Package com.itextpdf.text.pdf
Class PdfEncryption
- java.lang.Object
-
- com.itextpdf.text.pdf.PdfEncryption
-
public class PdfEncryption extends java.lang.Object
-
-
Field Summary
Fields Modifier and Type Field Description static int
AES_128
static int
AES_256
private ARCFOUREncryption
arcfour
private int
cryptoMode
(package private) byte[]
documentID
private boolean
embeddedFilesOnly
Indicates if the encryption is only necessary for embedded files.private boolean
encryptMetadata
(package private) byte[]
extra
Work area to prepare the object/generation bytes(package private) byte[]
key
The encryption key for a particular object/generationprivate static int
KEY_SALT_OFFSET
private int
keyLength
The generic key length.(package private) int
keySize
The encryption key length for a particular object/generation(package private) java.security.MessageDigest
md5
The message digest algorithm MD5private static byte[]
metadataPad
(package private) byte[]
mkey
The global encryption key(package private) byte[]
oeKey
private static int
OU_LENGHT
(package private) byte[]
ownerKey
The encryption key for the ownerprivate static byte[]
pad
(package private) long
permissions
(package private) byte[]
perms
protected PdfPublicKeySecurityHandler
publicKeyHandler
The public key security handler for certificate encryptionprivate int
revision
private static byte[]
salt
private static int
SALT_LENGHT
(package private) static long
seq
static int
STANDARD_ENCRYPTION_128
static int
STANDARD_ENCRYPTION_40
(package private) byte[]
ueKey
(package private) byte[]
userKey
The encryption key for the userprivate static int
VALIDATION_SALT_OFFSET
-
Constructor Summary
Constructors Constructor Description PdfEncryption()
PdfEncryption(PdfEncryption enc)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addRecipient(java.security.cert.Certificate cert, int permission)
int
calculateStreamSize(int n)
private static boolean
compareArray(byte[] a, byte[] b, int len)
private byte[]
computeOwnerKey(byte[] userPad, byte[] ownerPad)
byte[]
computeUserPassword(byte[] ownerPassword)
Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm (Revision 2 - 4).static byte[]
createDocumentId()
static PdfObject
createInfoId(byte[] id, boolean modified)
byte[]
decryptByteArray(byte[] b)
byte[]
encryptByteArray(byte[] b)
int
getCryptoMode()
StandardDecryption
getDecryptor()
PdfDictionary
getEncryptionDictionary()
OutputStreamEncryption
getEncryptionStream(java.io.OutputStream os)
PdfObject
getFileID(boolean modified)
long
getPermissions()
boolean
isEmbeddedFilesOnly()
Indicates if only the embedded files have to be encrypted.boolean
isMetadataEncrypted()
private byte[]
padPassword(byte[] userPassword)
boolean
readKey(PdfDictionary enc, byte[] password)
void
setCryptoMode(int mode, int kl)
void
setHashKey(int number, int generation)
void
setKey(byte[] key)
void
setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
void
setupByEncryptionKey(byte[] key, int keylength)
private void
setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, long permissions)
void
setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, long permissions)
private void
setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)
void
setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, long permissions)
private void
setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)
ownerKey, documentID must be setupprivate void
setupUserKey()
mkey must be setup
-
-
-
Field Detail
-
STANDARD_ENCRYPTION_40
public static final int STANDARD_ENCRYPTION_40
- See Also:
- Constant Field Values
-
STANDARD_ENCRYPTION_128
public static final int STANDARD_ENCRYPTION_128
- See Also:
- Constant Field Values
-
AES_128
public static final int AES_128
- See Also:
- Constant Field Values
-
AES_256
public static final int AES_256
- See Also:
- Constant Field Values
-
pad
private static final byte[] pad
-
salt
private static final byte[] salt
-
metadataPad
private static final byte[] metadataPad
-
key
byte[] key
The encryption key for a particular object/generation
-
keySize
int keySize
The encryption key length for a particular object/generation
-
mkey
byte[] mkey
The global encryption key
-
ownerKey
byte[] ownerKey
The encryption key for the owner
-
userKey
byte[] userKey
The encryption key for the user
-
oeKey
byte[] oeKey
-
ueKey
byte[] ueKey
-
perms
byte[] perms
-
permissions
long permissions
-
documentID
byte[] documentID
-
revision
private int revision
-
keyLength
private int keyLength
The generic key length. It may be 40 or 128.
