Package com.tom_roush.pdfbox.pdmodel.encryption

Class StandardSecurityHandler

    • Field Detail

      • PROTECTION_POLICY_CLASS

        public static final Class<?> PROTECTION_POLICY_CLASS
        Protection policy class for this handler.

    • Constructor Detail

      • StandardSecurityHandler

        public StandardSecurityHandler()
        Constructor.

      • StandardSecurityHandler

        public StandardSecurityHandler​(StandardProtectionPolicy standardProtectionPolicy)
        Constructor used for encryption.
        Parameters:
        standardProtectionPolicy - The protection policy.

    • Method Detail

      • prepareForDecryption

        public void prepareForDecryption​(PDEncryption encryption,
                                 COSArray documentIDArray,
                                 DecryptionMaterial decryptionMaterial)
                          throws IOException
        Prepares everything to decrypt the document. Only if decryption of single objects is needed this should be called.
        Specified by:
        prepareForDecryption in class SecurityHandler
        Parameters:
        encryption - encryption dictionary
        documentIDArray - document id
        decryptionMaterial - Information used to decrypt the document.
        Throws:
        InvalidPasswordException - If the password is incorrect.
        IOException - If there is an error accessing data.

      • isOwnerPassword

        public boolean isOwnerPassword​(byte[] ownerPassword,
                               byte[] user,
                               byte[] owner,
                               int permissions,
                               byte[] id,
                               int encRevision,
                               int keyLengthInBytes,
                               boolean encryptMetadata)
                        throws IOException
        Check for owner password.
        Parameters:
        ownerPassword - The owner password.
        user - The u entry of the encryption dictionary.
        owner - The o entry of the encryption dictionary.
        permissions - The set of permissions on the document.
        id - The document id.
        encRevision - The encryption algorithm revision.
        keyLengthInBytes - The encryption key length in bytes.
        encryptMetadata - The encryption metadata
        Returns:
        True If the ownerPassword param is the owner password.
        Throws:
        IOException - If there is an error accessing data.

      • getUserPassword

        public byte[] getUserPassword​(byte[] ownerPassword,
                              byte[] owner,
                              int encRevision,
                              int length)
                       throws IOException
        Get the user password based on the owner password.
        Parameters:
        ownerPassword - The plaintext owner password.
        owner - The o entry of the encryption dictionary.
        encRevision - The encryption revision number.
        length - The key length.
        Returns:
        The u entry of the encryption dictionary.
        Throws:
        IOException - If there is an error accessing data while generating the user password.

      • computeEncryptedKey

        public byte[] computeEncryptedKey​(byte[] password,
                                  byte[] o,
                                  byte[] u,
                                  byte[] oe,
                                  byte[] ue,
                                  int permissions,
                                  byte[] id,
                                  int encRevision,
                                  int keyLengthInBytes,
                                  boolean encryptMetadata,
                                  boolean isOwnerPassword)
                           throws IOException
        Compute the encryption key.
        Parameters:
        password - The password to compute the encrypted key.
        o - The O entry of the encryption dictionary.
        u - The U entry of the encryption dictionary.
        oe - The OE entry of the encryption dictionary.
        ue - The UE entry of the encryption dictionary.
        permissions - The permissions for the document.
        id - The document id.
        encRevision - The revision of the encryption algorithm.
        keyLengthInBytes - The length of the encryption key in bytes.
        encryptMetadata - The encryption metadata
        isOwnerPassword - whether the password given is the owner password (for revision 6)
        Returns:
        The encrypted key bytes.
        Throws:
        IOException - If there is an error with encryption.

      • computeUserPassword

        public byte[] computeUserPassword​(byte[] password,
                                  byte[] owner,
                                  int permissions,
                                  byte[] id,
                                  int encRevision,
                                  int keyLengthInBytes,
                                  boolean encryptMetadata)
                           throws IOException
        This will compute the user password hash.
        Parameters:
        password - The plain text password.
        owner - The owner password hash.
        permissions - The document permissions.
        id - The document id.
        encRevision - The revision of the encryption.
        keyLengthInBytes - The length of the encryption key in bytes.
        encryptMetadata - The encryption metadata
        Returns:
        The user password.
        Throws:
        IOException - if the password could not be computed

      • computeOwnerPassword

        public byte[] computeOwnerPassword​(byte[] ownerPassword,
                                   byte[] userPassword,
                                   int encRevision,
                                   int length)
                            throws IOException
        Compute the owner entry in the encryption dictionary.
        Parameters:
        ownerPassword - The plaintext owner password.
        userPassword - The plaintext user password.
        encRevision - The revision number of the encryption algorithm.
        length - The length of the encryption key.
        Returns:
        The o entry of the encryption dictionary.
        Throws:
        IOException - if the owner password could not be computed

      • isUserPassword

        public boolean isUserPassword​(byte[] password,
                              byte[] user,
                              byte[] owner,
                              int permissions,
                              byte[] id,
                              int encRevision,
                              int keyLengthInBytes,
                              boolean encryptMetadata)
                       throws IOException
        Check if a plaintext password is the user password.
        Parameters:
        password - The plaintext password.
        user - The u entry of the encryption dictionary.
        owner - The o entry of the encryption dictionary.
        permissions - The permissions set in the PDF.
        id - The document id used for encryption.
        encRevision - The revision of the encryption algorithm.
        keyLengthInBytes - The length of the encryption key in bytes.
        encryptMetadata - The encryption metadata.
        Returns:
        true If the plaintext password is the user password.
        Throws:
        IOException - If there is an error accessing data.

      • isUserPassword

        public boolean isUserPassword​(String password,
                              byte[] user,
                              byte[] owner,
                              int permissions,
                              byte[] id,
                              int encRevision,
                              int keyLengthInBytes,
                              boolean encryptMetadata)
                       throws IOException
        Check if a plaintext password is the user password.
        Parameters:
        password - The plaintext password.
        user - The u entry of the encryption dictionary.
        owner - The o entry of the encryption dictionary.
        permissions - The permissions set in the PDF.
        id - The document id used for encryption.
        encRevision - The revision of the encryption algorithm.
        keyLengthInBytes - The length of the encryption key in bytes.
        encryptMetadata - The encryption metadata
        Returns:
        true If the plaintext password is the user password.
        Throws:
        IOException - If there is an error accessing data.

      • isOwnerPassword

        public boolean isOwnerPassword​(String password,
                               byte[] user,
                               byte[] owner,
                               int permissions,
                               byte[] id,
                               int encRevision,
                               int keyLengthInBytes,
                               boolean encryptMetadata)
                        throws IOException
        Check for owner password.
        Parameters:
        password - The owner password.
        user - The u entry of the encryption dictionary.
        owner - The o entry of the encryption dictionary.
        permissions - The set of permissions on the document.
        id - The document id.
        encRevision - The encryption algorithm revision.
        keyLengthInBytes - The encryption key length in bytes.
        encryptMetadata - The encryption metadata
        Returns:
        True If the ownerPassword param is the owner password.
        Throws:
        IOException - If there is an error accessing data.