SetaPDF_Core_SecHandler_Standard_Aes256 Generator class for AES 256 bit security handler (revision 6)

File: /SetaPDF v2/Core/SecHandler/Standard/Aes256.php

Class hierarchy

Implements

Summary

Static Properties

$_padding

static protected string SetaPDF_Core_SecHandler_Standard::$_padding =

The padding string


Properties

$_auth

Defines if this security handler is authenticated

$_authMode

The auth mode

Says who is authenticated: user or owner

$_document

The document to which this security handler is attached

$_encryptMetadata

Metadata are encrypted or not

$_encryptionDictionary

$_encryptionKey

The encryption key

$_keyLength

The key length in bytes

This value is still needed if crypt filters are in use:

  • It is needed to compute the encryption key.
  • It is needed to compute the O value It is NOT documented which key length should be used for this things if a crypt filter is in use.

$_streamAlgorithm

The algorithm key length to be used for en/decrypting stream

$_stringAlgorithm

The algorithm key length to be used for en/decrypting strings


Static Methods

create()

public static SetaPDF_Core_SecHandler_Standard_Aes256::create (
SetaPDF_Core_Document $document, string $ownerPassword [, string $userPassword = '' [, integer $permissions = 0 [, boolean $encryptMetadata = true [, string $passwordsEncoding = 'utf-8' ]]]]
): SetaPDF_Core_SecHandler_Standard_Aes256

Create method for AES 256 bit security handler.

Parameters
$document : SetaPDF_Core_Document
 
$ownerPassword : string

The owner password in UTF-8 encoding

$userPassword : string

The user password in UTF-8 encoding

$permissions : integer
 
$encryptMetadata : boolean
 
$passwordsEncoding : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

ensurePasswordEncoding()

public static SetaPDF_Core_SecHandler_Standard::ensurePasswordEncoding (
integer $revision, string $password, string $encoding
): string

This method ensures the correct encoding of a password.

Internally the password is converted into the required encoding for the desired revision and it is pocessed with the SASLprep profile if requried.

Parameters
$revision : integer
 
$password : string
 
$encoding : string
 
Exceptions

Throws SetaPDF_Exception_NotImplemented

ensurePermissions()

public static SetaPDF_Core_SecHandler_Standard::ensurePermissions (
int $permissions, int $revision
): int

Ensures bits in the permission flag.

Parameters
$permissions : int
 
$revision : int
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

factory()

WARNING: This method is marked as deprecated!

Use self::create() instead

public static SetaPDF_Core_SecHandler_Standard_Aes256::factory (
SetaPDF_Core_Document $document, string $ownerPassword [, string $userPassword = '' [, integer $permissions = 0 [, boolean $encryptMetadata = true [, string $passwordsEncoding = 'utf-8' ]]]]
): SetaPDF_Core_SecHandler_Standard_Aes256
Parameters
$document : SetaPDF_Core_Document
 
$ownerPassword : string

The owner password in UTF-8 encoding

$userPassword : string

The user password in UTF-8 encoding

$permissions : integer
 
$encryptMetadata : boolean
 
$passwordsEncoding : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception


Methods

__construct()

The constructor.

Parameters
$document : SetaPDF_Core_Document
 
$encryptionDictionary : SetaPDF_Core_Type_Dictionary
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

_authByOwnerPassword()

protected SetaPDF_Core_SecHandler_Standard::_authByOwnerPassword (
[ string $ownerPassword = '' ]
): string|boolean

Internal method to authenticate with the owner password.

Parameters
$ownerPassword : string
 
Return Values

The encryption key if the authentication was successful. False if not.

Exceptions

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_SecHandler_Exception

_authByUserPassword()

protected SetaPDF_Core_SecHandler_Standard::_authByUserPassword (
[ string $userPassword = '' ]
): string|boolean

Internal method to authenticate with the user password.

Parameters
$userPassword : string
 
Return Values

The encryption key if the authentication was successful. False if not.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception_NotImplemented

_computeEncryptionKey()

protected SetaPDF_Core_SecHandler_Standard::_computeEncryptionKey (
[ string $password = '' ]
): string

Compute the encryption key based on a password.

