Package com.itextpdf.text.pdf

Class PdfEncryption

java.lang.Object

com.itextpdf.text.pdf.PdfEncryption

public class PdfEncryption
extends java.lang.Object

Field Summary

Fields

Modifier and Type	Field	Description
static int	AES_128
static int	AES_256
private ARCFOUREncryption	arcfour
private int	cryptoMode
(package private) byte[]	documentID
private boolean	embeddedFilesOnly	Indicates if the encryption is only necessary for embedded files.
private boolean	encryptMetadata
(package private) byte[]	extra	Work area to prepare the object/generation bytes
(package private) byte[]	key	The encryption key for a particular object/generation
private static int	KEY_SALT_OFFSET
private int	keyLength	The generic key length.
(package private) int	keySize	The encryption key length for a particular object/generation
(package private) java.security.MessageDigest	md5	The message digest algorithm MD5
private static byte[]	metadataPad
(package private) byte[]	mkey	The global encryption key
(package private) byte[]	oeKey
private static int	OU_LENGHT
(package private) byte[]	ownerKey	The encryption key for the owner
private static byte[]	pad
(package private) long	permissions
(package private) byte[]	perms
protected PdfPublicKeySecurityHandler	publicKeyHandler	The public key security handler for certificate encryption
private int	revision
private static byte[]	salt
private static int	SALT_LENGHT
(package private) static long	seq
static int	STANDARD_ENCRYPTION_128
static int	STANDARD_ENCRYPTION_40
(package private) byte[]	ueKey
(package private) byte[]	userKey	The encryption key for the user
private static int	VALIDATION_SALT_OFFSET

Constructor Summary

Constructors

Constructor	Description
PdfEncryption()
PdfEncryption(PdfEncryption enc)

Method Summary

Modifier and Type	Method	Description
void	addRecipient(java.security.cert.Certificate cert, int permission)
int	calculateStreamSize(int n)
private static boolean	compareArray(byte[] a, byte[] b, int len)
private byte[]	computeOwnerKey(byte[] userPad, byte[] ownerPad)
byte[]	computeUserPassword(byte[] ownerPassword)	Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm (Revision 2 - 4).
static byte[]	createDocumentId()
static PdfObject	createInfoId(byte[] id, boolean modified)
byte[]	decryptByteArray(byte[] b)
byte[]	encryptByteArray(byte[] b)
int	getCryptoMode()
StandardDecryption	getDecryptor()
PdfDictionary	getEncryptionDictionary()
OutputStreamEncryption	getEncryptionStream(java.io.OutputStream os)
PdfObject	getFileID(boolean modified)
long	getPermissions()
boolean	isEmbeddedFilesOnly()	Indicates if only the embedded files have to be encrypted.
boolean	isMetadataEncrypted()
private byte[]	padPassword(byte[] userPassword)
boolean	readKey(PdfDictionary enc, byte[] password)
void	setCryptoMode(int mode, int kl)
void	setHashKey(int number, int generation)
void	setKey(byte[] key)
void	setupAllKeys(byte[] userPassword, byte[] ownerPassword, int permissions)
void	setupByEncryptionKey(byte[] key, int keylength)
private void	setupByOwnerPad(byte[] documentID, byte[] ownerPad, byte[] userKey, byte[] ownerKey, long permissions)
void	setupByOwnerPassword(byte[] documentID, byte[] ownerPassword, byte[] userKey, byte[] ownerKey, long permissions)
private void	setupByUserPad(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)
void	setupByUserPassword(byte[] documentID, byte[] userPassword, byte[] ownerKey, long permissions)
private void	setupGlobalEncryptionKey(byte[] documentID, byte[] userPad, byte[] ownerKey, long permissions)	ownerKey, documentID must be setup
private void	setupUserKey()	mkey must be setup

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

STANDARD_ENCRYPTION_40

public static final int STANDARD_ENCRYPTION_40

See Also:

Constant Field Values

STANDARD_ENCRYPTION_128

public static final int STANDARD_ENCRYPTION_128

See Also:

Constant Field Values

AES_128

public static final int AES_128

See Also:

Constant Field Values

AES_256

public static final int AES_256

See Also:

Constant Field Values

pad

private static final byte[] pad

salt

private static final byte[] salt

metadataPad

private static final byte[] metadataPad

key

byte[] key

The encryption key for a particular object/generation

keySize

int keySize

The encryption key length for a particular object/generation

mkey

byte[] mkey

The global encryption key

ownerKey

byte[] ownerKey

The encryption key for the owner

userKey

byte[] userKey

The encryption key for the user

oeKey

byte[] oeKey

ueKey

byte[] ueKey

perms

byte[] perms

permissions

long permissions

documentID

byte[] documentID

revision

private int revision

keyLength

private int keyLength

The generic key length. It may be 40 or 128.

publicKeyHandler

protected PdfPublicKeySecurityHandler publicKeyHandler

The public key security handler for certificate encryption

extra

byte[] extra

Work area to prepare the object/generation bytes

md5

java.security.MessageDigest md5

The message digest algorithm MD5

arcfour

private ARCFOUREncryption arcfour

encryptMetadata

private boolean encryptMetadata

seq

static long seq

embeddedFilesOnly

private boolean embeddedFilesOnly

Indicates if the encryption is only necessary for embedded files.

