Base class for both the compress and decompress classes.
Holds common arrays, and static data.
@author Keiron Liddle
An input stream that decompresses from the BZip2 format (with the file
header chars) to be read as any other stream.
@author Keiron Liddle
NB: note this class has been modified to read the leading BZ from the
start of the BZIP2 stream to make it compatible with other PGP programs.
An output stream that compresses into the BZip2 format (with the file
header chars) into another stream.
@author Keiron Liddle
TODO: Update to BZip2 1.0.1
NB: note this class has been modified to add a leading BZ to the
start of the BZIP2 stream to make it compatible with other PGP programs.
modified by Oliver Merkel, 010128
A simple class the hold and calculate the CRC for sanity checking
of the data.
@author Keiron Liddle
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
Return the DER encoding of the object, null if the DER encoding can not be made.
@return a DER byte array, null otherwise.
a general purpose ASN.1 decoder - note: this class differs from the
others in that it returns null after it has read the last object in
the stream. If an ASN.1 Null is encountered a Der/BER Null object is
returned.
Create an ASN1InputStream where no DER object will be longer than limit.
@param input stream containing ASN.1 encoded data.
@param limit maximum size of a DER encoded object.
Create an ASN1InputStream based on the input byte array. The length of DER objects in
the stream is automatically limited to the length of the input array.
@param input array containing ASN.1 encoded data.
build an object given its tag and the number of bytes to construct it from.
A Null object.
Create a base ASN.1 object from a byte array.
The byte array to parse.
The base ASN.1 object represented by the byte array.
If there is a problem parsing the data, or parsing an object did not exhaust the available data.
Read a base ASN.1 object from a stream.
The stream to parse.
The base ASN.1 object represented by the byte array.
If there is a problem parsing the data.
return an Octet string from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
return an Octet string from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
@param string the octets making up the octet string.
return an Asn1Sequence from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Return an ASN1 sequence from a tagged object. There is a special
case here, if an object appears to have been explicitly tagged on
reading but we were expecting it to be implicitly tagged in the
normal course of events it indicates that we lost the surrounding
sequence - so we need to add it back (this will happen if the tagged
object is a sequence that contains other sequences). If you are
dealing with implicitly tagged sequences you really should
be using this method.
@param obj the tagged object.
@param explicitly true if the object is meant to be explicitly tagged,
false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
return the object at the sequence position indicated by index.
@param index the sequence number (starting at zero) of the object
@return the object at the sequence position indicated by index.
return an ASN1Set from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Return an ASN1 set from a tagged object. There is a special
case here, if an object appears to have been explicitly tagged on
reading but we were expecting it to be implicitly tagged in the
normal course of events it indicates that we lost the surrounding
set - so we need to add it back (this will happen if the tagged
object is a sequence that contains other sequences). If you are
dealing with implicitly tagged sets you really should
be using this method.
@param obj the tagged object.
@param explicitly true if the object is meant to be explicitly tagged
false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
return the object at the set position indicated by index.
@param index the set number (starting at zero) of the object
@return the object at the set position indicated by index.
ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
@param tagNo the tag number for this object.
@param obj the tagged object.
@param explicitly true if the object is explicitly tagged.
@param tagNo the tag number for this object.
@param obj the tagged object.
return whether or not the object may be explicitly tagged.
Note: if the object has been read from an input stream, the only
time you can be sure if isExplicit is returning the true state of
affairs is if it returns false. An implicitly tagged object may appear
to be explicitly tagged, so you need to understand the context under
which the reading was done as well, see GetObject below.
return whatever was following the tag.
Note: tagged objects are generally context dependent if you're
trying to extract a tagged object you should be going via the
appropriate GetInstance method.
Return the object held in this tagged object as a parser assuming it has
the type of the passed in tag. If the object doesn't have a parser
associated with it, the base object is returned.
SHA-2.SHA-256; 1.3.6.1.4.1.22554.1.2.1
SHA-2.SHA-384; 1.3.6.1.4.1.22554.1.2.2
SHA-2.SHA-512; 1.3.6.1.4.1.22554.1.2.3
SHA-2.SHA-224; 1.3.6.1.4.1.22554.1.2.4
PKCS-5(1)|PKCS-12(2)
SHA-1.PKCS5; 1.3.6.1.4.1.22554.1.1.1
SHA-1.PKCS12; 1.3.6.1.4.1.22554.1.1.2
SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.1
SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.2
AES(1) . (CBC-128(2)|CBC-192(22)|CBC-256(42))
1.3.6.1.4.1.22554.1.1.2.1.2
1.3.6.1.4.1.22554.1.1.2.1.22
1.3.6.1.4.1.22554.1.1.2.1.42
1.3.6.1.4.1.22554.1.1.2.2.2
1.3.6.1.4.1.22554.1.1.2.2.22
1.3.6.1.4.1.22554.1.1.2.2.42
signature(2) algorithms
Sphincs-256
XMSS
XMSS^MT
key_exchange(3) algorithms
NewHope
A BER Null object.
convert a vector of octet strings into a single byte string
The octets making up the octet string.
return the DER octets that make up this string.
create an empty sequence
create a sequence containing one object
create a sequence containing a vector of objects.
create an empty sequence
create a set containing one object
create a set containing a vector of objects.
BER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
@param tagNo the tag number for this object.
@param obj the tagged object.
@param explicitly true if an explicitly tagged object.
@param tagNo the tag number for this object.
@param obj the tagged object.
create an implicitly tagged object that contains a zero
length sequence.
CAKeyUpdAnnContent ::= SEQUENCE {
oldWithNew CmpCertificate, -- old pub signed with new priv
newWithOld CmpCertificate, -- new pub signed with old priv
newWithNew CmpCertificate -- new pub signed with new priv
}
@return a basic ASN.1 object representation.
CertConfirmContent ::= SEQUENCE OF CertStatus
@return a basic ASN.1 object representation.
CertifiedKeyPair ::= SEQUENCE {
certOrEncCert CertOrEncCert,
privateKey [0] EncryptedValue OPTIONAL,
-- see [CRMF] for comment on encoding
publicationInfo [1] PKIPublicationInfo OPTIONAL
}
@return a basic ASN.1 object representation.
CertOrEncCert ::= CHOICE {
certificate [0] CMPCertificate,
encryptedCert [1] EncryptedValue
}
@return a basic ASN.1 object representation.
CertRepMessage ::= SEQUENCE {
caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
OPTIONAL,
response SEQUENCE OF CertResponse
}
@return a basic ASN.1 object representation.
CertResponse ::= SEQUENCE {
certReqId INTEGER,
-- to match this response with corresponding request (a value
-- of -1 is to be used if certReqId is not specified in the
-- corresponding request)
status PKIStatusInfo,
certifiedKeyPair CertifiedKeyPair OPTIONAL,
rspInfo OCTET STRING OPTIONAL
-- analogous to the id-regInfo-utf8Pairs string defined
-- for regInfo in CertReqMsg [CRMF]
}
@return a basic ASN.1 object representation.
CertStatus ::= SEQUENCE {
certHash OCTET STRING,
-- the hash of the certificate, using the same hash algorithm
-- as is used to create and verify the certificate signature
certReqId INTEGER,
-- to match this confirmation with the corresponding req/rep
statusInfo PKIStatusInfo OPTIONAL
}
@return a basic ASN.1 object representation.
Challenge ::= SEQUENCE {
owf AlgorithmIdentifier OPTIONAL,
-- MUST be present in the first Challenge; MAY be omitted in
-- any subsequent Challenge in POPODecKeyChallContent (if
-- omitted, then the owf used in the immediately preceding
-- Challenge is to be used).
witness OCTET STRING,
-- the result of applying the one-way function (owf) to a
-- randomly-generated INTEGER, A. [Note that a different
-- INTEGER MUST be used for each Challenge.]
challenge OCTET STRING
-- the encryption (under the public key for which the cert.
-- request is being made) of Rand, where Rand is specified as
-- Rand ::= SEQUENCE {
-- int INTEGER,
-- - the randomly-generated INTEGER A (above)
-- sender GeneralName
-- - the sender's name (as included in PKIHeader)
-- }
}
@return a basic ASN.1 object representation.
Note: the addition of attribute certificates is a BC extension.
CMPCertificate ::= CHOICE {
x509v3PKCert Certificate
x509v2AttrCert [1] AttributeCertificate
}
Note: the addition of attribute certificates is a BC extension.
@return a basic ASN.1 object representation.
CrlAnnContent ::= SEQUENCE OF CertificateList
@return a basic ASN.1 object representation.
ErrorMsgContent ::= SEQUENCE {
pKIStatusInfo PKIStatusInfo,
errorCode INTEGER OPTIONAL,
-- implementation-specific error codes
errorDetails PKIFreeText OPTIONAL
-- implementation-specific error details
}
@return a basic ASN.1 object representation.
GenMsgContent ::= SEQUENCE OF InfoTypeAndValue
@return a basic ASN.1 object representation.
GenRepContent ::= SEQUENCE OF InfoTypeAndValue
@return a basic ASN.1 object representation.
Example InfoTypeAndValue contents include, but are not limited
to, the following (un-comment in this ASN.1 module and use as
appropriate for a given environment):
id-it-caProtEncCert OBJECT IDENTIFIER ::= {id-it 1}
CAProtEncCertValue ::= CMPCertificate
id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
SignKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
id-it-encKeyPairTypes OBJECT IDENTIFIER ::= {id-it 3}
EncKeyPairTypesValue ::= SEQUENCE OF AlgorithmIdentifier
id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
PreferredSymmAlgValue ::= AlgorithmIdentifier
id-it-caKeyUpdateInfo OBJECT IDENTIFIER ::= {id-it 5}
CAKeyUpdateInfoValue ::= CAKeyUpdAnnContent
id-it-currentCRL OBJECT IDENTIFIER ::= {id-it 6}
CurrentCRLValue ::= CertificateList
id-it-unsupportedOIDs OBJECT IDENTIFIER ::= {id-it 7}
UnsupportedOIDsValue ::= SEQUENCE OF OBJECT IDENTIFIER
id-it-keyPairParamReq OBJECT IDENTIFIER ::= {id-it 10}
KeyPairParamReqValue ::= OBJECT IDENTIFIER
id-it-keyPairParamRep OBJECT IDENTIFIER ::= {id-it 11}
KeyPairParamRepValue ::= AlgorithmIdentifer
id-it-revPassphrase OBJECT IDENTIFIER ::= {id-it 12}
RevPassphraseValue ::= EncryptedValue
id-it-implicitConfirm OBJECT IDENTIFIER ::= {id-it 13}
ImplicitConfirmValue ::= NULL
id-it-confirmWaitTime OBJECT IDENTIFIER ::= {id-it 14}
ConfirmWaitTimeValue ::= GeneralizedTime
id-it-origPKIMessage OBJECT IDENTIFIER ::= {id-it 15}
OrigPKIMessageValue ::= PKIMessages
id-it-suppLangTags OBJECT IDENTIFIER ::= {id-it 16}
SuppLangTagsValue ::= SEQUENCE OF UTF8String
where
id-pkix OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
and
id-it OBJECT IDENTIFIER ::= {id-pkix 4}
InfoTypeAndValue ::= SEQUENCE {
infoType OBJECT IDENTIFIER,
infoValue ANY DEFINED BY infoType OPTIONAL
}
@return a basic ASN.1 object representation.
KeyRecRepContent ::= SEQUENCE {
status PKIStatusInfo,
newSigCert [0] CMPCertificate OPTIONAL,
caCerts [1] SEQUENCE SIZE (1..MAX) OF
CMPCertificate OPTIONAL,
keyPairHist [2] SEQUENCE SIZE (1..MAX) OF
CertifiedKeyPair OPTIONAL
}
@return a basic ASN.1 object representation.
OobCertHash ::= SEQUENCE {
hashAlg [0] AlgorithmIdentifier OPTIONAL,
certId [1] CertId OPTIONAL,
hashVal BIT STRING
-- hashVal is calculated over the Der encoding of the
-- self-signed certificate with the identifier certID.
}
@return a basic ASN.1 object representation.
PbmParameter ::= SEQUENCE {
salt OCTET STRING,
-- note: implementations MAY wish to limit acceptable sizes
-- of this string to values appropriate for their environment
-- in order to reduce the risk of denial-of-service attacks
owf AlgorithmIdentifier,
-- AlgId for a One-Way Function (SHA-1 recommended)
iterationCount INTEGER,
-- number of times the OWF is applied
-- note: implementations MAY wish to limit acceptable sizes
-- of this integer to values appropriate for their environment
-- in order to reduce the risk of denial-of-service attacks
mac AlgorithmIdentifier
-- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
} -- or HMAC [RFC2104, RFC2202])
@return a basic ASN.1 object representation.
Creates a new PkiBody.
@param type one of the TYPE_* constants
@param content message content
PkiBody ::= CHOICE { -- message-specific body elements
ir [0] CertReqMessages, --Initialization Request
ip [1] CertRepMessage, --Initialization Response
cr [2] CertReqMessages, --Certification Request
cp [3] CertRepMessage, --Certification Response
p10cr [4] CertificationRequest, --imported from [PKCS10]
popdecc [5] POPODecKeyChallContent, --pop Challenge
popdecr [6] POPODecKeyRespContent, --pop Response
kur [7] CertReqMessages, --Key Update Request
kup [8] CertRepMessage, --Key Update Response
krr [9] CertReqMessages, --Key Recovery Request
krp [10] KeyRecRepContent, --Key Recovery Response
rr [11] RevReqContent, --Revocation Request
rp [12] RevRepContent, --Revocation Response
ccr [13] CertReqMessages, --Cross-Cert. Request
ccp [14] CertRepMessage, --Cross-Cert. Response
ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann.
cann [16] CertAnnContent, --Certificate Ann.
rann [17] RevAnnContent, --Revocation Ann.
crlann [18] CRLAnnContent, --CRL Announcement
pkiconf [19] PKIConfirmContent, --Confirmation
nested [20] NestedMessageContent, --Nested Message
genm [21] GenMsgContent, --General Message
genp [22] GenRepContent, --General Response
error [23] ErrorMsgContent, --Error Message
certConf [24] CertConfirmContent, --Certificate confirm
pollReq [25] PollReqContent, --Polling request
pollRep [26] PollRepContent --Polling response
}
@return a basic ASN.1 object representation.
PkiConfirmContent ::= NULL
@return a basic ASN.1 object representation.
PKIFailureInfo ::= BIT STRING {
badAlg (0),
-- unrecognized or unsupported Algorithm Identifier
badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
badRequest (2),
-- transaction not permitted or supported
badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
badCertId (4), -- no certificate could be found matching the provided criteria
badDataFormat (5),
-- the data submitted has the wrong format
wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
incorrectData (7), -- the requester's data is incorrect (for notary services)
missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
badPOP (9) -- the proof-of-possession failed
certRevoked (10),
certConfirmed (11),
wrongIntegrity (12),
badRecipientNonce (13),
timeNotAvailable (14),
-- the TSA's time source is not available
unacceptedPolicy (15),
-- the requested TSA policy is not supported by the TSA
unacceptedExtension (16),
-- the requested extension is not supported by the TSA
addInfoNotAvailable (17)
-- the additional information requested could not be understood
-- or is not available
badSenderNonce (18),
badCertTemplate (19),
signerNotTrusted (20),
transactionIdInUse (21),
unsupportedVersion (22),
notAuthorized (23),
systemUnavail (24),
systemFailure (25),
-- the request cannot be handled due to system failure
duplicateCertReq (26)
Basic constructor.
Return the number of string elements present.
@return number of elements present.
Return the UTF8STRING at index.
@param index index of the string of interest
@return the string at index.
PkiFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
Value for a "null" recipient or sender.
PkiHeader ::= SEQUENCE {
pvno INTEGER { cmp1999(1), cmp2000(2) },
sender GeneralName,
-- identifies the sender
recipient GeneralName,
-- identifies the intended recipient
messageTime [0] GeneralizedTime OPTIONAL,
-- time of production of this message (used when sender
-- believes that the transport will be "suitable"; i.e.,
-- that the time will still be meaningful upon receipt)
protectionAlg [1] AlgorithmIdentifier OPTIONAL,
-- algorithm used for calculation of protection bits
senderKID [2] KeyIdentifier OPTIONAL,
recipKID [3] KeyIdentifier OPTIONAL,
-- to identify specific keys used for protection
transactionID [4] OCTET STRING OPTIONAL,
-- identifies the transaction; i.e., this will be the same in
-- corresponding request, response, certConf, and PKIConf
-- messages
senderNonce [5] OCTET STRING OPTIONAL,
recipNonce [6] OCTET STRING OPTIONAL,
-- nonces used to provide replay protection, senderNonce
-- is inserted by the creator of this message; recipNonce
-- is a nonce previously inserted in a related message by
-- the intended recipient of this message
freeText [7] PKIFreeText OPTIONAL,
-- this may be used to indicate context-specific instructions
-- (this field is intended for human consumption)
generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL
-- this may be used to convey context-specific information
-- (this field not primarily intended for human consumption)
}
@return a basic ASN.1 object representation.
PKIHeader ::= SEQUENCE {
pvno INTEGER { cmp1999(1), cmp2000(2) },
sender GeneralName,
-- identifies the sender
recipient GeneralName,
-- identifies the intended recipient
messageTime [0] GeneralizedTime OPTIONAL,
-- time of production of this message (used when sender
-- believes that the transport will be "suitable"; i.e.,
-- that the time will still be meaningful upon receipt)
protectionAlg [1] AlgorithmIdentifier OPTIONAL,
-- algorithm used for calculation of protection bits
senderKID [2] KeyIdentifier OPTIONAL,
recipKID [3] KeyIdentifier OPTIONAL,
-- to identify specific keys used for protection
transactionID [4] OCTET STRING OPTIONAL,
-- identifies the transaction; i.e., this will be the same in
-- corresponding request, response, certConf, and PKIConf
-- messages
senderNonce [5] OCTET STRING OPTIONAL,
recipNonce [6] OCTET STRING OPTIONAL,
-- nonces used to provide replay protection, senderNonce
-- is inserted by the creator of this message; recipNonce
-- is a nonce previously inserted in a related message by
-- the intended recipient of this message
freeText [7] PKIFreeText OPTIONAL,
-- this may be used to indicate context-specific instructions
-- (this field is intended for human consumption)
generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL
-- this may be used to convey context-specific information
-- (this field not primarily intended for human consumption)
}
@return a basic ASN.1 object representation.
Creates a new PkiMessage.
@param header message header
@param body message body
@param protection message protection (may be null)
@param extraCerts extra certificates (may be null)
PkiMessage ::= SEQUENCE {
header PKIHeader,
body PKIBody,
protection [0] PKIProtection OPTIONAL,
extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
OPTIONAL
}
@return a basic ASN.1 object representation.
PkiMessages ::= SEQUENCE SIZE (1..MAX) OF PkiMessage
@return a basic ASN.1 object representation.
@param status
@param status
@param statusString
PkiStatusInfo ::= SEQUENCE {
status PKIStatus, (INTEGER)
statusString PkiFreeText OPTIONAL,
failInfo PkiFailureInfo OPTIONAL (BIT STRING)
}
PKIStatus:
granted (0), -- you got exactly what you asked for
grantedWithMods (1), -- you got something like what you asked for
rejection (2), -- you don't get it, more information elsewhere in the message
waiting (3), -- the request body part has not yet been processed, expect to hear more later
revocationWarning (4), -- this message contains a warning that a revocation is imminent
revocationNotification (5), -- notification that a revocation has occurred
keyUpdateWarning (6) -- update already done for the oldCertId specified in CertReqMsg
PkiFailureInfo:
badAlg (0), -- unrecognized or unsupported Algorithm Identifier
badMessageCheck (1), -- integrity check failed (e.g., signature did not verify)
badRequest (2), -- transaction not permitted or supported
badTime (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
badCertId (4), -- no certificate could be found matching the provided criteria
badDataFormat (5), -- the data submitted has the wrong format
wrongAuthority (6), -- the authority indicated in the request is different from the one creating the response token
incorrectData (7), -- the requester's data is incorrect (for notary services)
missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
badPOP (9) -- the proof-of-possession failed
PollRepContent ::= SEQUENCE OF SEQUENCE {
certReqId INTEGER,
checkAfter INTEGER, -- time in seconds
reason PKIFreeText OPTIONAL
}
@return a basic ASN.1 object representation.
PollReqContent ::= SEQUENCE OF SEQUENCE {
certReqId INTEGER
}
@return a basic ASN.1 object representation.
PopoDecKeyChallContent ::= SEQUENCE OF Challenge
@return a basic ASN.1 object representation.
PopoDecKeyRespContent ::= SEQUENCE OF INTEGER
@return a basic ASN.1 object representation.
ProtectedPart ::= SEQUENCE {
header PKIHeader,
body PKIBody
}
@return a basic ASN.1 object representation.
RevAnnContent ::= SEQUENCE {
status PKIStatus,
certId CertId,
willBeRevokedAt GeneralizedTime,
badSinceDate GeneralizedTime,
crlDetails Extensions OPTIONAL
-- extra CRL details (e.g., crl number, reason, location, etc.)
}
@return a basic ASN.1 object representation.
RevDetails ::= SEQUENCE {
certDetails CertTemplate,
-- allows requester to specify as much as they can about
-- the cert. for which revocation is requested
-- (e.g., for cases in which serialNumber is not available)
crlEntryDetails Extensions OPTIONAL
-- requested crlEntryExtensions
}
@return a basic ASN.1 object representation.
RevRepContent ::= SEQUENCE {
status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
-- in same order as was sent in RevReqContent
revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL,
-- IDs for which revocation was requested
-- (same order as status)
crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL
-- the resulting CRLs (there may be more than one)
}
@return a basic ASN.1 object representation.
RevReqContent ::= SEQUENCE OF RevDetails
@return a basic ASN.1 object representation.
return an Attribute object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
Attribute ::= SEQUENCE {
attrType OBJECT IDENTIFIER,
attrValues SET OF AttributeValue
}
Attributes ::=
SET SIZE(1..MAX) OF Attribute -- according to RFC 5652
@return
Return the first attribute matching the given OBJECT IDENTIFIER
Return all the attributes matching the OBJECT IDENTIFIER oid. The vector will be
empty if there are no attributes of the required type present.
@param oid type of attribute required.
@return a vector of all the attributes found of type oid.
Return a new table with the passed in attribute added.
@param attrType
@param attrValue
@return
return an AuthenticatedData object from a tagged object.
@param obj the tagged object holding the object we want.
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@throws ArgumentException if the object held by the
tagged object cannot be converted.
return an AuthenticatedData object from the given object.
@param obj the object we want converted.
@throws ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
AuthenticatedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
macAlgorithm MessageAuthenticationCodeAlgorithm,
digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
encapContentInfo EncapsulatedContentInfo,
authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
mac MessageAuthenticationCode,
unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
MessageAuthenticationCode ::= OCTET STRING
Produce an object suitable for an Asn1OutputStream.
AuthenticatedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
macAlgorithm MessageAuthenticationCodeAlgorithm,
digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
encapContentInfo EncapsulatedContentInfo,
authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
mac MessageAuthenticationCode,
unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
MessageAuthenticationCode ::= OCTET STRING
return an AuthEnvelopedData object from a tagged object.
@param obj the tagged object holding the object we want.
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@throws ArgumentException if the object held by the
tagged object cannot be converted.
return an AuthEnvelopedData object from the given object.
@param obj the object we want converted.
@throws ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
AuthEnvelopedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
authEncryptedContentInfo EncryptedContentInfo,
authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
mac MessageAuthenticationCode,
unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
AuthEnvelopedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
authEncryptedContentInfo EncryptedContentInfo,
authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
mac MessageAuthenticationCode,
unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
The other Revocation Info arc
id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) }
RFC 3274 - CMS Compressed Data.
CompressedData ::= Sequence {
version CMSVersion,
compressionAlgorithm CompressionAlgorithmIdentifier,
encapContentInfo EncapsulatedContentInfo
}
return a CompressedData object from a tagged object.
@param ato the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a CompressedData object from the given object.
@param _obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
RFC 3274 - CMS Compressed Data.
CompressedData ::= SEQUENCE {
version CMSVersion,
compressionAlgorithm CompressionAlgorithmIdentifier,
encapContentInfo EncapsulatedContentInfo
}
Produce an object suitable for an Asn1OutputStream.
ContentInfo ::= Sequence {
contentType ContentType,
content
[0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
ContentInfo ::= SEQUENCE {
contentType ContentType,
content
[0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
return an AuthEnvelopedData object from a tagged object.
@param obj the tagged object holding the object we want.
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@throws ArgumentException if the object held by the
tagged object cannot be converted.
return an AuthEnvelopedData object from the given object.
@param obj the object we want converted.
@throws ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
MQVuserKeyingMaterial ::= SEQUENCE {
ephemeralPublicKey OriginatorPublicKey,
addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL }
return an EncryptedContentInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
EncryptedContentInfo ::= Sequence {
contentType ContentType,
contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
}
EncryptedContentInfo ::= SEQUENCE {
contentType ContentType,
contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
}
EncryptedData ::= SEQUENCE {
version CMSVersion,
encryptedContentInfo EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
@return a basic ASN.1 object representation.
return an EnvelopedData object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return an EnvelopedData object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
EnvelopedData ::= Sequence {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
encryptedContentInfo EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
}
Produce an object suitable for an Asn1OutputStream.
EnvelopedData ::= SEQUENCE {
version CMSVersion,
originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
recipientInfos RecipientInfos,
encryptedContentInfo EncryptedContentInfo,
unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL
}
return a KekIdentifier object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a KekIdentifier object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
KekIdentifier ::= Sequence {
keyIdentifier OCTET STRING,
date GeneralizedTime OPTIONAL,
other OtherKeyAttribute OPTIONAL
}
return a KekRecipientInfo object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a KekRecipientInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
KekRecipientInfo ::= Sequence {
version CMSVersion, -- always set to 4
kekID KekIdentifier,
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
encryptedKey EncryptedKey
}
return an KeyAgreeRecipientIdentifier object from a tagged object.
@param obj the tagged object holding the object we want.
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return an KeyAgreeRecipientIdentifier object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
KeyAgreeRecipientIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
rKeyId [0] IMPLICIT RecipientKeyIdentifier
}
return a KeyAgreeRecipientInfo object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a KeyAgreeRecipientInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
* Produce an object suitable for an Asn1OutputStream.
*
* KeyAgreeRecipientInfo ::= Sequence {
* version CMSVersion, -- always set to 3
* originator [0] EXPLICIT OriginatorIdentifierOrKey,
* ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
* keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
* recipientEncryptedKeys RecipientEncryptedKeys
* }
*
* UserKeyingMaterial ::= OCTET STRING
*
return a KeyTransRecipientInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
KeyTransRecipientInfo ::= Sequence {
version CMSVersion, -- always set to 0 or 2
rid RecipientIdentifier,
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
encryptedKey EncryptedKey
}
MetaData ::= SEQUENCE {
hashProtected BOOLEAN,
fileName UTF8String OPTIONAL,
mediaType IA5String OPTIONAL,
otherMetaData Attributes OPTIONAL
}
@return
return an OriginatorIdentifierOrKey object from a tagged object.
@param o the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return an OriginatorIdentifierOrKey object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
OriginatorIdentifierOrKey ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier,
originatorKey [1] OriginatorPublicKey
}
SubjectKeyIdentifier ::= OCTET STRING
return an OriginatorInfo object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return an OriginatorInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
OriginatorInfo ::= Sequence {
certs [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL
}
return an OriginatorPublicKey object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return an OriginatorPublicKey object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
OriginatorPublicKey ::= Sequence {
algorithm AlgorithmIdentifier,
publicKey BIT STRING
}
return an OtherKeyAttribute object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
OtherKeyAttribute ::= Sequence {
keyAttrId OBJECT IDENTIFIER,
keyAttr ANY DEFINED BY keyAttrId OPTIONAL
}
return a OtherRecipientInfo object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a OtherRecipientInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
OtherRecipientInfo ::= Sequence {
oriType OBJECT IDENTIFIER,
oriValue ANY DEFINED BY oriType }
return a OtherRevocationInfoFormat object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicit true if the object is meant to be explicitly
tagged false otherwise.
@exception IllegalArgumentException if the object held by the
tagged object cannot be converted.
return a OtherRevocationInfoFormat object from the given object.
@param obj the object we want converted.
@exception IllegalArgumentException if the object cannot be converted.
Produce an object suitable for an ASN1OutputStream.
OtherRevocationInfoFormat ::= SEQUENCE {
otherRevInfoFormat OBJECT IDENTIFIER,
otherRevInfo ANY DEFINED BY otherRevInfoFormat }
return a PasswordRecipientInfo object from a tagged object.
@param obj the tagged object holding the object we want.