-
publicKeyHandler
protected PdfPublicKeySecurityHandler publicKeyHandler
The public key security handler for certificate encryption
-
extra
byte[] extra
Work area to prepare the object/generation bytes
-
md5
java.security.MessageDigest md5
The message digest algorithm MD5
-
arcfour
private ARCFOUREncryption arcfour
-
encryptMetadata
private boolean encryptMetadata
-
seq
static long seq
-
embeddedFilesOnly
private boolean embeddedFilesOnly
Indicates if the encryption is only necessary for embedded files.- Since:
- 2.1.3
-
cryptoMode
private int cryptoMode
-
VALIDATION_SALT_OFFSET
private static final int VALIDATION_SALT_OFFSET
- See Also:
- Constant Field Values
-
KEY_SALT_OFFSET
private static final int KEY_SALT_OFFSET
- See Also:
- Constant Field Values
-
SALT_LENGHT
private static final int SALT_LENGHT
- See Also:
- Constant Field Values
-
OU_LENGHT
private static final int OU_LENGHT
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
PdfEncryption
public PdfEncryption()
-
PdfEncryption
public PdfEncryption(PdfEncryption enc)
-
-
Method Detail
-
setCryptoMode
public void setCryptoMode(int mode, int kl)
-
getCryptoMode
public int getCryptoMode()
-
isMetadataEncrypted
public boolean isMetadataEncrypted()
-
getPermissions
public long getPermissions()
-
isEmbeddedFilesOnly
public boolean isEmbeddedFilesOnly()
Indicates if only the embedded files have to be encrypted.- Returns:
- if true only the embedded files will be encrypted
- Since:
- 2.1.3
-
padPassword
private byte[] padPassword(byte[] userPassword)
-
computeOwnerKey
private byte[] computeOwnerKey(byte[] userPad, byte[] ownerPad)
-
setupGlobalEncryptionKey
private void setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)
ownerKey, documentID must be setup
-
setupUserKey
private void setupUserKey()
mkey must be setup
-
setupAllKeys
public void setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
-
readKey
public boolean readKey(PdfDictionary enc, byte[] password) throws BadPasswordException
- Throws:
BadPasswordException
-
compareArray
private static boolean compareArray(byte[] a, byte[] b, int len)
-
createDocumentId
public static byte[] createDocumentId()
-
setupByUserPassword
public void setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, long permissions)
-
setupByUserPad
private void setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)
-
setupByOwnerPassword
public void setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, long permissions)
-
setupByOwnerPad
private void setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, long permissions)
-
setKey
public void setKey(byte[] key)
-
setupByEncryptionKey
public void setupByEncryptionKey(byte[] key, int keylength)
-
setHashKey
public void setHashKey(int number, int generation)
-
createInfoId
public static PdfObject createInfoId(byte[] id, boolean modified) throws java.io.IOException
- Throws:
java.io.IOException
-
getEncryptionDictionary
public PdfDictionary getEncryptionDictionary()
-
getFileID
public PdfObject getFileID(boolean modified) throws java.io.IOException
- Throws:
java.io.IOException
-
getEncryptionStream
public OutputStreamEncryption getEncryptionStream(java.io.OutputStream os)
-
calculateStreamSize
public int calculateStreamSize(int n)
-
encryptByteArray
public byte[] encryptByteArray(byte[] b)
-
getDecryptor
public StandardDecryption getDecryptor()
-
decryptByteArray
public byte[] decryptByteArray(byte[] b)
-
addRecipient
public void addRecipient(java.security.cert.Certificate cert, int permission)
-
computeUserPassword
public byte[] computeUserPassword(byte[] ownerPassword)
Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm (Revision 2 - 4).- Parameters:
ownerPassword
- owner password of the encrypted document.- Returns:
- user password, or null if revision 5 (AES256) or greater of standard encryption handler was used.
-
-