Package com.lowagie.text.pdf
Class PdfEncryption
- java.lang.Object
-
- com.lowagie.text.pdf.PdfEncryption
-
public class PdfEncryption extends java.lang.Object
-
-
Field Summary
Fields Modifier and Type Field Description static int
AES_128
static int
AES_256_V3
private ARCFOUREncryption
arcfour
private int
cryptoMode
(package private) byte[]
documentID
private boolean
embeddedFilesOnly
Indicates if the encryption is only necessary for embedded files.private boolean
encryptMetadata
(package private) byte[]
extra
Work area to prepare the object/generation bytes(package private) byte[]
key
The encryption key for a particular object/generationprivate int
keyLength
The generic key length.(package private) int
keySize
The encryption key length for a particular object/generation(package private) java.security.MessageDigest
md5
The message digest algorithm MD5private static byte[]
metadataPad
(package private) byte[]
mkey
The global encryption key(package private) byte[]
oeKey
Additional keys for AES_256_V3(package private) byte[]
ownerKey
The encryption key for the ownerprivate static byte[]
pad
(package private) int
permissions
(package private) byte[]
perms
protected PdfPublicKeySecurityHandler
publicKeyHandler
The public key security handler for certificate encryptionprivate int
revision
private static byte[]
salt
(package private) static long
seq
static int
STANDARD_ENCRYPTION_128
static int
STANDARD_ENCRYPTION_40
(package private) byte[]
ueKey
(package private) byte[]
userKey
The encryption key for the user
-
Constructor Summary
Constructors Constructor Description PdfEncryption()
PdfEncryption(PdfEncryption enc)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addRecipient(java.security.cert.Certificate cert, int permission)
int
calculateStreamSize(int n)
(package private) void
computeOAndOeAlg9(byte[] ownerPassword)
implements Algorithm 9: Computing the encryption dictionary’s O (owner password) and OE (owner encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.8private byte[]
computeOwnerKey(byte[] userPad, byte[] ownerPad)
(package private) void
computePermsAlg10(int permissions)
implements Algorithm 10: Computing the encryption dictionary’s Perms (permissions) value (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.9(package private) void
computeUAndUeAlg8(byte[] userPassword)
implements Algorithm 8: Computing the encryption dictionary’s U (user password) and UE (user encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.7byte[]
computeUserPassword(byte[] ownerPassword)
static byte[]
createDocumentId()
static PdfObject
createInfoId(byte[] id)
static PdfObject
createInfoId(byte[] idPartOne, byte[] idPartTwo)
private static byte[]
decodeHex(byte[] hexEncoded)
boolean
decryptAndCheckPerms(byte[] permsValue)
implements step f of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3byte[]
decryptByteArray(byte[] b)
byte[]
encryptByteArray(byte[] b)
int
getCryptoMode()
StandardDecryption
getDecryptor()
PdfDictionary
getEncryptionDictionary()
OutputStreamEncryption
getEncryptionStream(java.io.OutputStream os)
PdfObject
getFileID()
static byte[]
getFileIdChangingPart(PdfObject fileId)
This method returns a changing part of thefileId
when can be identified.(package private) byte[]
hashAlg2B(byte[] input, byte[] salt, byte[] userKey)
implements Algorithm 2.B: Computing a hash (revision 6 and later) - ISO 32000-2 section 7.6.4.3.4boolean
isEmbeddedFilesOnly()
Indicates if only the embedded files have to be encrypted.private static boolean
isHexEncoded(byte[] str)
boolean
isMetadataEncrypted()
private byte[]
padPassword(byte[] userPassword)
void
setCryptoMode(int mode, int kl)
void
setHashKey(int number, int generation)
void
setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
void
setupByEncryptionKey(byte[] key, int keylength)
private void
setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, int permissions)
void
setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions)
implements step d of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3void
setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, int permissions)
private void
setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
void
setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions)
implements step e of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3void
setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, int permissions)
private void
setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
ownerKey, documentID must be setupprivate void
setupUserKey()
mkey must be setup
-
-
-
Field Detail
-
STANDARD_ENCRYPTION_40
public static final int STANDARD_ENCRYPTION_40
- See Also:
- Constant Field Values
-
STANDARD_ENCRYPTION_128
public static final int STANDARD_ENCRYPTION_128
- See Also:
- Constant Field Values
-
AES_128
public static final int AES_128
- See Also:
- Constant Field Values
-
AES_256_V3
public static final int AES_256_V3
- See Also:
- Constant Field Values
-
pad
private static final byte[] pad
-
salt
private static final byte[] salt
-
metadataPad
private static final byte[] metadataPad
-
seq
static long seq
-
publicKeyHandler
protected PdfPublicKeySecurityHandler publicKeyHandler
The public key security handler for certificate encryption
-
key
byte[] key
The encryption key for a particular object/generation
-
keySize
int keySize
The encryption key length for a particular object/generation
-
mkey
byte[] mkey
The global encryption key
-
extra
byte[] extra
Work area to prepare the object/generation bytes
-
md5
java.security.MessageDigest md5
The message digest algorithm MD5
-
ownerKey
byte[] ownerKey
The encryption key for the owner
-
userKey
byte[] userKey
The encryption key for the user
-
oeKey
byte[] oeKey
Additional keys for AES_256_V3
-
ueKey
byte[] ueKey
-
perms
byte[] perms
-
permissions
int permissions
-
documentID
byte[] documentID
-
revision
private int revision
-
arcfour
private ARCFOUREncryption arcfour
-
keyLength
private int keyLength
The generic key length. It may be 40 or 128.