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a PasswordRecipientInfo object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
PasswordRecipientInfo ::= Sequence {
version CMSVersion, -- Always set to 0
keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier
OPTIONAL,
keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
encryptedKey EncryptedKey }
return an RecipientEncryptedKey object from a tagged object.
@param obj the tagged object holding the object we want.
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a RecipientEncryptedKey object from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
RecipientEncryptedKey ::= SEQUENCE {
rid KeyAgreeRecipientIdentifier,
encryptedKey EncryptedKey
}
return a RecipientIdentifier object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
RecipientIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier
}
SubjectKeyIdentifier ::= OCTET STRING
Produce an object suitable for an Asn1OutputStream.
RecipientInfo ::= CHOICE {
ktri KeyTransRecipientInfo,
kari [1] KeyAgreeRecipientInfo,
kekri [2] KekRecipientInfo,
pwri [3] PasswordRecipientInfo,
ori [4] OtherRecipientInfo }
return a RecipientKeyIdentifier object from a tagged object.
@param _ato the tagged object holding the object we want.
@param _explicit true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the object held by the
tagged object cannot be converted.
return a RecipientKeyIdentifier object from the given object.
@param _obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
RecipientKeyIdentifier ::= Sequence {
subjectKeyIdentifier SubjectKeyIdentifier,
date GeneralizedTime OPTIONAL,
other OtherKeyAttribute OPTIONAL
}
SubjectKeyIdentifier ::= OCTET STRING
ScvpReqRes ::= SEQUENCE {
request [0] EXPLICIT ContentInfo OPTIONAL,
response ContentInfo }
@return the ASN.1 primitive representation.
a signed data object.
Produce an object suitable for an Asn1OutputStream.
SignedData ::= Sequence {
version CMSVersion,
digestAlgorithms DigestAlgorithmIdentifiers,
encapContentInfo EncapsulatedContentInfo,
certificates [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
signerInfos SignerInfos
}
SignedData ::= SEQUENCE {
version CMSVersion,
digestAlgorithms DigestAlgorithmIdentifiers,
encapContentInfo EncapsulatedContentInfo,
certificates [0] IMPLICIT CertificateSet OPTIONAL,
crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
signerInfos SignerInfos
}
return a SignerIdentifier object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
SignerIdentifier ::= CHOICE {
issuerAndSerialNumber IssuerAndSerialNumber,
subjectKeyIdentifier [0] SubjectKeyIdentifier
}
SubjectKeyIdentifier ::= OCTET STRING
Produce an object suitable for an Asn1OutputStream.
SignerInfo ::= Sequence {
version Version,
SignerIdentifier sid,
digestAlgorithm DigestAlgorithmIdentifier,
authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
encryptedDigest EncryptedDigest,
unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
}
EncryptedDigest ::= OCTET STRING
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
creates a time object from a given date - if the date is between 1950
and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime
is used.
Produce an object suitable for an Asn1OutputStream.
Time ::= CHOICE {
utcTime UTCTime,
generalTime GeneralizedTime }
TimeStampAndCRL ::= SEQUENCE {
timeStamp TimeStampToken, -- according to RFC 3161
crl CertificateList OPTIONAL -- according to RFC 5280
}
@return
TimeStampedData ::= SEQUENCE {
version INTEGER { v1(1) },
dataUri IA5String OPTIONAL,
metaData MetaData OPTIONAL,
content OCTET STRING OPTIONAL,
temporalEvidence Evidence
}
@return
TimeStampTokenEvidence ::=
SEQUENCE SIZE(1..MAX) OF TimeStampAndCrl
@return
AttributeTypeAndValue ::= SEQUENCE {
type OBJECT IDENTIFIER,
value ANY DEFINED BY type }
@return a basic ASN.1 object representation.
CertId ::= SEQUENCE {
issuer GeneralName,
serialNumber INTEGER }
@return a basic ASN.1 object representation.
CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
@return a basic ASN.1 object representation.
Creates a new CertReqMsg.
@param certReq CertRequest
@param popo may be null
@param regInfo may be null
CertReqMsg ::= SEQUENCE {
certReq CertRequest,
pop ProofOfPossession OPTIONAL,
-- content depends upon key type
regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
@return a basic ASN.1 object representation.
CertRequest ::= SEQUENCE {
certReqId INTEGER, -- ID for matching request and reply
certTemplate CertTemplate, -- Selected fields of cert to be issued
controls Controls OPTIONAL } -- Attributes affecting issuance
@return a basic ASN.1 object representation.
CertTemplate ::= SEQUENCE {
version [0] Version OPTIONAL,
serialNumber [1] INTEGER OPTIONAL,
signingAlg [2] AlgorithmIdentifier OPTIONAL,
issuer [3] Name OPTIONAL,
validity [4] OptionalValidity OPTIONAL,
subject [5] Name OPTIONAL,
publicKey [6] SubjectPublicKeyInfo OPTIONAL,
issuerUID [7] UniqueIdentifier OPTIONAL,
subjectUID [8] UniqueIdentifier OPTIONAL,
extensions [9] Extensions OPTIONAL }
@return a basic ASN.1 object representation.
Sets the X.509 version. Note: for X509v3, use 2 here.
Sets the issuer unique ID (deprecated in X.509v3)
Sets the subject unique ID (deprecated in X.509v3)
CertTemplate ::= SEQUENCE {
version [0] Version OPTIONAL,
serialNumber [1] INTEGER OPTIONAL,
signingAlg [2] AlgorithmIdentifier OPTIONAL,
issuer [3] Name OPTIONAL,
validity [4] OptionalValidity OPTIONAL,
subject [5] Name OPTIONAL,
publicKey [6] SubjectPublicKeyInfo OPTIONAL,
issuerUID [7] UniqueIdentifier OPTIONAL,
subjectUID [8] UniqueIdentifier OPTIONAL,
extensions [9] Extensions OPTIONAL }
@return a basic ASN.1 object representation.
Controls ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
@return a basic ASN.1 object representation.
EncKeyWithID ::= SEQUENCE {
privateKey PrivateKeyInfo,
identifier CHOICE {
string UTF8String,
generalName GeneralName
} OPTIONAL
}
@return
EncryptedKey ::= CHOICE {
encryptedValue EncryptedValue, -- deprecated
envelopedData [0] EnvelopedData }
-- The encrypted private key MUST be placed in the envelopedData
-- encryptedContentInfo encryptedContent OCTET STRING.
EncryptedValue ::= SEQUENCE {
intendedAlg [0] AlgorithmIdentifier OPTIONAL,
-- the intended algorithm for which the value will be used
symmAlg [1] AlgorithmIdentifier OPTIONAL,
-- the symmetric algorithm used to encrypt the value
encSymmKey [2] BIT STRING OPTIONAL,
-- the (encrypted) symmetric key used to encrypt the value
keyAlg [3] AlgorithmIdentifier OPTIONAL,
-- algorithm used to encrypt the symmetric key
valueHint [4] OCTET STRING OPTIONAL,
-- a brief description or identifier of the encValue content
-- (may be meaningful only to the sending entity, and used only
-- if EncryptedValue might be re-examined by the sending entity
-- in the future)
encValue BIT STRING }
-- the encrypted value itself
@return a basic ASN.1 object representation.
OptionalValidity ::= SEQUENCE {
notBefore [0] Time OPTIONAL,
notAfter [1] Time OPTIONAL } --at least one MUST be present
@return a basic ASN.1 object representation.
PkiArchiveOptions ::= CHOICE {
encryptedPrivKey [0] EncryptedKey,
-- the actual value of the private key
keyGenParameters [1] KeyGenParameters,
-- parameters which allow the private key to be re-generated
archiveRemGenPrivKey [2] BOOLEAN }
-- set to TRUE if sender wishes receiver to archive the private
-- key of a key pair that the receiver generates in response to
-- this request; set to FALSE if no archival is desired.
PkiPublicationInfo ::= SEQUENCE {
action INTEGER {
dontPublish (0),
pleasePublish (1) },
pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
-- pubInfos MUST NOT be present if action is "dontPublish"
-- (if action is "pleasePublish" and pubInfos is omitted,
-- "dontCare" is assumed)
@return a basic ASN.1 object representation.
Password-based MAC value for use with POPOSigningKeyInput.
Creates a new PKMACValue.
@param params parameters for password-based MAC
@param value MAC of the DER-encoded SubjectPublicKeyInfo
Creates a new PKMACValue.
@param aid CMPObjectIdentifiers.passwordBasedMAC, with PBMParameter
@param value MAC of the DER-encoded SubjectPublicKeyInfo
PKMACValue ::= SEQUENCE {
algId AlgorithmIdentifier,
-- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13
-- parameter value is PBMParameter
value BIT STRING }
@return a basic ASN.1 object representation.
PopoPrivKey ::= CHOICE {
thisMessage [0] BIT STRING, -- Deprecated
-- possession is proven in this message (which contains the private
-- key itself (encrypted for the CA))
subsequentMessage [1] SubsequentMessage,
-- possession will be proven in a subsequent message
dhMAC [2] BIT STRING, -- Deprecated
agreeMAC [3] PKMACValue,
encryptedKey [4] EnvelopedData }
Creates a new Proof of Possession object for a signing key.
@param poposkIn the PopoSigningKeyInput structure, or null if the
CertTemplate includes both subject and publicKey values.
@param aid the AlgorithmIdentifier used to sign the proof of possession.
@param signature a signature over the DER-encoded value of poposkIn,
or the DER-encoded value of certReq if poposkIn is null.
PopoSigningKey ::= SEQUENCE {
poposkInput [0] PopoSigningKeyInput OPTIONAL,
algorithmIdentifier AlgorithmIdentifier,
signature BIT STRING }
-- The signature (using "algorithmIdentifier") is on the
-- DER-encoded value of poposkInput. NOTE: If the CertReqMsg
-- certReq CertTemplate contains the subject and publicKey values,
-- then poposkInput MUST be omitted and the signature MUST be
-- computed on the DER-encoded value of CertReqMsg certReq. If
-- the CertReqMsg certReq CertTemplate does not contain the public
-- key and subject values, then poposkInput MUST be present and
-- MUST be signed. This strategy ensures that the public key is
-- not present in both the poposkInput and CertReqMsg certReq
-- CertTemplate fields.
@return a basic ASN.1 object representation.
Creates a new PopoSigningKeyInput with sender name as authInfo.
Creates a new PopoSigningKeyInput using password-based MAC.
Returns the sender field, or null if authInfo is publicKeyMac
Returns the publicKeyMac field, or null if authInfo is sender
PopoSigningKeyInput ::= SEQUENCE {
authInfo CHOICE {
sender [0] GeneralName,
-- used only if an authenticated identity has been
-- established for the sender (e.g., a DN from a
-- previously-issued and currently-valid certificate
publicKeyMac PKMacValue },
-- used if no authenticated GeneralName currently exists for
-- the sender; publicKeyMac contains a password-based MAC
-- on the DER-encoded value of publicKey
publicKey SubjectPublicKeyInfo } -- from CertTemplate
@return a basic ASN.1 object representation.
Creates a ProofOfPossession with type raVerified.
Creates a ProofOfPossession for a signing key.
Creates a ProofOfPossession for key encipherment or agreement.
@param type one of TYPE_KEY_ENCIPHERMENT or TYPE_KEY_AGREEMENT
ProofOfPossession ::= CHOICE {
raVerified [0] NULL,
-- used if the RA has already verified that the requester is in
-- possession of the private key
signature [1] PopoSigningKey,
keyEncipherment [2] PopoPrivKey,
keyAgreement [3] PopoPrivKey }
@return a basic ASN.1 object representation.
SinglePubInfo ::= SEQUENCE {
pubMethod INTEGER {
dontCare (0),
x500 (1),
web (2),
ldap (3) },
pubLocation GeneralName OPTIONAL }
@return a basic ASN.1 object representation.
Table of the available named parameters for GOST 3410-2001 / 2012.
return the ECDomainParameters object for the given OID, null if it
isn't present.
@param oid an object identifier representing a named parameters, if present.
returns an enumeration containing the name strings for curves
contained in this structure.
return the named curve name represented by the given object identifier.
Gost28147-89-Parameters ::=
SEQUENCE {
iv Gost28147-89-IV,
encryptionParamSet OBJECT IDENTIFIER
}
Gost28147-89-IV ::= OCTET STRING (SIZE (8))
table of the available named parameters for GOST 3410-94.
return the GOST3410ParamSetParameters object for the given OID, null if it
isn't present.
@param oid an object identifier representing a named parameters, if present.
returns an enumeration containing the name strings for parameters
contained in this structure.
Base class for an application specific object
Return the enclosed object assuming explicit tagging.
@return the resulting object
@throws IOException if reconstruction fails.
Return the enclosed object assuming implicit tagging.
@param derTagNo the type tag that should be applied to the object's contents.
@return the resulting object
@throws IOException if reconstruction fails.
return a Bit string from the passed in object
@exception ArgumentException if the object cannot be converted.
return a Bit string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
@param data the octets making up the bit string.
@param padBits the number of extra bits at the end of the string.
Return the octets contained in this BIT STRING, checking that this BIT STRING really
does represent an octet aligned string. Only use this method when the standard you are
following dictates that the BIT STRING will be octet aligned.
@return a copy of the octet aligned data.
@return the value of the bit string as an int (truncating if necessary)
Der BMPString object.
return a BMP string from the given object.
@param obj the object we want converted.
@exception ArgumentException if the object cannot be converted.
return a BMP string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - byte encoded string.
basic constructor
return a bool from the passed in object.
@exception ArgumentException if the object cannot be converted.
return a DerBoolean from the passed in bool.
return a Boolean from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
return an integer from the passed in object
@exception ArgumentException if the object cannot be converted.
return an Enumerated from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
Class representing the DER-type External
Creates a new instance of DerExternal
See X.690 for more informations about the meaning of these parameters
@param directReference The direct reference or null
if not set.
@param indirectReference The indirect reference or null
if not set.
@param dataValueDescriptor The data value descriptor or null
if not set.
@param externalData The external data in its encoded form.
Creates a new instance of DerExternal.
See X.690 for more informations about the meaning of these parameters
@param directReference The direct reference or null
if not set.
@param indirectReference The indirect reference or null
if not set.
@param dataValueDescriptor The data value descriptor or null
if not set.
@param encoding The encoding to be used for the external data
@param externalData The external data
The encoding of the content. Valid values are
0
single-ASN1-type
1
OCTET STRING
2
BIT STRING
Generalized time object.
return a generalized time from the passed in object
@exception ArgumentException if the object cannot be converted.
return a Generalized Time object from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z
for local time, or Z+-HHMM on the end, for difference between local
time and UTC time. The fractional second amount f must consist of at
least one number with trailing zeroes removed.
@param time the time string.
@exception ArgumentException if string is an illegal format.
base constructor from a local time object
Return the time.
@return The time string as it appeared in the encoded object.
return the time - always in the form of
YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm).
Normally in a certificate we would expect "Z" rather than "GMT",
however adding the "GMT" means we can just use:
dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
To read in the time and Get a date which is compatible with our local
time zone.
return a Graphic String from the passed in object
@param obj a DerGraphicString or an object that can be converted into one.
@exception IllegalArgumentException if the object cannot be converted.
@return a DerGraphicString instance, or null.
return a Graphic String from a tagged object.
@param obj the tagged object holding the object we want
@param explicit true if the object is meant to be explicitly
tagged false otherwise.
@exception IllegalArgumentException if the tagged object cannot
be converted.
@return a DerGraphicString instance, or null.
basic constructor - with bytes.
@param string the byte encoding of the characters making up the string.
Der IA5String object - this is an ascii string.
return a IA5 string from the passed in object
@exception ArgumentException if the object cannot be converted.
return an IA5 string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - with bytes.
basic constructor - without validation.
Constructor with optional validation.
@param string the base string to wrap.
@param validate whether or not to check the string.
@throws ArgumentException if validate is true and the string
contains characters that should not be in an IA5String.
return true if the passed in String can be represented without
loss as an IA5String, false otherwise.
@return true if in printable set, false otherwise.
return an integer from the passed in object
@exception ArgumentException if the object cannot be converted.
return an Integer from a tagged object.
@param obj the tagged object holding the object we want
@param isExplicit true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
in some cases positive values Get crammed into a space,
that's not quite big enough...
A Null object.
Der NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
return a Numeric string from the passed in object
@exception ArgumentException if the object cannot be converted.
return an Numeric string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - with bytes.
basic constructor - without validation..
Constructor with optional validation.
@param string the base string to wrap.
@param validate whether or not to check the string.
@throws ArgumentException if validate is true and the string
contains characters that should not be in a NumericString.
Return true if the string can be represented as a NumericString ('0'..'9', ' ')
@param str string to validate.
@return true if numeric, fale otherwise.
return an Oid from the passed in object
@exception ArgumentException if the object cannot be converted.
return an object Identifier from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
Return true if this oid is an extension of the passed in branch, stem.
@param stem the arc or branch that is a possible parent.
@return true if the branch is on the passed in stem, false otherwise.
The octets making up the octet string.
Der PrintableString object.
return a printable string from the passed in object.
@exception ArgumentException if the object cannot be converted.
return a Printable string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - byte encoded string.
basic constructor - this does not validate the string
Constructor with optional validation.
@param string the base string to wrap.
@param validate whether or not to check the string.
@throws ArgumentException if validate is true and the string
contains characters that should not be in a PrintableString.
return true if the passed in String can be represented without
loss as a PrintableString, false otherwise.
@return true if in printable set, false otherwise.
create an empty sequence
create a sequence containing one object
create a sequence containing a vector of objects.
A Der encoded set object
create an empty set
@param obj - a single object that makes up the set.
@param v - a vector of objects making up the set.
Der T61String (also the teletex string) - 8-bit characters
return a T61 string from the passed in object.
@exception ArgumentException if the object cannot be converted.
return an T61 string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - with bytes.
basic constructor - with string.
DER TaggedObject - in ASN.1 notation this is any object preceded by
a [n] where n is some number - these are assumed to follow the construction
rules (as with sequences).
@param tagNo the tag number for this object.
@param obj the tagged object.
@param explicitly true if an explicitly tagged object.
@param tagNo the tag number for this object.
@param obj the tagged object.
create an implicitly tagged object that contains a zero
length sequence.
Der UniversalString object.
return a Universal string from the passed in object.
@exception ArgumentException if the object cannot be converted.
return a Universal string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - byte encoded string.
UTC time object.
return an UTC Time from the passed in object.
@exception ArgumentException if the object cannot be converted.
return an UTC Time from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were
never encoded. When you're creating one of these objects from scratch, that's
what you want to use, otherwise we'll try to deal with whatever Gets read from
the input stream... (this is why the input format is different from the GetTime()
method output).
@param time the time string.
base constructor from a DateTime object
return the time as a date based on whatever a 2 digit year will return. For
standardised processing use ToAdjustedDateTime().
@return the resulting date
@exception ParseException if the date string cannot be parsed.
return the time as an adjusted date
in the range of 1950 - 2049.
@return a date in the range of 1950 to 2049.
@exception ParseException if the date string cannot be parsed.
return the time - always in the form of
YYMMDDhhmmssGMT(+hh:mm|-hh:mm).
Normally in a certificate we would expect "Z" rather than "GMT",
however adding the "GMT" means we can just use:
dateF = new SimpleDateFormat("yyMMddHHmmssz");
To read in the time and Get a date which is compatible with our local
time zone.
Note: In some cases, due to the local date processing, this
may lead to unexpected results. If you want to stick the normal
convention of 1950 to 2049 use the GetAdjustedTime() method.
Return a time string as an adjusted date with a 4 digit year.
This goes in the range of 1950 - 2049.
Der UTF8String object.
return an UTF8 string from the passed in object.
@exception ArgumentException if the object cannot be converted.
return an UTF8 string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - byte encoded string.
basic constructor
return a Videotex String from the passed in object
@param obj a DERVideotexString or an object that can be converted into one.
@exception IllegalArgumentException if the object cannot be converted.
@return a DERVideotexString instance, or null.
return a Videotex String from a tagged object.
@param obj the tagged object holding the object we want
@param explicit true if the object is meant to be explicitly
tagged false otherwise.
@exception IllegalArgumentException if the tagged object cannot
be converted.
@return a DERVideotexString instance, or null.
basic constructor - with bytes.
@param string the byte encoding of the characters making up the string.
Der VisibleString object.
return a Visible string from the passed in object.
@exception ArgumentException if the object cannot be converted.
return a Visible string from a tagged object.
@param obj the tagged object holding the object we want
@param explicitly true if the object is meant to be explicitly
tagged false otherwise.
@exception ArgumentException if the tagged object cannot
be converted.
basic constructor - byte encoded string.
basic constructor
RFC 3126: 4.3.1 Certificate Values Attribute Definition
CertificateValues ::= SEQUENCE OF Certificate
CommitmentTypeIndication ::= SEQUENCE {
commitmentTypeId CommitmentTypeIdentifier,
commitmentTypeQualifier SEQUENCE SIZE (1..MAX) OF
CommitmentTypeQualifier OPTIONAL }
Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126).
CommitmentTypeQualifier ::= SEQUENCE {
commitmentTypeIdentifier CommitmentTypeIdentifier,
qualifier ANY DEFINED BY commitmentTypeIdentifier OPTIONAL }
Creates a new CommitmentTypeQualifier
instance.
@param commitmentTypeIdentifier a CommitmentTypeIdentifier
value
Creates a new CommitmentTypeQualifier
instance.
@param commitmentTypeIdentifier a CommitmentTypeIdentifier
value
@param qualifier the qualifier, defined by the above field.
Creates a new CommitmentTypeQualifier
instance.
@param as CommitmentTypeQualifier
structure
encoded as an Asn1Sequence.
Returns a DER-encodable representation of this instance.
@return a Asn1Object
value
RFC 3126: 4.2.1 Complete Certificate Refs Attribute Definition
CompleteCertificateRefs ::= SEQUENCE OF OtherCertID
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRef
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
CrlIdentifier ::= SEQUENCE
{
crlissuer Name,
crlIssuedTime UTCTime,
crlNumber INTEGER OPTIONAL
}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
CRLListID ::= SEQUENCE
{
crls SEQUENCE OF CrlValidatedID
}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
CrlOcspRef ::= SEQUENCE {
crlids [0] CRLListID OPTIONAL,
ocspids [1] OcspListID OPTIONAL,
otherRev [2] OtherRevRefs OPTIONAL
}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
CrlValidatedID ::= SEQUENCE {
crlHash OtherHash,
crlIdentifier CrlIdentifier OPTIONAL}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
OcspIdentifier ::= SEQUENCE {
ocspResponderID ResponderID,
-- As in OCSP response data
producedAt GeneralizedTime
-- As in OCSP response data
}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
OcspListID ::= SEQUENCE {
ocspResponses SEQUENCE OF OcspResponsesID
}
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
OcspResponsesID ::= SEQUENCE {
ocspIdentifier OcspIdentifier,
ocspRepHash OtherHash OPTIONAL
}
OtherCertID ::= SEQUENCE {
otherCertHash OtherHash,
issuerSerial IssuerSerial OPTIONAL
}
OtherHash ::= CHOICE {
sha1Hash OtherHashValue, -- This contains a SHA-1 hash
otherHash OtherHashAlgAndValue
}
OtherHashValue ::= OCTET STRING
Summary description for OtherHashAlgAndValue.
OtherHashAlgAndValue ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashValue OtherHashValue
}
OtherHashValue ::= OCTET STRING
RFC 3126: 4.2.2 Complete Revocation Refs Attribute Definition
OtherRevRefs ::= SEQUENCE
{
otherRevRefType OtherRevRefType,
otherRevRefs ANY DEFINED BY otherRevRefType
}
OtherRevRefType ::= OBJECT IDENTIFIER
RFC 3126: 4.3.2 Revocation Values Attribute Definition
OtherRevVals ::= SEQUENCE
{
otherRevValType OtherRevValType,
otherRevVals ANY DEFINED BY otherRevValType
}
OtherRevValType ::= OBJECT IDENTIFIER
OtherSigningCertificate ::= SEQUENCE {
certs SEQUENCE OF OtherCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
RFC 5126: 6.3.4. revocation-values Attribute Definition
RevocationValues ::= SEQUENCE {
crlVals [0] SEQUENCE OF CertificateList OPTIONAL,
ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
otherRevVals [2] OtherRevVals OPTIONAL
}
SignaturePolicyId ::= SEQUENCE {
sigPolicyIdentifier SigPolicyId,
sigPolicyHash SigPolicyHash,
sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF SigPolicyQualifierInfo OPTIONAL
}
SigPolicyId ::= OBJECT IDENTIFIER
SigPolicyHash ::= OtherHashAlgAndValue
SignaturePolicyIdentifier ::= CHOICE {
SignaturePolicyId SignaturePolicyId,
SignaturePolicyImplied SignaturePolicyImplied
}
SignaturePolicyImplied ::= NULL
SignerAttribute ::= SEQUENCE OF CHOICE {
claimedAttributes [0] ClaimedAttributes,
certifiedAttributes [1] CertifiedAttributes }
ClaimedAttributes ::= SEQUENCE OF Attribute
CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
Signer-Location attribute (RFC3126).
SignerLocation ::= SEQUENCE {
countryName [0] DirectoryString OPTIONAL,
localityName [1] DirectoryString OPTIONAL,
postalAddress [2] PostalAddress OPTIONAL }
PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
SignerLocation ::= SEQUENCE {
countryName [0] DirectoryString OPTIONAL,
localityName [1] DirectoryString OPTIONAL,
postalAddress [2] PostalAddress OPTIONAL }
PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
DirectoryString ::= CHOICE {
teletexString TeletexString (SIZE (1..MAX)),
printableString PrintableString (SIZE (1..MAX)),
universalString UniversalString (SIZE (1..MAX)),
utf8String UTF8String (SIZE (1.. MAX)),
bmpString BMPString (SIZE (1..MAX)) }
SigPolicyQualifierInfo ::= SEQUENCE {
sigPolicyQualifierId SigPolicyQualifierId,
sigQualifier ANY DEFINED BY sigPolicyQualifierId
}
SigPolicyQualifierId ::= OBJECT IDENTIFIER
constructor
ContentHints ::= SEQUENCE {
contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
contentType ContentType }
Create from OCTET STRING whose octets represent the identifier.
Create from byte array representing the identifier.
The definition of ContentIdentifier is
ContentIdentifier ::= OCTET STRING
id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 7 }
constructor
EssCertID ::= SEQUENCE {
certHash Hash,
issuerSerial IssuerSerial OPTIONAL }
EssCertIDv2 ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier
DEFAULT {algorithm id-sha256},
certHash Hash,
issuerSerial IssuerSerial OPTIONAL
}
Hash ::= OCTET STRING
IssuerSerial ::= SEQUENCE {
issuer GeneralNames,
serialNumber CertificateSerialNumber
}
constructor
OtherCertID ::= SEQUENCE {
otherCertHash OtherHash,
issuerSerial IssuerSerial OPTIONAL }
OtherHash ::= CHOICE {
sha1Hash OCTET STRING,
otherHash OtherHashAlgAndValue }
OtherHashAlgAndValue ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashValue OCTET STRING }
constructors
The definition of OtherSigningCertificate is
OtherSigningCertificate ::= SEQUENCE {
certs SEQUENCE OF OtherCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 19 }
constructors
The definition of SigningCertificate is
SigningCertificate ::= SEQUENCE {
certs SEQUENCE OF EssCertID,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 12 }
The definition of SigningCertificateV2 is
SigningCertificateV2 ::= SEQUENCE {
certs SEQUENCE OF EssCertIDv2,
policies SEQUENCE OF PolicyInformation OPTIONAL
}
id-aa-signingCertificateV2 OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
smime(16) id-aa(2) 47 }
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
1.3.6.1.4.1.11591.15 - ellipticCurve
Marker interface for CHOICE objects - if you implement this in a roll-your-own
object, any attempt to tag the object implicitly will convert the tag to an
explicit one as the encoding rules require.
If you use this interface your class should also implement the getInstance
pattern which takes a tag object and the tagging mode used.
basic interface for Der string objects.
The CscaMasterList object. This object can be wrapped in a
CMSSignedData to be published in LDAP.
CscaMasterList ::= SEQUENCE {
version CscaMasterListVersion,
certList SET OF Certificate }
CscaMasterListVersion :: INTEGER {v0(0)}
The DataGroupHash object.
DataGroupHash ::= SEQUENCE {
dataGroupNumber DataGroupNumber,
dataGroupHashValue OCTET STRING }
DataGroupNumber ::= INTEGER {
dataGroup1 (1),
dataGroup1 (2),
dataGroup1 (3),
dataGroup1 (4),
dataGroup1 (5),
dataGroup1 (6),
dataGroup1 (7),
dataGroup1 (8),
dataGroup1 (9),
dataGroup1 (10),
dataGroup1 (11),
dataGroup1 (12),
dataGroup1 (13),
dataGroup1 (14),
dataGroup1 (15),
dataGroup1 (16) }
The LDSSecurityObject object (V1.8).
