SetaPDF_Core_SecHandler_Standard_Aes256 Generator class for AES 256 bit security handler (revision 6)
File: /SetaPDF v2/Core/SecHandler/Standard/Aes256.php
Class hierarchy
Implements
Summary
Methods
- __construct()
- _authByOwnerPassword()
- _authByUserPassword()
- _computeEncryptionKey()
- _computeHashR6()
- _computeOValue()
- _computeUValue()
- _crypt()
- _getEncryptionKeyByUserPassword()
- auth()
- authByOwnerPassword()
- authByUserPassword()
- decryptStream()
- decryptString()
- encryptStream()
- encryptString()
- getAuthMode()
- getDocument()
- getEncryptMetadata()
- getEncryptionDictionary()
- getEncryptionKey()
- getPdfVersion()
- getPermission()
- getPermissions()
- getRevision()
- getStreamAlgorithm()
- getStringAlgorithm()
- isAuth()
Static Properties
Properties
$_authMode
The auth mode
Says who is authenticated: user or owner
$_encryptionDictionary
The encryption dictionary
$_encryptionKey
The encryption key
$_keyLength
The key length in bytes
This value is still needed if crypt filters are in use:
- It is needed to compute the encryption key.
- It is needed to compute the O value It is NOT documented which key length should be used for this things if a crypt filter is in use.
Static Methods
create()
Create method for AES 256 bit security handler.
Parameters
- $document : SetaPDF_Core_Document
- $ownerPassword : string
The owner password in UTF-8 encoding
- $userPassword : string
The user password in UTF-8 encoding
- $permissions : integer
- $encryptMetadata : boolean
- $passwordsEncoding : string
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
ensurePasswordEncoding()
This method ensures the correct encoding of a password.
Internally the password is converted into the required encoding for the desired revision and it is pocessed with the SASLprep profile if requried.
Parameters
- $revision : integer
- $password : string
- $encoding : string
Exceptions
ensurePermissions()
Ensures bits in the permission flag.
Parameters
- $permissions : int
- $revision : int
Exceptions
factory()
WARNING: This method is marked as deprecated!
Use self::create() instead
Parameters
- $document : SetaPDF_Core_Document
- $ownerPassword : string
The owner password in UTF-8 encoding
- $userPassword : string
The user password in UTF-8 encoding
- $permissions : integer
- $encryptMetadata : boolean
- $passwordsEncoding : string
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
Methods
__construct()
The constructor.
Parameters
- $document : SetaPDF_Core_Document
- $encryptionDictionary : SetaPDF_Core_Type_Dictionary
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
_authByOwnerPassword()
Internal method to authenticate with the owner password.
Parameters
- $ownerPassword : string
Return Values
The encryption key if the authentication was successful. False if not.
Exceptions
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
_authByUserPassword()
Internal method to authenticate with the user password.
Parameters
- $userPassword : string
Return Values
The encryption key if the authentication was successful. False if not.
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
_computeEncryptionKey()
Compute the encryption key based on a password.
Parameters
- $password : string
Exceptions
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
_computeHashR6()
Computes a hash for security handler revision 6.
Parameters
- $data : string
- $inputPassword : string
- $userKey : string
_computeOValue()
Compute the O value.
Parameters
- $userPassword : string
- $ownerPassword : string
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
_computeUValue()
Compute the U value.
Parameters
- $encryptionKey : string
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
_crypt()
Encrypts or decrypts data using Algorithm 1 of the PDF specification.
Parameters
- $data : string
- $algorithm : array
- $param : SetaPDF_Core_Type_IndirectObject
- $encrypt : boolean
Exceptions
_getEncryptionKeyByUserPassword()
Get the encryption key by the user password.
Parameters
- $password : string
Exceptions
Throws SetaPDF_Core_SecHandler_Exception
Throws SetaPDF_Core_Type_Exception
auth()
Authenticate against the security handler.
This method will try to auth first with the owner password.
If this fails it will try to auth to the user password.
Parameters
- $password : string
- $encoding : string|null
Return Values
Authentication was successful or not
Exceptions
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
authByOwnerPassword()
Authenticate with the owner password.
Parameters
- $password : string
- $encoding : string|null
Exceptions
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
authByUserPassword()
Authenticate with the user password.
Parameters
- $password : string
- $encoding : null
Exceptions
Throws SetaPDF_Exception_NotImplemented
Throws SetaPDF_Core_Type_Exception
decryptStream()
Decrypt a stream.
Parameters
- $data : string
- $param : SetaPDF_Core_Type_IndirectObject
Exceptions
decryptString()
Decrypt a string.
Parameters
- $data : string
- $param : SetaPDF_Core_Type_IndirectObject
Exceptions
encryptStream()
Encrypt a stream.
Parameters
- $data : string
- $param : SetaPDF_Core_Type_IndirectObject
Exceptions
encryptString()
Encrypt a string.
Parameters
- $data : string
- $param : SetaPDF_Core_Type_IndirectObject
Exceptions
getAuthMode()
Get the auth method.
Return Values
"user", "owner" or an empty string if not authenticated.
getEncryptionDictionary()
Gets the encryption dictionary.
getPdfVersion()
Get the PDF version, which is needed for the currently used encryption algorithm.
Exceptions
getPermission()
Queries if a permission is granted.
Parameters
- $permission : integer
Exceptions
Throws SetaPDF_Core_Type_Exception
getRevision()
isAuth()
Queries if the security handler is authenticated.
If not it tries by calling auth() without a password.