Class PubSecHandlerUsingAesGcm

java.lang.Object

com.itextpdf.kernel.crypto.securityhandler.SecurityHandler

com.itextpdf.kernel.crypto.securityhandler.PubKeySecurityHandler

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAes128

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAes256

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAesGcm

public class PubSecHandlerUsingAesGcm
extends PubSecHandlerUsingAes256

Public-key security handler with Advanced Encryption Standard-Galois/Counter Mode (AES-GCM) encryption algorithm.

Field Summary

Fields

Modifier and Type	Field	Description
protected int	inObjectNonceCounter
protected byte[]	noncePart

Fields inherited from class SecurityHandler

extra, md5, mkey, nextObjectKey, nextObjectKeySize

Constructor Summary

Constructors

Constructor	Description
PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary, Certificate[] certs, int[] permissions, boolean encryptMetadata, boolean embeddedFilesOnly)	Creates new PubSecHandlerUsingAesGcm instance for encryption.
PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary, Key certificateKey, Certificate certificate, String certificateKeyProvider, IExternalDecryptionProcess externalDecryptionProcess, boolean encryptMetadata)	Creates new PubSecHandlerUsingAesGcm instance for decryption.

Method Summary

Modifier and Type	Method	Description
IDecryptor	getDecryptor()	Gets decryptor object.
OutputStreamEncryption	getEncryptionStream(OutputStream os)	Gets a stream wrapper, responsible for encryption.
protected void	initMd5MessageDigest()	Init md5 message digest.
void	setHashKeyForNextObject(int objNumber, int objGeneration)	Note: For most of the supported security handlers algorithm to calculate encryption key for particular object is the same.
protected void	setPubSecSpecificHandlerDicEntries(PdfDictionary encryptionDictionary, boolean encryptMetadata, boolean embeddedFilesOnly)

Methods inherited from class PubSecHandlerUsingAes256

getDigestAlgorithm, initKey, setEncryptionDictEntries

Methods inherited from class PubKeySecurityHandler

addAllRecipients, computeGlobalKey, computeGlobalKeyOnReading, createRecipientsArray, initKeyAndFillDictionary, initKeyAndReadDictionary

Methods inherited from class SecurityHandler

getMkey, getNextObjectKey

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

noncePart

protected byte[] noncePart

inObjectNonceCounter

protected int inObjectNonceCounter

Constructor Details

PubSecHandlerUsingAesGcm

public PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary,
 Certificate[] certs,
 int[] permissions,
 boolean encryptMetadata,
 boolean embeddedFilesOnly)

Creates new PubSecHandlerUsingAesGcm instance for encryption.

Parameters:

encryptionDictionary - document's encryption dictionary

certs - recipients' X.509 public key certificates

permissions - access permissions provided to each recipient

encryptMetadata - indicates whether the document-level metadata stream shall be encrypted

embeddedFilesOnly - indicates whether embedded files shall be encrypted in an otherwise unencrypted document

PubSecHandlerUsingAesGcm

public PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary,
 Key certificateKey,
 Certificate certificate,
 String certificateKeyProvider,
 IExternalDecryptionProcess externalDecryptionProcess,
 boolean encryptMetadata)

Creates new PubSecHandlerUsingAesGcm instance for decryption.

Parameters:

encryptionDictionary - document's encryption dictionary

certificateKey - the recipient private Key to the certificate

certificate - the recipient Certificate, serves as recipient identifier

certificateKeyProvider - the certificate key provider id for Security.getProvider(String)

externalDecryptionProcess - the external decryption process to be used

encryptMetadata - indicates whether the document-level metadata stream shall be encrypted

Method Details

setHashKeyForNextObject

public void setHashKeyForNextObject(int objNumber,
 int objGeneration)

Description copied from class: SecurityHandler

Note: For most of the supported security handlers algorithm to calculate encryption key for particular object is the same.

Overrides:

setHashKeyForNextObject in class PubSecHandlerUsingAes256

Parameters:

objNumber - number of particular object for encryption

objGeneration - generation of particular object for encryption

getEncryptionStream

public OutputStreamEncryption getEncryptionStream(OutputStream os)

Description copied from class: SecurityHandler

Gets a stream wrapper, responsible for encryption.

Overrides:

getEncryptionStream in class PubSecHandlerUsingAes128

Parameters:

os - OutputStream to be wrapped

Returns:

OutputStreamEncryption, responsible for encryption.

getDecryptor

public IDecryptor getDecryptor()

Description copied from class: SecurityHandler

Gets decryptor object.

Overrides:

getDecryptor in class PubSecHandlerUsingAes128

Returns:

IDecryptor

setPubSecSpecificHandlerDicEntries

protected void setPubSecSpecificHandlerDicEntries(PdfDictionary encryptionDictionary,
 boolean encryptMetadata,
 boolean embeddedFilesOnly)

Overrides:

setPubSecSpecificHandlerDicEntries in class PubSecHandlerUsingAes256

initMd5MessageDigest

protected void initMd5MessageDigest()

Init md5 message digest.

Overrides:

initMd5MessageDigest in class PubSecHandlerUsingAes256