LDSSecurityObject ::= SEQUENCE {
version LDSSecurityObjectVersion,
hashAlgorithm DigestAlgorithmIdentifier,
dataGroupHashValues SEQUENCE SIZE (2..ub-DataGroups) OF DataHashGroup,
ldsVersionInfo LDSVersionInfo OPTIONAL
-- if present, version MUST be v1 }
DigestAlgorithmIdentifier ::= AlgorithmIdentifier,
LDSSecurityObjectVersion :: INTEGER {V0(0)}
LDSVersionInfo ::= SEQUENCE {
ldsVersion PRINTABLE STRING
unicodeVersion PRINTABLE STRING
}
@return
The id-isismtt-cp-accredited OID indicates that the certificate is a
qualified certificate according to Directive 1999/93/EC of the European
Parliament and of the Council of 13 December 1999 on a Community
Framework for Electronic Signatures, which additionally conforms the
special requirements of the SigG and has been issued by an accredited CA.
Certificate extensionDate of certificate generation
DateOfCertGenSyntax ::= GeneralizedTime
Attribute to indicate that the certificate holder may sign in the name of
a third person. May also be used as extension in a certificate.
Attribute to indicate admissions to certain professions. May be used as
attribute in attribute certificate or as extension in a certificate
Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST
be used in new certificates in place of the extension/attribute
MonetaryLimit since January 1, 2004. For the sake of backward
compatibility with certificates already in use, SigG conforming
components MUST support MonetaryLimit (as well as QcEuLimitValue).
A declaration of majority. May be used as attribute in attribute
certificate or as extension in a certificate
Serial number of the smart card containing the corresponding private key
ICCSNSyntax ::= OCTET STRING (SIZE(8..20))
Reference for a file of a smartcard that stores the public key of this
certificate and that is used as �security anchor�.
PKReferenceSyntax ::= OCTET STRING (SIZE(20))
Some other restriction regarding the usage of this certificate. May be
used as attribute in attribute certificate or as extension in a
certificate.
RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
@see Spire.Security.Asn1.IsisMtt.X509.Restriction
(Single)Request extension: Clients may include this extension in a
(single) Request to request the responder to send the certificate in the
response message along with the status information. Besides the LDAP
service, this extension provides another mechanism for the distribution
of certificates, which MAY optionally be provided by certificate
repositories.
RetrieveIfAllowed ::= BOOLEAN
SingleOCSPResponse extension: The certificate requested by the client by
inserting the RetrieveIfAllowed extension in the request, will be
returned in this extension.
@see Spire.Security.Asn1.IsisMtt.Ocsp.RequestedCertificate
Base ObjectIdentifier for naming authorities
SingleOCSPResponse extension: Date, when certificate has been published
in the directory and status information has become available. Currently,
accrediting authorities enforce that SigG-conforming OCSP servers include
this extension in the responses.
CertInDirSince ::= GeneralizedTime
Hash of a certificate in OCSP.
@see Spire.Security.Asn1.IsisMtt.Ocsp.CertHash
NameAtBirth ::= DirectoryString(SIZE(1..64)
Used in
{@link Spire.Security.Asn1.X509.SubjectDirectoryAttributes SubjectDirectoryAttributes}
Some other information of non-restrictive nature regarding the usage of
this certificate. May be used as attribute in atribute certificate or as
extension in a certificate.
AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
@see Spire.Security.Asn1.IsisMtt.X509.AdditionalInformationSyntax
Indicates that an attribute certificate exists, which limits the
usability of this public key certificate. Whenever verifying a signature
with the help of this certificate, the content of the corresponding
attribute certificate should be concerned. This extension MUST be
included in a PKC, if a corresponding attribute certificate (having the
PKC as base certificate) contains some attribute that restricts the
usability of the PKC too. Attribute certificates with restricting content
MUST always be included in the signed document.
LiabilityLimitationFlagSyntax ::= BOOLEAN
ISIS-MTT PROFILE: The responder may include this extension in a response to
send the hash of the requested certificate to the responder. This hash is
cryptographically bound to the certificate and serves as evidence that the
certificate is known to the responder (i.e. it has been issued and is present
in the directory). Hence, this extension is a means to provide a positive
statement of availability as described in T8.[8]. As explained in T13.[1],
clients may rely on this information to be able to validate signatures after
the expiry of the corresponding certificate. Hence, clients MUST support this
extension. If a positive statement of availability is to be delivered, this
extension syntax and OID MUST be used.
CertHash ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
certificateHash OCTET STRING
}
Constructor from Asn1Sequence.
The sequence is of type CertHash:
CertHash ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
certificateHash OCTET STRING
}
@param seq The ASN.1 sequence.
Constructor from a given details.
@param hashAlgorithm The hash algorithm identifier.
@param certificateHash The hash of the whole DER encoding of the certificate.
Produce an object suitable for an Asn1OutputStream.
Returns:
CertHash ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
certificateHash OCTET STRING
}
@return an Asn1Object
ISIS-MTT-Optional: The certificate requested by the client by inserting the
RetrieveIfAllowed extension in the request, will be returned in this
extension.
ISIS-MTT-SigG: The signature act allows publishing certificates only then,
when the certificate owner gives his isExplicit permission. Accordingly, there
may be �nondownloadable� certificates, about which the responder must provide
status information, but MUST NOT include them in the response. Clients may
get therefore the following three kind of answers on a single request
including the RetrieveIfAllowed extension:
- a) the responder supports the extension and is allowed to publish the
certificate: RequestedCertificate returned including the requested
certificate
- b) the responder supports the extension but is NOT allowed to publish
the certificate: RequestedCertificate returned including an empty OCTET
STRING
- c) the responder does not support the extension: RequestedCertificate is
not included in the response
Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If
any of the OCTET STRING options is used, it MUST contain the DER encoding of
the requested certificate.
RequestedCertificate ::= CHOICE {
Certificate Certificate,
publicKeyCertificate [0] EXPLICIT OCTET STRING,
attributeCertificate [1] EXPLICIT OCTET STRING
}
Constructor from a given details.
Only one parameter can be given. All other must be null
.
@param certificate Given as Certificate
Produce an object suitable for an Asn1OutputStream.
Returns:
RequestedCertificate ::= CHOICE {
Certificate Certificate,
publicKeyCertificate [0] EXPLICIT OCTET STRING,
attributeCertificate [1] EXPLICIT OCTET STRING
}
@return an Asn1Object
Some other information of non-restrictive nature regarding the usage of this
certificate.
AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
Constructor from a given details.
@param information The describtion of the information.
Produce an object suitable for an Asn1OutputStream.
Returns:
AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
@return an Asn1Object
An Admissions structure.
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
@see Spire.Security.Asn1.IsisMtt.X509.AdmissionSyntax
@see Spire.Security.Asn1.IsisMtt.X509.ProfessionInfo
@see Spire.Security.Asn1.IsisMtt.X509.NamingAuthority
Constructor from Asn1Sequence.
The sequence is of type ProcurationSyntax:
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
@param seq The ASN.1 sequence.
Constructor from a given details.
Parameter professionInfos
is mandatory.
@param admissionAuthority The admission authority.
@param namingAuthority The naming authority.
@param professionInfos The profession infos.
Produce an object suitable for an Asn1OutputStream.
Returns:
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
@return an Asn1Object
Attribute to indicate admissions to certain professions.
AdmissionSyntax ::= SEQUENCE
{
admissionAuthority GeneralName OPTIONAL,
contentsOfAdmissions SEQUENCE OF Admissions
}
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
NamingAuthority ::= SEQUENCE
{
namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
ISIS-MTT PROFILE: The relatively complex structure of AdmissionSyntax
supports the following concepts and requirements:
- External institutions (e.g. professional associations, chambers, unions,
administrative bodies, companies, etc.), which are responsible for granting
and verifying professional admissions, are indicated by means of the data
field admissionAuthority. An admission authority is indicated by a
GeneralName object. Here an X.501 directory name (distinguished name) can be
indicated in the field directoryName, a URL address can be indicated in the
field uniformResourceIdentifier, and an object identifier can be indicated in
the field registeredId.
- The names of authorities which are responsible for the administration of
title registers are indicated in the data field namingAuthority. The name of
the authority can be identified by an object identifier in the field
namingAuthorityId, by means of a text string in the field
namingAuthorityText, by means of a URL address in the field
namingAuthorityUrl, or by a combination of them. For example, the text string
can contain the name of the authority, the country and the name of the title
register. The URL-option refers to a web page which contains lists with
officially registered professions (text and possibly OID) as well as
further information on these professions. Object identifiers for the
component namingAuthorityId are grouped under the OID-branch
id-isis-at-namingAuthorities and must be applied for.
- See http://www.teletrust.de/anwend.asp?Id=30200&Sprache=E_&HomePG=0
for an application form and http://www.teletrust.de/links.asp?id=30220,11
for an overview of registered naming authorities.
- By means of the data type ProfessionInfo certain professions,
specializations, disciplines, fields of activity, etc. are identified. A
profession is represented by one or more text strings, resp. profession OIDs
in the fields professionItems and professionOIDs and by a registration number
in the field registrationNumber. An indication in text form must always be
present, whereas the other indications are optional. The component
addProfessionInfo may contain additional applicationspecific information in
DER-encoded form.
By means of different namingAuthority-OIDs or profession OIDs hierarchies of
professions, specializations, disciplines, fields of activity, etc. can be
expressed. The issuing admission authority should always be indicated (field
admissionAuthority), whenever a registration number is presented. Still,
information on admissions can be given without indicating an admission or a
naming authority by the exclusive use of the component professionItems. In
this case the certification authority is responsible for the verification of
the admission information.
This attribute is single-valued. Still, several admissions can be captured in
the sequence structure of the component contentsOfAdmissions of
AdmissionSyntax or in the component professionInfos of Admissions. The
component admissionAuthority of AdmissionSyntax serves as default value for
the component admissionAuthority of Admissions. Within the latter component
the default value can be overwritten, in case that another authority is
responsible. The component namingAuthority of Admissions serves as a default
value for the component namingAuthority of ProfessionInfo. Within the latter
component the default value can be overwritten, in case that another naming
authority needs to be recorded.
The length of the string objects is limited to 128 characters. It is
recommended to indicate a namingAuthorityURL in all issued attribute
certificates. If a namingAuthorityURL is indicated, the field professionItems
of ProfessionInfo should contain only registered titles. If the field
professionOIDs exists, it has to contain the OIDs of the professions listed
in professionItems in the same order. In general, the field professionInfos
should contain only one entry, unless the admissions that are to be listed
are logically connected (e.g. they have been issued under the same admission
number).
@see Spire.Security.Asn1.IsisMtt.X509.Admissions
@see Spire.Security.Asn1.IsisMtt.X509.ProfessionInfo
@see Spire.Security.Asn1.IsisMtt.X509.NamingAuthority
Constructor from Asn1Sequence.
The sequence is of type ProcurationSyntax:
AdmissionSyntax ::= SEQUENCE
{
admissionAuthority GeneralName OPTIONAL,
contentsOfAdmissions SEQUENCE OF Admissions
}
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
NamingAuthority ::= SEQUENCE
{
namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
@param seq The ASN.1 sequence.
Constructor from given details.
@param admissionAuthority The admission authority.
@param contentsOfAdmissions The admissions.
Produce an object suitable for an Asn1OutputStream.
Returns:
AdmissionSyntax ::= SEQUENCE
{
admissionAuthority GeneralName OPTIONAL,
contentsOfAdmissions SEQUENCE OF Admissions
}
Admissions ::= SEQUENCE
{
admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
professionInfos SEQUENCE OF ProfessionInfo
}
NamingAuthority ::= SEQUENCE
{
namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
@return an Asn1Object
@return Returns the admissionAuthority if present, null otherwise.
@return Returns the contentsOfAdmissions.
A declaration of majority.
DeclarationOfMajoritySyntax ::= CHOICE
{
notYoungerThan [0] IMPLICIT INTEGER,
fullAgeAtCountry [1] IMPLICIT SEQUENCE
{
fullAge BOOLEAN DEFAULT TRUE,
country PrintableString (SIZE(2))
}
dateOfBirth [2] IMPLICIT GeneralizedTime
}
fullAgeAtCountry indicates the majority of the owner with respect to the laws
of a specific country.
Produce an object suitable for an Asn1OutputStream.
Returns:
DeclarationOfMajoritySyntax ::= CHOICE
{
notYoungerThan [0] IMPLICIT INTEGER,
fullAgeAtCountry [1] IMPLICIT SEQUENCE
{
fullAge BOOLEAN DEFAULT TRUE,
country PrintableString (SIZE(2))
}
dateOfBirth [2] IMPLICIT GeneralizedTime
}
@return an Asn1Object
@return notYoungerThan if that's what we are, -1 otherwise
Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST be
used in new certificates in place of the extension/attribute MonetaryLimit
since January 1, 2004. For the sake of backward compatibility with
certificates already in use, components SHOULD support MonetaryLimit (as well
as QcEuLimitValue).
Indicates a monetary limit within which the certificate holder is authorized
to act. (This value DOES NOT express a limit on the liability of the
certification authority).
MonetaryLimitSyntax ::= SEQUENCE
{
currency PrintableString (SIZE(3)),
amount INTEGER,
exponent INTEGER
}
currency must be the ISO code.
value = amount�10*exponent
Constructor from a given details.
value = amount�10^exponent
@param currency The currency. Must be the ISO code.
@param amount The amount
@param exponent The exponent
Produce an object suitable for an Asn1OutputStream.
Returns:
MonetaryLimitSyntax ::= SEQUENCE
{
currency PrintableString (SIZE(3)),
amount INTEGER,
exponent INTEGER
}
@return an Asn1Object
Names of authorities which are responsible for the administration of title
registers.
NamingAuthority ::= SEQUENCE
{
namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
@see Spire.Security.Asn1.IsisMtt.X509.AdmissionSyntax
Profession OIDs should always be defined under the OID branch of the
responsible naming authority. At the time of this writing, the work group
�Recht, Wirtschaft, Steuern� (�Law, Economy, Taxes�) is registered as the
first naming authority under the OID id-isismtt-at-namingAuthorities.
Constructor from Asn1Sequence.
NamingAuthority ::= SEQUENCE
{
namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
@param seq The ASN.1 sequence.
@return Returns the namingAuthorityID.
@return Returns the namingAuthorityText.
@return Returns the namingAuthorityUrl.
Constructor from given details.
All parameters can be combined.
@param namingAuthorityID ObjectIdentifier for naming authority.
@param namingAuthorityUrl URL for naming authority.
@param namingAuthorityText Textual representation of naming authority.
Produce an object suitable for an Asn1OutputStream.
Returns:
NamingAuthority ::= SEQUENCE
{
namingAuthorityID OBJECT IDENTIFIER OPTIONAL,
namingAuthorityUrl IA5String OPTIONAL,
namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
}
@return an Asn1Object
Attribute to indicate that the certificate holder may sign in the name of a
third person.
ISIS-MTT PROFILE: The corresponding ProcurationSyntax contains either the
name of the person who is represented (subcomponent thirdPerson) or a
reference to his/her base certificate (in the component signingFor,
subcomponent certRef), furthermore the optional components country and
typeSubstitution to indicate the country whose laws apply, and respectively
the type of procuration (e.g. manager, procuration, custody).
ISIS-MTT PROFILE: The GeneralName MUST be of type directoryName and MAY only
contain: - RFC3039 attributes, except pseudonym (countryName, commonName,
surname, givenName, serialNumber, organizationName, organizationalUnitName,
stateOrProvincename, localityName, postalAddress) and - SubjectDirectoryName
attributes (title, dateOfBirth, placeOfBirth, gender, countryOfCitizenship,
countryOfResidence and NameAtBirth).
ProcurationSyntax ::= SEQUENCE {
country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
signingFor [3] EXPLICIT SigningFor
}
SigningFor ::= CHOICE
{
thirdPerson GeneralName,
certRef IssuerSerial
}
Constructor from Asn1Sequence.
The sequence is of type ProcurationSyntax:
ProcurationSyntax ::= SEQUENCE {
country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
signingFor [3] EXPLICIT SigningFor
}
SigningFor ::= CHOICE
{
thirdPerson GeneralName,
certRef IssuerSerial
}
@param seq The ASN.1 sequence.
Constructor from a given details.
Either generalName
or certRef
MUST be
null
.
@param country The country code whose laws apply.
@param typeOfSubstitution The type of procuration.
@param certRef Reference to certificate of the person who is represented.
Constructor from a given details.
Either generalName
or certRef
MUST be
null
.
@param country The country code whose laws apply.
@param typeOfSubstitution The type of procuration.
@param thirdPerson The GeneralName of the person who is represented.
Produce an object suitable for an Asn1OutputStream.
Returns:
ProcurationSyntax ::= SEQUENCE {
country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
signingFor [3] EXPLICIT SigningFor
}
SigningFor ::= CHOICE
{
thirdPerson GeneralName,
certRef IssuerSerial
}
@return an Asn1Object
Professions, specializations, disciplines, fields of activity, etc.
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
@see Spire.Security.Asn1.IsisMtt.X509.AdmissionSyntax
Rechtsanw�ltin
Rechtsanwalt
Rechtsbeistand
Steuerberaterin
Steuerberater
Steuerbevollm�chtigte
Steuerbevollm�chtigter
Notarin
Notar
Notarvertreterin
Notarvertreter
Notariatsverwalterin
Notariatsverwalter
Wirtschaftspr�ferin
Wirtschaftspr�fer
Vereidigte Buchpr�ferin
Vereidigter Buchpr�fer
Patentanw�ltin
Patentanwalt
Constructor from Asn1Sequence.
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
@param seq The ASN.1 sequence.
Constructor from given details.
professionItems
is mandatory, all other parameters are
optional.
@param namingAuthority The naming authority.
@param professionItems Directory strings of the profession.
@param professionOids DERObjectIdentfier objects for the
profession.
@param registrationNumber Registration number.
@param addProfessionInfo Additional infos in encoded form.
Produce an object suitable for an Asn1OutputStream.
Returns:
ProfessionInfo ::= SEQUENCE
{
namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
professionOids SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
addProfessionInfo OCTET STRING OPTIONAL
}
@return an Asn1Object
@return Returns the addProfessionInfo.
@return Returns the namingAuthority.
@return Returns the professionItems.
@return Returns the professionOids.
@return Returns the registrationNumber.
Some other restriction regarding the usage of this certificate.
RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
Constructor from DirectoryString.
The DirectoryString is of type RestrictionSyntax:
RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
@param restriction A IAsn1String.
Constructor from a given details.
@param restriction The description of the restriction.
Produce an object suitable for an Asn1OutputStream.
Returns:
RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
@return an Asn1Object
Produce an object suitable for an Asn1OutputStream.
cast5CBCParameters ::= Sequence {
iv OCTET STRING DEFAULT 0,
-- Initialization vector
keyLength Integer
-- Key length, in bits
}
Produce an object suitable for an Asn1OutputStream.
IDEA-CBCPar ::= Sequence {
iv OCTET STRING OPTIONAL -- exactly 8 octets
}
The NetscapeCertType object.
NetscapeCertType ::= BIT STRING {
SSLClient (0),
SSLServer (1),
S/MIME (2),
Object Signing (3),
Reserved (4),
SSL CA (5),
S/MIME CA (6),
Object Signing CA (7) }
Basic constructor.
@param usage - the bitwise OR of the Key Usage flags giving the
allowed uses for the key.
e.g. (X509NetscapeCertType.sslCA | X509NetscapeCertType.smimeCA)
This is designed to parse
the PublicKeyAndChallenge created by the KEYGEN tag included by
Mozilla based browsers.
PublicKeyAndChallenge ::= SEQUENCE {
spki SubjectPublicKeyInfo,
challenge IA5STRING
}
Utility class for fetching curves using their NIST names as published in FIPS-PUB 186-3
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
From RFC 3657
Produce an object suitable for an Asn1OutputStream.
BasicOcspResponse ::= Sequence {
tbsResponseData ResponseData,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING,
certs [0] EXPLICIT Sequence OF Certificate OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
CertID ::= Sequence {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING, -- Hash of Issuer's DN
issuerKeyHash OCTET STRING, -- Hash of Issuers public key
serialNumber CertificateSerialNumber }
create a CertStatus object with a tag of zero.
Produce an object suitable for an Asn1OutputStream.
CertStatus ::= CHOICE {
good [0] IMPLICIT Null,
revoked [1] IMPLICIT RevokedInfo,
unknown [2] IMPLICIT UnknownInfo }
Produce an object suitable for an Asn1OutputStream.
CrlID ::= Sequence {
crlUrl [0] EXPLICIT IA5String OPTIONAL,
crlNum [1] EXPLICIT Integer OPTIONAL,
crlTime [2] EXPLICIT GeneralizedTime OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
OcspRequest ::= Sequence {
tbsRequest TBSRequest,
optionalSignature [0] EXPLICIT Signature OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
OcspResponse ::= Sequence {
responseStatus OcspResponseStatus,
responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
The OcspResponseStatus enumeration.
OcspResponseStatus ::= Enumerated {
successful (0), --Response has valid confirmations
malformedRequest (1), --Illegal confirmation request
internalError (2), --Internal error in issuer
tryLater (3), --Try again later
--(4) is not used
sigRequired (5), --Must sign the request
unauthorized (6) --Request unauthorized
}
Produce an object suitable for an Asn1OutputStream.
Request ::= Sequence {
reqCert CertID,
singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
ResponderID ::= CHOICE {
byName [1] Name,
byKey [2] KeyHash }
Produce an object suitable for an Asn1OutputStream.
ResponseBytes ::= Sequence {
responseType OBJECT IDENTIFIER,
response OCTET STRING }
Produce an object suitable for an Asn1OutputStream.
ResponseData ::= Sequence {
version [0] EXPLICIT Version DEFAULT v1,
responderID ResponderID,
producedAt GeneralizedTime,
responses Sequence OF SingleResponse,
responseExtensions [1] EXPLICIT Extensions OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
RevokedInfo ::= Sequence {
revocationTime GeneralizedTime,
revocationReason [0] EXPLICIT CRLReason OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
ServiceLocator ::= Sequence {
issuer Name,
locator AuthorityInfoAccessSyntax OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
Signature ::= Sequence {
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING,
certs [0] EXPLICIT Sequence OF Certificate OPTIONAL}
Produce an object suitable for an Asn1OutputStream.
SingleResponse ::= Sequence {
certID CertID,
certStatus CertStatus,
thisUpdate GeneralizedTime,
nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
singleExtensions [1] EXPLICIT Extensions OPTIONAL }
Produce an object suitable for an Asn1OutputStream.
TBSRequest ::= Sequence {
version [0] EXPLICIT Version DEFAULT v1,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestList Sequence OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL }
class for breaking up an Oid into it's component tokens, ala
java.util.StringTokenizer. We need this class as some of the
lightweight Java environment don't support classes like
StringTokenizer.
return an Attribute object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
Attr ::= Sequence {
attrType OBJECT IDENTIFIER,
attrValues Set OF AttributeValue
}
Pkcs10 Certfication request object.
CertificationRequest ::= Sequence {
certificationRequestInfo CertificationRequestInfo,
signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
signature BIT STRING
}
Pkcs10 CertificationRequestInfo object.
CertificationRequestInfo ::= Sequence {
version Integer { v1(0) } (v1,...),
subject Name,
subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
attributes [0] Attributes{{ CRIAttributes }}
}
Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
Attr { ATTRIBUTE:IOSet } ::= Sequence {
type ATTRIBUTE.&id({IOSet}),
values Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
}
Produce an object suitable for an Asn1OutputStream.
ContentInfo ::= Sequence {
contentType ContentType,
content
[0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
The EncryptedData object.
EncryptedData ::= Sequence {
version Version,
encryptedContentInfo EncryptedContentInfo
}
EncryptedContentInfo ::= Sequence {
contentType ContentType,
contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
}
EncryptedContent ::= OCTET STRING
Produce an object suitable for an Asn1OutputStream.
EncryptedPrivateKeyInfo ::= Sequence {
encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
encryptedData EncryptedData
}
EncryptedData ::= OCTET STRING
KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
... -- For local profiles
}
MacData ::= SEQUENCE {
mac DigestInfo,
macSalt OCTET STRING,
iterations INTEGER DEFAULT 1
-- Note: The default is for historic reasons and its use is deprecated. A
-- higher value, like 1024 is recommended.
@return the basic DERObject construction.
the infamous Pfx from Pkcs12
PKCS#1: 1.2.840.113549.1.1.15
PKCS#1: 1.2.840.113549.1.1.16
PKCS#9: 1.2.840.113549.1.9.16.6.2.37 - RFC 4108
PKCS#9: 1.2.840.113549.1.9.16.6.2.38 - RFC 4108
PKCS#9: 1.2.840.113549.1.9.16.2.54 RFC7030
PKCS#9: 1.2.840.113549.1.9.16.2.43 RFC7030
PKCS#9: 1.2.840.113549.1.9.16.2.40 RFC7030
write out an RSA private key with its associated information
as described in Pkcs8.
PrivateKeyInfo ::= Sequence {
version Version,
privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
privateKey PrivateKey,
attributes [0] IMPLICIT Attributes OPTIONAL
}
Version ::= Integer {v1(0)} (v1,...)
PrivateKey ::= OCTET STRING
Attributes ::= Set OF Attr
The default version
RSAES-OAEP-params ::= SEQUENCE {
hashAlgorithm [0] OAEP-PSSDigestAlgorithms DEFAULT sha1,
maskGenAlgorithm [1] PKCS1MGFAlgorithms DEFAULT mgf1SHA1,
pSourceAlgorithm [2] PKCS1PSourceAlgorithms DEFAULT pSpecifiedEmpty
}
OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-sha1 PARAMETERS NULL }|
{ OID id-sha256 PARAMETERS NULL }|
{ OID id-sha384 PARAMETERS NULL }|
{ OID id-sha512 PARAMETERS NULL },
... -- Allows for future expansion --
}
PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
... -- Allows for future expansion --
}
PKCS1PSourceAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-pSpecified PARAMETERS OCTET STRING },
... -- Allows for future expansion --
}
@return the asn1 primitive representing the parameters.
This outputs the key in Pkcs1v2 format.
RsaPrivateKey ::= Sequence {
version Version,
modulus Integer, -- n
publicExponent Integer, -- e
privateExponent Integer, -- d
prime1 Integer, -- p
prime2 Integer, -- q
exponent1 Integer, -- d mod (p-1)
exponent2 Integer, -- d mod (q-1)
coefficient Integer -- (inverse of q) mod p
}
Version ::= Integer
This routine is written to output Pkcs1 version 0, private keys.
The default version
RSASSA-PSS-params ::= SEQUENCE {
hashAlgorithm [0] OAEP-PSSDigestAlgorithms DEFAULT sha1,
maskGenAlgorithm [1] PKCS1MGFAlgorithms DEFAULT mgf1SHA1,
saltLength [2] INTEGER DEFAULT 20,
trailerField [3] TrailerField DEFAULT trailerFieldBC
}
OAEP-PSSDigestAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-sha1 PARAMETERS NULL }|
{ OID id-sha256 PARAMETERS NULL }|
{ OID id-sha384 PARAMETERS NULL }|
{ OID id-sha512 PARAMETERS NULL },
... -- Allows for future expansion --
}
PKCS1MGFAlgorithms ALGORITHM-IDENTIFIER ::= {
{ OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
... -- Allows for future expansion --
}
TrailerField ::= INTEGER { trailerFieldBC(1) }
@return the asn1 primitive representing the parameters.
a Pkcs#7 signed data object.
Produce an object suitable for an Asn1OutputStream.
SignedData ::= Sequence {
version Version,
digestAlgorithms DigestAlgorithmIdentifiers,
contentInfo ContentInfo,
certificates
[0] IMPLICIT ExtendedCertificatesAndCertificates
OPTIONAL,
crls
[1] IMPLICIT CertificateRevocationLists OPTIONAL,
signerInfos SignerInfos }
a Pkcs#7 signer info object.
Produce an object suitable for an Asn1OutputStream.
SignerInfo ::= Sequence {
version Version,
issuerAndSerialNumber IssuerAndSerialNumber,
digestAlgorithm DigestAlgorithmIdentifier,
authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
encryptedDigest EncryptedDigest,
unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
}
EncryptedDigest ::= OCTET STRING
DigestAlgorithmIdentifier ::= AlgorithmIdentifier
DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
the elliptic curve private key object from SEC 1
ECPrivateKey ::= SEQUENCE {
version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
privateKey OCTET STRING,
parameters [0] Parameters OPTIONAL,
publicKey [1] BIT STRING OPTIONAL }
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
EllipticCurve OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) certicom(132) curve(0)
}
Handler class for dealing with S/MIME Capabilities
general preferences
encryption algorithms preferences
return an Attr object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
returns an ArrayList with 0 or more objects of all the capabilities
matching the passed in capability Oid. If the Oid passed is null the
entire set is returned.