-
encryptMetadata
private boolean encryptMetadata
-
embeddedFilesOnly
private boolean embeddedFilesOnly
Indicates if the encryption is only necessary for embedded files.- Since:
- 2.1.3
-
cryptoMode
private int cryptoMode
-
-
Constructor Detail
-
PdfEncryption
public PdfEncryption()
-
PdfEncryption
public PdfEncryption(PdfEncryption enc)
-
-
Method Detail
-
createDocumentId
public static byte[] createDocumentId()
-
createInfoId
public static PdfObject createInfoId(byte[] id)
-
createInfoId
public static PdfObject createInfoId(byte[] idPartOne, byte[] idPartTwo)
-
getFileIdChangingPart
public static byte[] getFileIdChangingPart(PdfObject fileId)
This method returns a changing part of thefileId
when can be identified. Returns a completefileId
of the changing part is not found.- Parameters:
fileId
-PdfObject
- Returns:
- byte array representing the changing part of the document identifier
-
isHexEncoded
private static boolean isHexEncoded(byte[] str)
-
decodeHex
private static byte[] decodeHex(byte[] hexEncoded)
-
setCryptoMode
public void setCryptoMode(int mode, int kl)
-
getCryptoMode
public int getCryptoMode()
-
isMetadataEncrypted
public boolean isMetadataEncrypted()
-
isEmbeddedFilesOnly
public boolean isEmbeddedFilesOnly()
Indicates if only the embedded files have to be encrypted.- Returns:
- if true only the embedded files will be encrypted
- Since:
- 2.1.3
-
padPassword
private byte[] padPassword(byte[] userPassword)
-
computeOwnerKey
private byte[] computeOwnerKey(byte[] userPad, byte[] ownerPad)
-
setupGlobalEncryptionKey
private void setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
ownerKey, documentID must be setup
-
setupUserKey
private void setupUserKey()
mkey must be setup
-
setupAllKeys
public void setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
-
setupByUserPassword
public void setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, int permissions)
- Parameters:
documentID
- byte array of document iduserPassword
- byte array of user passwordownerKey
- byte array of owner keypermissions
- permissions
-
setupByUserPad
private void setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
-
setupByOwnerPassword
public void setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, int permissions)
- Parameters:
documentID
- byte array of document idownerPassword
- byte array of owner passworduserKey
- byte array of user keyownerKey
- byte array of owner keypermissions
- permissions
-
setupByOwnerPad
private void setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, int permissions)
-
setupByEncryptionKey
public void setupByEncryptionKey(byte[] key, int keylength)
-
setHashKey
public void setHashKey(int number, int generation)
-
getEncryptionDictionary
public PdfDictionary getEncryptionDictionary()
-
getFileID
public PdfObject getFileID()
-
getEncryptionStream
public OutputStreamEncryption getEncryptionStream(java.io.OutputStream os)
-
calculateStreamSize
public int calculateStreamSize(int n)
-
encryptByteArray
public byte[] encryptByteArray(byte[] b)
-
getDecryptor
public StandardDecryption getDecryptor()
-
decryptByteArray
public byte[] decryptByteArray(byte[] b)
-
addRecipient
public void addRecipient(java.security.cert.Certificate cert, int permission)
-
computeUserPassword
public byte[] computeUserPassword(byte[] ownerPassword)
-
setupByOwnerPassword
public void setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions) throws java.security.GeneralSecurityException
implements step d of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3- Throws:
java.security.GeneralSecurityException
-
setupByUserPassword
public void setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions) throws java.security.GeneralSecurityException
implements step e of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3- Throws:
java.security.GeneralSecurityException
-
decryptAndCheckPerms
public boolean decryptAndCheckPerms(byte[] permsValue) throws java.security.GeneralSecurityException
implements step f of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3- Throws:
java.security.GeneralSecurityException
-
hashAlg2B
byte[] hashAlg2B(byte[] input, byte[] salt, byte[] userKey) throws java.security.GeneralSecurityException
implements Algorithm 2.B: Computing a hash (revision 6 and later) - ISO 32000-2 section 7.6.4.3.4- Throws:
java.security.GeneralSecurityException
-
computeUAndUeAlg8
void computeUAndUeAlg8(byte[] userPassword) throws java.security.GeneralSecurityException
implements Algorithm 8: Computing the encryption dictionary’s U (user password) and UE (user encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.7- Throws:
java.security.GeneralSecurityException
-
computeOAndOeAlg9
void computeOAndOeAlg9(byte[] ownerPassword) throws java.security.GeneralSecurityException
implements Algorithm 9: Computing the encryption dictionary’s O (owner password) and OE (owner encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.8- Throws:
java.security.GeneralSecurityException
-
computePermsAlg10
void computePermsAlg10(int permissions) throws java.security.GeneralSecurityException
implements Algorithm 10: Computing the encryption dictionary’s Perms (permissions) value (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.9- Throws:
java.security.GeneralSecurityException
-
-