Index

  1. \SetaPDF
      1. Core
      2. Core
        1. SecHandler
        2. SecHandler
          1. Standard
          2. Standard
              1. Aes128
              2. Aes256
              3. Aes256R5
              4. Arcfour128
              5. Arcfour128Cf
              6. Arcfour40

SetaPDF_Core_SecHandler_Standard_Aes256R5 Generator class for AES 256 bit security handler (revision 5 - DEPRECTAED IN ISO/DIS 32000-2)

File: /SetaPDF v2/Core/SecHandler/Standard/Aes256R5.php

Class hierarchy

Implements

Summary

Static Methods

Static Properties

Methods

Properties

Static Properties

$_padding

static protected string SetaPDF_Core_SecHandler_Standard::$_padding =

The padding string


Properties

$_auth

protected boolean SetaPDF_Core_SecHandler_AbstractHandler::$_auth = false

Defines if this security handler is authenticated

$_authMode

protected string|null SetaPDF_Core_SecHandler_AbstractHandler::$_authMode

The auth mode

Says who is authenticated: user or owner

$_document

protected SetaPDF_Core_Document SetaPDF_Core_SecHandler_AbstractHandler::$_document

The document to which this security handler is attached

$_encryptMetadata

protected boolean SetaPDF_Core_SecHandler_AbstractHandler::$_encryptMetadata = true

Metadata are encrypted or not

$_encryptionDictionary

protected SetaPDF_Core_Type_Dictionary SetaPDF_Core_SecHandler_AbstractHandler::$_encryptionDictionary

The encryption dictionary

$_encryptionKey

protected string SetaPDF_Core_SecHandler_AbstractHandler::$_encryptionKey

The encryption key

$_keyLength

protected integer SetaPDF_Core_SecHandler_AbstractHandler::$_keyLength = 5

The key length in bytes

This value is still needed if crypt filters are in use: - It is needed to compute the encryption key. - It is needed to compute the O value It is NOT documented which key length should be used for this things if a crypt filter is in use.

$_streamAlgorithm

protected array SetaPDF_Core_SecHandler_AbstractHandler::$_streamAlgorithm = array(...)

The algorithm an key length to be used for en/decrypting stream

$_stringAlgorithm

protected array SetaPDF_Core_SecHandler_AbstractHandler::$_stringAlgorithm = array(...)

The algorithm an key length to be used for en/decrypting strings


Static Methods

ensurePermissions()

public static SetaPDF_Core_SecHandler_Standard::ensurePermissions (
$permissions, $revision
): int

Ensures bits in the permission flag.

Parameters
$permissions
 
$revision
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

factory()

public static SetaPDF_Core_SecHandler_Standard_Aes256R5::factory (
SetaPDF_Core_Document $document, string $ownerPassword [, string $userPassword = '' [, integer $permissions = 0 [, boolean $encryptMetadata = true ]]]
): SetaPDF_Core_SecHandler_Standard_Aes256R5

Factory method for AES 256 bit security handler. (revision 5 - DEPRECTAED IN ISO/DIS 32000-2)

Parameters
$document : SetaPDF_Core_Document
 
$ownerPassword : string

The owner password in UTF-8 encoding

$userPassword : string

The user password in UTF-8 encoding

$permissions : integer
 
$encryptMetadata : boolean
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception


Methods

__construct()

public SetaPDF_Core_SecHandler_AbstractHandler::__construct (
SetaPDF_Core_Document $document, SetaPDF_Core_Type_Dictionary $encryptionDictionary
)

The constructor.

Parameters
$document : SetaPDF_Core_Document
 
$encryptionDictionary : SetaPDF_Core_Type_Dictionary
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

_authByOwnerPassword()

protected SetaPDF_Core_SecHandler_Standard::_authByOwnerPassword (
[ string $ownerPassword = '' ]
): string|boolean

Internal method to authenticate with the owner password.

Parameters
$ownerPassword : string
 
Return Values

The encryption key if the authentication was successful.
False if not.

Exceptions

Throws SetaPDF_Exception_NotImplemented

_authByUserPassword()

protected SetaPDF_Core_SecHandler_Standard::_authByUserPassword (
[ string $userPassword = '' ]
): string|boolean

Internal method to authenticate with the user password.

Parameters
$userPassword : string
 
Return Values

The encryption key if the authentication was successful.
False if not.

_computeEncryptionKey()

protected SetaPDF_Core_SecHandler_Standard::_computeEncryptionKey (
[ string $password = '' ]
): string

Compute the encryption key based on a password.

Parameters
$password : string
 
Exceptions

Throws SetaPDF_Exception_NotImplemented

_computeHashR6()

protected SetaPDF_Core_SecHandler_AbstractHandler::_computeHashR6 (
string $data, string $inputPassword [, string $userKey = '' ]
): string

Computes a hash for security handler revision 6.

Parameters
$data : string
 
$inputPassword : string
 
$userKey : string
 

_computeOValue()

protected SetaPDF_Core_SecHandler_Standard::_computeOValue (
string $userPassword [, string $ownerPassword = '' ]
): string

Compute the O value.