Produce an object suitable for an Asn1OutputStream.
SMIMECapabilities ::= Sequence OF SMIMECapability
general preferences
encryption algorithms preferences
Produce an object suitable for an Asn1OutputStream.
SMIMECapability ::= Sequence {
capabilityID OBJECT IDENTIFIER,
parameters ANY DEFINED BY capabilityID OPTIONAL
}
Handler for creating a vector S/MIME Capabilities
The SmimeEncryptionKeyPreference object.
SmimeEncryptionKeyPreference ::= CHOICE {
issuerAndSerialNumber [0] IssuerAndSerialNumber,
receipentKeyId [1] RecipientKeyIdentifier,
subjectAltKeyIdentifier [2] SubjectKeyIdentifier
}
@param sKeyId the subjectKeyIdentifier value (normally the X.509 one)
elliptic curves defined in "ECC Brainpool Standard Curves and Curve Generation"
http://www.ecc-brainpool.org/download/draft_pkix_additional_ecc_dp.txt
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
Accuracy ::= SEQUENCE {
seconds INTEGER OPTIONAL,
millis [0] INTEGER (1..999) OPTIONAL,
micros [1] INTEGER (1..999) OPTIONAL
}
@param o
@return a MessageImprint object.
MessageImprint ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
hashedMessage OCTET STRING }
TimeStampReq ::= SEQUENCE {
version INTEGER { v1(1) },
messageImprint MessageImprint,
--a hash algorithm OID and the hash value of the data to be
--time-stamped
reqPolicy TSAPolicyId OPTIONAL,
nonce INTEGER OPTIONAL,
certReq BOOLEAN DEFAULT FALSE,
extensions [0] IMPLICIT Extensions OPTIONAL
}
TimeStampResp ::= SEQUENCE {
status PkiStatusInfo,
timeStampToken TimeStampToken OPTIONAL }
TstInfo ::= SEQUENCE {
version INTEGER { v1(1) },
policy TSAPolicyId,
messageImprint MessageImprint,
-- MUST have the same value as the similar field in
-- TimeStampReq
serialNumber INTEGER,
-- Time-Stamping users MUST be ready to accommodate integers
-- up to 160 bits.
genTime GeneralizedTime,
accuracy Accuracy OPTIONAL,
ordering BOOLEAN DEFAULT FALSE,
nonce INTEGER OPTIONAL,
-- MUST be present if the similar field was present
-- in TimeStampReq. In that case it MUST have the same value.
tsa [0] GeneralName OPTIONAL,
extensions [1] IMPLICIT Extensions OPTIONAL }
Base OID: 1.2.804.2.1.1.1
DSTU4145 Little Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1
DSTU4145 Big Endian presentation. OID: 1.2.804.2.1.1.1.1.3.1.1.1
DSTU7564 256-bit digest presentation.
DSTU7564 384-bit digest presentation.
DSTU7564 512-bit digest presentation.
DSTU7564 256-bit mac presentation.
DSTU7564 384-bit mac presentation.
DSTU7564 512-bit mac presentation.
DSTU7624 in ECB mode with 128 bit block/key presentation
DSTU7624 in ECB mode with 256 bit block/key presentation
DSTU7624 in ECB mode with 512 bit block/key presentation
DSTU7624 in CTR mode with 128 bit block/key presentation
DSTU7624 in CTR mode with 256 bit block/key presentation
DSTU7624 in CTR mode with 512 bit block/key presentation
DSTU7624 in CFB mode with 128 bit block/key presentation
DSTU7624 in CFB mode with 256 bit block/key presentation
DSTU7624 in CFB mode with 512 bit block/key presentation
DSTU7624 in MAC mode with 128 bit block/key presentation
DSTU7624 in MAC mode with 256 bit block/key presentation
DSTU7624 in MAC mode with 512 bit block/key presentation
DSTU7624 in CBC mode with 128 bit block/key presentation
DSTU7624 in CBC mode with 256 bit block/key presentation
DSTU7624 in CBC mode with 512 bit block/key presentation
DSTU7624 in OFB mode with 128 bit block/key presentation
DSTU7624 in OFB mode with 256 bit block/key presentation
DSTU7624 in OFB mode with 512 bit block/key presentation
DSTU7624 in GMAC (GCM witout encryption) mode with 128 bit block/key presentation
DSTU7624 in GMAC (GCM witout encryption) mode with 256 bit block/key presentation
DSTU7624 in GMAC (GCM witout encryption) mode with 512 bit block/key presentation
DSTU7624 in CCM mode with 128 bit block/key presentation
DSTU7624 in CCM mode with 256 bit block/key presentation
DSTU7624 in CCM mode with 512 bit block/key presentation
DSTU7624 in XTS mode with 128 bit block/key presentation
DSTU7624 in XTS mode with 256 bit block/key presentation
DSTU7624 in XTS mode with 512 bit block/key presentation
DSTU7624 in key wrap (KW) mode with 128 bit block/key presentation
DSTU7624 in key wrap (KW) mode with 256 bit block/key presentation
DSTU7624 in key wrap (KW) mode with 512 bit block/key presentation
dump a Der object as a formatted string with indentation
@param obj the Asn1Object to be dumped out.
dump out a DER object as a formatted string, in non-verbose mode
@param obj the Asn1Encodable to be dumped out.
@return the resulting string.
Dump out the object as a string
@param obj the Asn1Encodable to be dumped out.
@param verbose if true, dump out the contents of octet and bit strings.
@return the resulting string.
DirectoryString ::= CHOICE {
teletexString TeletexString (SIZE (1..MAX)),
printableString PrintableString (SIZE (1..MAX)),
universalString UniversalString (SIZE (1..MAX)),
utf8String UTF8String (SIZE (1..MAX)),
bmpString BMPString (SIZE (1..MAX)) }
The AccessDescription object.
AccessDescription ::= SEQUENCE {
accessMethod OBJECT IDENTIFIER,
accessLocation GeneralName }
create an AccessDescription with the oid and location provided.
@return the access method.
@return the access location
Return the OID in the Algorithm entry of this identifier.
Return the parameters structure in the Parameters entry of this identifier.
Produce an object suitable for an Asn1OutputStream.
AlgorithmIdentifier ::= Sequence {
algorithm OBJECT IDENTIFIER,
parameters ANY DEFINED BY algorithm OPTIONAL }
Don't use this one if you are trying to be RFC 3281 compliant.
Use it for v1 attribute certificates only.
Our GeneralNames structure
Produce an object suitable for an Asn1OutputStream.
AttCertIssuer ::= CHOICE {
v1Form GeneralNames, -- MUST NOT be used in this
-- profile
v2Form [0] V2Form -- v2 only
}
Produce an object suitable for an Asn1OutputStream.
AttCertValidityPeriod ::= Sequence {
notBeforeTime GeneralizedTime,
notAfterTime GeneralizedTime
}
return an Attr object from the given object.
@param o the object we want converted.
@exception ArgumentException if the object cannot be converted.
Produce an object suitable for an Asn1OutputStream.
Attr ::= Sequence {
attrType OBJECT IDENTIFIER,
attrValues Set OF AttributeValue
}
@param obj
@return
Produce an object suitable for an Asn1OutputStream.
AttributeCertificate ::= Sequence {
acinfo AttributeCertificateInfo,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}
Produce an object suitable for an Asn1OutputStream.
AttributeCertificateInfo ::= Sequence {
version AttCertVersion -- version is v2,
holder Holder,
issuer AttCertIssuer,
signature AlgorithmIdentifier,
serialNumber CertificateSerialNumber,
attrCertValidityPeriod AttCertValidityPeriod,
attributes Sequence OF Attr,
issuerUniqueID UniqueIdentifier OPTIONAL,
extensions Extensions OPTIONAL
}
AttCertVersion ::= Integer { v2(1) }
The AuthorityInformationAccess object.
id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
AuthorityInfoAccessSyntax ::=
Sequence SIZE (1..MAX) OF AccessDescription
AccessDescription ::= Sequence {
accessMethod OBJECT IDENTIFIER,
accessLocation GeneralName }
id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
create an AuthorityInformationAccess with the oid and location provided.
The AuthorityKeyIdentifier object.
id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 }
AuthorityKeyIdentifier ::= Sequence {
keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL,
authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL,
authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL }
KeyIdentifier ::= OCTET STRING
*
* Calulates the keyidentifier using a SHA1 hash over the BIT STRING
* from SubjectPublicKeyInfo as defined in RFC2459.
*
* Example of making a AuthorityKeyIdentifier:
*
* SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
* publicKey.getEncoded()).readObject());
* AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki);
*
*
*
create an AuthorityKeyIdentifier with the GeneralNames tag and
the serial number provided as well.
create an AuthorityKeyIdentifier with the GeneralNames tag and
the serial number provided.
create an AuthorityKeyIdentifier with a precomputed key identifier
create an AuthorityKeyIdentifier with a precomupted key identifier
and the GeneralNames tag and the serial number provided as well.
Produce an object suitable for an Asn1OutputStream.
create a cA=true object for the given path length constraint.
@param pathLenConstraint
Produce an object suitable for an Asn1OutputStream.
BasicConstraints := Sequence {
cA Boolean DEFAULT FALSE,
pathLenConstraint Integer (0..MAX) OPTIONAL
}
PKIX RFC-2459
The X.509 v2 CRL syntax is as follows. For signature calculation,
the data that is to be signed is ASN.1 Der encoded.
CertificateList ::= Sequence {
tbsCertList TbsCertList,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING }
This class helps to support crossCerfificatePairs in a LDAP directory
according RFC 2587
crossCertificatePairATTRIBUTE::={
WITH SYNTAX CertificatePair
EQUALITY MATCHING RULE certificatePairExactMatch
ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
The forward elements of the crossCertificatePair attribute of a
CA's directory entry shall be used to store all, except self-issued
certificates issued to this CA. Optionally, the reverse elements of the
crossCertificatePair attribute, of a CA's directory entry may contain a
subset of certificates issued by this CA to other CAs. When both the forward
and the reverse elements are present in a single attribute value, issuer name
in one certificate shall match the subject name in the other and vice versa,
and the subject public key in one certificate shall be capable of verifying
the digital signature on the other certificate and vice versa.
When a reverse element is present, the forward element value and the reverse
element value need not be stored in the same attribute value; in other words,
they can be stored in either a single attribute value or two attribute
values.
CertificatePair ::= SEQUENCE {
forward [0] Certificate OPTIONAL,
reverse [1] Certificate OPTIONAL,
-- at least one of the pair shall be present -- }
Constructor from Asn1Sequence.
The sequence is of type CertificatePair:
CertificatePair ::= SEQUENCE {
forward [0] Certificate OPTIONAL,
reverse [1] Certificate OPTIONAL,
-- at least one of the pair shall be present -- }
@param seq The ASN.1 sequence.
Constructor from a given details.
@param forward Certificates issued to this CA.
@param reverse Certificates issued by this CA to other CAs.
Produce an object suitable for an Asn1OutputStream.
Returns:
CertificatePair ::= SEQUENCE {
forward [0] Certificate OPTIONAL,
reverse [1] Certificate OPTIONAL,
-- at least one of the pair shall be present -- }
@return a DERObject
@return Returns the forward.
@return Returns the reverse.
Construct a CertificatePolicies object containing one PolicyInformation.
@param name the name to be contained.
Produce an object suitable for an ASN1OutputStream.
CertificatePolicies ::= SEQUENCE SIZE {1..MAX} OF PolicyInformation
CertPolicyId, used in the CertificatePolicies and PolicyMappings
X509V3 Extensions.
CertPolicyId ::= OBJECT IDENTIFIER
Return the distribution points making up the sequence.
@return DistributionPoint[]
Produce an object suitable for an Asn1OutputStream.
CrlDistPoint ::= Sequence SIZE {1..MAX} OF DistributionPoint
The CRLNumber object.
CRLNumber::= Integer(0..MAX)
The CRLReason enumeration.
CRLReason ::= Enumerated {
unspecified (0),
keyCompromise (1),
cACompromise (2),
affiliationChanged (3),
superseded (4),
cessationOfOperation (5),
certificateHold (6),
removeFromCRL (8),
privilegeWithdrawn (9),
aACompromise (10)
}
The DigestInfo object.
DigestInfo::=Sequence{
digestAlgorithm AlgorithmIdentifier,
digest OCTET STRING }
DisplayText
class, used in
CertificatePolicies
X509 V3 extensions (in policy qualifiers).
It stores a string in a chosen encoding.
DisplayText ::= CHOICE {
ia5String IA5String (SIZE (1..200)),
visibleString VisibleString (SIZE (1..200)),
bmpString BMPString (SIZE (1..200)),
utf8String UTF8String (SIZE (1..200)) }
@see PolicyQualifierInfo
@see PolicyInformation
Constant corresponding to ia5String encoding.
Constant corresponding to bmpString encoding.
Constant corresponding to utf8String encoding.
Constant corresponding to visibleString encoding.
Describe constant DisplayTextMaximumSize
here.
Creates a new DisplayText
instance.
@param type the desired encoding type for the text.
@param text the text to store. Strings longer than 200
characters are truncated.
Creates a new DisplayText
instance.
@param text the text to encapsulate. Strings longer than 200
characters are truncated.
Creates a new DisplayText
instance.
Useful when reading back a DisplayText
class
from it's Asn1Encodable form.
@param contents an Asn1Encodable
instance.
Returns the stored string
object.
@return the stored text as a string
.
The DistributionPoint object.
DistributionPoint ::= Sequence {
distributionPoint [0] DistributionPointName OPTIONAL,
reasons [1] ReasonFlags OPTIONAL,
cRLIssuer [2] GeneralNames OPTIONAL
}
The DistributionPointName object.
DistributionPointName ::= CHOICE {
fullName [0] GeneralNames,
nameRelativeToCRLIssuer [1] RDN
}
The extendedKeyUsage object.
extendedKeyUsage ::= Sequence SIZE (1..MAX) OF KeyPurposeId
Returns all extended key usages.
The returned ArrayList contains DerObjectIdentifier instances.
@return An ArrayList with all key purposes.
The GeneralName object.
GeneralName ::= CHOICE {
otherName [0] OtherName,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER}
OtherName ::= Sequence {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT ANY DEFINED BY type-id }
EDIPartyName ::= Sequence {
nameAssigner [0] DirectoryString OPTIONAL,
partyName [1] DirectoryString }
When the subjectAltName extension contains an Internet mail address,
the address MUST be included as an rfc822Name. The format of an
rfc822Name is an "addr-spec" as defined in RFC 822 [RFC 822].
When the subjectAltName extension contains a domain name service
label, the domain name MUST be stored in the dNSName (an IA5String).
The name MUST be in the "preferred name syntax," as specified by RFC
1034 [RFC 1034].
When the subjectAltName extension contains a URI, the name MUST be
stored in the uniformResourceIdentifier (an IA5String). The name MUST
be a non-relative URL, and MUST follow the URL syntax and encoding
rules specified in [RFC 1738]. The name must include both a scheme
(e.g., "http" or "ftp") and a scheme-specific-part. The scheme-
specific-part must include a fully qualified domain name or IP
address as the host.
When the subjectAltName extension contains a iPAddress, the address
MUST be stored in the octet string in "network byte order," as
specified in RFC 791 [RFC 791]. The least significant bit (LSB) of
each octet is the LSB of the corresponding byte in the network
address. For IP Version 4, as specified in RFC 791, the octet string
MUST contain exactly four octets. For IP Version 6, as specified in
RFC 1883, the octet string MUST contain exactly sixteen octets [RFC
1883].
Create a GeneralName for the given tag from the passed in string.
This constructor can handle:
- rfc822Name
- iPAddress
- directoryName
- dNSName
- uniformResourceIdentifier
- registeredID
For x400Address, otherName and ediPartyName there is no common string
format defined.
Note: A directory name can be encoded in different ways into a byte
representation. Be aware of this if the byte representation is used for
comparing results.
@param tag tag number
@param name string representation of name
@throws ArgumentException if the string encoding is not correct or
not supported.
Construct a GeneralNames object containing one GeneralName.
The name to be contained.
Produce an object suitable for an Asn1OutputStream.
GeneralNames ::= Sequence SIZE {1..MAX} OF GeneralName
Class for containing a restriction object subtrees in NameConstraints. See
RFC 3280.
GeneralSubtree ::= SEQUENCE
{
baseName GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL
}
@see org.bouncycastle.asn1.x509.NameConstraints
Constructor from a given details.
According RFC 3280, the minimum and maximum fields are not used with any
name forms, thus minimum MUST be zero, and maximum MUST be absent.
If minimum is null
, zero is assumed, if
maximum is null
, maximum is absent.
@param baseName
A restriction.
@param minimum
Minimum
@param maximum
Maximum
Produce an object suitable for an Asn1OutputStream.
Returns:
GeneralSubtree ::= SEQUENCE
{
baseName GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL
}
@return a DERObject
The Holder object.
For an v2 attribute certificate this is:
Holder ::= SEQUENCE {
baseCertificateID [0] IssuerSerial OPTIONAL,
-- the issuer and serial number of
-- the holder's Public Key Certificate
entityName [1] GeneralNames OPTIONAL,
-- the name of the claimant or role
objectDigestInfo [2] ObjectDigestInfo OPTIONAL
-- used to directly authenticate the holder,
-- for example, an executable
}
For an v1 attribute certificate this is:
subject CHOICE {
baseCertificateID [0] IssuerSerial,
-- associated with a Public Key Certificate
subjectName [1] GeneralNames },
-- associated with a name
Constructor for a holder for an v1 attribute certificate.
@param tagObj The ASN.1 tagged holder object.
Constructor for a holder for an v2 attribute certificate. *
@param seq The ASN.1 sequence.
Constructs a holder from a IssuerSerial.
@param baseCertificateID The IssuerSerial.
@param version The version of the attribute certificate.
Returns 1 for v2 attribute certificates or 0 for v1 attribute
certificates.
@return The version of the attribute certificate.
Constructs a holder with an entityName for v2 attribute certificates or
with a subjectName for v1 attribute certificates.
@param entityName The entity or subject name.
Constructs a holder with an entityName for v2 attribute certificates or
with a subjectName for v1 attribute certificates.
@param entityName The entity or subject name.
@param version The version of the attribute certificate.
Constructs a holder from an object digest info.
@param objectDigestInfo The object digest info object.
Returns the entityName for an v2 attribute certificate or the subjectName
for an v1 attribute certificate.
@return The entityname or subjectname.
The Holder object.
Holder ::= Sequence {
baseCertificateID [0] IssuerSerial OPTIONAL,
-- the issuer and serial number of
-- the holder's Public Key Certificate
entityName [1] GeneralNames OPTIONAL,
-- the name of the claimant or role
objectDigestInfo [2] ObjectDigestInfo OPTIONAL
-- used to directly authenticate the holder,
-- for example, an executable
}
Implementation of IetfAttrSyntax
as specified by RFC3281.
IetfAttrSyntax ::= Sequence {
policyAuthority [0] GeneralNames OPTIONAL,
values Sequence OF CHOICE {
octets OCTET STRING,
oid OBJECT IDENTIFIER,
string UTF8String
}
}
Produce an object suitable for an Asn1OutputStream.
IssuerSerial ::= Sequence {
issuer GeneralNames,
serial CertificateSerialNumber,
issuerUid UniqueIdentifier OPTIONAL
}
IssuingDistributionPoint ::= SEQUENCE {
distributionPoint [0] DistributionPointName OPTIONAL,
onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
onlySomeReasons [3] ReasonFlags OPTIONAL,
indirectCRL [4] BOOLEAN DEFAULT FALSE,
onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
Constructor from given details.
@param distributionPoint
May contain an URI as pointer to most current CRL.
@param onlyContainsUserCerts Covers revocation information for end certificates.
@param onlyContainsCACerts Covers revocation information for CA certificates.
@param onlySomeReasons
Which revocation reasons does this point cover.
@param indirectCRL
If true
then the CRL contains revocation
information about certificates ssued by other CAs.
@param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
Constructor from Asn1Sequence
@return Returns the distributionPoint.
@return Returns the onlySomeReasons.
The KeyPurposeID object.
KeyPurposeID ::= OBJECT IDENTIFIER
The KeyUsage object.
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
Basic constructor.
@param usage - the bitwise OR of the Key Usage flags giving the
allowed uses for the key.
e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)
Constructor from a given details.
permitted and excluded are Vectors of GeneralSubtree objects.
@param permitted Permitted subtrees
@param excluded Excluded subtrees
NoticeReference
class, used in
CertificatePolicies
X509 V3 extensions
(in policy qualifiers).
NoticeReference ::= Sequence {
organization DisplayText,
noticeNumbers Sequence OF Integer }
@see PolicyQualifierInfo
@see PolicyInformation
Creates a new NoticeReference
instance.
@param organization a String
value
@param numbers a Vector
value
Creates a new NoticeReference
instance.
@param organization a String
value
@param noticeNumbers an ASN1EncodableVector
value
Creates a new NoticeReference
instance.
@param organization displayText
@param noticeNumbers an ASN1EncodableVector
value
Creates a new NoticeReference
instance.
Useful for reconstructing a NoticeReference
instance from its encodable/encoded form.
@param as an Asn1Sequence
value obtained from either
calling @{link ToAsn1Object()} for a NoticeReference
instance or from parsing it from a Der-encoded stream.
Describe ToAsn1Object
method here.
@return a Asn1Object
value
ObjectDigestInfo ASN.1 structure used in v2 attribute certificates.
ObjectDigestInfo ::= SEQUENCE {
digestedObjectType ENUMERATED {
publicKey (0),
publicKeyCert (1),
otherObjectTypes (2) },
-- otherObjectTypes MUST NOT
-- be used in this profile
otherObjectTypeID OBJECT IDENTIFIER OPTIONAL,
digestAlgorithm AlgorithmIdentifier,
objectDigest BIT STRING
}
The public key is hashed.
The public key certificate is hashed.
An other object is hashed.
Constructor from given details.
If digestedObjectType
is not {@link #publicKeyCert} or
{@link #publicKey} otherObjectTypeID
must be given,
otherwise it is ignored.
@param digestedObjectType The digest object type.
@param otherObjectTypeID The object type ID for
otherObjectDigest
.
@param digestAlgorithm The algorithm identifier for the hash.
@param objectDigest The hash value.
Produce an object suitable for an Asn1OutputStream.
ObjectDigestInfo ::= SEQUENCE {
digestedObjectType ENUMERATED {
publicKey (0),
publicKeyCert (1),
otherObjectTypes (2) },
-- otherObjectTypes MUST NOT
-- be used in this profile
otherObjectTypeID OBJECT IDENTIFIER OPTIONAL,
digestAlgorithm AlgorithmIdentifier,
objectDigest BIT STRING
}
PolicyMappings V3 extension, described in RFC3280.
PolicyMappings ::= Sequence SIZE (1..MAX) OF Sequence {
issuerDomainPolicy CertPolicyId,
subjectDomainPolicy CertPolicyId }
@see RFC 3280, section 4.2.1.6
Creates a new PolicyMappings
instance.
@param seq an Asn1Sequence
constructed as specified
in RFC 3280
Creates a new PolicyMappings
instance.
@param mappings a HashMap
value that maps
string
oids
to other string
oids.
PolicyQualifierId, used in the CertificatePolicies
X509V3 extension.
id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
PolicyQualifierId ::=
OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
Policy qualifiers, used in the X509V3 CertificatePolicies
extension.
PolicyQualifierInfo ::= Sequence {
policyQualifierId PolicyQualifierId,
qualifier ANY DEFINED BY policyQualifierId }
Creates a new PolicyQualifierInfo
instance.
@param policyQualifierId a PolicyQualifierId
value
@param qualifier the qualifier, defined by the above field.
Creates a new PolicyQualifierInfo
containing a
cPSuri qualifier.
@param cps the CPS (certification practice statement) uri as a
string
.
Creates a new PolicyQualifierInfo
instance.
@param as PolicyQualifierInfo
X509 structure
encoded as an Asn1Sequence.
Returns a Der-encodable representation of this instance.
@return a Asn1Object
value
PrivateKeyUsagePeriod ::= SEQUENCE
{
notBefore [0] GeneralizedTime OPTIONAL,
notAfter [1] GeneralizedTime OPTIONAL }
The BiometricData object.
BiometricData ::= SEQUENCE {
typeOfBiometricData TypeOfBiometricData,
hashAlgorithm AlgorithmIdentifier,
biometricDataHash OCTET STRING,
sourceDataUri IA5String OPTIONAL }
The Iso4217CurrencyCode object.
Iso4217CurrencyCode ::= CHOICE {
alphabetic PrintableString (SIZE 3), --Recommended
numeric INTEGER (1..999) }
-- Alphabetic or numeric currency code as defined in ISO 4217
-- It is recommended that the Alphabetic form is used
The MonetaryValue object.
MonetaryValue ::= SEQUENCE {
currency Iso4217CurrencyCode,
amount INTEGER,
exponent INTEGER }
-- value = amount * 10^exponent
The QCStatement object.
QCStatement ::= SEQUENCE {
statementId OBJECT IDENTIFIER,
statementInfo ANY DEFINED BY statementId OPTIONAL}
The SemanticsInformation object.
SemanticsInformation ::= SEQUENCE {
semanticsIdentifier OBJECT IDENTIFIER OPTIONAL,
nameRegistrationAuthorities NameRegistrationAuthorities
OPTIONAL }
(WITH COMPONENTS {..., semanticsIdentifier PRESENT}|
WITH COMPONENTS {..., nameRegistrationAuthorities PRESENT})
NameRegistrationAuthorities ::= SEQUENCE SIZE (1..MAX) OF
GeneralName
The TypeOfBiometricData object.
TypeOfBiometricData ::= CHOICE {
predefinedBiometricType PredefinedBiometricType,
biometricDataOid OBJECT IDENTIFIER }
PredefinedBiometricType ::= INTEGER {
picture(0),handwritten-signature(1)}
(picture|handwritten-signature)
The ReasonFlags object.
ReasonFlags ::= BIT STRING {
unused(0),
keyCompromise(1),
cACompromise(2),
affiliationChanged(3),
superseded(4),
cessationOfOperation(5),
certficateHold(6)
}
@param reasons - the bitwise OR of the Key Reason flags giving the
allowed uses for the key.
Implementation of the RoleSyntax object as specified by the RFC3281.
RoleSyntax ::= SEQUENCE {
roleAuthority [0] GeneralNames OPTIONAL,
roleName [1] GeneralName
}
RoleSyntax factory method.
@param obj the object used to construct an instance of
RoleSyntax
. It must be an instance of RoleSyntax
or Asn1Sequence
.
@return the instance of RoleSyntax
built from the
supplied object.
@throws java.lang.ArgumentException if the object passed
to the factory is not an instance of RoleSyntax
or
Asn1Sequence
.
Constructor.
@param roleAuthority the role authority of this RoleSyntax.
@param roleName the role name of this RoleSyntax.
Constructor. Invoking this constructor is the same as invoking
new RoleSyntax(null, roleName)
.
@param roleName the role name of this RoleSyntax.
Utility constructor. Takes a string
argument representing
the role name, builds a GeneralName
to hold the role name
and calls the constructor that takes a GeneralName
.
@param roleName
Constructor that builds an instance of RoleSyntax
by
extracting the encoded elements from the Asn1Sequence
object supplied.
@param seq an instance of Asn1Sequence
that holds
the encoded elements used to build this RoleSyntax
.
Gets the role authority of this RoleSyntax.
@return an instance of GeneralNames
holding the
role authority of this RoleSyntax.
Gets the role name of this RoleSyntax.
@return an instance of GeneralName
holding the
role name of this RoleSyntax.
Gets the role name as a java.lang.string
object.
@return the role name of this RoleSyntax represented as a
string
object.
Gets the role authority as a string[]
object.
@return the role authority of this RoleSyntax represented as a
string[]
array.
Implementation of the method ToAsn1Object
as
required by the superclass ASN1Encodable
.
RoleSyntax ::= SEQUENCE {
roleAuthority [0] GeneralNames OPTIONAL,
roleName [1] GeneralName
}
This outputs the key in Pkcs1v2 format.
RSAPublicKey ::= Sequence {
modulus Integer, -- n
publicExponent Integer, -- e
}
Structure for a name or pseudonym.
NameOrPseudonym ::= CHOICE {
surAndGivenName SEQUENCE {
surName DirectoryString,
givenName SEQUENCE OF DirectoryString
},
pseudonym DirectoryString
}
@see org.bouncycastle.asn1.x509.sigi.PersonalData
Constructor from DERString.
