org.icepdf.core.pobjects.security

Class SecurityManager

java.lang.Object

org.icepdf.core.pobjects.security.SecurityManager

public class SecurityManager
extends java.lang.Object

The Security Manager class manages the encryption of encrypted PDF documents. The class is initiated by the Document class if a Crypt key is found in the document's trailer. The singleton pattern is implemented so that it can be called from anywhere with the PDF object structure.

There is currently only support for Adobe Standard encryption which is supported by the StandardSecurityHandler. Additional support for custom security handlers, public-key handlers and crypt filters is currently under development.

The Security Manager needs tobe compliant with Sun Java JCE 1.2.1 implementation. The security manager assumes that org.bouncycastle.jce.provider.BouncyCastleProvider can be found on the class path and will try to load the class accordingly. However, if you have another crypto API that you would like to use, the system property org.icepdf.core.pobjects.security.provider can be set to the provider's class path.

Since:

1.1

Constructor Summary

Constructors

Constructor and Description
SecurityManager(Library library, java.util.HashMap<java.lang.Object,java.lang.Object> encryptionDictionary, java.util.List fileID) Creates new instance of SecurityManager object.

Method Summary

Modifier and Type	Method and Description
byte[]	decrypt(Reference objectReference, byte[] encryptionKey, byte[] data) Decrypt the data using the encryptionKey and objectReference of the PDF stream or String object.
void	dispose() Disposes of the security handler instance.
byte[]	encrypt(Reference objectReference, byte[] encryptionKey, byte[] data) Encrypt the data using the encryptionKey and objectReference of the PDF stream or String object.
byte[]	getDecryptionKey() Gets the decrypt key used by the security handler when decrypting data.
EncryptionDictionary	getEncryptionDictionary() Gets the encryption dictionary associated with the document encryption handler.
java.io.InputStream	getEncryptionInputStream(Reference objectReference, byte[] encryptionKey, java.util.HashMap decodeParams, java.io.InputStream input, boolean returnInputIfNullResult) Return a new InputStream, from which read operations will return data, read and decrypt from the InputStream parameter objectReference of the PDF stream or String object.
byte[]	getEncryptionKey() Gets the encryption key used by the security handler when encrypting data.
Permissions	getPermissions() Gets the permission associated with the document's encryption handler.
SecurityHandler	getSecurityHandler() Gets the SecurityHandler associated with this Security Manager.
boolean	isAuthorized(java.lang.String password) Determines whether the supplied password is authorized to view the PDF document.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityManager

public SecurityManager(Library library,
                       java.util.HashMap<java.lang.Object,java.lang.Object> encryptionDictionary,
                       java.util.List fileID)
                throws PDFSecurityException

Creates new instance of SecurityManager object.

Parameters:

library - library of documents PDF objects

encryptionDictionary - encryption dictionary key values

fileID - fileID of PDF document

Throws:

PDFSecurityException - if the security provider could not be found

Method Detail

dispose

public void dispose()

Disposes of the security handler instance.

getPermissions

public Permissions getPermissions()

Gets the permission associated with the document's encryption handler.

Returns:

permission object

getSecurityHandler

public SecurityHandler getSecurityHandler()

Gets the SecurityHandler associated with this Security Manager.

Returns:

security handler object.

getEncryptionDictionary

public EncryptionDictionary getEncryptionDictionary()

Gets the encryption dictionary associated with the document encryption handler.

Returns:

encryption dictionary

getEncryptionKey

public byte[] getEncryptionKey()

Gets the encryption key used by the security handler when encrypting data.

Returns:

encryption key used to encrypt the data

getDecryptionKey

public byte[] getDecryptionKey()

Gets the decrypt key used by the security handler when decrypting data.

Returns:

decryption key used to encrypt the data

encrypt

public byte[] encrypt(Reference objectReference,
                      byte[] encryptionKey,
                      byte[] data)

Encrypt the data using the encryptionKey and objectReference of the PDF stream or String object.

Parameters:

objectReference - PDF objects number and revision number

encryptionKey - encryption key used to encrypt the data

data - byte data of a PDF Stream or String object

Returns:

encrypted data

decrypt

public byte[] decrypt(Reference objectReference,
                      byte[] encryptionKey,
                      byte[] data)

Decrypt the data using the encryptionKey and objectReference of the PDF stream or String object.

Parameters:

objectReference - PDF objects number and revision number

encryptionKey - encryption key used to decrypt the data

data - byte data of a PDF Stream or String object

Returns:

decrypted data

getEncryptionInputStream

public java.io.InputStream getEncryptionInputStream(Reference objectReference,
                                                    byte[] encryptionKey,
                                                    java.util.HashMap decodeParams,
                                                    java.io.InputStream input,
                                                    boolean returnInputIfNullResult)

Return a new InputStream, from which read operations will return data, read and decrypt from the InputStream parameter objectReference of the PDF stream or String object.

Parameters:

objectReference - PDF objects number and revision number

encryptionKey - encryption key used to decrypt the data

input - InputStream giving access to encrypted data

decodeParams - crypt filter optional parameters, can be null.

returnInputIfNullResult - If results end up being null, then return input instead of null

Returns:

InputStream giving access to decrypted data

isAuthorized

public boolean isAuthorized(java.lang.String password)

Determines whether the supplied password is authorized to view the PDF document. If a password is rejected, the user should be restricted from viewing the document.

Parameters:

password - password to authorize

Returns:

true, if the password was authorized successfully; false, otherwise.