Parameters
$userPassword : string
 
$ownerPassword : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

_computeUValue()

protected SetaPDF_Core_SecHandler_Standard::_computeUValue (
string $encryptionKey
): string

Compute the U value.

Parameters
$encryptionKey : string
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

_crypt()

protected SetaPDF_Core_SecHandler_AbstractHandler::_crypt (
string $data, array $algorithm [, SetaPDF_Core_Type_IndirectObject $param = null [, boolean $encrypt = true ]]
): string

Encrypts or decrypts data using Algorithm 1 of the PDF specification.

Parameters
$data : string
 
$algorithm : array
 
$param : SetaPDF_Core_Type_IndirectObject
 
$encrypt : boolean
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

_getEncryptionKeyByUserPassword()

protected SetaPDF_Core_SecHandler_Standard::_getEncryptionKeyByUserPassword (
[ string $password = '' ]
): string

Get the encryption key by the user password.

Parameters
$password : string
 

auth()

public SetaPDF_Core_SecHandler_Standard::auth (
[ string $data = null ]
): boolean

Authenticate against the security handler.

This method will try to auth first with the owner password.

If this will fail it will try to auth to the user password.

Parameters
$data : string

The password to authenticate with

Return Values

Authentication was successful or not

authByOwnerPassword()

public SetaPDF_Core_SecHandler_Standard::authByOwnerPassword (
string $password
): boolean

Authenticate with the owner password.

Parameters
$password : string
 

authByUserPassword()

public SetaPDF_Core_SecHandler_Standard::authByUserPassword (
string $password
): boolean

Authenticate with the user password.

Parameters
$password : string
 

decryptStream()

public SetaPDF_Core_SecHandler_AbstractHandler::decryptStream (
string $data [, SetaPDF_Core_Type_IndirectObject $param = null ]
): string

Decrypt a stream.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

decryptString()

public SetaPDF_Core_SecHandler_AbstractHandler::decryptString (
string $data [, SetaPDF_Core_Type_IndirectObject $param = null ]
): string

Decrypt a string.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

encryptStream()

public SetaPDF_Core_SecHandler_AbstractHandler::encryptStream (
string $data [, SetaPDF_Core_Type_IndirectObject $param = null ]
): string

Encrypt a stream.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

encryptString()

public SetaPDF_Core_SecHandler_AbstractHandler::encryptString (
string $data [, SetaPDF_Core_Type_IndirectObject $param = null ]
): string

Encrypt a string.

Parameters
$data : string
 
$param : SetaPDF_Core_Type_IndirectObject
 
Exceptions

Throws SetaPDF_Core_SecHandler_Exception

generateRandomBytes()

public SetaPDF_Core_SecHandler_AbstractHandler::generateRandomBytes (
$length
): string

Generate random bytes.

Internally the method tries to use PHPs internal available methods for pseudo-random bytes creation: random_bytes(), openssl_random_pseudo_bytes(), mcrypt_create_iv(). If none of these methods is available a random string is generated by using mt_rand().

Parameters
$length
 

getAuthMode()

public SetaPDF_Core_SecHandler_AbstractHandler::getAuthMode (
void
): string

Get the auth method.

Return Values

"user", "owner" or an empty string if not authenticated.

getDocument()

public SetaPDF_Core_SecHandler_AbstractHandler::getDocument (
void
): SetaPDF_Core_Document

Returns the document instance of this security handler.

getEncryptMetadata()

public SetaPDF_Core_SecHandler_AbstractHandler::getEncryptMetadata (
void
): boolean

Returns true if the metadata are/will be encrypted.

getEncryptionDictionary()

public SetaPDF_Core_SecHandler_AbstractHandler::getEncryptionDictionary (
void
): SetaPDF_Core_Type_Dictionary

Gets the encryption dictionary.

getEncryptionKey()

public SetaPDF_Core_SecHandler_AbstractHandler::getEncryptionKey (
void
): string

Get the encryption key if known/authenticated.

Exceptions

Throws SetaPDF_Core_SecHandler_Exception

getPdfVersion()

public SetaPDF_Core_SecHandler_AbstractHandler::getPdfVersion (
void
): string

Get the PDF version, which is needed for the currently used encryption algorithm.

Exceptions

Throws SetaPDF_Exception_NotImplemented

getPermission()

public SetaPDF_Core_SecHandler_Standard::getPermission (
integer $permission
): boolean

Queries if a permission is granted.

Parameters
$permission : integer
 

getPermissions()

public SetaPDF_Core_SecHandler_Standard::getPermissions (
void
): integer

Returns current permissions.

See

getRevision()

public SetaPDF_Core_SecHandler_Standard::getRevision (
void
): mixed

Get the revision of the security handler.

getStreamAlgorithm()

public SetaPDF_Core_SecHandler_AbstractHandler::getStreamAlgorithm (
void
): array

Get the stream algorithm data.

getStringAlgorithm()

public SetaPDF_Core_SecHandler_AbstractHandler::getStringAlgorithm (
void
): array

Get the string algorithm data.

isAuth()

public SetaPDF_Core_SecHandler_AbstractHandler::isAuth (
void
): boolean

Queries if the security handler is authenticated.

If not it tries by calling auth() without a password.