The sequence is of type NameOrPseudonym:
NameOrPseudonym ::= CHOICE {
surAndGivenName SEQUENCE {
surName DirectoryString,
givenName SEQUENCE OF DirectoryString
},
pseudonym DirectoryString
}
@param pseudonym pseudonym value to use.
Constructor from Asn1Sequence.
The sequence is of type NameOrPseudonym:
NameOrPseudonym ::= CHOICE {
surAndGivenName SEQUENCE {
surName DirectoryString,
givenName SEQUENCE OF DirectoryString
},
pseudonym DirectoryString
}
@param seq The ASN.1 sequence.
Constructor from a given details.
@param pseudonym The pseudonym.
Constructor from a given details.
@param surname The surname.
@param givenName A sequence of directory strings making up the givenName
Produce an object suitable for an Asn1OutputStream.
Returns:
NameOrPseudonym ::= CHOICE {
surAndGivenName SEQUENCE {
surName DirectoryString,
givenName SEQUENCE OF DirectoryString
},
pseudonym DirectoryString
}
@return an Asn1Object
Contains personal data for the otherName field in the subjectAltNames
extension.
PersonalData ::= SEQUENCE {
nameOrPseudonym NameOrPseudonym,
nameDistinguisher [0] INTEGER OPTIONAL,
dateOfBirth [1] GeneralizedTime OPTIONAL,
placeOfBirth [2] DirectoryString OPTIONAL,
gender [3] PrintableString OPTIONAL,
postalAddress [4] DirectoryString OPTIONAL
}
@see org.bouncycastle.asn1.x509.sigi.NameOrPseudonym
@see org.bouncycastle.asn1.x509.sigi.SigIObjectIdentifiers
Constructor from Asn1Sequence.
The sequence is of type NameOrPseudonym:
PersonalData ::= SEQUENCE {
nameOrPseudonym NameOrPseudonym,
nameDistinguisher [0] INTEGER OPTIONAL,
dateOfBirth [1] GeneralizedTime OPTIONAL,
placeOfBirth [2] DirectoryString OPTIONAL,
gender [3] PrintableString OPTIONAL,
postalAddress [4] DirectoryString OPTIONAL
}
@param seq The ASN.1 sequence.
Constructor from a given details.
@param nameOrPseudonym Name or pseudonym.
@param nameDistinguisher Name distinguisher.
@param dateOfBirth Date of birth.
@param placeOfBirth Place of birth.
@param gender Gender.
@param postalAddress Postal Address.
Produce an object suitable for an Asn1OutputStream.
Returns:
PersonalData ::= SEQUENCE {
nameOrPseudonym NameOrPseudonym,
nameDistinguisher [0] INTEGER OPTIONAL,
dateOfBirth [1] GeneralizedTime OPTIONAL,
placeOfBirth [2] DirectoryString OPTIONAL,
gender [3] PrintableString OPTIONAL,
postalAddress [4] DirectoryString OPTIONAL
}
@return an Asn1Object
Object Identifiers of SigI specifciation (German Signature Law
Interoperability specification).
Key purpose IDs for German SigI (Signature Interoperability
Specification)
Certificate policy IDs for German SigI (Signature Interoperability
Specification)
Other Name IDs for German SigI (Signature Interoperability Specification)
To be used for for the generation of directory service certificates.
ID for PersonalData
Certificate is conform to german signature law.
This extension may contain further X.500 attributes of the subject. See also
RFC 3039.
SubjectDirectoryAttributes ::= Attributes
Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
Attribute ::= SEQUENCE
{
type AttributeType
values SET OF AttributeValue
}
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
@see org.bouncycastle.asn1.x509.X509Name for AttributeType ObjectIdentifiers.
Constructor from Asn1Sequence.
The sequence is of type SubjectDirectoryAttributes:
SubjectDirectoryAttributes ::= Attributes
Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
Attribute ::= SEQUENCE
{
type AttributeType
values SET OF AttributeValue
}
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
@param seq
The ASN.1 sequence.
Constructor from an ArrayList of attributes.
The ArrayList consists of attributes of type {@link Attribute Attribute}
@param attributes The attributes.
Produce an object suitable for an Asn1OutputStream.
Returns:
SubjectDirectoryAttributes ::= Attributes
Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
Attribute ::= SEQUENCE
{
type AttributeType
values SET OF AttributeValue
}
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
@return a DERObject
@return Returns the attributes.
The SubjectKeyIdentifier object.
SubjectKeyIdentifier::= OCTET STRING
Calculates the keyIdentifier using a SHA1 hash over the BIT STRING
from SubjectPublicKeyInfo as defined in RFC3280.
@param spki the subject public key info.
Return a RFC 3280 type 1 key identifier. As in:
(1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
value of the BIT STRING subjectPublicKey (excluding the tag,
length, and number of unused bits).
@param keyInfo the key info object containing the subjectPublicKey field.
@return the key identifier.
Return a RFC 3280 type 2 key identifier. As in:
(2) The keyIdentifier is composed of a four bit type field with
the value 0100 followed by the least significant 60 bits of the
SHA-1 hash of the value of the BIT STRING subjectPublicKey.
@param keyInfo the key info object containing the subjectPublicKey field.
@return the key identifier.
The object that contains the public key stored in a certficate.
The GetEncoded() method in the public keys in the JCE produces a DER
encoded one of these.
for when the public key is an encoded object - if the bitstring
can't be decoded this routine raises an IOException.
@exception IOException - if the bit string doesn't represent a Der
encoded object.
for when the public key is raw bits...
Produce an object suitable for an Asn1OutputStream.
SubjectPublicKeyInfo ::= Sequence {
algorithm AlgorithmIdentifier,
publicKey BIT STRING }
Target structure used in target information extension for attribute
certificates from RFC 3281.
Target ::= CHOICE {
targetName [0] GeneralName,
targetGroup [1] GeneralName,
targetCert [2] TargetCert
}
The targetCert field is currently not supported and must not be used
according to RFC 3281.
Creates an instance of a Target from the given object.
obj
can be a Target or a {@link Asn1TaggedObject}
@param obj The object.
@return A Target instance.
@throws ArgumentException if the given object cannot be
interpreted as Target.
Constructor from Asn1TaggedObject.
@param tagObj The tagged object.
@throws ArgumentException if the encoding is wrong.
Constructor from given details.
Exactly one of the parameters must be not null
.
@param type the choice type to apply to the name.
@param name the general name.
@throws ArgumentException if type is invalid.
@return Returns the targetGroup.
@return Returns the targetName.
Produce an object suitable for an Asn1OutputStream.
Returns:
Target ::= CHOICE {
targetName [0] GeneralName,
targetGroup [1] GeneralName,
targetCert [2] TargetCert
}
@return an Asn1Object
Target information extension for attributes certificates according to RFC
3281.
SEQUENCE OF Targets
Creates an instance of a TargetInformation from the given object.
obj
can be a TargetInformation or a {@link Asn1Sequence}
@param obj The object.
@return A TargetInformation instance.
@throws ArgumentException if the given object cannot be interpreted as TargetInformation.
Constructor from a Asn1Sequence.
@param seq The Asn1Sequence.
@throws ArgumentException if the sequence does not contain
correctly encoded Targets elements.
Returns the targets in this target information extension.
The ArrayList is cloned before it is returned.
@return Returns the targets.
Constructs a target information from a single targets element.
According to RFC 3281 only one targets element must be produced.
@param targets A Targets instance.
According to RFC 3281 only one targets element must be produced. If
multiple targets are given they must be merged in
into one targets element.
@param targets An array with {@link Targets}.
Produce an object suitable for an Asn1OutputStream.
Returns:
SEQUENCE OF Targets
According to RFC 3281 only one targets element must be produced. If
multiple targets are given in the constructor they are merged into one
targets element. If this was produced from a
{@link Spire.Security.Asn1.Asn1Sequence} the encoding is kept.
@return an Asn1Object
Targets structure used in target information extension for attribute
certificates from RFC 3281.
Targets ::= SEQUENCE OF Target
Target ::= CHOICE {
targetName [0] GeneralName,
targetGroup [1] GeneralName,
targetCert [2] TargetCert
}
TargetCert ::= SEQUENCE {
targetCertificate IssuerSerial,
targetName GeneralName OPTIONAL,
certDigestInfo ObjectDigestInfo OPTIONAL
}
@see org.bouncycastle.asn1.x509.Target
@see org.bouncycastle.asn1.x509.TargetInformation
Creates an instance of a Targets from the given object.
obj
can be a Targets or a {@link Asn1Sequence}
@param obj The object.
@return A Targets instance.
@throws ArgumentException if the given object cannot be interpreted as Target.
Constructor from Asn1Sequence.
@param targets The ASN.1 SEQUENCE.
@throws ArgumentException if the contents of the sequence are
invalid.
Constructor from given targets.
The ArrayList is copied.
@param targets An ArrayList
of {@link Target}s.
@see Target
@throws ArgumentException if the ArrayList contains not only Targets.
Returns the targets in an ArrayList
.
The ArrayList is cloned before it is returned.
@return Returns the targets.
Produce an object suitable for an Asn1OutputStream.
Returns:
Targets ::= SEQUENCE OF Target
@return an Asn1Object
The TbsCertificate object.
TbsCertificate ::= Sequence {
version [ 0 ] Version DEFAULT v1(0),
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
extensions [ 3 ] Extensions OPTIONAL
}
Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
will parse them, but you really shouldn't be creating new ones.
PKIX RFC-2459 - TbsCertList object.
TbsCertList ::= Sequence {
version Version OPTIONAL,
-- if present, shall be v2
signature AlgorithmIdentifier,
issuer Name,
thisUpdate Time,
nextUpdate Time OPTIONAL,
revokedCertificates Sequence OF Sequence {
userCertificate CertificateSerialNumber,
revocationDate Time,
crlEntryExtensions Extensions OPTIONAL
-- if present, shall be v2
} OPTIONAL,
crlExtensions [0] EXPLICIT Extensions OPTIONAL
-- if present, shall be v2
}
creates a time object from a given date - if the date is between 1950
and 2049 a UTCTime object is Generated, otherwise a GeneralizedTime
is used.
Return our time as DateTime.
A date time.
Produce an object suitable for an Asn1OutputStream.
Time ::= CHOICE {
utcTime UTCTime,
generalTime GeneralizedTime }
UserNotice
class, used in
CertificatePolicies
X509 extensions (in policy
qualifiers).
UserNotice ::= Sequence {
noticeRef NoticeReference OPTIONAL,
explicitText DisplayText OPTIONAL}
@see PolicyQualifierId
@see PolicyInformation
Creates a new UserNotice
instance.
@param noticeRef a NoticeReference
value
@param explicitText a DisplayText
value
Creates a new UserNotice
instance.
@param noticeRef a NoticeReference
value
@param str the explicitText field as a string.
Creates a new UserNotice
instance.
Useful from reconstructing a UserNotice
instance
from its encodable/encoded form.
@param as an ASN1Sequence
value obtained from either
calling @{link toASN1Object()} for a UserNotice
instance or from parsing it from a DER-encoded stream.
Generator for Version 1 TbsCertificateStructures.
TbsCertificate ::= Sequence {
version [ 0 ] Version DEFAULT v1(0),
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
}
Generator for Version 2 AttributeCertificateInfo
AttributeCertificateInfo ::= Sequence {
version AttCertVersion -- version is v2,
holder Holder,
issuer AttCertIssuer,
signature AlgorithmIdentifier,
serialNumber CertificateSerialNumber,
attrCertValidityPeriod AttCertValidityPeriod,
attributes Sequence OF Attr,
issuerUniqueID UniqueIdentifier OPTIONAL,
extensions Extensions OPTIONAL
}
@param attribute
Produce an object suitable for an Asn1OutputStream.
V2Form ::= Sequence {
issuerName GeneralNames OPTIONAL,
baseCertificateID [0] IssuerSerial OPTIONAL,
objectDigestInfo [1] ObjectDigestInfo OPTIONAL
-- issuerName MUST be present in this profile
-- baseCertificateID and objectDigestInfo MUST NOT
-- be present in this profile
}
Generator for Version 2 TbsCertList structures.
TbsCertList ::= Sequence {
version Version OPTIONAL,
-- if present, shall be v2
signature AlgorithmIdentifier,
issuer Name,
thisUpdate Time,
nextUpdate Time OPTIONAL,
revokedCertificates Sequence OF Sequence {
userCertificate CertificateSerialNumber,
revocationDate Time,
crlEntryExtensions Extensions OPTIONAL
-- if present, shall be v2
} OPTIONAL,
crlExtensions [0] EXPLICIT Extensions OPTIONAL
-- if present, shall be v2
}
Note: This class may be subject to change
Generator for Version 3 TbsCertificateStructures.
TbsCertificate ::= Sequence {
version [ 0 ] Version DEFAULT v1(0),
serialNumber CertificateSerialNumber,
signature AlgorithmIdentifier,
issuer Name,
validity Validity,
subject Name,
subjectPublicKeyInfo SubjectPublicKeyInfo,
issuerUniqueID [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
subjectUniqueID [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
extensions [ 3 ] Extensions OPTIONAL
}
an X509Certificate structure.
Certificate ::= Sequence {
tbsCertificate TbsCertificate,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING
}
The default converter for X509 DN entries when going from their
string value to ASN.1 strings.
Apply default conversion for the given value depending on the oid
and the character range of the value.
@param oid the object identifier for the DN entry
@param value the value associated with it
@return the ASN.1 equivalent for the string value.
an object for the elements in the X.509 V3 extension block.
Convert the value of the passed in extension to an object.
The extension to parse.
The object the value string contains.
If conversion is not possible.
Subject Directory Attributes
Subject Key Identifier
Key Usage
Private Key Usage Period
Subject Alternative Name
Issuer Alternative Name
Basic Constraints
CRL Number
Reason code
Hold Instruction Code
Invalidity Date
Delta CRL indicator
Issuing Distribution Point
Certificate Issuer
Name Constraints
CRL Distribution Points
Certificate Policies
Policy Mappings
Authority Key Identifier
Policy Constraints
Extended Key Usage
Freshest CRL
Inhibit Any Policy
Authority Info Access
Subject Info Access
Logo Type
BiometricInfo
QCStatements
Audit identity extension in attribute certificates.
NoRevAvail extension in attribute certificates.
TargetInformation extension in attribute certificates.
Expired Certificates on CRL extension
Constructor from Asn1Sequence.
the extensions are a list of constructed sequences, either with (Oid, OctetString) or (Oid, Boolean, OctetString)
constructor from a table of extensions.
it's is assumed the table contains Oid/string pairs.
Constructor from a table of extensions with ordering.
It's is assumed the table contains Oid/string pairs.
Constructor from two vectors
@param objectIDs an ArrayList of the object identifiers.
@param values an ArrayList of the extension values.
constructor from a table of extensions.
it's is assumed the table contains Oid/string pairs.
Constructor from a table of extensions with ordering.
It's is assumed the table contains Oid/string pairs.
Constructor from two vectors
@param objectIDs an ArrayList of the object identifiers.
@param values an ArrayList of the extension values.
return an Enumeration of the extension field's object ids.
return the extension represented by the object identifier
passed in.
@return the extension if it's present, null otherwise.
Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
Extension ::= SEQUENCE {
extnId EXTENSION.&id ({ExtensionSet}),
critical BOOLEAN DEFAULT FALSE,
extnValue OCTET STRING }
Generator for X.509 extensions
Reset the generator
Add an extension with the given oid and the passed in value to be included
in the OCTET STRING associated with the extension.
OID for the extension.
True if critical, false otherwise.
The ASN.1 object to be included in the extension.
Add an extension with the given oid and the passed in byte array to be wrapped
in the OCTET STRING associated with the extension.
OID for the extension.
True if critical, false otherwise.
The byte array to be wrapped.
Return true if there are no extension present in this generator.
True if empty, false otherwise
Generate an X509Extensions object based on the current state of the generator.
An X509Extensions object
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type OBJECT IDENTIFIER,
value ANY }
country code - StringType(SIZE(2))
organization - StringType(SIZE(1..64))
organizational unit name - StringType(SIZE(1..64))
Title
common name - StringType(SIZE(1..64))
street - StringType(SIZE(1..64))
device serial number name - StringType(SIZE(1..64))
locality name - StringType(SIZE(1..64))
state, or province name - StringType(SIZE(1..64))
Naming attributes of type X520name
businessCategory - DirectoryString(SIZE(1..128)
postalCode - DirectoryString(SIZE(1..40)
dnQualifier - DirectoryString(SIZE(1..64)
RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z
RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
RFC 3039 DateOfBirth - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
codes only
RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
codes only
ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64)
RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
DirectoryString(SIZE(1..30))
RFC 2256 dmdName
id-at-telephoneNumber
id-at-organizationIdentifier
id-at-name
Email address (RSA PKCS#9 extension) - IA5String.
Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.
more from PKCS#9
email address in Verisign certificates
LDAP User id.
determines whether or not strings should be processed and printed
from back to front.
default look up table translating OID values into their common symbols following
the convention in RFC 2253 with a few extras
look up table translating OID values into their common symbols following the convention in RFC 2253
look up table translating OID values into their common symbols following the convention in RFC 1779
look up table translating common symbols into their OIDS.
Return a X509Name based on the passed in tagged object.
@param obj tag object holding name.
@param explicitly true if explicitly tagged false otherwise.
@return the X509Name
Constructor from Asn1Sequence
the principal will be a list of constructed sets, each containing an (OID, string) pair.
Constructor from a table of attributes with ordering.
it's is assumed the table contains OID/string pairs, and the contents
of the table are copied into an internal table as part of the
construction process. The ordering ArrayList should contain the OIDs
in the order they are meant to be encoded or printed in ToString.
Constructor from a table of attributes with ordering.
it's is assumed the table contains OID/string pairs, and the contents
of the table are copied into an internal table as part of the
construction process. The ordering ArrayList should contain the OIDs
in the order they are meant to be encoded or printed in ToString.
The passed in converter will be used to convert the strings into their
ASN.1 counterparts.
Takes two vectors one of the oids and the other of the values.
Takes two vectors one of the oids and the other of the values.
The passed in converter will be used to convert the strings into their
ASN.1 counterparts.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes with each
string value being converted to its associated ASN.1 type using the passed
in converter.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes. If reverse
is true, create the encoded version of the sequence starting from the
last element in the string.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes with each
string value being converted to its associated ASN.1 type using the passed
in converter. If reverse is true the ASN.1 sequence representing the DN will
be built by starting at the end of the string, rather than the start.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes. lookUp
should provide a table of lookups, indexed by lowercase only strings and
yielding a DerObjectIdentifier, other than that OID. and numeric oids
will be processed automatically.
If reverse is true, create the encoded version of the sequence
starting from the last element in the string.
@param reverse true if we should start scanning from the end (RFC 2553).
@param lookUp table of names and their oids.
@param dirName the X.500 string to be parsed.
Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
some such, converting it into an ordered set of name attributes. lookUp
should provide a table of lookups, indexed by lowercase only strings and
yielding a DerObjectIdentifier, other than that OID. and numeric oids
will be processed automatically. The passed in converter is used to convert the
string values to the right of each equals sign to their ASN.1 counterparts.
@param reverse true if we should start scanning from the end, false otherwise.
@param lookUp table of names and oids.
@param dirName the string dirName
@param converter the converter to convert string values into their ASN.1 equivalents
return an IList of the oids in the name, in the order they were found.
return an IList of the values found in the name, in the order they
were found.
return an IList of the values found in the name, in the order they
were found, with the DN label corresponding to passed in oid.
The X509Name object to test equivalency against.
If true, the order of elements must be the same,
as well as the values associated with each element.
test for equivalence - note: case is ignored.
convert the structure to a string - if reverse is true the
oids and values are listed out starting with the last element
in the sequence (ala RFC 2253), otherwise the string will begin
with the first element of the structure. If no string definition
for the oid is found in oidSymbols the string value of the oid is
added. Two standard symbol tables are provided DefaultSymbols, and
RFC2253Symbols as part of this class.
@param reverse if true start at the end of the sequence and work back.
@param oidSymbols look up table strings for oids.
* It turns out that the number of standard ways the fields in a DN should be
* encoded into their ASN.1 counterparts is rapidly approaching the
* number of machines on the internet. By default the X509Name class
* will produce UTF8Strings in line with the current recommendations (RFC 3280).
*
* An example of an encoder look like below:
*
* internal class X509DirEntryConverter
* : X509NameEntryConverter
* {
* public Asn1Object GetConvertedValue(
* DerObjectIdentifier oid,
* string value)
* {
* if (str.Length() != 0 && str.charAt(0) == '#')
* {
* return ConvertHexEncoded(str, 1);
* }
* if (oid.Equals(EmailAddress))
* {
* return new DerIA5String(str);
* }
* else if (CanBePrintable(str))
* {
* return new DerPrintableString(str);
* }
* else if (CanBeUTF8(str))
* {
* return new DerUtf8String(str);
* }
* else
* {
* return new DerBmpString(str);
* }
* }
* }
*
*
Convert an inline encoded hex string rendition of an ASN.1
object back into its corresponding ASN.1 object.
@param str the hex encoded object
@param off the index at which the encoding starts
@return the decoded object
return true if the passed in string can be represented without
loss as a PrintableString, false otherwise.
Convert the passed in string value into the appropriate ASN.1
encoded object.
@param oid the oid associated with the value in the DN.
@param value the value of the particular DN component.
@return the ASN.1 equivalent for the value.
class for breaking up an X500 Name into it's component tokens, ala
java.util.StringTokenizer. We need this class as some of the
lightweight Java environment don't support classes like
StringTokenizer.
A general class that reads all X9.62 style EC curve tables.
return a X9ECParameters object representing the passed in named
curve. The routine returns null if the curve is not present.
@param name the name of the curve requested
@return an X9ECParameters object or null if the curve is not available.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return a X9ECParameters object representing the passed in named
curve.
@param oid the object id of the curve requested
@return an X9ECParameters object or null if the curve is not available.
return an enumeration of the names of the available curves.
@return an enumeration of the names of the available curves.
ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure. See
RFC 2631, or X9.42, for further details.
Produce an object suitable for an Asn1OutputStream.
KeySpecificInfo ::= Sequence {
algorithm OBJECT IDENTIFIER,
counter OCTET STRING SIZE (4..4)
}
ANS.1 def for Diffie-Hellman key exchange OtherInfo structure. See
RFC 2631, or X9.42, for further details.
Produce an object suitable for an Asn1OutputStream.
OtherInfo ::= Sequence {
keyInfo KeySpecificInfo,
partyAInfo [0] OCTET STRING OPTIONAL,
suppPubInfo [2] OCTET STRING
}
table of the current named curves defined in X.962 EC-DSA.
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
Produce an object suitable for an Asn1OutputStream.
Parameters ::= CHOICE {
ecParameters ECParameters,
namedCurve CURVES.&id({CurveNames}),
implicitlyCA Null
}
ASN.1 def for Elliptic-Curve Curve structure. See
X9.62, for further details.
Produce an object suitable for an Asn1OutputStream.
Curve ::= Sequence {
a FieldElement,
b FieldElement,
seed BIT STRING OPTIONAL
}
ASN.1 def for Elliptic-Curve ECParameters structure. See
X9.62, for further details.
Return the ASN.1 entry representing the Curve.
@return the X9Curve for the curve in these parameters.
Return the ASN.1 entry representing the FieldID.
@return the X9FieldID for the FieldID in these parameters.
Return the ASN.1 entry representing the base point G.
@return the X9ECPoint for the base point in these parameters.
Produce an object suitable for an Asn1OutputStream.
ECParameters ::= Sequence {
version Integer { ecpVer1(1) } (ecpVer1),
fieldID FieldID {{FieldTypes}},
curve X9Curve,
base X9ECPoint,
order Integer,
cofactor Integer OPTIONAL
}
class for describing an ECPoint as a Der object.
Produce an object suitable for an Asn1OutputStream.
ECPoint ::= OCTET STRING
Octet string produced using ECPoint.GetEncoded().
Class for processing an ECFieldElement as a DER object.
Produce an object suitable for an Asn1OutputStream.
FieldElement ::= OCTET STRING
- if q is an odd prime then the field element is
processed as an Integer and converted to an octet string
according to x 9.62 4.3.1.
- if q is 2m then the bit string
contained in the field element is converted into an octet
string with the same ordering padded at the front if necessary.
ASN.1 def for Elliptic-Curve Field ID structure. See
X9.62, for further details.
Constructor for elliptic curves over prime fields
F2
.
@param primeP The prime p
defining the prime field.
Constructor for elliptic curves over binary fields
F2m
.
@param m The exponent m
of
F2m
.
@param k1 The integer k1
where xm +
xk1 + 1
represents the reduction polynomial f(z)
.
Constructor for elliptic curves over binary fields
F2m
.
@param m The exponent m
of
F2m
.
@param k1 The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k2 The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k3 The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
..
Produce a Der encoding of the following structure.
FieldID ::= Sequence {
fieldType FIELD-ID.&id({IOSet}),
parameters FIELD-ID.&Type({IOSet}{@fieldType})
}
id-dsa-with-sha1 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) x9-57 (10040) x9cm(4) 3 }
X9.63
X9.42
reader for Base64 armored objects - read the headers and then start returning
bytes when the data is reached. An IOException is thrown if the CRC check
fails.
decode the base 64 encoded input data.
@return the offset the data starts in out.
Create a stream for reading a PGP armoured message, parsing up to a header
and then reading the data that follows.
@param input
Create an armoured input stream which will assume the data starts
straight away, or parse for headers first depending on the value of
hasHeaders.
@param input
@param hasHeaders true if headers are to be looked for, false otherwise.
@return true if we are inside the clear text section of a PGP
signed message.
@return true if the stream is actually at end of file.
Return the armor header line (if there is one)
@return the armor header line, null if none present.
Return the armor headers (the lines after the armor header line),
@return an array of armor headers, null if there aren't any.
Basic output stream.
encode the input data producing a base 64 encoded byte array.
Set an additional header entry. A null value will clear the entry for name.
@param name the name of the header entry.
@param v the value of the header entry.
Reset the headers to only contain a Version string (if one is present).
Start a clear text signed message.
@param hashAlgorithm
Note: Close() does not close the underlying stream. So it is possible to write
multiple objects using armoring to a single stream.
Basic type for a image attribute packet.
Reader for PGP objects.
Returns the next packet tag in the stream.
A stream that overlays our input stream, allowing the user to only read a segment of it.
NB: dataLength will be negative if the segment length is in the upper range above 2**31.
Base class for a PGP object.
Basic output stream.
Create a stream representing a general packet.
Output stream to write to.
Create a stream representing an old style partial object.
Output stream to write to.
The packet tag for the object.
Create a stream representing a general packet.
Output stream to write to.
Packet tag.
Size of chunks making up the packet.
If true, the header is written out in old format.
Create a new style partial input stream buffered into chunks.
Output stream to write to.
Packet tag.
Size of chunks making up the packet.
Create a new style partial input stream buffered into chunks.
Output stream to write to.
Packet tag.
Buffer to use for collecting chunks.
Flush the underlying stream.
Finish writing out the current packet without closing the underlying stream.
Generic compressed data object.
The algorithm tag value.
Basic tags for compression algorithms.
Basic type for a PGP packet.
Base class for a DSA public key.
The stream to read the packet from.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Base class for a DSA secret key.
@param in
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
@return x
Base class for an ECDH Public Key.
The stream to read the packet from.
Base class for an ECDSA Public Key.
The stream to read the packet from.
Base class for an EC Public Key.
The stream to read the packet from.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Base class for an EC Secret Key.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Base class for an ElGamal public key.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Base class for an ElGamal secret key.
@param in
@param x
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Basic packet for an experimental packet.
Basic tags for hash algorithms.
Base interface for a PGP key.
The base format for this key - in the case of the symmetric keys it will generally
be raw indicating that the key is just a straight byte representation, for an asymmetric
key the format will be PGP, indicating the key is a string of MPIs encoded in PGP format.
"RAW" or "PGP".
Note: you can only read from this once...
Generic literal data packet.
The format tag value.
The modification time of the file in milli-seconds (since Jan 1, 1970 UTC)
Basic type for a marker packet.
Basic packet for a modification detection code packet.
A multiple precision integer
Generic signature object
The encryption algorithm tag.
The hash algorithm tag.
Basic PGP packet tag types.
Public Key Algorithm tag numbers.
Basic packet for a PGP public key.
Basic packet for a PGP public key.
Construct a version 4 public key packet.
Basic packet for a PGP public subkey
Construct a version 4 public subkey packet.
Base class for an RSA public key.
Construct an RSA public key from the passed in stream.
The modulus.
The public exponent.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
Base class for an RSA secret (or priate) key.
The format, as a string, always "PGP".
Return the standard PGP encoding of the key.
The string to key specifier class.
The hash algorithm.
The IV for the key generation algorithm.
The iteration count
The protection mode - only if GnuDummyS2K
Basic packet for a PGP secret key.
