Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.pdfbox.pdmodel.encryption
Class StandardSecurityHandler

java.lang.Object
  extended by org.apache.pdfbox.pdmodel.encryption.SecurityHandler
      extended by org.apache.pdfbox.pdmodel.encryption.StandardSecurityHandler

public class StandardSecurityHandler
extends SecurityHandler

The class implements the standard security handler as decribed in the PDF specifications. This security handler protects document with password.

Version:
$Revision: 1.5 $
Author:
Ben Litchfield, Benoit Guillon ([email protected])
See Also:
to see how to protect document with this security handler.

Field Summary
static byte[] ENCRYPT_PADDING
          Standard padding for encryption.
static String FILTER
          Type of security handler.
static Class PROTECTION_POLICY_CLASS
          Protection policy class for this handler.
 
Fields inherited from class org.apache.pdfbox.pdmodel.encryption.SecurityHandler
currentAccessPermission, document, encryptionKey, keyLength, version
 
Constructor Summary
StandardSecurityHandler()
          Constructor.
StandardSecurityHandler(StandardProtectionPolicy p)
          Constructor used for encryption.
 
Method Summary
 byte[] computeEncryptedKey(byte[] password, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          Compute the encryption key.
 byte[] computeOwnerPassword(byte[] ownerPassword, byte[] userPassword, int encRevision, int length)
          Compute the owner entry in the encryption dictionary.
 byte[] computeUserPassword(byte[] password, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          This will compute the user password hash.
 void decryptDocument(PDDocument doc, DecryptionMaterial decryptionMaterial)
          Decrypt the document.
 byte[] getUserPassword(byte[] ownerPassword, byte[] o, int encRevision, long length)
          Get the user password based on the owner password.
 boolean isOwnerPassword(byte[] ownerPassword, byte[] u, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          Check for owner password.
 boolean isOwnerPassword(String password, byte[] u, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          Check for owner password.
 boolean isUserPassword(byte[] password, byte[] u, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          Check if a plaintext password is the user password.
 boolean isUserPassword(String password, byte[] u, byte[] o, int permissions, byte[] id, int encRevision, int length, boolean encryptMetadata)
          Check if a plaintext password is the user password.
 void prepareDocumentForEncryption(PDDocument doc)
          Prepare document for encryption.
 void prepareForDecryption(PDEncryptionDictionary encDictionary, COSArray documentIDArray, DecryptionMaterial decryptionMaterial)
          Prepares everything to decrypt the document.
 
Methods inherited from class org.apache.pdfbox.pdmodel.encryption.SecurityHandler
decryptStream, decryptString, encryptData, encryptData, encryptStream, getCurrentAccessPermission, getKeyLength, isAES, proceedDecryption, setAES, setKeyLength
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

FILTER

public static final String FILTER
Type of security handler.

See Also:
Constant Field Values

PROTECTION_POLICY_CLASS

public static final Class PROTECTION_POLICY_CLASS
Protection policy class for this handler.

ENCRYPT_PADDING

public static final byte[] ENCRYPT_PADDING
Standard padding for encryption.

Constructor Detail

StandardSecurityHandler

public StandardSecurityHandler()
Constructor.

StandardSecurityHandler

public StandardSecurityHandler(StandardProtectionPolicy p)
Constructor used for encryption.

Parameters:
p - The protection policy.
Method Detail

decryptDocument

public void decryptDocument(PDDocument doc,
                            DecryptionMaterial decryptionMaterial)
                     throws CryptographyException,
                            IOException
Decrypt the document.

Specified by:
decryptDocument in class SecurityHandler
Parameters:
doc - The document to be decrypted.
decryptionMaterial - Information used to decrypt the document.
Throws:
IOException - If there is an error accessing data.
CryptographyException - If there is an error with decryption.

prepareForDecryption

public void prepareForDecryption(PDEncryptionDictionary encDictionary,
                                 COSArray documentIDArray,
                                 DecryptionMaterial decryptionMaterial)
                          throws CryptographyException,
                                 IOException
Prepares everything to decrypt the document. If decryptDocument(PDDocument, DecryptionMaterial) is used, this method is called from there. Only if decryption of single objects is needed this should be called instead.

Specified by:
prepareForDecryption in class SecurityHandler
Parameters:
encDictionary - encryption dictionary, can be retrieved via PDDocument.getEncryptionDictionary()
documentIDArray - document id which is returned via COSDocument#getDocumentID()
decryptionMaterial - Information used to decrypt the document.
Throws:
IOException - If there is an error accessing data.
CryptographyException - If there is an error with decryption.

prepareDocumentForEncryption

public void prepareDocumentForEncryption(PDDocument doc)
                                  throws CryptographyException,
                                         IOException
Prepare document for encryption.

Specified by:
prepareDocumentForEncryption in class SecurityHandler
Parameters:
doc - The documeent to encrypt.
Throws:
IOException - If there is an error accessing data.
CryptographyException - If there is an error with decryption.

isOwnerPassword

public final boolean isOwnerPassword(byte[] ownerPassword,
                                     byte[] u,
                                     byte[] o,
                                     int permissions,
                                     byte[] id,
                                     int encRevision,
                                     int length,
                                     boolean encryptMetadata)
                              throws CryptographyException,
                                     IOException
Check for owner password.