Parameters
$password : string
 
Exceptions

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_SecHandler_Exception

_computeHashR6()

protected SetaPDF_Core_SecHandler_AbstractHandler::_computeHashR6 (
string $data, string $inputPassword [, string $userKey = '' ]
): string

Computes a hash for security handler revision 6.

Parameters
$data : string
 
$inputPassword : string
 
$userKey : string
 

_computeOValue()

protected SetaPDF_Core_SecHandler_Standard::_computeOValue (
string $userPassword [, string $ownerPassword = '' ]
): string

Compute the O value.

Parameters
$userPassword : string
 
$ownerPassword : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

_computeUValue()

protected SetaPDF_Core_SecHandler_Standard::_computeUValue (
string $encryptionKey
): string

Compute the U value.

Parameters
$encryptionKey : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

_crypt()

protected SetaPDF_Core_SecHandler_AbstractHandler::_crypt (
string $data, array $algorithm [, SetaPDF_Core_Type_IndirectObject $param = null [, boolean $encrypt = true ]]
): string

Encrypts or decrypts data using Algorithm 1 of the PDF specification.

Parameters
$data : string
 
$algorithm : array
 
$param : SetaPDF_Core_Type_IndirectObject
 
$encrypt : boolean
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

_getEncryptionKeyByUserPassword()

protected SetaPDF_Core_SecHandler_Standard::_getEncryptionKeyByUserPassword (
[ string $password = '' ]
): string

Get the encryption key by the user password.

Parameters
$password : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Exception_NotImplemented

auth()

public SetaPDF_Core_SecHandler_Standard::auth (
[ string $password = null [, string|null $encoding = null ]]
): boolean

Authenticate against the security handler.

This method will try to auth first with the owner password.

If this fails it will try to auth to the user password.

Parameters
$password : string
 
$encoding : string|null
 
Return Values

Authentication was successful or not

Exceptions

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_SecHandler_Exception

authByOwnerPassword()

public SetaPDF_Core_SecHandler_Standard::authByOwnerPassword (
string $password [, string|null $encoding = null ]
): boolean

Authenticate with the owner password.

Parameters
$password : string
 
$encoding : string|null
 
Exceptions

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_SecHandler_Exception

authByUserPassword()

public SetaPDF_Core_SecHandler_Standard::authByUserPassword (
string $password [, null $encoding = null ]
): boolean

Authenticate with the user password.

Parameters
$password : string
 
$encoding : null
 
Exceptions

Throws SetaPDF_Exception_NotImplemented

Throws SetaPDF_Core_Type_Exception

Throws SetaPDF_Core_SecHandler_Exception

decryptStream()

Decrypt a stream.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

decryptString()

Decrypt a string.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

encryptStream()

Encrypt a stream.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

encryptString()

Encrypt a string.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

getAuthMode()

Get the auth method.

Return Values

"user", "owner" or an empty string if not authenticated.

getDocument()

Returns the document instance of this security handler.

getEncryptMetadata()

Returns true if the metadata are/will be encrypted.

getEncryptionDictionary()

getEncryptionKey()

Get the encryption key if known/authenticated.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

getPdfVersion()

Get the PDF version, which is needed for the currently used encryption algorithm.

Exceptions

Throws SetaPDF_Exception_NotImplemented

getPermission()

public SetaPDF_Core_SecHandler_Standard::getPermission (
integer $permission
): boolean

Queries if a permission is granted.

Parameters
$permission : integer
 
Exceptions

Throws SetaPDF_Core_Type_Exception

getPermissions()

getRevision()

Get the revision of the security handler.

Exceptions

Throws SetaPDF_Core_Type_Exception

getStreamAlgorithm()

Get the stream algorithm data.

getStringAlgorithm()

Get the string algorithm data.

isAuth()

Queries if the security handler is authenticated.

If not it tries by calling auth() without a password.