kitepdf/io.github.yuroyami.kitepdf.crypto/StandardSecurityHandler

StandardSecurityHandler

class StandardSecurityHandler(encryptDict: PdfDictionary, fileIdFirst: ByteArray, userPassword: ByteArray = byteArrayOf(), ownerPassword: ByteArray = byteArrayOf())

PDF Standard Security Handler (ISO 32000-1 §7.6.4).

Implements key derivation and per-object decryption for security handlers V1, V2, V4 (RC4 / AES-128), and V5 (AES-256). V6 (PDF 2.0) shares V5's mechanism but with a slightly different password-validation algorithm; we accept both since most readers in the wild treat them interchangeably.

Construction tries the supplied password, then the empty password as fallback. isAuthenticated reports whether one of them worked; if not, decryption returns the original bytes (so the document can still be opened read-only for its public metadata).

Constructors

Link copied to clipboard
constructor(encryptDict: PdfDictionary, fileIdFirst: ByteArray, userPassword: ByteArray = byteArrayOf(), ownerPassword: ByteArray = byteArrayOf())

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
Link copied to clipboard
val p: Int

Raw /P bit-flags. Negative because the high bit is set on permissive PDFs.

Link copied to clipboard
val r: Int

Revision number — exposed so the public permissions API can pick the right bit semantics.

Functions

Link copied to clipboard
fun decryptStream(objNum: Long, genNum: Int, ciphertext: ByteArray): ByteArray

Decrypt a stream's raw bytes (call BEFORE running the filter chain).

Link copied to clipboard
fun decryptString(objNum: Long, genNum: Int, ciphertext: ByteArray): ByteArray

Decrypt a literal-string's bytes (replaces PdfString.bytes in place).