/** * @param string $permanentFileIdentifier * @param string $userPassword * @param string|null $ownerPassword * @param Permissions|null $userPermissions * @throws UnexpectedValueException */ public function __construct($permanentFileIdentifier, $userPassword, $ownerPassword = null, Permissions $userPermissions = null) { if (null === $ownerPassword) { $ownerPassword = $userPassword; } $encodedUserPassword = $this->encodePassword($userPassword); $encodedOwnerPassword = $this->encodePassword($ownerPassword); $revision = $this->getRevision(); $keyLength = $this->getKeyLength(); if ($revision < 3 && null !== $userPermissions) { throw new DomainException('This encryption does not support permissions'); } if (!in_array($keyLength, [40, 128])) { throw new UnexpectedValueException('Key length must be either 40 or 128'); } $this->ownerEntry = $this->computeOwnerEntry($encodedOwnerPassword, $encodedUserPassword, $revision, $keyLength); if (2 === $revision) { list($this->userEntry, $this->encryptionKey) = EncryptionUtils::computeUserEntryRev2($encodedUserPassword, $this->ownerEntry, $revision, $permanentFileIdentifier); } else { list($this->userEntry, $this->encryptionKey) = EncryptionUtils::computeUserEntryRev3OrGreater($encodedUserPassword, $revision, $keyLength, $this->ownerEntry, $userPermissions->toInt($revision), $permanentFileIdentifier); } $this->userPermissions = $userPermissions; }
/** * Enables encryption for the document. * * @param string $userPassword * @param string|null $ownerPassword * @param bool $use128bit */ public function enableEncryption($userPassword, $ownerPassword = null, $use128bit = true) { if (null === $ownerPassword) { $ownerPassword = $userPassword; } if ($use128bit) { $algorithm = 2; $revision = 3; $keyLength = 128 / 8; } else { $algorithm = 1; $revision = 2; $keyLength = 40 / 8; } $permissions = -1; $ownerEntry = EncryptionUtils::computeOwnerEntry($ownerPassword, $userPassword, $revision, $keyLength); if (2 === $revision) { list($userEntry, $key) = EncryptionUtils::computeUserEntryRev2($userPassword, $ownerEntry, $revision, $this->firstId->getValue()); } else { list($userEntry, $key) = EncryptionUtils::computeUserEntryRev3OrGreater($userPassword, $revision, $keyLength, $ownerEntry, $permissions, $this->firstId->getValue()); } $encrypt = new DictionaryObject(); $encrypt['Filter'] = new NameObject('Standard'); $encrypt['V'] = new NumericObject($algorithm); if (2 === $algorithm) { $encrypt['Length'] = new NumericObject($keyLength * 8); } $encrypt['R'] = new NumericObject($revision); $encrypt['O'] = new HexadecimalStringObject($ownerEntry); $encrypt['U'] = new HexadecimalStringObject($userEntry); $encrypt['P'] = new NumericObject($permissions); $this->encrypt = $this->objects->addObject($encrypt); $this->encryptionKey = $key; }