Basic packet for a PGP secret key.
Generic signature packet.
Generate a version 4 signature packet.
@param signatureType
@param keyAlgorithm
@param hashAlgorithm
@param hashedData
@param unhashedData
@param fingerprint
@param signature
Generate a version 2/3 signature packet.
@param signatureType
@param keyAlgorithm
@param hashAlgorithm
@param fingerprint
@param signature
return the keyId
@return the keyId that created the signature.
return the signature trailer that must be included with the data
to reconstruct the signature
@return byte[]
* return the signature as a set of integers - note this is normalised to be the
* ASN.1 encoding of what appears in the signature packet.
Return the byte encoding of the signature section.
@return uninterpreted signature bytes.
Return the creation time in milliseconds since 1 Jan., 1970 UTC.
Basic type for a PGP Signature sub-packet.
Return the generic data making up the packet.
reader for signature sub-packets
Basic PGP signature sub-packet tag types.
Packet embedded signature
packet giving signature creation time.
packet giving signature expiration time.
Identifier for the modification detection feature
Returns if modification detection is supported.
Returns if a particular feature is supported.
Sets support for a particular feature.
packet giving signature creation time.
packet giving time after creation at which the key expires.
Return the number of seconds after creation time a key is valid for.
@return second count for key validity.
Packet holding the key flag values.
Return the flag values contained in the first 4 octets (note: at the moment
the standard only uses the first one).
Class provided a NotationData object according to
RFC2440, Chapter 5.2.3.15. Notation Data
packet giving signature creation time.
packet giving whether or not the signature is signed using the primary user ID for the key.
packet giving whether or not is revocable.
packet giving signature creation time.
packet giving signature expiration time.
return time in seconds before signature expires after creation time.
packet giving the User ID of the signer.
packet giving trust.
Represents revocation key OpenPGP signature sub packet.
Represents revocation reason OpenPGP signature sub packet.
Basic type for a symmetric key encrypted packet.
Basic tags for symmetric key algorithms
Basic type for a symmetric encrypted session key packet
@return int
@return S2k
@return byte[]
@return int
Basic type for a trust packet.
Basic type for a user attribute packet.
Basic type for a user attribute sub-packet.
return the generic data making up the packet.
reader for user attribute sub-packets
Basic PGP user attribute sub-packet tag types.
Basic type for a user ID packet.
Compressed data objects
The algorithm used for compression
Get the raw input stream contained in the object.
Return an uncompressed input stream which allows reading of the compressed data.
Class for producing compressed data packets.
Return an output stream which will save the data being written to
the compressed object.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Stream to be used for output.
A Stream for output of the compressed data.
Return an output stream which will compress the data as it is written to it.
The stream will be written out in chunks according to the size of the passed in buffer.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Note: if the buffer is not a power of 2 in length only the largest power of 2
bytes worth of the buffer will be used.
Note: using this may break compatibility with RFC 1991 compliant tools.
Only recent OpenPGP implementations are capable of accepting these streams.
Stream to be used for output.
The buffer to use.
A Stream for output of the compressed data.
Close the compressed object.summary>
Thrown if the IV at the start of a data stream indicates the wrong key is being used.
Return the raw input stream for the data stream.
Return true if the message is integrity protected.
True, if there is a modification detection code namespace associated
with this stream.
Note: This can only be called after the message has been read.
True, if the message verifies, false otherwise
Generator for encrypted objects.
Existing SecureRandom constructor.
The symmetric algorithm to use.
Source of randomness.
Creates a cipher stream which will have an integrity packet associated with it.
Base constructor.
The symmetric algorithm to use.
Source of randomness.
PGP 2.6.x compatibility required.
Add a PBE encryption method to the encrypted object using the default algorithm (S2K_SHA1).
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Add a PBE encryption method to the encrypted object.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Add a PBE encryption method to the encrypted object.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Add a PBE encryption method to the encrypted object.
Allows the caller to handle the encoding of the passphrase to bytes.
Add a public key encrypted session key to the encrypted object.
If buffer is non null stream assumed to be partial, otherwise the length will be used
to output a fixed length packet.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Return an output stream which will encrypt the data as it is written to it.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Return an output stream which will encrypt the data as it is written to it.
The stream will be written out in chunks according to the size of the passed in buffer.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Note: if the buffer is not a power of 2 in length only the largest power of 2
bytes worth of the buffer will be used.
Close off the encrypted object - this is equivalent to calling Close() on the stream
returned by the Open() method.
Note: This does not close the underlying output stream, only the stream on top of
it created by the Open() method.
A holder for a list of PGP encryption method packets.
Generic exception class for PGP encoding/decoding problems.
Key flag values for the KeyFlags subpacket.
General class to handle JCA key pairs and convert them into OpenPGP ones.
A word for the unwary, the KeyId for an OpenPGP public key is calculated from
a hash that includes the time of creation, if you pass a different date to the
constructor below with the same public private key pair the KeyIs will not be the
same as for previous generations of the key, so ideally you only want to do
this once.
Create a key pair from a PgpPrivateKey and a PgpPublicKey.
The public key.
The private key.
The keyId associated with this key pair.
Generator for a PGP master and subkey ring.
This class will generate both the secret and public key rings
Create a new key ring generator using old style checksumming. It is recommended to use
SHA1 checksumming where possible.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The passPhrase to be used to protect secret keys.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The hash algorithm.
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The hash algorithm.
If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Create a new key ring generator.
Allows the caller to handle the encoding of the passphrase to bytes.
The certification level for keys on this ring.
The master key pair.
The id to be associated with the ring.
The algorithm to be used to protect secret keys.
The hash algorithm.
The passPhrase to be used to protect secret keys.
Checksum the secret keys with SHA1 rather than the older 16 bit checksum.
Packets to be included in the certification hash.
Packets to be attached unhashed to the certification.
input secured random.
Add a subkey to the key ring to be generated with default certification.
Add a subkey to the key ring to be generated with default certification.
The key pair.
The hash algorithm.
Add a subkey with specific hashed and unhashed packets associated with it and
default certification.
Public/private key pair.
Hashed packet values to be included in certification.
Unhashed packets values to be included in certification.
Add a subkey with specific hashed and unhashed packets associated with it and
default certification.
Public/private key pair.
Hashed packet values to be included in certification.
Unhashed packets values to be included in certification.
The hash algorithm.
exception adding subkey:
Return the secret key ring.
Return the public key ring that corresponds to the secret key ring.
Thrown if the key checksum is invalid.
Class for processing literal data objects.
The special name indicating a "for your eyes only" packet.
The format of the data stream - Binary or Text
The file name that's associated with the data stream.
Return the file name as an unintrepreted byte array.
The modification time for the file.
The raw input stream for the data stream.
The input stream representing the data stream.
Class for producing literal data packets.
The special name indicating a "for your eyes only" packet.
Generates literal data objects in the old format.
This is important if you need compatibility with PGP 2.6.x.
If true, uses old format.
Open a literal data packet, returning a stream to store the data inside the packet.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
The stream we want the packet in.
The format we are using.
The name of the 'file'.
The length of the data we will write.
The time of last modification we want stored.
Open a literal data packet, returning a stream to store the data inside the packet,
as an indefinite length stream. The stream is written out as a series of partial
packets with a chunk size determined by the size of the passed in buffer.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
Note: if the buffer is not a power of 2 in length only the largest power of 2
bytes worth of the buffer will be used.
The stream we want the packet in.
The format we are using.
The name of the 'file'.
The time of last modification we want stored.
The buffer to use for collecting data to put into chunks.
Open a literal data packet for the passed in FileInfo object, returning
an output stream for saving the file contents.
The stream created can be closed off by either calling Close()
on the stream or Close() on the generator. Closing the returned
stream does not close off the Stream parameter outStr.
The stream we want the packet in.
The format we are using.
The FileInfo object containg the packet details.
Close the literal data packet - this is equivalent to calling Close()
on the stream returned by the Open() method.
A PGP marker packet - in general these should be ignored other than where
the idea is to preserve the original input stream.
General class for reading a PGP object stream.
Note: if this class finds a PgpPublicKey or a PgpSecretKey it
will create a PgpPublicKeyRing, or a PgpSecretKeyRing for each
key found. If all you are trying to do is read a key ring file use
either PgpPublicKeyRingBundle or PgpSecretKeyRingBundle.
Return the next object in the stream, or null if the end is reached.
On a parse error
Return all available objects in a list.
An IList containing all objects from this factory, in order.
A one pass signature object.
Initialise the signature object for verification.
Verify the calculated signature against the passed in PgpSignature.
Holder for a list of PgpOnePassSignature objects.
Padding functions.
A password based encryption object.
Return the raw input stream for the data stream.
Return the decrypted input stream, using the passed in passphrase.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Return the decrypted input stream, using the passed in passphrase.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Return the decrypted input stream, using the passed in passphrase.
Allows the caller to handle the encoding of the passphrase to bytes.
General class to contain a private key for use with other OpenPGP objects.
Create a PgpPrivateKey from a keyID, the associated public data packet, and a regular private key.
ID of the corresponding public key.
the public key data packet to be associated with this private key.
the private key data packet to be associated with this private key.
The keyId associated with the contained private key.
The public key packet associated with this private key, if available.
The contained private key.
General class to handle a PGP public key object.
Create a PgpPublicKey from the passed in lightweight one.
Note: the time passed in affects the value of the key's keyId, so you probably only want
to do this once for a lightweight key, or make sure you keep track of the time you used.
Asymmetric algorithm type representing the public key.
Actual public key to associate.
Date of creation.
If pubKey is not public.
On key creation problem.
Constructor for a sub-key.
Copy constructor.
The public key to copy.
The version of this key.
The creation time of this key.
The number of valid days from creation time - zero means no expiry.
WARNING: This method will return 1 for keys with version > 3 that expire in less than 1 day
Return the trust data associated with the public key, if present.
A byte array with trust data, null otherwise.
The number of valid seconds from creation time - zero means no expiry.
The keyId associated with the public key.
The fingerprint of the key
Check if this key has an algorithm type that makes it suitable to use for encryption.
Note: with version 4 keys KeyFlags subpackets should also be considered when present for
determining the preferred use of the key.
true if this key algorithm is suitable for encryption.
True, if this is a master key.
The algorithm code associated with the public key.
The strength of the key in bits.
The public key contained in the object.
A lightweight public key.
If the key algorithm is not recognised.
Allows enumeration of any user IDs associated with the key.
An IEnumerable of string objects.
Allows enumeration of any user attribute vectors associated with the key.
An IEnumerable of PgpUserAttributeSubpacketVector objects.
Allows enumeration of any signatures associated with the passed in id.
The ID to be matched.
An IEnumerable of PgpSignature objects.
Allows enumeration of signatures associated with the passed in user attributes.
The vector of user attributes to be matched.
An IEnumerable of PgpSignature objects.
Allows enumeration of signatures of the passed in type that are on this key.
The type of the signature to be returned.
An IEnumerable of PgpSignature objects.
Allows enumeration of all signatures/certifications associated with this key.
An IEnumerable with all signatures/certifications.
Return all signatures/certifications directly associated with this key (ie, not to a user id).
@return an iterator (possibly empty) with all signatures/certifications.
Check whether this (sub)key has a revocation signature on it.
True, if this (sub)key has been revoked.
Add a certification for an id to the given public key.
The key the certification is to be added to.
The ID the certification is associated with.
The new certification.
The re-certified key.
Add a certification for the given UserAttributeSubpackets to the given public key.
The key the certification is to be added to.
The attributes the certification is associated with.
The new certification.
The re-certified key.
Remove any certifications associated with a user attribute subpacket on a key.
The key the certifications are to be removed from.
The attributes to be removed.
The re-certified key, or null if the user attribute subpacket was not found on the key.
Remove any certifications associated with a given ID on a key.
The key the certifications are to be removed from.
The ID that is to be removed.
The re-certified key, or null if the ID was not found on the key.
Remove a certification associated with a given ID on a key.
The key the certifications are to be removed from.
The ID that the certfication is to be removed from.
The certfication to be removed.
The re-certified key, or null if the certification was not found.
Remove a certification associated with a given user attributes on a key.
The key the certifications are to be removed from.
The user attributes that the certfication is to be removed from.
The certification to be removed.
The re-certified key, or null if the certification was not found.
Add a revocation or some other key certification to a key.
The key the revocation is to be added to.
The key signature to be added.
The new changed public key object.
Remove a certification from the key.
The key the certifications are to be removed from.
The certfication to be removed.
The modified key, null if the certification was not found.
A public key encrypted data object.
The key ID for the key used to encrypt the data.
Return the algorithm code for the symmetric algorithm used to encrypt the data.
Return the decrypted data stream for the packet.
Class to hold a single master public key and its subkeys.
Often PGP keyring files consist of multiple master keys, if you are trying to process
or construct one of these you should use the PgpPublicKeyRingBundle class.
Return the first public key in the ring.
Return the public key referred to by the passed in key ID if it is present.
Allows enumeration of all the public keys.
An IEnumerable of PgpPublicKey objects.
Returns a new key ring with the public key passed in either added or
replacing an existing one.
The public key ring to be modified.
The public key to be inserted.
A new PgpPublicKeyRing
Returns a new key ring with the public key passed in removed from the key ring.
The public key ring to be modified.
The public key to be removed.
A new PgpPublicKeyRing, or null if pubKey is not found.
Often a PGP key ring file is made up of a succession of master/sub-key key rings.
If you want to read an entire public key file in one hit this is the class for you.
Build a PgpPublicKeyRingBundle from the passed in input stream.
Input stream containing data.
If a problem parsing the stream occurs.
If an object is encountered which isn't a PgpPublicKeyRing.
Return the number of key rings in this collection.
Allow enumeration of the public key rings making up this collection.
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
An IEnumerable of key rings which matched (possibly none).
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
If true, userId need only be a substring of an actual ID string to match.
An IEnumerable of key rings which matched (possibly none).
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
If true, userId need only be a substring of an actual ID string to match.
If true, case is ignored in user ID comparisons.
An IEnumerable of key rings which matched (possibly none).
Return the PGP public key associated with the given key id.
The ID of the public key to return.
Return the public key ring which contains the key referred to by keyId
key ID to match against
Return true if a key matching the passed in key ID is present, false otherwise.
key ID to look for.
Return a new bundle containing the contents of the passed in bundle and
the passed in public key ring.
The PgpPublicKeyRingBundle the key ring is to be added to.
The key ring to be added.
A new PgpPublicKeyRingBundle merging the current one with the passed in key ring.
If the keyId for the passed in key ring is already present.
Return a new bundle containing the contents of the passed in bundle with
the passed in public key ring removed.
The PgpPublicKeyRingBundle the key ring is to be removed from.
The key ring to be removed.
A new PgpPublicKeyRingBundle not containing the passed in key ring.
If the keyId for the passed in key ring is not present.
General class to handle a PGP secret key object.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
Allows the caller to handle the encoding of the passphrase to bytes.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion
is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier).
Allows the caller to handle the encoding of the passphrase to bytes.
Check if this key has an algorithm type that makes it suitable to use for signing.
Note: with version 4 keys KeyFlags subpackets should also be considered when present for
determining the preferred use of the key.
true if this key algorithm is suitable for use with signing.
True, if this is a master key.
Detect if the Secret Key's Private Key is empty or not
The algorithm the key is encrypted with.
The key ID of the public key associated with this key.
Return the S2K usage associated with this key.
Return the S2K used to process this key.
The public key associated with this key.
Allows enumeration of any user IDs associated with the key.
An IEnumerable of string objects.
Allows enumeration of any user attribute vectors associated with the key.
An IEnumerable of string objects.
Extract a PgpPrivateKey from this secret key's encrypted contents.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Extract a PgpPrivateKey from this secret key's encrypted contents.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Extract a PgpPrivateKey from this secret key's encrypted contents.
Allows the caller to handle the encoding of the passphrase to bytes.
Return a copy of the passed in secret key, encrypted using a new password
and the passed in algorithm.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
The PgpSecretKey to be copied.
The current password for the key.
The new password for the key.
The algorithm to be used for the encryption.
Source of randomness.
Return a copy of the passed in secret key, encrypted using a new password
and the passed in algorithm.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
The PgpSecretKey to be copied.
The current password for the key.
The new password for the key.
The algorithm to be used for the encryption.
Source of randomness.
Return a copy of the passed in secret key, encrypted using a new password
and the passed in algorithm.
Allows the caller to handle the encoding of the passphrase to bytes.
The PgpSecretKey to be copied.
The current password for the key.
The new password for the key.
The algorithm to be used for the encryption.
Source of randomness.
Replace the passed the public key on the passed in secret key.
Secret key to change.
New public key.
A new secret key.
If KeyId's do not match.
Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Parse a secret key from one of the GPG S expression keys associating it with the passed in public key.
Allows the caller to handle the encoding of the passphrase to bytes.
Parse a secret key from one of the GPG S expression keys.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
Parse a secret key from one of the GPG S expression keys.
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Parse a secret key from one of the GPG S expression keys.
Allows the caller to handle the encoding of the passphrase to bytes.
Parse a secret key from one of the GPG S expression keys.
Class to hold a single master secret key and its subkeys.
Often PGP keyring files consist of multiple master keys, if you are trying to process
or construct one of these you should use the PgpSecretKeyRingBundle class.
Return the public key for the master key.
Return the master private key.
Allows enumeration of the secret keys.
An IEnumerable of PgpSecretKey objects.
Return an iterator of the public keys in the secret key ring that
have no matching private key. At the moment only personal certificate data
appears in this fashion.
An IEnumerable of unattached, or extra, public keys.
Replace the public key set on the secret ring with the corresponding key off the public ring.
Secret ring to be changed.
Public ring containing the new public key set.
Return a copy of the passed in secret key ring, with the master key and sub keys encrypted
using a new password and the passed in algorithm.
The PgpSecretKeyRing to be copied.
The current password for key.
The new password for the key.
The algorithm to be used for the encryption.
Source of randomness.
Returns a new key ring with the secret key passed in either added or
replacing an existing one with the same key ID.
The secret key ring to be modified.
The secret key to be inserted.
A new PgpSecretKeyRing
Returns a new key ring with the secret key passed in removed from the key ring.
The secret key ring to be modified.
The secret key to be removed.
A new PgpSecretKeyRing, or null if secKey is not found.
Often a PGP key ring file is made up of a succession of master/sub-key key rings.
If you want to read an entire secret key file in one hit this is the class for you.
Build a PgpSecretKeyRingBundle from the passed in input stream.
Input stream containing data.
If a problem parsing the stream occurs.
If an object is encountered which isn't a PgpSecretKeyRing.
Return the number of rings in this collection.
Allow enumeration of the secret key rings making up this collection.
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
An IEnumerable of key rings which matched (possibly none).
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
If true, userId need only be a substring of an actual ID string to match.
An IEnumerable of key rings which matched (possibly none).
Allow enumeration of the key rings associated with the passed in userId.
The user ID to be matched.
If true, userId need only be a substring of an actual ID string to match.
If true, case is ignored in user ID comparisons.
An IEnumerable of key rings which matched (possibly none).
Return the PGP secret key associated with the given key id.
The ID of the secret key to return.
Return the secret key ring which contains the key referred to by keyId
The ID of the secret key
Return true if a key matching the passed in key ID is present, false otherwise.
key ID to look for.
Return a new bundle containing the contents of the passed in bundle and
the passed in secret key ring.
The PgpSecretKeyRingBundle the key ring is to be added to.
The key ring to be added.
A new PgpSecretKeyRingBundle merging the current one with the passed in key ring.
If the keyId for the passed in key ring is already present.
Return a new bundle containing the contents of the passed in bundle with
the passed in secret key ring removed.
The PgpSecretKeyRingBundle the key ring is to be removed from.
The key ring to be removed.
A new PgpSecretKeyRingBundle not containing the passed in key ring.
If the keyId for the passed in key ring is not present.
A PGP signature object.
The OpenPGP version number for this signature.
The key algorithm associated with this signature.
The hash algorithm associated with this signature.
Return true if this signature represents a certification.
Verify the signature as certifying the passed in public key as associated
with the passed in user attributes.
User attributes the key was stored under.
The key to be verified.
True, if the signature matches, false otherwise.
Verify the signature as certifying the passed in public key as associated
with the passed in ID.
ID the key was stored under.
The key to be verified.
True, if the signature matches, false otherwise.
Verify a certification for the passed in key against the passed in master key.
The key we are verifying against.
The key we are verifying.
True, if the certification is valid, false otherwise.
Verify a key certification, such as revocation, for the passed in key.
The key we are checking.
True, if the certification is valid, false otherwise.
The ID of the key that created the signature.
The creation time of this signature.
Return true if the signature has either hashed or unhashed subpackets.
Return true if the passed in signature type represents a certification, false if the signature type is not.
true if signatureType is a certification, false otherwise.
Generator for PGP signatures.
Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.
Initialise the generator for signing.
Initialise the generator for signing.
Return the one pass header associated with the current signature.
Return a signature object containing the current signature state.
Generate a certification for the passed in ID and key.
The ID we are certifying against the public key.
The key we are certifying against the ID.
The certification.
Generate a certification for the passed in userAttributes.
The ID we are certifying against the public key.
The key we are certifying against the ID.
The certification.
Generate a certification for the passed in key against the passed in master key.
The key we are certifying against.
The key we are certifying.
The certification.
Generate a certification, such as a revocation, for the passed in key.
The key we are certifying.
The certification.
A list of PGP signatures - normally in the signature block after literal data.
Generator for signature subpackets.
Add a TrustSignature packet to the signature. The values for depth and trust are largely
installation dependent but there are some guidelines in RFC 4880 - 5.2.3.13.
true if the packet is critical.
depth level.
trust amount.
Set the number of seconds a key is valid for after the time of its creation.
A value of zero means the key never expires.
True, if should be treated as critical, false otherwise.
The number of seconds the key is valid, or zero if no expiry.
Set the number of seconds a signature is valid for after the time of its creation.
A value of zero means the signature never expires.
True, if should be treated as critical, false otherwise.
The number of seconds the signature is valid, or zero if no expiry.
Set the creation time for the signature.
Note: this overrides the generation of a creation time when the signature
is generated.
Sets revocation reason sub packet
Sets revocation key sub packet
Sets issuer key sub packet
Container for a list of signature subpackets.
Return true if a particular subpacket type exists.
@param type type to look for.
@return true if present, false otherwise.
Return all signature subpackets of the passed in type.
@param type subpacket type code
@return an array of zero or more matching subpackets.
Return the number of seconds a signature is valid for after its creation date.
A value of zero means the signature never expires.
Seconds a signature is valid for.
Return the number of seconds a key is valid for after its creation date.
A value of zero means the key never expires.
Seconds a signature is valid for.
Return the number of packets this vector contains.
Container for a list of user attribute subpackets.
Basic utility class.
Conversion of the passphrase characters to bytes is performed using Convert.ToByte(), which is
the historical behaviour of the library (1.7 and earlier).
The passphrase is encoded to bytes using UTF8 (Encoding.UTF8.GetBytes).
Allows the caller to handle the encoding of the passphrase to bytes.
Write out the passed in file as a literal data packet.
Write out the passed in file as a literal data packet in partial packet format.
Return either an ArmoredInputStream or a BcpgInputStream based on whether
the initial characters of the stream are binary PGP encodings or not.
Generator for old style PGP V3 Signatures.
Create a generator for the passed in keyAlgorithm and hashAlgorithm codes.
Initialise the generator for signing.
Initialise the generator for signing.
Return the one pass header associated with the current signature.
Return a V3 signature object containing the current signature state.
Utility functions for looking a S-expression keys. This class will move when it finds a better home!
Format documented here:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/keyformat.txt;h=42c4b1f06faf1bbe71ffadc2fee0fad6bec91a97;hb=refs/heads/master
The 'Signature' parameter is only available when generating unsigned attributes.
containing class for an CMS Authenticated Data object
return the object identifier for the content MAC algorithm.
return a store of the intended recipients for this message
return the ContentInfo
return a table of the digested attributes indexed by
the OID of the attribute.
return a table of the undigested attributes indexed by
the OID of the attribute.
return the ASN.1 encoded representation of this object.
General class for generating a CMS authenticated-data message.
A simple example of usage.
CMSAuthenticatedDataGenerator fact = new CMSAuthenticatedDataGenerator();
fact.addKeyTransRecipient(cert);
CMSAuthenticatedData data = fact.generate(content, algorithm, "BC");
base constructor
constructor allowing specific source of randomness
@param rand instance of SecureRandom to use
generate an enveloped object that contains an CMS Enveloped Data
object using the given provider and the passed in key generator.
generate an authenticated object that contains an CMS Authenticated Data object
Parsing class for an CMS Authenticated Data object from an input stream.
Note: that because we are in a streaming mode only one recipient can be tried and it is important
that the methods on the parser are called in the appropriate order.
Example of use - assuming the first recipient matches the private key we have.
CMSAuthenticatedDataParser ad = new CMSAuthenticatedDataParser(inputStream);
RecipientInformationStore recipients = ad.getRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
CMSTypedStream recData = recipient.getContentStream(privateKey, "BC");
processDataStream(recData.getContentStream());
if (!Arrays.equals(ad.getMac(), recipient.getMac())
{
System.err.println("Data corrupted!!!!");
}
}
Note: this class does not introduce buffering - if you are processing large files you should create
the parser with:
CMSAuthenticatedDataParser ep = new CMSAuthenticatedDataParser(new BufferedInputStream(inputStream, bufSize));
where bufSize is a suitably large buffer size.
return the object identifier for the mac algorithm.
return the ASN.1 encoded encryption algorithm parameters, or null if
there aren't any.
return a store of the intended recipients for this message
return a table of the unauthenticated attributes indexed by
the OID of the attribute.
@exception java.io.IOException
return a table of the unauthenticated attributes indexed by
the OID of the attribute.
@exception java.io.IOException
General class for generating a CMS authenticated-data message stream.
A simple example of usage.
CMSAuthenticatedDataStreamGenerator edGen = new CMSAuthenticatedDataStreamGenerator();
edGen.addKeyTransRecipient(cert);
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
OutputStream out = edGen.open(
bOut, CMSAuthenticatedDataGenerator.AES128_CBC, "BC");*
out.write(data);
out.close();
base constructor
constructor allowing specific source of randomness
@param rand instance of SecureRandom to use
Set the underlying string size for encapsulated data
@param bufferSize length of octet strings to buffer the data.
Use a BER Set to store the recipient information
generate an enveloped object that contains an CMS Enveloped Data
object using the given provider and the passed in key generator.
@throws java.io.IOException
generate an enveloped object that contains an CMS Enveloped Data object
generate an enveloped object that contains an CMS Enveloped Data object
base constructor
constructor allowing specific source of randomness
@param rand instance of SecureRandom to use
containing class for an CMS AuthEnveloped Data object
containing class for an CMS Compressed Data object
Return the uncompressed content.
@return the uncompressed content
@throws CmsException if there is an exception uncompressing the data.
Return the uncompressed content, throwing an exception if the data size
is greater than the passed in limit. If the content is exceeded getCause()
on the CMSException will contain a StreamOverflowException
@param limit maximum number of bytes to read
@return the content read
@throws CMSException if there is an exception uncompressing the data.
return the ContentInfo
return the ASN.1 encoded representation of this object.
* General class for generating a compressed CMS message.
*
* A simple example of usage.
*
*
* CMSCompressedDataGenerator fact = new CMSCompressedDataGenerator();
* CMSCompressedData data = fact.Generate(content, algorithm);
*
*
Generate an object that contains an CMS Compressed Data
Class for reading a CMS Compressed Data stream.
CMSCompressedDataParser cp = new CMSCompressedDataParser(inputStream);
process(cp.GetContent().GetContentStream());
Note: this class does not introduce buffering - if you are processing large files you should create
the parser with:
CMSCompressedDataParser ep = new CMSCompressedDataParser(new BufferedInputStream(inputStream, bufSize));
where bufSize is a suitably large buffer size.
General class for generating a compressed CMS message stream.
A simple example of usage.
CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
Stream cOut = gen.Open(outputStream, CMSCompressedDataStreamGenerator.ZLIB);
cOut.Write(data);
cOut.Close();
base constructor
Set the underlying string size for encapsulated data
@param bufferSize length of octet strings to buffer the data.
Close the underlying data stream.
@throws IOException if the close fails.
containing class for an CMS Enveloped Data object
return the object identifier for the content encryption algorithm.
return a store of the intended recipients for this message
return the ContentInfo
return a table of the unprotected attributes indexed by
the OID of the attribute.
return the ASN.1 encoded representation of this object.
General class for generating a CMS enveloped-data message.
A simple example of usage.
CmsEnvelopedDataGenerator fact = new CmsEnvelopedDataGenerator();
fact.AddKeyTransRecipient(cert);
CmsEnvelopedData data = fact.Generate(content, algorithm);
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
Generate an enveloped object that contains a CMS Enveloped Data
object using the passed in key generator.
