Class SecurityHandler
java.lang.Object
org.apache.pdfbox.pdmodel.encryption.SecurityHandler
- Direct Known Subclasses:
PublicKeySecurityHandler
,StandardSecurityHandler
This class represents a security handler as described in the PDF specifications. A security handler is responsible of
documents protection.
- Author:
- Ben Litchfield, Benoit Guillon (benoit.guillon@snv.jussieu.fr)
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected AccessPermission
The access permission granted to the current user for the document.protected boolean
indicates if the Metadata have to be decrypted of notprotected PDDocument
The document whose security is handled by this security handler.protected byte[]
The encryption key that will used to encrypt / decrypt.protected int
The length of the secret key used to encrypt the document.protected ARCFour
The RC4 implementation used for cryptographic functions.protected int
The value of V field of the Encryption dictionary. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
decryptArray
(COSArray array, long objNum, long genNum) This will decrypt an array.abstract void
decryptDocument
(PDDocument doc, DecryptionMaterial mat) Prepare the document for decryption.void
decryptStream
(COSStream stream, long objNum, long genNum) This will decrypt a stream.void
decryptString
(COSString string, long objNum, long genNum) This will decrypt a string.void
encryptData
(long objectNumber, long genNumber, InputStream data, OutputStream output) Deprecated.While this works fine for RC4 encryption, it will never decrypt AES data You should use encryptData(objectNumber, genNumber, data, output, decrypt) which can do everything.void
encryptData
(long objectNumber, long genNumber, InputStream data, OutputStream output, boolean decrypt) Encrypt a set of data.void
encryptStream
(COSStream stream, long objNum, long genNum) This will encrypt a stream, but not the dictionary as the dictionary is encrypted by visitFromString() in COSWriter and we don't want to encrypt it twice.void
encryptString
(COSString string, long objNum, long genNum) This will encrypt a string.Returns the access permissions that were computed during document decryption.int
Getter of the property keyLength.abstract boolean
Returns whether a protection policy has been set.boolean
isAES()
True if AES is used for encryption and decryption.abstract void
Prepare the document for encryption.abstract void
prepareForDecryption
(PDEncryptionDictionary encDictionary, COSArray documentIDArray, DecryptionMaterial decryptionMaterial) Prepares everything to decrypt the document.protected void
This method must be called by an implementation of this class to really proceed to decryption.void
setAES
(boolean aesValue) Set to true if AES for encryption and decryption should be used.void
setKeyLength
(int keyLen) Setter of the property keyLength.
-
Field Details
-
version
protected int versionThe value of V field of the Encryption dictionary. -
keyLength
protected int keyLengthThe length of the secret key used to encrypt the document. -
encryptionKey
protected byte[] encryptionKeyThe encryption key that will used to encrypt / decrypt. -
document
The document whose security is handled by this security handler. -
rc4
The RC4 implementation used for cryptographic functions. -
decryptMetadata
protected boolean decryptMetadataindicates if the Metadata have to be decrypted of not -
currentAccessPermission
The access permission granted to the current user for the document. These permissions are computed during decryption and are in read only mode.
-
-
Constructor Details
-
SecurityHandler
public SecurityHandler()
-
-
Method Details
-
prepareDocumentForEncryption
public abstract void prepareDocumentForEncryption(PDDocument doc) throws CryptographyException, IOException Prepare the document for encryption.- Parameters:
doc
- The document that will be encrypted.- Throws:
CryptographyException
- If there is an error while preparing.IOException
- If there is an error with the document.
-
prepareForDecryption
public abstract void prepareForDecryption(PDEncryptionDictionary encDictionary, COSArray documentIDArray, DecryptionMaterial decryptionMaterial) throws CryptographyException, IOException Prepares everything to decrypt the document. IfdecryptDocument(PDDocument, DecryptionMaterial)
is used, this method is called from there. Only if decryption of single objects is needed this should be called instead.- Parameters:
encDictionary
- encryption dictionary, can be retrieved viaPDDocument.getEncryptionDictionary()
documentIDArray
- document id which is returned viaCOSDocument.getDocumentID()
decryptionMaterial
- Information used to decrypt the document.- Throws:
IOException
- If there is an error accessing data.CryptographyException
- If there is an error with decryption.