Parameters:
ownerPassword - The owner password.
u - The u entry of the encryption dictionary.
o - The o entry of the encryption dictionary.
permissions - The set of permissions on the document.
id - The document id.
encRevision - The encryption algorithm revision.
length - The encryption key length.
Returns:
True If the ownerPassword param is the owner password.
Throws:
CryptographyException - If there is an error during encryption.
IOException - If there is an error accessing data.

getUserPassword

public final byte[] getUserPassword(byte[] ownerPassword,
                                    byte[] o,
                                    int encRevision,
                                    long length)
                             throws CryptographyException,
                                    IOException
Get the user password based on the owner password.

Parameters:
ownerPassword - The plaintext owner password.
o - The o entry of the encryption dictionary.
encRevision - The encryption revision number.
length - The key length.
Returns:
The u entry of the encryption dictionary.
Throws:
CryptographyException - If there is an error generating the user password.
IOException - If there is an error accessing data while generating the user password.

computeEncryptedKey

public final byte[] computeEncryptedKey(byte[] password,
                                        byte[] o,
                                        int permissions,
                                        byte[] id,
                                        int encRevision,
                                        int length,
                                        boolean encryptMetadata)
                                 throws CryptographyException
Compute the encryption key.

Parameters:
password - The password to compute the encrypted key.
o - The o entry of the encryption dictionary.
permissions - The permissions for the document.
id - The document id.
encRevision - The revision of the encryption algorithm.
length - The length of the encryption key.
Returns:
The encrypted key bytes.
Throws:
CryptographyException - If there is an error with encryption.

computeUserPassword

public final byte[] computeUserPassword(byte[] password,
                                        byte[] o,
                                        int permissions,
                                        byte[] id,
                                        int encRevision,
                                        int length,
                                        boolean encryptMetadata)
                                 throws CryptographyException,
                                        IOException
This will compute the user password hash.

Parameters:
password - The plain text password.
o - The owner password hash.
permissions - The document permissions.
id - The document id.
encRevision - The revision of the encryption.
length - The length of the encryption key.
Returns:
The user password.
Throws:
CryptographyException - If there is an error computing the user password.
IOException - If there is an IO error.

computeOwnerPassword

public final byte[] computeOwnerPassword(byte[] ownerPassword,
                                         byte[] userPassword,
                                         int encRevision,
                                         int length)
                                  throws CryptographyException,
                                         IOException
Compute the owner entry in the encryption dictionary.

Parameters:
ownerPassword - The plaintext owner password.
userPassword - The plaintext user password.
encRevision - The revision number of the encryption algorithm.
length - The length of the encryption key.
Returns:
The o entry of the encryption dictionary.
Throws:
CryptographyException - If there is an error with encryption.
IOException - If there is an error accessing data.

isUserPassword

public final boolean isUserPassword(byte[] password,
                                    byte[] u,
                                    byte[] o,
                                    int permissions,
                                    byte[] id,
                                    int encRevision,
                                    int length,
                                    boolean encryptMetadata)
                             throws CryptographyException,
                                    IOException
Check if a plaintext password is the user password.

Parameters:
password - The plaintext password.
u - The u entry of the encryption dictionary.
o - The o entry of the encryption dictionary.
permissions - The permissions set in the the PDF.
id - The document id used for encryption.
encRevision - The revision of the encryption algorithm.
length - The length of the encryption key.
Returns:
true If the plaintext password is the user password.
Throws:
CryptographyException - If there is an error during encryption.
IOException - If there is an error accessing data.

isUserPassword

public final boolean isUserPassword(String password,
                                    byte[] u,
                                    byte[] o,
                                    int permissions,
                                    byte[] id,
                                    int encRevision,
                                    int length,
                                    boolean encryptMetadata)
                             throws CryptographyException,
                                    IOException
Check if a plaintext password is the user password.

Parameters:
password - The plaintext password.
u - The u entry of the encryption dictionary.
o - The o entry of the encryption dictionary.
permissions - The permissions set in the the PDF.
id - The document id used for encryption.
encRevision - The revision of the encryption algorithm.
length - The length of the encryption key.
Returns:
true If the plaintext password is the user password.
Throws:
CryptographyException - If there is an error during encryption.
IOException - If there is an error accessing data.

isOwnerPassword

public final boolean isOwnerPassword(String password,
                                     byte[] u,
                                     byte[] o,
                                     int permissions,
                                     byte[] id,
                                     int encRevision,
                                     int length,
                                     boolean encryptMetadata)
                              throws CryptographyException,
                                     IOException
Check for owner password.

Parameters:
password - The owner password.
u - The u entry of the encryption dictionary.
o - The o entry of the encryption dictionary.
permissions - The set of permissions on the document.
id - The document id.
encRevision - The encryption algorithm revision.
length - The encryption key length.
Returns:
True If the ownerPassword param is the owner password.
Throws:
CryptographyException - If there is an error during encryption.
IOException - If there is an error accessing data.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2002-2012 The Apache Software Foundation. All Rights Reserved.