Generate an enveloped object that contains an CMS Enveloped Data object.
Generate an enveloped object that contains an CMS Enveloped Data object.
Parsing class for an CMS Enveloped Data object from an input stream.
Note: that because we are in a streaming mode only one recipient can be tried and it is important
that the methods on the parser are called in the appropriate order.
Example of use - assuming the first recipient matches the private key we have.
CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(inputStream);
RecipientInformationStore recipients = ep.GetRecipientInfos();
Collection c = recipients.getRecipients();
Iterator it = c.iterator();
if (it.hasNext())
{
RecipientInformation recipient = (RecipientInformation)it.next();
CMSTypedStream recData = recipient.getContentStream(privateKey);
processDataStream(recData.getContentStream());
}
Note: this class does not introduce buffering - if you are processing large files you should create
the parser with:
CmsEnvelopedDataParser ep = new CmsEnvelopedDataParser(new BufferedInputStream(inputStream, bufSize));
where bufSize is a suitably large buffer size.
return the object identifier for the content encryption algorithm.
return the ASN.1 encoded encryption algorithm parameters, or null if
there aren't any.
return a store of the intended recipients for this message
return a table of the unprotected attributes indexed by
the OID of the attribute.
@throws IOException
General class for generating a CMS enveloped-data message stream.
A simple example of usage.
CmsEnvelopedDataStreamGenerator edGen = new CmsEnvelopedDataStreamGenerator();
edGen.AddKeyTransRecipient(cert);
MemoryStream bOut = new MemoryStream();
Stream out = edGen.Open(
bOut, CMSEnvelopedDataGenerator.AES128_CBC);*
out.Write(data);
out.Close();
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
Set the underlying string size for encapsulated data.
Length of octet strings to buffer the data.
Use a BER Set to store the recipient information.
Generate an enveloped object that contains an CMS Enveloped Data
object using the passed in key generator.
generate an enveloped object that contains an CMS Enveloped Data object
@throws IOException
generate an enveloped object that contains an CMS Enveloped Data object
@throws IOException
General class for generating a CMS enveloped-data message.
A simple example of usage.
CMSEnvelopedDataGenerator fact = new CMSEnvelopedDataGenerator();
fact.addKeyTransRecipient(cert);
CMSEnvelopedData data = fact.generate(content, algorithm, "BC");
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
add a recipient.
@param cert recipient's public key certificate
@exception ArgumentException if there is a problem with the certificate
add a recipient
@param key the public key used by the recipient
@param subKeyId the identifier for the recipient's public key
@exception ArgumentException if there is a problem with the key
add a KEK recipient.
@param key the secret key to use for wrapping
@param keyIdentifier the byte string that identifies the key
add a KEK recipient.
@param key the secret key to use for wrapping
@param keyIdentifier the byte string that identifies the key
Add a key agreement based recipient.
@param agreementAlgorithm key agreement algorithm to use.
@param senderPrivateKey private key to initialise sender side of agreement with.
@param senderPublicKey sender public key to include with message.
@param recipientCert recipient's public key certificate.
@param cekWrapAlgorithm OID for key wrapping algorithm to use.
@exception SecurityUtilityException if the algorithm requested cannot be found
@exception InvalidKeyException if the keys are inappropriate for the algorithm specified
Add multiple key agreement based recipients (sharing a single KeyAgreeRecipientInfo structure).
@param agreementAlgorithm key agreement algorithm to use.
@param senderPrivateKey private key to initialise sender side of agreement with.
@param senderPublicKey sender public key to include with message.
@param recipientCerts recipients' public key certificates.
@param cekWrapAlgorithm OID for key wrapping algorithm to use.
@exception SecurityUtilityException if the algorithm requested cannot be found
@exception InvalidKeyException if the keys are inappropriate for the algorithm specified
Generic routine to copy out the data we want processed.
This routine may be called multiple times.
a holding class for a byte array of data to be processed.
A clone of the byte array
a holding class for a file of data to be processed.
The file handle
general class for handling a pkcs7-signature message.
A simple example of usage - note, in the example below the validity of
the certificate isn't verified, just the fact that one of the certs
matches the given signer...
IX509Store certs = s.GetCertificates();
SignerInformationStore signers = s.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ArrayList certList = new ArrayList(certs.GetMatches(signer.SignerID));
X509Certificate cert = (X509Certificate) certList[0];
if (signer.Verify(cert.GetPublicKey()))
{
verified++;
}
}
Content with detached signature, digests precomputed
@param hashes a map of precomputed digests for content indexed by name of hash.
@param sigBlock the signature object.
base constructor - content with detached signature.
@param signedContent the content that was signed.
@param sigData the signature object.
base constructor - with encapsulated content
Return the version number for this object.
return the collection of signers that are associated with the
signatures for the message.
return a X509Store containing the attribute certificates, if any, contained
in this message.
@param type type of store to create
@return a store of attribute certificates
@exception NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
return a X509Store containing the public key certificates, if any, contained
in this message.
@param type type of store to create
@return a store of public key certificates
@exception NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
return a X509Store containing CRLs, if any, contained
in this message.
@param type type of store to create
@return a store of CRLs
@exception NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
Return the DerObjectIdentifier associated with the encapsulated
content info structure carried in the signed data.
return the ContentInfo
return the ASN.1 encoded representation of this object.
Replace the signerinformation store associated with this
CmsSignedData object with the new one passed in. You would
probably only want to do this if you wanted to change the unsigned
attributes associated with a signer, or perhaps delete one.
@param signedData the signed data object to be used as a base.
@param signerInformationStore the new signer information store to use.
@return a new signed data object.
Replace the certificate and CRL information associated with this
CmsSignedData object with the new one passed in.
@param signedData the signed data object to be used as a base.
@param x509Certs the new certificates to be used.
@param x509Crls the new CRLs to be used.
@return a new signed data object.
@exception CmsException if there is an error processing the stores
* general class for generating a pkcs7-signature message.
*
* A simple example of usage.
*
*
* IX509Store certs...
* IX509Store crls...
* CmsSignedDataGenerator gen = new CmsSignedDataGenerator();
*
* gen.AddSigner(privKey, cert, CmsSignedGenerator.DigestSha1);
* gen.AddCertificates(certs);
* gen.AddCrls(crls);
*
* CmsSignedData data = gen.Generate(content);
*
*
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
* add a signer - no attributes other than the default ones will be
* provided here.
*
* @param key signing key to use
* @param cert certificate containing corresponding public key
* @param digestOID digest algorithm OID
add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be
provided here.
@param key signing key to use
@param cert certificate containing corresponding public key
@param encryptionOID digest encryption algorithm OID
@param digestOID digest algorithm OID
add a signer - no attributes other than the default ones will be
provided here.
add a signer, specifying the digest encryption algorithm to use - no attributes other than the default ones will be
provided here.
* add a signer with extra signed/unsigned attributes.
*
* @param key signing key to use
* @param cert certificate containing corresponding public key
* @param digestOID digest algorithm OID
* @param signedAttr table of attributes to be included in signature
* @param unsignedAttr table of attributes to be included as unsigned
add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
@param key signing key to use
@param cert certificate containing corresponding public key
@param encryptionOID digest encryption algorithm OID
@param digestOID digest algorithm OID
@param signedAttr table of attributes to be included in signature
@param unsignedAttr table of attributes to be included as unsigned
* add a signer with extra signed/unsigned attributes.
*
* @param key signing key to use
* @param subjectKeyID subjectKeyID of corresponding public key
* @param digestOID digest algorithm OID
* @param signedAttr table of attributes to be included in signature
* @param unsignedAttr table of attributes to be included as unsigned
add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes.
@param key signing key to use
@param subjectKeyID subjectKeyID of corresponding public key
@param encryptionOID digest encryption algorithm OID
@param digestOID digest algorithm OID
@param signedAttr table of attributes to be included in signature
@param unsignedAttr table of attributes to be included as unsigned
add a signer with extra signed/unsigned attributes based on generators.
add a signer, specifying the digest encryption algorithm, with extra signed/unsigned attributes based on generators.
add a signer with extra signed/unsigned attributes based on generators.
add a signer, including digest encryption algorithm, with extra signed/unsigned attributes based on generators.
generate a signed object that for a CMS Signed Data object
generate a signed object that for a CMS Signed Data
object - if encapsulate is true a copy
of the message will be included in the signature. The content type
is set according to the OID represented by the string signedContentType.
generate a signed object that for a CMS Signed Data
object - if encapsulate is true a copy
of the message will be included in the signature with the
default content type "data".
generate a set of one or more SignerInformation objects representing counter signatures on
the passed in SignerInformation object.
@param signer the signer to be countersigned
@param sigProvider the provider to be used for counter signing.
@return a store containing the signers.
Parsing class for an CMS Signed Data object from an input stream.
Note: that because we are in a streaming mode only one signer can be tried and it is important
that the methods on the parser are called in the appropriate order.
A simple example of usage for an encapsulated signature.
Two notes: first, in the example below the validity of
the certificate isn't verified, just the fact that one of the certs
matches the given signer, and, second, because we are in a streaming
mode the order of the operations is important.
CmsSignedDataParser sp = new CmsSignedDataParser(encapSigData);
sp.GetSignedContent().Drain();
IX509Store certs = sp.GetCertificates();
SignerInformationStore signers = sp.GetSignerInfos();
foreach (SignerInformation signer in signers.GetSigners())
{
ArrayList certList = new ArrayList(certs.GetMatches(signer.SignerID));
X509Certificate cert = (X509Certificate) certList[0];
Console.WriteLine("verify returns: " + signer.Verify(cert));
}
Note also: this class does not introduce buffering - if you are processing large files you should create
the parser with:
CmsSignedDataParser ep = new CmsSignedDataParser(new BufferedInputStream(encapSigData, bufSize));
where bufSize is a suitably large buffer size.
base constructor - with encapsulated content
base constructor
@param signedContent the content that was signed.
@param sigData the signature object.
Return the version number for the SignedData object
@return the version number
return the collection of signers that are associated with the
signatures for the message.
@throws CmsException
return a X509Store containing the attribute certificates, if any, contained
in this message.
@param type type of store to create
@return a store of attribute certificates
@exception org.bouncycastle.x509.NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
return a X509Store containing the public key certificates, if any, contained
in this message.
@param type type of store to create
@return a store of public key certificates
@exception NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
return a X509Store containing CRLs, if any, contained
in this message.
@param type type of store to create
@return a store of CRLs
@exception NoSuchStoreException if the store type isn't available.
@exception CmsException if a general exception prevents creation of the X509Store
Return the DerObjectIdentifier associated with the encapsulated
content info structure carried in the signed data.
Replace the signerinformation store associated with the passed
in message contained in the stream original with the new one passed in.
You would probably only want to do this if you wanted to change the unsigned
attributes associated with a signer, or perhaps delete one.
The output stream is returned unclosed.
@param original the signed data stream to be used as a base.
@param signerInformationStore the new signer information store to use.
@param out the stream to Write the new signed data object to.
@return out.
Replace the certificate and CRL information associated with this
CMSSignedData object with the new one passed in.
The output stream is returned unclosed.
@param original the signed data stream to be used as a base.
@param certsAndCrls the new certificates and CRLs to be used.
@param out the stream to Write the new signed data object to.
@return out.
@exception CmsException if there is an error processing the CertStore
General class for generating a pkcs7-signature message stream.
A simple example of usage.
IX509Store certs...
CmsSignedDataStreamGenerator gen = new CmsSignedDataStreamGenerator();
gen.AddSigner(privateKey, cert, CmsSignedDataStreamGenerator.DIGEST_SHA1);
gen.AddCertificates(certs);
Stream sigOut = gen.Open(bOut);
sigOut.Write(Encoding.UTF8.GetBytes("Hello World!"));
sigOut.Close();
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
Set the underlying string size for encapsulated data
@param bufferSize length of octet strings to buffer the data.
add a signer - no attributes other than the default ones will be
provided here.
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer, specifying the digest encryption algorithm - no attributes other than the default ones will be
provided here.
@throws NoSuchProviderException
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer with extra signed/unsigned attributes.
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer with extra signed/unsigned attributes - specifying digest
encryption algorithm.
@throws NoSuchProviderException
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer - no attributes other than the default ones will be
provided here.
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer - no attributes other than the default ones will be
provided here.
@throws NoSuchProviderException
@throws NoSuchAlgorithmException
@throws InvalidKeyException
add a signer with extra signed/unsigned attributes.
@throws NoSuchAlgorithmException
@throws InvalidKeyException
generate a signed object that for a CMS Signed Data object
generate a signed object that for a CMS Signed Data
object - if encapsulate is true a copy
of the message will be included in the signature with the
default content type "data".
generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature with the
default content type "data". If dataOutputStream is non null the data
being signed will be written to the stream as it is processed.
@param out stream the CMS object is to be written to.
@param encapsulate true if data should be encapsulated.
@param dataOutputStream output stream to copy the data being signed to.
generate a signed object that for a CMS Signed Data
object - if encapsulate is true a copy
of the message will be included in the signature. The content type
is set according to the OID represented by the string signedContentType.
generate a signed object that for a CMS Signed Data
object using the given provider - if encapsulate is true a copy
of the message will be included in the signature. The content type
is set according to the OID represented by the string signedContentType.
@param out stream the CMS object is to be written to.
@param signedContentType OID for data to be signed.
@param encapsulate true if data should be encapsulated.
@param dataOutputStream output stream to copy the data being signed to.
Default type for the signed data.
Constructor allowing specific source of randomness
Instance of SecureRandom to use.
Add the attribute certificates contained in the passed in store to the
generator.
@param store a store of Version 2 attribute certificates
@throws CmsException if an error occurse processing the store.
Add a store of precalculated signers to the generator.
@param signerStore store of signers
Return a map of oids and byte arrays representing the digests calculated on the content during
the last generate.
@return a map of oids (as String objects) and byte[] representing digests.
Return the digest algorithm using one of the standard JCA string
representations rather than the algorithm identifier (if possible).
Return the digest encryption algorithm using one of the standard
JCA string representations rather than the algorithm identifier (if
possible).
Default authenticated attributes generator.
Initialise to use all defaults
Initialise with some extra attributes or overrides.
@param attributeTable initial attribute table to use.
Create a standard attribute table from the passed in parameters - this will
normally include contentType and messageDigest. If the constructor
using an AttributeTable was used, entries in it for contentType and
messageDigest will override the generated ones.
@param parameters source parameters for table generation.
@return a filled in IDictionary of attributes.
@param parameters source parameters
@return the populated attribute table
Default signed attributes generator.
Initialise to use all defaults
Initialise with some extra attributes or overrides.
@param attributeTable initial attribute table to use.
Create a standard attribute table from the passed in parameters - this will
normally include contentType, signingTime, and messageDigest. If the constructor
using an AttributeTable was used, entries in it for contentType, signingTime, and
messageDigest will override the generated ones.
@param parameters source parameters for table generation.
@return a filled in Hashtable of attributes.
@param parameters source parameters
@return the populated attribute table
the RecipientInfo class for a recipient who has been sent a message
encrypted using a secret key known to the other side.
decrypt the content and return an input stream.
the RecipientInfo class for a recipient who has been sent a message
encrypted using key agreement.
decrypt the content and return an input stream.
the KeyTransRecipientInformation class for a recipient who has been sent a secret
key encrypted using their public key that needs to be used to
extract the message.
decrypt the content and return it as a byte array.
a basic index for an originator.
Return the certificates stored in the underlying OriginatorInfo object.
@return a Store of X509CertificateHolder objects.
Return the CRLs stored in the underlying OriginatorInfo object.
@return a Store of X509CRLHolder objects.
Return the underlying ASN.1 object defining this SignerInformation object.
@return a OriginatorInfo.
the RecipientInfo class for a recipient who has been sent a message
encrypted using a password.
return the object identifier for the key derivation algorithm, or null
if there is none present.
@return OID for key derivation algorithm, if present.
decrypt the content and return an input stream.
PKCS5 scheme-2 - password converted to bytes assuming ASCII.
PKCS5 scheme-2 - password converted to bytes using UTF-8.
Generate a RecipientInfo object for the given key.
A
A
A
* return the object identifier for the key encryption algorithm.
*
* @return OID for key encryption algorithm.
* return the ASN.1 encoded key encryption algorithm parameters, or null if
* there aren't any.
*
* @return ASN.1 encoding of key encryption algorithm parameters.
Return the MAC calculated for the content stream. Note: this call is only meaningful once all
the content has been read.
@return byte array containing the mac.
Return the first RecipientInformation object that matches the
passed in selector. Null if there are no matches.
@param selector to identify a recipient
@return a single RecipientInformation object. Null if none matches.
Return the number of recipients in the collection.
@return number of recipients identified.
Return all recipients in the collection
@return a collection of recipients.
Return possible empty collection with recipients matching the passed in RecipientID
@param selector a recipient id to select against.
@return a collection of RecipientInformation objects.
a basic index for a signer.
If the passed in flag is true, the signer signature will be based on the data, not
a collection of signed attributes, and no signed attributes will be included.
@return the builder object
Provide a custom signed attribute generator.
@param signedGen a generator of signed attributes.
@return the builder object
Provide a generator of unsigned attributes.
@param unsignedGen a generator for signed attributes.
@return the builder object
Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier.
@param contentSigner operator for generating the final signature in the SignerInfo with.
@param certHolder carrier for the X.509 certificate related to the contentSigner.
@return a SignerInfoGenerator
@throws OperatorCreationException if the generator cannot be built.
Build a generator with the passed in subjectKeyIdentifier as the signerIdentifier. If used you should
try to follow the calculation described in RFC 5280 section 4.2.1.2.
@param signerFactory operator factory for generating the final signature in the SignerInfo with.
@param subjectKeyIdentifier key identifier to identify the public key for verifying the signature.
@return a SignerInfoGenerator
an expanded SignerInfo block from a CMS Signed message
return the version number for this objects underlying SignerInfo structure.
return the object identifier for the signature.
return the signature parameters, or null if there aren't any.
return the content digest that was calculated during verification.
return the object identifier for the signature.
return the signature/encryption algorithm parameters, or null if
there aren't any.
return a table of the signed attributes - indexed by
the OID of the attribute.
return a table of the unsigned attributes indexed by
the OID of the attribute.
return the encoded signature
Return a SignerInformationStore containing the counter signatures attached to this
signer. If no counter signatures are present an empty store is returned.
return the DER encoding of the signed attributes.
@throws IOException if an encoding error occurs.
verify that the given public key successfully handles and confirms the
signature associated with this signer.
verify that the given public key successfully handles and confirms the
signature associated with this signer.
verify that the given certificate successfully handles and confirms
the signature associated with this signer and, if a signingTime
attribute is available, that the certificate was valid at the time the
signature was generated.
verify that the given certificate successfully handles and confirms
the signature associated with this signer and, if a signingTime
attribute is available, that the certificate was valid at the time the
signature was generated.
Return the base ASN.1 CMS structure that this object contains.
@return an object containing a CMS SignerInfo structure.
Return a signer information object with the passed in unsigned
attributes replacing the ones that are current associated with
the object passed in.
@param signerInformation the signerInfo to be used as the basis.
@param unsignedAttributes the unsigned attributes to add.
@return a copy of the original SignerInformationObject with the changed attributes.
Return a signer information object with passed in SignerInformationStore representing counter
signatures attached as an unsigned attribute.
@param signerInformation the signerInfo to be used as the basis.
@param counterSigners signer info objects carrying counter signature.
@return a copy of the original SignerInformationObject with the changed attributes.
Create a store containing a single SignerInformation object.
@param signerInfo the signer information to contain.
Create a store containing a collection of SignerInformation objects.
@param signerInfos a collection signer information objects to contain.
Return the first SignerInformation object that matches the
passed in selector. Null if there are no matches.
@param selector to identify a signer
@return a single SignerInformation object. Null if none matches.
The number of signers in the collection.
An ICollection of all signers in the collection
Return possible empty collection with signers matching the passed in SignerID
@param selector a signer id to select against.
@return a collection of SignerInformation objects.
Basic generator that just returns a preconstructed attribute table
a Diffie-Hellman key exchange engine.
note: This uses MTI/A0 key agreement in order to make the key agreement
secure against passive attacks. If you're doing Diffie-Hellman and both
parties have long term public keys you should look at using this. For
further information have a look at RFC 2631.
It's possible to extend this to more than two parties as well, for the moment
that is left as an exercise for the reader.
calculate our initial message.
given a message from a given party and the corresponding public key
calculate the next message in the agreement sequence. In this case
this will represent the shared secret.
a Diffie-Hellman key agreement class.
note: This is only the basic algorithm, it doesn't take advantage of
long term public keys if they are available. See the DHAgreement class
for a "better" implementation.
given a short term public key from a given party calculate the next
message in the agreement sequence.
Standard Diffie-Hellman groups from various IETF specifications.
Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf .
P1363 7.2.1 ECSVDP-DH
ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
Diffie-Hellman version. It is based on the work of [DH76], [Mil86],
and [Kob87]. This primitive derives a shared secret value from one
party's private key and another party's public key, where both have
the same set of EC domain parameters. If two parties correctly
execute this primitive, they will produce the same output. This
primitive can be invoked by a scheme to derive a shared secret key;
specifically, it may be used with the schemes ECKAS-DH1 and
DL/ECKAS-DH2. It assumes that the input keys are valid (see also
Section 7.2.2).
P1363 7.2.2 ECSVDP-DHC
ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive,
Diffie-Hellman version with cofactor multiplication. It is based on
the work of [DH76], [Mil86], [Kob87], [LMQ98] and [Kal98a]. This
primitive derives a shared secret value from one party's private key
and another party's public key, where both have the same set of EC
domain parameters. If two parties correctly execute this primitive,
they will produce the same output. This primitive can be invoked by a
scheme to derive a shared secret key; specifically, it may be used
with the schemes ECKAS-DH1 and DL/ECKAS-DH2. It does not assume the
validity of the input public key (see also Section 7.2.1).
Note: As stated P1363 compatibility mode with ECDH can be preset, and
in this case the implementation doesn't have a ECDH compatibility mode
(if you want that just use ECDHBasicAgreement and note they both implement
BasicAgreement!).
A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange.
The J-PAKE exchange is defined by Feng Hao and Peter Ryan in the paper
"Password Authenticated Key Exchange by Juggling, 2008."
The J-PAKE protocol is symmetric.
There is no notion of a client or server, but rather just two participants.
An instance of JPakeParticipant represents one participant, and
is the primary interface for executing the exchange.
To execute an exchange, construct a JPakeParticipant on each end,
and call the following 7 methods
(once and only once, in the given order, for each participant, sending messages between them as described):
CreateRound1PayloadToSend() - and send the payload to the other participant
ValidateRound1PayloadReceived(JPakeRound1Payload) - use the payload received from the other participant
CreateRound2PayloadToSend() - and send the payload to the other participant
ValidateRound2PayloadReceived(JPakeRound2Payload) - use the payload received from the other participant
CalculateKeyingMaterial()
CreateRound3PayloadToSend(BigInteger) - and send the payload to the other participant
ValidateRound3PayloadReceived(JPakeRound3Payload, BigInteger) - use the payload received from the other participant
Each side should derive a session key from the keying material returned by CalculateKeyingMaterial().
The caller is responsible for deriving the session key using a secure key derivation function (KDF).
Round 3 is an optional key confirmation process.
If you do not execute round 3, then there is no assurance that both participants are using the same key.
(i.e. if the participants used different passwords, then their session keys will differ.)
If the round 3 validation succeeds, then the keys are guaranteed to be the same on both sides.
The symmetric design can easily support the asymmetric cases when one party initiates the communication.
e.g. Sometimes the round1 payload and round2 payload may be sent in one pass.
Also, in some cases, the key confirmation payload can be sent together with the round2 payload.
These are the trivial techniques to optimize the communication.
The key confirmation process is implemented as specified in
NIST SP 800-56A Revision 1,
Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
This class is stateful and NOT threadsafe.
Each instance should only be used for ONE complete J-PAKE exchange
(i.e. a new JPakeParticipant should be constructed for each new J-PAKE exchange).
Convenience constructor for a new JPakeParticipant that uses
the JPakePrimeOrderGroups#NIST_3072 prime order group,
a SHA-256 digest, and a default SecureRandom implementation.
After construction, the State state will be STATE_INITIALIZED.
Throws NullReferenceException if any argument is null. Throws
ArgumentException if password is empty.
Unique identifier of this participant.
The two participants in the exchange must NOT share the same id.
Shared secret.
A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
Caller should clear the input password as soon as possible.
Convenience constructor for a new JPakeParticipant that uses
a SHA-256 digest, and a default SecureRandom implementation.
After construction, the State state will be STATE_INITIALIZED.
Throws NullReferenceException if any argument is null. Throws
ArgumentException if password is empty.
Unique identifier of this participant.
The two participants in the exchange must NOT share the same id.
Shared secret.
A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
Caller should clear the input password as soon as possible.
Prime order group. See JPakePrimeOrderGroups for standard groups.
Constructor for a new JPakeParticipant.
After construction, the State state will be STATE_INITIALIZED.
Throws NullReferenceException if any argument is null. Throws
ArgumentException if password is empty.
Unique identifier of this participant.
The two participants in the exchange must NOT share the same id.
Shared secret.
A defensive copy of this array is made (and cleared once CalculateKeyingMaterial() is called).
Caller should clear the input password as soon as possible.
Prime order group. See JPakePrimeOrderGroups for standard groups.
Digest to use during zero knowledge proofs and key confirmation
(SHA-256 or stronger preferred).
Source of secure random data for x1 and x2, and for the zero knowledge proofs.
Gets the current state of this participant.
See the STATE_* constants for possible values.
Creates and returns the payload to send to the other participant during round 1.
After execution, the State state} will be STATE_ROUND_1_CREATED}.
Validates the payload received from the other participant during round 1.
Must be called prior to CreateRound2PayloadToSend().
After execution, the State state will be STATE_ROUND_1_VALIDATED.
Throws CryptoException if validation fails. Throws InvalidOperationException
if called multiple times.
Creates and returns the payload to send to the other participant during round 2.
ValidateRound1PayloadReceived(JPakeRound1Payload) must be called prior to this method.
After execution, the State state will be STATE_ROUND_2_CREATED.
Throws InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times
Validates the payload received from the other participant during round 2.
Note that this DOES NOT detect a non-common password.
The only indication of a non-common password is through derivation
of different keys (which can be detected explicitly by executing round 3 and round 4)
Must be called prior to CalculateKeyingMaterial().
After execution, the State state will be STATE_ROUND_2_VALIDATED.
Throws CryptoException if validation fails. Throws
InvalidOperationException if called prior to ValidateRound1PayloadReceived(JPakeRound1Payload), or multiple times
Calculates and returns the key material.
A session key must be derived from this key material using a secure key derivation function (KDF).
The KDF used to derive the key is handled externally (i.e. not by JPakeParticipant).
The keying material will be identical for each participant if and only if
each participant's password is the same. i.e. If the participants do not
share the same password, then each participant will derive a different key.
Therefore, if you immediately start using a key derived from
the keying material, then you must handle detection of incorrect keys.
If you want to handle this detection explicitly, you can optionally perform
rounds 3 and 4. See JPakeParticipant for details on how to execute
rounds 3 and 4.
The keying material will be in the range [0, p-1].
ValidateRound2PayloadReceived(JPakeRound2Payload) must be called prior to this method.
As a side effect, the internal password array is cleared, since it is no longer needed.
After execution, the State state will be STATE_KEY_CALCULATED.
Throws InvalidOperationException if called prior to ValidateRound2PayloadReceived(JPakeRound2Payload),
or if called multiple times.
Creates and returns the payload to send to the other participant during round 3.
See JPakeParticipant for more details on round 3.
After execution, the State state} will be STATE_ROUND_3_CREATED.
Throws InvalidOperationException if called prior to CalculateKeyingMaterial, or multiple
times.
The keying material as returned from CalculateKeyingMaterial().
Validates the payload received from the other participant during round 3.
See JPakeParticipant for more details on round 3.
After execution, the State state will be STATE_ROUND_3_VALIDATED.
Throws CryptoException if validation fails. Throws InvalidOperationException if called prior to
CalculateKeyingMaterial or multiple times
The round 3 payload received from the other participant.
The keying material as returned from CalculateKeyingMaterial().
A pre-computed prime order group for use during a J-PAKE exchange.
Typically a Schnorr group is used. In general, J-PAKE can use any prime order group
that is suitable for public key cryptography, including elliptic curve cryptography.
See JPakePrimeOrderGroups for convenient standard groups.
NIST publishes
many groups that can be used for the desired level of security.
Constructs a new JPakePrimeOrderGroup.
In general, you should use one of the pre-approved groups from
JPakePrimeOrderGroups, rather than manually constructing one.
