Package com.itextpdf.kernel.crypto.securityhandler

Class PubSecHandlerUsingAesGcm

java.lang.Object

com.itextpdf.kernel.crypto.securityhandler.SecurityHandler

com.itextpdf.kernel.crypto.securityhandler.PubKeySecurityHandler

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAes128

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAes256

com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAesGcm

       public class PubSecHandlerUsingAesGcm extends PubSecHandlerUsingAes256
      

Public-key security handler with Advanced Encryption Standard-Galois/Counter Mode (AES-GCM) encryption algorithm.

Field Summary

Fields

Modifier and Type	Field	Description
protected int	inObjectNonceCounter
protected byte[]	noncePart

Fields inherited from class com.itextpdf.kernel.crypto.securityhandler.SecurityHandler

extra, md5, mkey, nextObjectKey, nextObjectKeySize

Constructor Summary

Constructors

Constructor	Description
PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary, Certificate[] certs, int[] permissions, boolean encryptMetadata, boolean embeddedFilesOnly)	Creates new PubSecHandlerUsingAesGcm instance for encryption.
PubSecHandlerUsingAesGcm(PdfDictionary encryptionDictionary, Key certificateKey, Certificate certificate, String certificateKeyProvider, IExternalDecryptionProcess externalDecryptionProcess, boolean encryptMetadata)	Creates new PubSecHandlerUsingAesGcm instance for decryption.

Method Summary

Modifier and Type	Method	Description
IDecryptor	getDecryptor()	Gets decryptor object.
OutputStreamEncryption	getEncryptionStream(OutputStream os)	Gets a stream wrapper, responsible for encryption.
void	setHashKeyForNextObject(int objNumber, int objGeneration)	Note: For most of the supported security handlers algorithm to calculate encryption key for particular object is the same.
protected void	setPubSecSpecificHandlerDicEntries(PdfDictionary encryptionDictionary, boolean encryptMetadata, boolean embeddedFilesOnly)

Methods inherited from class com.itextpdf.kernel.crypto.securityhandler.PubSecHandlerUsingAes256

getDigestAlgorithm, initKey

Methods inherited from class com.itextpdf.kernel.crypto.securityhandler.PubKeySecurityHandler

addAllRecipients, computeGlobalKey, computeGlobalKeyOnReading, createRecipientsArray, initKeyAndFillDictionary, initKeyAndReadDictionary

Methods inherited from class com.itextpdf.kernel.crypto.securityhandler.SecurityHandler

getMkey, getNextObjectKey

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

noncePart

             protected byte[] noncePart
            

inObjectNonceCounter

             protected int inObjectNonceCounter
            

Constructor Details

PubSecHandlerUsingAesGcm

             public PubSecHandlerUsingAesGcm
             (PdfDictionary encryptionDictionary, Certificate[] certs, int[] permissions, boolean encryptMetadata, boolean embeddedFilesOnly)
            

Creates new PubSecHandlerUsingAesGcm instance for encryption.

Parameters:

encryptionDictionary - document's encryption dictionary

certs - recipients' X.509 public key certificates

permissions - access permissions provided to each recipient

encryptMetadata - indicates whether the document-level metadata stream shall be encrypted

embeddedFilesOnly - indicates whether embedded files shall be encrypted in an otherwise unencrypted document

PubSecHandlerUsingAesGcm

             public PubSecHandlerUsingAesGcm
             (PdfDictionary encryptionDictionary, Key certificateKey, Certificate certificate, String certificateKeyProvider, IExternalDecryptionProcess externalDecryptionProcess, boolean encryptMetadata)
            

Creates new PubSecHandlerUsingAesGcm instance for decryption.

Parameters:

encryptionDictionary - document's encryption dictionary

certificateKey - the recipient private Key to the certificate

certificate - the recipient Certificate, serves as recipient identifier

certificateKeyProvider - the certificate key provider id for Security.getProvider(String)

externalDecryptionProcess - the external decryption process to be used

encryptMetadata - indicates whether the document-level metadata stream shall be encrypted

Method Details

setHashKeyForNextObject

             public void setHashKeyForNextObject
             (int objNumber, int objGeneration)
            

Description copied from class: SecurityHandler

Note: For most of the supported security handlers algorithm to calculate encryption key for particular object is the same.

Overrides:

setHashKeyForNextObject in class PubSecHandlerUsingAes256

Parameters:

objNumber - number of particular object for encryption

objGeneration - generation of particular object for encryption

getEncryptionStream

             public OutputStreamEncryption getEncryptionStream
             (OutputStream os)
            

Description copied from class: SecurityHandler

Gets a stream wrapper, responsible for encryption.

Overrides:

getEncryptionStream in class PubSecHandlerUsingAes128

Parameters:

os - OutputStream to be wrapped

Returns:

OutputStreamEncryption, responsible for encryption.

getDecryptor

             public IDecryptor getDecryptor()
            

Description copied from class: SecurityHandler

Gets decryptor object.

Overrides:

getDecryptor in class PubSecHandlerUsingAes128

Returns:

IDecryptor

setPubSecSpecificHandlerDicEntries

             protected void setPubSecSpecificHandlerDicEntries
             (PdfDictionary encryptionDictionary, boolean encryptMetadata, boolean embeddedFilesOnly)
            

Overrides:

setPubSecSpecificHandlerDicEntries in class PubSecHandlerUsingAes256