Class PdfEncryption

java.lang.Object
com.lowagie.text.pdf.PdfEncryption

public class PdfEncryption extends Object
  • Field Details

    • STANDARD_ENCRYPTION_40

      public static final int STANDARD_ENCRYPTION_40
      See Also:
    • STANDARD_ENCRYPTION_128

      public static final int STANDARD_ENCRYPTION_128
      See Also:
    • AES_128

      public static final int AES_128
      See Also:
    • AES_256_V3

      public static final int AES_256_V3
      See Also:
    • pad

      private static final byte[] pad
    • salt

      private static final byte[] salt
    • metadataPad

      private static final byte[] metadataPad
    • seq

      static long seq
    • publicKeyHandler

      protected PdfPublicKeySecurityHandler publicKeyHandler
      The public key security handler for certificate encryption
    • key

      byte[] key
      The encryption key for a particular object/generation
    • keySize

      int keySize
      The encryption key length for a particular object/generation
    • mkey

      byte[] mkey
      The global encryption key
    • extra

      byte[] extra
      Work area to prepare the object/generation bytes
    • md5

      The message digest algorithm MD5
    • ownerKey

      byte[] ownerKey
      The encryption key for the owner
    • userKey

      byte[] userKey
      The encryption key for the user
    • oeKey

      byte[] oeKey
      Additional keys for AES_256_V3
    • ueKey

      byte[] ueKey
    • perms

      byte[] perms
    • permissions

      int permissions
    • documentID

      byte[] documentID
    • revision

      private int revision
    • arcfour

      private ARCFOUREncryption arcfour
    • keyLength

      private int keyLength
      The generic key length. It may be 40 or 128.
    • encryptMetadata

      private boolean encryptMetadata
    • embeddedFilesOnly

      private boolean embeddedFilesOnly
      Indicates if the encryption is only necessary for embedded files.
      Since:
      2.1.3
    • cryptoMode

      private int cryptoMode
  • Constructor Details

    • PdfEncryption

      public PdfEncryption()
    • PdfEncryption

      public PdfEncryption(PdfEncryption enc)
  • Method Details

    • createDocumentId

      public static byte[] createDocumentId()
    • createInfoId

      public static PdfObject createInfoId(byte[] id)
    • createInfoId

      public static PdfObject createInfoId(byte[] idPartOne, byte[] idPartTwo)
    • getFileIdChangingPart

      public static byte[] getFileIdChangingPart(PdfObject fileId)
      This method returns a changing part of the fileId when can be identified. Returns a complete fileId of the changing part is not found.
      Parameters:
      fileId - PdfObject
      Returns:
      byte array representing the changing part of the document identifier
    • isHexEncoded

      private static boolean isHexEncoded(byte[] str)
    • decodeHex

      private static byte[] decodeHex(byte[] hexEncoded)
    • setCryptoMode

      public void setCryptoMode(int mode, int kl)
    • getCryptoMode

      public int getCryptoMode()
    • isMetadataEncrypted

      public boolean isMetadataEncrypted()
    • isEmbeddedFilesOnly

      public boolean isEmbeddedFilesOnly()
      Indicates if only the embedded files have to be encrypted.
      Returns:
      if true only the embedded files will be encrypted
      Since:
      2.1.3
    • padPassword

      private byte[] padPassword(byte[] userPassword)
    • computeOwnerKey

      private byte[] computeOwnerKey(byte[] userPad, byte[] ownerPad)
    • setupGlobalEncryptionKey

      private void setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
      ownerKey, documentID must be setup
    • setupUserKey

      private void setupUserKey()
      mkey must be setup
    • setupAllKeys

      public void setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
    • setupByUserPassword

      public void setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, int permissions)
      Parameters:
      documentID - byte array of document id
      userPassword - byte array of user password
      ownerKey - byte array of owner key
      permissions - permissions
    • setupByUserPad

      private void setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, int permissions)
    • setupByOwnerPassword

      public void setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, int permissions)
      Parameters:
      documentID - byte array of document id
      ownerPassword - byte array of owner password
      userKey - byte array of user key
      ownerKey - byte array of owner key
      permissions - permissions
    • setupByOwnerPad

      private void setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, int permissions)
    • setupByEncryptionKey

      public void setupByEncryptionKey(byte[] key, int keylength)
    • setHashKey

      public void setHashKey(int number, int generation)
    • getEncryptionDictionary

      public PdfDictionary getEncryptionDictionary()
    • getFileID

      public PdfObject getFileID()
    • getEncryptionStream

      public OutputStreamEncryption getEncryptionStream(OutputStream os)
    • calculateStreamSize

      public int calculateStreamSize(int n)
    • encryptByteArray

      public byte[] encryptByteArray(byte[] b)
    • getDecryptor

      public StandardDecryption getDecryptor()
    • decryptByteArray

      public byte[] decryptByteArray(byte[] b)
    • addRecipient

      public void addRecipient(Certificate cert, int permission)
    • computeUserPassword

      public byte[] computeUserPassword(byte[] ownerPassword)
    • setupByOwnerPassword

      public void setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions) throws GeneralSecurityException
      implements step d of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3
      Throws:
      GeneralSecurityException
    • setupByUserPassword

      public void setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] uValue, byte[] ueValue, byte[] oValue, byte[] oeValue, int permissions) throws GeneralSecurityException
      implements step e of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3
      Throws:
      GeneralSecurityException
    • decryptAndCheckPerms

      public boolean decryptAndCheckPerms(byte[] permsValue) throws GeneralSecurityException
      implements step f of Algorithm 2.A: Retrieving the file encryption key from an encrypted document in order to decrypt it (revision 6 and later) - ISO 32000-2 section 7.6.4.3.3
      Throws:
      GeneralSecurityException
    • hashAlg2B

      byte[] hashAlg2B(byte[] input, byte[] salt, byte[] userKey) throws GeneralSecurityException
      implements Algorithm 2.B: Computing a hash (revision 6 and later) - ISO 32000-2 section 7.6.4.3.4
      Throws:
      GeneralSecurityException
    • computeUAndUeAlg8

      void computeUAndUeAlg8(byte[] userPassword) throws GeneralSecurityException
      implements Algorithm 8: Computing the encryption dictionary’s U (user password) and UE (user encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.7
      Throws:
      GeneralSecurityException
    • computeOAndOeAlg9

      void computeOAndOeAlg9(byte[] ownerPassword) throws GeneralSecurityException
      implements Algorithm 9: Computing the encryption dictionary’s O (owner password) and OE (owner encryption) values (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.8
      Throws:
      GeneralSecurityException
    • computePermsAlg10

      void computePermsAlg10(int permissions) throws GeneralSecurityException
      implements Algorithm 10: Computing the encryption dictionary’s Perms (permissions) value (Security handlers of revision 6) - ISO 32000-2 section 7.6.4.4.9
      Throws:
      GeneralSecurityException