-
decryptDocument
public abstract void decryptDocument(PDDocument doc, DecryptionMaterial mat) throws CryptographyException, IOException Prepare the document for decryption.- Parameters:
doc
- The document to decrypt.mat
- Information required to decrypt the document.- Throws:
CryptographyException
- If there is an error while preparing.IOException
- If there is an error with the document.
-
proceedDecryption
This method must be called by an implementation of this class to really proceed to decryption.- Throws:
IOException
- If there is an error in the decryption.CryptographyException
- If there is an error in the decryption.
-
encryptData
public void encryptData(long objectNumber, long genNumber, InputStream data, OutputStream output) throws CryptographyException, IOException Deprecated.While this works fine for RC4 encryption, it will never decrypt AES data You should use encryptData(objectNumber, genNumber, data, output, decrypt) which can do everything. This function is just here for compatibility reasons and will be removed in the future.Encrypt a set of data.- Parameters:
objectNumber
- The data object number.genNumber
- The data generation number.data
- The data to encrypt.output
- The output to write the encrypted data to.- Throws:
CryptographyException
- If there is an error during the encryption.IOException
- If there is an error reading the data.
-
encryptData
public void encryptData(long objectNumber, long genNumber, InputStream data, OutputStream output, boolean decrypt) throws CryptographyException, IOException Encrypt a set of data.- Parameters:
objectNumber
- The data object number.genNumber
- The data generation number.data
- The data to encrypt.output
- The output to write the encrypted data to.decrypt
- true to decrypt the data, false to encrypt it- Throws:
CryptographyException
- If there is an error during the encryption.IOException
- If there is an error reading the data.
-
decryptStream
public void decryptStream(COSStream stream, long objNum, long genNum) throws CryptographyException, IOException This will decrypt a stream.- Parameters:
stream
- The stream to decrypt.objNum
- The object number.genNum
- The object generation number.- Throws:
CryptographyException
- If there is an error getting the stream.IOException
- If there is an error getting the stream data.
-
encryptStream
public void encryptStream(COSStream stream, long objNum, long genNum) throws CryptographyException, IOException This will encrypt a stream, but not the dictionary as the dictionary is encrypted by visitFromString() in COSWriter and we don't want to encrypt it twice.- Parameters:
stream
- The stream to decrypt.objNum
- The object number.genNum
- The object generation number.- Throws:
CryptographyException
- If there is an error getting the stream.IOException
- If there is an error getting the stream data.
-
encryptString
public void encryptString(COSString string, long objNum, long genNum) throws CryptographyException, IOException This will encrypt a string.- Parameters:
string
- the string to encrypt.objNum
- The object number.genNum
- The object generation number.- Throws:
IOException
- If an error occurs writing the new string.CryptographyException
-
decryptString
public void decryptString(COSString string, long objNum, long genNum) throws CryptographyException, IOException This will decrypt a string.- Parameters:
string
- the string to decrypt.objNum
- The object number.genNum
- The object generation number.- Throws:
CryptographyException
- If an error occurs during decryption.IOException
- If an error occurs writing the new string.
-
decryptArray
public void decryptArray(COSArray array, long objNum, long genNum) throws CryptographyException, IOException This will decrypt an array.- Parameters:
array
- The array to decrypt.objNum
- The object number.genNum
- The object generation number.- Throws:
CryptographyException
- If an error occurs during decryption.IOException
- If there is an error accessing the data.
-
getKeyLength
public int getKeyLength()Getter of the property keyLength.- Returns:
- Returns the keyLength.
-
setKeyLength
public void setKeyLength(int keyLen) Setter of the property keyLength.- Parameters:
keyLen
- The keyLength to set.
-
getCurrentAccessPermission
Returns the access permissions that were computed during document decryption. The returned object is in read only mode.- Returns:
- the access permissions or null if the document was not decrypted.
-
isAES
public boolean isAES()True if AES is used for encryption and decryption.- Returns:
- true if AEs is used
-
setAES
public void setAES(boolean aesValue) Set to true if AES for encryption and decryption should be used.- Parameters:
aesValue
- if true AES will be used
-
hasProtectionPolicy
public abstract boolean hasProtectionPolicy()Returns whether a protection policy has been set.- Returns:
- true if a protection policy has been set.
-