Since:

2.1.3

cryptoMode

private int cryptoMode

VALIDATION_SALT_OFFSET

private static final int VALIDATION_SALT_OFFSET

See Also:

Constant Field Values

KEY_SALT_OFFSET

private static final int KEY_SALT_OFFSET

See Also:

Constant Field Values

SALT_LENGHT

private static final int SALT_LENGHT

See Also:

Constant Field Values

OU_LENGHT

private static final int OU_LENGHT

See Also:

Constant Field Values

Constructor Detail

PdfEncryption

public PdfEncryption()

PdfEncryption

public PdfEncryption(PdfEncryption enc)

Method Detail

setCryptoMode

public void setCryptoMode(int mode,
                          int kl)

getCryptoMode

public int getCryptoMode()

isMetadataEncrypted

public boolean isMetadataEncrypted()

getPermissions

public long getPermissions()

isEmbeddedFilesOnly

public boolean isEmbeddedFilesOnly()

Indicates if only the embedded files have to be encrypted.

Returns:

if true only the embedded files will be encrypted

Since:

2.1.3

padPassword

private byte[] padPassword(byte[] userPassword)

computeOwnerKey

private byte[] computeOwnerKey(byte[] userPad,
                               byte[] ownerPad)

setupGlobalEncryptionKey

private void setupGlobalEncryptionKey(byte[] documentID,
                                      byte[] userPad,
                                      byte[] ownerKey,
                                      long permissions)

ownerKey, documentID must be setup

setupUserKey

private void setupUserKey()

mkey must be setup

setupAllKeys

public void setupAllKeys(byte[] userPassword,
                         byte[] ownerPassword,
                         int permissions)

readKey

public boolean readKey(PdfDictionary enc,
                       byte[] password)
                throws BadPasswordException

Throws:

BadPasswordException

compareArray

private static boolean compareArray(byte[] a,
                                    byte[] b,
                                    int len)

createDocumentId

public static byte[] createDocumentId()

setupByUserPassword

public void setupByUserPassword(byte[] documentID,
                                byte[] userPassword,
                                byte[] ownerKey,
                                long permissions)

setupByUserPad

private void setupByUserPad(byte[] documentID,
                            byte[] userPad,
                            byte[] ownerKey,
                            long permissions)

setupByOwnerPassword

public void setupByOwnerPassword(byte[] documentID,
                                 byte[] ownerPassword,
                                 byte[] userKey,
                                 byte[] ownerKey,
                                 long permissions)

setupByOwnerPad

private void setupByOwnerPad(byte[] documentID,
                             byte[] ownerPad,
                             byte[] userKey,
                             byte[] ownerKey,
                             long permissions)

setKey

public void setKey(byte[] key)

setupByEncryptionKey

public void setupByEncryptionKey(byte[] key,
                                 int keylength)

setHashKey

public void setHashKey(int number,
                       int generation)

createInfoId

public static PdfObject createInfoId(byte[] id,
                                     boolean modified)
                              throws java.io.IOException

Throws:

java.io.IOException

getEncryptionDictionary

public PdfDictionary getEncryptionDictionary()

getFileID

public PdfObject getFileID(boolean modified)
                    throws java.io.IOException

Throws:

java.io.IOException

getEncryptionStream

public OutputStreamEncryption getEncryptionStream(java.io.OutputStream os)

calculateStreamSize

public int calculateStreamSize(int n)

encryptByteArray

public byte[] encryptByteArray(byte[] b)

getDecryptor

public StandardDecryption getDecryptor()

decryptByteArray

public byte[] decryptByteArray(byte[] b)

addRecipient

public void addRecipient(java.security.cert.Certificate cert,
                         int permission)

computeUserPassword

public byte[] computeUserPassword(byte[] ownerPassword)

Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm (Revision 2 - 4).

Parameters:

ownerPassword - owner password of the encrypted document.

Returns:

user password, or null if revision 5 (AES256) or greater of standard encryption handler was used.