - in case of input-output related exceptions
        java.security.NoSuchProviderException - thrown when a particular security provider is requested but is not available in the environment
      • createMacContainer

        protected IDERSequence createMacContainer​(byte[] dataDigest,
                                                  byte[] macKey,
                                                  byte[] signature)
                                           throws java.security.GeneralSecurityException,
                                                  java.io.IOException
        Creates MAC container as ASN1 object based on data digest, MAC key and signature parameters.
        Parameters:
        dataDigest - data digest as byte[] to be used during MAC container creation
        macKey - MAC key as byte[] to be used during MAC container creation
        signature - signature value as byte[] to be used during MAC container creation
        Returns:
        MAC container as IDERSequence.
        Throws:
        java.security.GeneralSecurityException - in case of security related exceptions
        java.io.IOException - in case of input-output related exceptions
      • generateMac

        private byte[] generateMac​(byte[] macKey,
                                   byte[] data)
                            throws java.security.NoSuchAlgorithmException,
                                   java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • generateEncryptedKey

        private byte[] generateEncryptedKey​(byte[] macKey,
                                            byte[] macKek)
                                     throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • generateDecryptedKey

        private byte[] generateDecryptedKey​(byte[] encryptedMacKey)
                                     throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • getMacAlgorithmOid

        private java.lang.String getMacAlgorithmOid()
      • getKeyWrappingAlgorithmOid

        private java.lang.String getKeyWrappingAlgorithmOid()
      • createMessageDigestSequence

        private IDERSequence createMessageDigestSequence​(byte[] messageBytes)
                                                  throws java.security.NoSuchAlgorithmException,
                                                         java.io.IOException,
                                                         java.security.NoSuchProviderException
        Throws:
        java.security.NoSuchAlgorithmException
        java.io.IOException
        java.security.NoSuchProviderException
      • createAuthAttributes

        private IDERSet createAuthAttributes​(byte[] messageBytes)
                                      throws java.security.NoSuchAlgorithmException,
                                             java.io.IOException,
                                             java.security.NoSuchProviderException
        Throws:
        java.security.NoSuchAlgorithmException
        java.io.IOException
        java.security.NoSuchProviderException
      • createPdfMacIntegrityInfo

        private static byte[] createPdfMacIntegrityInfo​(byte[] dataDigest,
                                                        byte[] signatureDigest)
                                                 throws java.io.IOException
        Throws:
        java.io.IOException
      • generateRandomBytes

        protected static byte[] generateRandomBytes​(int length)