The following basic checks are performed:
p-1 must be evenly divisible by q
g must be in [2, p-1]
g^q mod p must equal 1
p must be prime (within reasonably certainty)
q must be prime (within reasonably certainty)
The prime checks are performed using BigInteger#isProbablePrime(int),
and are therefore subject to the same probability guarantees.
These checks prevent trivial mistakes.
However, due to the small uncertainties if p and q are not prime,
advanced attacks are not prevented.
Use it at your own risk.
Throws NullReferenceException if any argument is null. Throws
InvalidOperationException is any of the above validations fail.
Constructor used by the pre-approved groups in JPakePrimeOrderGroups.
These pre-approved groups can avoid the expensive checks.
User-specified groups should not use this constructor.
Standard pre-computed prime order groups for use by J-PAKE.
(J-PAKE can use pre-computed prime order groups, same as DSA and Diffie-Hellman.)
This class contains some convenient constants for use as input for
constructing {@link JPAKEParticipant}s.
The prime order groups below are taken from Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB),
and from the prime order groups
published by NIST.
From Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB)
1024-bit p, 160-bit q and 1024-bit g for 80-bit security.
From NIST.
2048-bit p, 224-bit q and 2048-bit g for 112-bit security.
From NIST.
3072-bit p, 256-bit q and 3072-bit g for 128-bit security.
The payload sent/received during the first round of a J-PAKE exchange.
Each JPAKEParticipant creates and sends an instance of this payload to
the other. The payload to send should be created via
JPAKEParticipant.CreateRound1PayloadToSend().
Each participant must also validate the payload received from the other.
The received payload should be validated via
JPAKEParticipant.ValidateRound1PayloadReceived(JPakeRound1Payload).
The id of the JPAKEParticipant who created/sent this payload.
The value of g^x1
The value of g^x2
The zero knowledge proof for x1.
This is a two element array, containing {g^v, r} for x1.
The zero knowledge proof for x2.
This is a two element array, containing {g^v, r} for x2.
The payload sent/received during the second round of a J-PAKE exchange.
Each JPAKEParticipant creates and sends an instance
of this payload to the other JPAKEParticipant.
The payload to send should be created via
JPAKEParticipant#createRound2PayloadToSend()
Each JPAKEParticipant must also validate the payload
received from the other JPAKEParticipant.
The received payload should be validated via
JPAKEParticipant#validateRound2PayloadReceived(JPakeRound2Payload)
The id of the JPAKEParticipant who created/sent this payload.
The value of A, as computed during round 2.
The zero knowledge proof for x2 * s.
This is a two element array, containing {g^v, r} for x2 * s.
The payload sent/received during the optional third round of a J-PAKE exchange,
which is for explicit key confirmation.
Each JPAKEParticipant creates and sends an instance
of this payload to the other JPAKEParticipant.
The payload to send should be created via
JPAKEParticipant#createRound3PayloadToSend(BigInteger)
Eeach JPAKEParticipant must also validate the payload
received from the other JPAKEParticipant.
The received payload should be validated via
JPAKEParticipant#validateRound3PayloadReceived(JPakeRound3Payload, BigInteger)
The id of the {@link JPAKEParticipant} who created/sent this payload.
The value of MacTag, as computed by round 3.
See JPAKEUtil#calculateMacTag(string, string, BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, org.bouncycastle.crypto.Digest)
Primitives needed for a J-PAKE exchange.
The recommended way to perform a J-PAKE exchange is by using
two JPAKEParticipants. Internally, those participants
call these primitive operations in JPakeUtilities.
The primitives, however, can be used without a JPAKEParticipant if needed.
Return a value that can be used as x1 or x3 during round 1.
The returned value is a random value in the range [0, q-1].
Return a value that can be used as x2 or x4 during round 1.
The returned value is a random value in the range [1, q-1].
Converts the given password to a BigInteger
for use in arithmetic calculations.
Calculate g^x mod p as done in round 1.
Calculate ga as done in round 2.
Calculate x2 * s as done in round 2.
Calculate A as done in round 2.
Calculate a zero knowledge proof of x using Schnorr's signature.
The returned array has two elements {g^v, r = v-x*h} for x.
Validates that g^x4 is not 1.
throws CryptoException if g^x4 is 1
Validates that ga is not 1.
As described by Feng Hao...
Alice could simply check ga != 1 to ensure it is a generator.
In fact, as we will explain in Section 3, (x1 + x3 + x4 ) is random over Zq even in the face of active attacks.
Hence, the probability for ga = 1 is extremely small - on the order of 2^160 for 160-bit q.
throws CryptoException if ga is 1
Validates the zero knowledge proof (generated by
calculateZeroKnowledgeProof(BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, string, Digest, SecureRandom)
is correct.
throws CryptoException if the zero knowledge proof is not correct
Calculates the keying material, which can be done after round 2 has completed.
A session key must be derived from this key material using a secure key derivation function (KDF).
The KDF used to derive the key is handled externally (i.e. not by JPAKEParticipant).
KeyingMaterial = (B/g^{x2*x4*s})^x2
Validates that the given participant ids are not equal.
(For the J-PAKE exchange, each participant must use a unique id.)
Throws CryptoException if the participantId strings are equal.
Validates that the given participant ids are equal.
This is used to ensure that the payloads received from
each round all come from the same participant.
Validates that the given object is not null.
throws NullReferenceException if the object is null.
object in question
name of the object (to be used in exception message)
Calculates the MacTag (to be used for key confirmation), as defined by
NIST SP 800-56A Revision 1,
Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
MacTag = HMAC(MacKey, MacLen, MacData)
MacKey = H(K || "JPAKE_KC")
MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4
Note that both participants use "KC_1_U" because the sender of the round 3 message
is always the initiator for key confirmation.
HMAC = {@link HMac} used with the given {@link Digest}
H = The given {@link Digest}
MacLen = length of MacTag
Calculates the MacKey (i.e. the key to use when calculating the MagTag for key confirmation).
MacKey = H(K || "JPAKE_KC")
Validates the MacTag received from the partner participant.
throws CryptoException if the participantId strings are equal.
Generator for Concatenation Key Derivation Function defined in NIST SP 800-56A, Sect 5.8.1
@param digest the digest to be used as the source of generated bytes
return the underlying digest.
fill len bytes of the output buffer with bytes generated from
the derivation function.
@throws DataLengthException if the out buffer is too small.
RFC 2631 Diffie-hellman KEK derivation function.
X9.63 based key derivation function for ECDH CMS.
SM2 Key Exchange protocol - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
"SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
Initialises the client to begin new authentication attempt
@param N The safe prime associated with the client's verifier
@param g The group parameter associated with the client's verifier
@param digest The digest algorithm associated with the client's verifier
@param random For key generation
Generates client's credentials given the client's salt, identity and password
@param salt The salt used in the client's verifier.
@param identity The user's identity (eg. username)
@param password The user's password
@return Client's public value to send to server
Generates client's verification message given the server's credentials
@param serverB The server's credentials
@return Client's verification message for the server
@throws CryptoException If server's credentials are invalid
Computes the client evidence message M1 using the previously received values.
To be called after calculating the secret S.
@return M1: the client side generated evidence message
@throws CryptoException
Authenticates the server evidence message M2 received and saves it only if correct.
@param M2: the server side generated evidence message
@return A boolean indicating if the server message M2 was the expected one.
@throws CryptoException
Computes the final session key as a result of the SRP successful mutual authentication
To be called after verifying the server evidence message M2.
@return Key: the mutually authenticated symmetric session key
@throws CryptoException
Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
"SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
Initialises the server to accept a new client authentication attempt
@param N The safe prime associated with the client's verifier
@param g The group parameter associated with the client's verifier
@param v The client's verifier
@param digest The digest algorithm associated with the client's verifier
@param random For key generation
Generates the server's credentials that are to be sent to the client.
@return The server's public value to the client
Processes the client's credentials. If valid the shared secret is generated and returned.
@param clientA The client's credentials
@return A shared secret BigInteger
@throws CryptoException If client's credentials are invalid
Authenticates the received client evidence message M1 and saves it only if correct.
To be called after calculating the secret S.
@param M1: the client side generated evidence message
@return A boolean indicating if the client message M1 was the expected one.
@throws CryptoException
Computes the server evidence message M2 using the previously verified values.
To be called after successfully verifying the client evidence message M1.
@return M2: the server side generated evidence message
@throws CryptoException
Computes the final session key as a result of the SRP successful mutual authentication
To be called after calculating the server evidence message M2.
@return Key: the mutual authenticated symmetric session key
@throws CryptoException
Computes the client evidence message (M1) according to the standard routine:
M1 = H( A | B | S )
@param digest The Digest used as the hashing function H
@param N Modulus used to get the pad length
@param A The public client value
@param B The public server value
@param S The secret calculated by both sides
@return M1 The calculated client evidence message
Computes the server evidence message (M2) according to the standard routine:
M2 = H( A | M1 | S )
@param digest The Digest used as the hashing function H
@param N Modulus used to get the pad length
@param A The public client value
@param M1 The client evidence message
@param S The secret calculated by both sides
@return M2 The calculated server evidence message
Computes the final Key according to the standard routine: Key = H(S)
@param digest The Digest used as the hashing function H
@param N Modulus used to get the pad length
@param S The secret calculated by both sides
@return
Generates new SRP verifier for user
Initialises generator to create new verifiers
@param N The safe prime to use (see DHParametersGenerator)
@param g The group parameter to use (see DHParametersGenerator)
@param digest The digest to use. The same digest type will need to be used later for the actual authentication
attempt. Also note that the final session key size is dependent on the chosen digest.
Creates a new SRP verifier
@param salt The salt to use, generally should be large and random
@param identity The user's identifying information (eg. username)
@param password The user's password
@return A new verifier for use in future SRP authentication
a holding class for public/private parameter pairs.
basic constructor.
@param publicParam a public key parameters object.
@param privateParam the corresponding private key parameters.
return the public key parameters.
@return the public key parameters.
return the private key parameters.
@return the private key parameters.
The AEAD block ciphers already handle buffering internally, so this class
just takes care of implementing IBufferedCipher methods.
initialise the cipher.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the blocksize for the underlying cipher.
@return the blocksize for the underlying cipher.
return the size of the output buffer required for an update
an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update
with len bytes of input.
return the size of the output buffer required for an update plus a
doFinal with an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update and doFinal
with len bytes of input.
process a single byte, producing an output block if necessary.
@param in the input byte.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
process an array of bytes, producing output if necessary.
@param in the input byte array.
@param inOff the offset at which the input data starts.
@param len the number of bytes to be copied out of the input array.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
Process the last block in the buffer.
@param out the array the block currently being held is copied into.
@param outOff the offset at which the copying starts.
@return the number of output bytes copied to out.
@exception DataLengthException if there is insufficient space in out for
the output, or the input is not block size aligned and should be.
@exception InvalidOperationException if the underlying cipher is not
initialised.
@exception InvalidCipherTextException if padding is expected and not found.
@exception DataLengthException if the input is not block size
aligned.
Reset the buffer and cipher. After resetting the object is in the same
state as it was after the last init (if there was one).
a buffer wrapper for an asymmetric block cipher, allowing input
to be accumulated in a piecemeal fashion until final processing.
base constructor.
@param cipher the cipher this buffering object wraps.
return the amount of data sitting in the buffer.
@return the amount of data sitting in the buffer.
initialise the buffer and the underlying cipher.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
process the contents of the buffer using the underlying
cipher.
@return the result of the encryption/decryption process on the
buffer.
@exception InvalidCipherTextException if we are given a garbage block.
Reset the buffer
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion. The BufferedBlockCipher outputs a block only when the
buffer is full and more data is being added, or on a doFinal.
Note: in the case where the underlying cipher is either a CFB cipher or an
OFB one the last block may not be a multiple of the block size.
constructor for subclasses
Create a buffered block cipher without padding.
@param cipher the underlying block cipher this buffering object wraps.
false otherwise.
initialise the cipher.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the blocksize for the underlying cipher.
@return the blocksize for the underlying cipher.
return the size of the output buffer required for an update
an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update
with len bytes of input.
return the size of the output buffer required for an update plus a
doFinal with an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update and doFinal
with len bytes of input.
process a single byte, producing an output block if necessary.
@param in the input byte.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
process an array of bytes, producing output if necessary.
@param in the input byte array.
@param inOff the offset at which the input data starts.
@param len the number of bytes to be copied out of the input array.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
Process the last block in the buffer.
@param out the array the block currently being held is copied into.
@param outOff the offset at which the copying starts.
@return the number of output bytes copied to out.
@exception DataLengthException if there is insufficient space in out for
the output, or the input is not block size aligned and should be.
@exception InvalidOperationException if the underlying cipher is not
initialised.
@exception InvalidCipherTextException if padding is expected and not found.
@exception DataLengthException if the input is not block size
aligned.
Reset the buffer and cipher. After resetting the object is in the same
state as it was after the last init (if there was one).
The base class for symmetric, or secret, cipher key generators.
initialise the key generator.
@param param the parameters to be used for key generation
Generate a secret key.
@return a byte array containing the key value.
this exception is thrown if a buffer that is meant to have output
copied into it turns out to be too short, or if we've been given
insufficient input. In general this exception will Get thrown rather
than an ArrayOutOfBounds exception.
base constructor.
create a DataLengthException with the given message.
@param message the message to be carried with the exception.
Basic sized constructor - size in bits.
@param digestSize size of the digest in bits
Blake2b for authentication ("Prefix-MAC mode").
After calling the doFinal() method, the key will
remain to be used for further computations of
this instance.
The key can be overwritten using the clearKey() method.
@param key A key up to 64 bytes or null
Blake2b with key, required digest length (in bytes), salt and personalization.
After calling the doFinal() method, the key, the salt and the personal string
will remain and might be used for further computations with this instance.
The key can be overwritten using the clearKey() method, the salt (pepper)
can be overwritten using the clearSalt() method.
@param key A key up to 64 bytes or null
@param digestLength from 1 up to 64 bytes
@param salt 16 bytes or null
@param personalization 16 bytes or null
update the message digest with a single byte.
@param b the input byte to be entered.
update the message digest with a block of bytes.
@param message the byte array containing the data.
@param offset the offset into the byte array where the data starts.
@param len the length of the data.
close the digest, producing the final digest value. The doFinal
call leaves the digest reset.
Key, salt and personal string remain.
@param out the array the digest is to be copied into.
@param outOffset the offset into the out array the digest is to start at.
Reset the digest back to it's initial state.
The key, the salt and the personal string will
remain for further computations.
return the algorithm name
@return the algorithm name
return the size, in bytes, of the digest produced by this message digest.
@return the size, in bytes, of the digest produced by this message digest.
Return the size in bytes of the internal buffer the digest applies it's compression
function to.
@return byte length of the digests internal buffer.
Overwrite the key
if it is no longer used (zeroization)
Overwrite the salt (pepper) if it
is secret and no longer used (zeroization)
Implementation of the cryptographic hash function BLAKE2s.
BLAKE2s offers a built-in keying mechanism to be used directly
for authentication ("Prefix-MAC") rather than a HMAC construction.
BLAKE2s offers a built-in support for a salt for randomized hashing
and a personal string for defining a unique hash function for each application.
BLAKE2s is optimized for 32-bit platforms and produces digests of any size
between 1 and 32 bytes.
BLAKE2s Initialization Vector
Message word permutations
Whenever this buffer overflows, it will be processed in the Compress()
function. For performance issues, long messages will not use this buffer.
Position of last inserted byte
Internal state, in the BLAKE2 paper it is called v
State vector, in the BLAKE2 paper it is called h
holds least significant bits of counter
holds most significant bits of counter
finalization flag, for last block: ~0
BLAKE2s-256 for hashing.
BLAKE2s for hashing.
@param digestBits the desired digest length in bits. Must be one of
[128, 160, 224, 256].
BLAKE2s for authentication ("Prefix-MAC mode").
After calling the doFinal() method, the key will remain to be used for
further computations of this instance. The key can be overwritten using
the clearKey() method.
@param key a key up to 32 bytes or null
BLAKE2s with key, required digest length, salt and personalization.
After calling the doFinal() method, the key, the salt and the personal
string will remain and might be used for further computations with this
instance. The key can be overwritten using the clearKey() method, the
salt (pepper) can be overwritten using the clearSalt() method.
@param key a key up to 32 bytes or null
@param digestBytes from 1 up to 32 bytes
@param salt 8 bytes or null
@param personalization 8 bytes or null
Update the message digest with a single byte.
@param b the input byte to be entered.
Update the message digest with a block of bytes.
@param message the byte array containing the data.
@param offset the offset into the byte array where the data starts.
@param len the length of the data.
Close the digest, producing the final digest value. The doFinal() call
leaves the digest reset. Key, salt and personal string remain.
@param out the array the digest is to be copied into.
@param outOffset the offset into the out array the digest is to start at.
Reset the digest back to its initial state. The key, the salt and the
personal string will remain for further computations.
Return the algorithm name.
@return the algorithm name
Return the size in bytes of the digest produced by this message digest.
@return the size in bytes of the digest produced by this message digest.
Return the size in bytes of the internal buffer the digest applies its
compression function to.
@return byte length of the digest's internal buffer.
Overwrite the key if it is no longer used (zeroization).
Overwrite the salt (pepper) if it is secret and no longer used
(zeroization).
implementation of Ukrainian DSTU 7564 hash function
base implementation of MD4 family style digest as outlined in
"Handbook of Applied Cryptography", pages 344 - 347.
implementation of GOST R 34.11-94
Standard constructor
Constructor to allow use of a particular sbox with GOST28147
@see GOST28147Engine#getSBox(String)
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
Implementation of Keccak based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
Following the naming conventions used in the C source code to enable easy review of the implementation.
Return the size of block that the compression function is applied to in bytes.
@return internal byte length of a block.
Base class for SHA-384 and SHA-512.
Constructor for variable length word
Copy constructor. We are using copy constructors in place
of the object.Clone() interface as this interface is not
supported by J2ME.
adjust the byte counts so that byteCount2 represents the
upper long (less 3 bits) word of the byte count.
implementation of MD2
as outlined in RFC1319 by B.Kaliski from RSA Laboratories April 1992
return the algorithm name
@return the algorithm name
Close the digest, producing the final digest value. The doFinal
call leaves the digest reset.
@param out the array the digest is to be copied into.
@param outOff the offset into the out array the digest is to start at.
reset the digest back to it's initial state.
update the message digest with a single byte.
@param in the input byte to be entered.
update the message digest with a block of bytes.
@param in the byte array containing the data.
@param inOff the offset into the byte array where the data starts.
@param len the length of the data.
implementation of MD4 as RFC 1320 by R. Rivest, MIT Laboratory for
Computer Science and RSA Data Security, Inc.
NOTE: This algorithm is only included for backwards compatibility
with legacy applications, it's not secure, don't use it for anything new!
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
implementation of MD5 as outlined in "Handbook of Applied Cryptography", pages 346 - 347.
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
Wrapper removes exposure to the IMemoable interface on an IDigest implementation.
Base constructor.
@param baseDigest underlying digest to use.
@exception IllegalArgumentException if baseDigest is null
implementation of RipeMD128
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
implementation of RipeMD see,
http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
Implementation of RipeMD256.
Note: this algorithm offers the same level of security as RipeMD128.
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
Implementation of RipeMD 320.
Note: this algorithm offers the same level of security as RipeMD160.
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables to the IV values.
implementation of SHA-1 as outlined in "Handbook of Applied Cryptography", pages 346 - 349.
It is interesting to ponder why the, apart from the extra IV, the other difference here from MD5
is the "endianness" of the word processing!
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
SHA-224 as described in RFC 3874
block word digest
SHA-1 512 32 160
SHA-224 512 32 224
SHA-256 512 32 256
SHA-384 1024 64 384
SHA-512 1024 64 512
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
Draft FIPS 180-2 implementation of SHA-256. Note: As this is
based on a draft this implementation is subject to change.
block word digest
SHA-1 512 32 160
SHA-256 512 32 256
SHA-384 1024 64 384
SHA-512 1024 64 512
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
Draft FIPS 180-2 implementation of SHA-384. Note: As this is
based on a draft this implementation is subject to change.
block word digest
SHA-1 512 32 160
SHA-256 512 32 256
SHA-384 1024 64 384
SHA-512 1024 64 512
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
Implementation of SHA-3 based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
Following the naming conventions used in the C source code to enable easy review of the implementation.
Draft FIPS 180-2 implementation of SHA-512. Note: As this is
based on a draft this implementation is subject to change.
block word digest
SHA-1 512 32 160
SHA-256 512 32 256
SHA-384 1024 64 384
SHA-512 1024 64 512
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
FIPS 180-4 implementation of SHA-512/t
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
Implementation of SHAKE based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
Following the naming conventions used in the C source code to enable easy review of the implementation.
Wrapper class that reduces the output length of a particular digest to
only the first n bytes of the digest function.
Base constructor.
@param baseDigest underlying digest to use.
@param length length in bytes of the output of doFinal.
@exception ArgumentException if baseDigest is null, or length is greater than baseDigest.GetDigestSize().
Implementation of the Skein parameterised hash function in 256, 512 and 1024 bit block sizes,
based on the Threefish tweakable block cipher.
This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
competition in October 2010.
Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
256 bit block size - Skein-256
512 bit block size - Skein-512
1024 bit block size - Skein-1024
Constructs a Skein digest with an internal state size and output size.
the internal state size in bits - one of or
.
the output/digest size to produce in bits, which must be an integral number of
bytes.
Optionally initialises the Skein digest with the provided parameters.
See for details on the parameterisation of the Skein hash function.
the parameters to apply to this engine, or null
to use no parameters.
Implementation of the Skein family of parameterised hash functions in 256, 512 and 1024 bit block
sizes, based on the Threefish tweakable block cipher.
This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
competition in October 2010.
Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
This implementation is the basis for and , implementing the
parameter based configuration system that allows Skein to be adapted to multiple applications.
Initialising the engine with allows standard and arbitrary parameters to
be applied during the Skein hash function.
Implemented:
- 256, 512 and 1024 bit internal states.
- Full 96 bit input length.
- Parameters defined in the Skein specification, and arbitrary other pre and post message
parameters.
- Arbitrary output size in 1 byte intervals.
Not implemented:
- Sub-byte length input (bit padding).
- Tree hashing.
256 bit block size - Skein-256
512 bit block size - Skein-512
1024 bit block size - Skein-1024
The parameter type for the Skein key.
The parameter type for the Skein configuration block.
The parameter type for the message.
The parameter type for the output transformation.
Precalculated UBI(CFG) states for common state/output combinations without key or other
pre-message params.
Point at which position might overflow long, so switch to add with carry logic
Bit 127 = final
Bit 126 = first
UBI uses a 128 bit tweak
Whether 64 bit position exceeded
Advances the position in the tweak by the specified value.
The Unique Block Iteration chaining mode.
Buffer for the current block of message data
Offset into the current message block
Buffer for message words for feedback into encrypted block
Underlying Threefish tweakable block cipher
Size of the digest output, in bytes
The current chaining/state value
The initial state value
The (optional) key parameter
Parameters to apply prior to the message
Parameters to apply after the message, but prior to output
The current UBI operation
Buffer for single byte update method
Constructs a Skein digest with an internal state size and output size.
the internal state size in bits - one of or
.
the output/digest size to produce in bits, which must be an integral number of
bytes.
Creates a SkeinEngine as an exact copy of an existing instance.
Initialises the Skein engine with the provided parameters. See for
details on the parameterisation of the Skein hash function.
the parameters to apply to this engine, or null
to use no parameters.
Calculate the initial (pre message block) chaining state.
Reset the engine to the initial state (with the key and any pre-message parameters , ready to
accept message input.
Implementation of Chinese SM3 digest as described at
http://tools.ietf.org/html/draft-shen-sm3-hash-00
and at .... ( Chinese PDF )
The specification says "process a bit stream",
but this is written to process bytes in blocks of 4,
meaning this will process 32-bit word groups.
But so do also most other digest specifications,
including the SHA-256 which was a origin for
this specification.
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
implementation of Tiger based on:
http://www.cs.technion.ac.il/~biham/Reports/Tiger
Standard constructor
Copy constructor. This will copy the state of the provided
message digest.
reset the chaining variables
Implementation of WhirlpoolDigest, based on Java source published by Barreto
and Rijmen.
Copy constructor. This will copy the state of the provided message
digest.
Reset the chaining variables
return the X9ECParameters object for the named curve represented by
the passed in object identifier. Null if the curve isn't present.
@param oid an object identifier representing a named curve, if present.
return the object identifier signified by the passed in name. Null
if there is no object identifier associated with name.
@return the object identifier associated with name, if present.
return the named curve name represented by the given object identifier.
returns an enumeration containing the name strings for curves
contained in this structure.
ISO 9796-1 padding. Note in the light of recent results you should
only use this with RSA (rather than the "simpler" Rabin keys) and you
should never use it with anything other than a hash (ie. even if the
message is small don't sign the message, sign it's hash) or some "random"
value. See your favorite search engine for details.
return the input block size. The largest message we can process
is (key_size_in_bits + 3)/16, which in our world comes to
key_size_in_bytes / 2.
return the maximum possible size for the output.
set the number of bits in the next message to be treated as
pad bits.
retrieve the number of pad bits in the last decoded message.
@exception InvalidCipherTextException if the decrypted block is not a valid ISO 9796 bit string
Optimal Asymmetric Encryption Padding (OAEP) - see PKCS 1 V 2.
@exception InvalidCipherTextException if the decrypted block turns out to
be badly formatted.
int to octet string.
mask generator function, as described in PKCS1v2.
this does your basic Pkcs 1 v1.5 padding - whether or not you should be using this
depends on your application - see Pkcs1 Version 2 for details.
some providers fail to include the leading zero in PKCS1 encoded blocks. If you need to
work with one of these set the system property Spire.Security.Pkcs1.Strict to false.
The same effect can be achieved by setting the static property directly
The static property is checked during construction of the encoding object, it is set to
true by default.
Basic constructor.
@param cipher
Constructor for decryption with a fixed plaintext length.
@param cipher The cipher to use for cryptographic operation.
@param pLen Length of the expected plaintext.
Constructor for decryption with a fixed plaintext length and a fallback
value that is returned, if the padding is incorrect.
@param cipher
The cipher to use for cryptographic operation.
@param fallback
The fallback value, we don't to a arraycopy here.
Checks if the argument is a correctly PKCS#1.5 encoded Plaintext
for encryption.
@param encoded The Plaintext.
@param pLen Expected length of the plaintext.
@return Either 0, if the encoding is correct, or -1, if it is incorrect.
Decode PKCS#1.5 encoding, and return a random value if the padding is not correct.
@param in The encrypted block.
@param inOff Offset in the encrypted block.
@param inLen Length of the encrypted block.
@param pLen Length of the desired output.
@return The plaintext without padding, or a random value if the padding was incorrect.
@throws InvalidCipherTextException
@exception InvalidCipherTextException if the decrypted block is not in Pkcs1 format.
an implementation of the AES (Rijndael), from FIPS-197.
For further details see: http://csrc.nist.gov/encryption/aes/.
This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
http://fp.gladman.plus.com/cryptography_technology/rijndael/
There are three levels of tradeoff of speed vs memory
Because java has no preprocessor, they are written as three separate classes from which to choose
The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
and 4 for decryption.
The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
adding 12 rotate operations per round to compute the values contained in the other tables from
the contents of the first.
The slowest version uses no static tables at all and computes the values in each round.
This file contains the middle performance version with 2Kbytes of static tables for round precomputation.
Calculate the necessary round keys
The number of calculations depends on key size and block size
AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
This code is written assuming those are the only possible values
default constructor - 128 bit block size.
initialise an AES cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
an implementation of the AES (Rijndael)), from FIPS-197.
For further details see: http://csrc.nist.gov/encryption/aes/.
This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
http://fp.gladman.plus.com/cryptography_technology/rijndael/
There are three levels of tradeoff of speed vs memory
Because java has no preprocessor), they are written as three separate classes from which to choose
The fastest uses 8Kbytes of static tables to precompute round calculations), 4 256 word tables for encryption
and 4 for decryption.
The middle performance version uses only one 256 word table for each), for a total of 2Kbytes),
adding 12 rotate operations per round to compute the values contained in the other tables from
the contents of the first
The slowest version uses no static tables at all and computes the values in each round
This file contains the fast version with 8Kbytes of static tables for round precomputation
Unfortunately this class has a few side channel issues.
In an environment where encryption/decryption may be closely observed it should not be used.
Calculate the necessary round keys
The number of calculations depends on key size and block size
AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
This code is written assuming those are the only possible values
default constructor - 128 bit block size.
initialise an AES cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
an implementation of the AES (Rijndael), from FIPS-197.
For further details see: http://csrc.nist.gov/encryption/aes/.
This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
http://fp.gladman.plus.com/cryptography_technology/rijndael/
There are three levels of tradeoff of speed vs memory
Because java has no preprocessor, they are written as three separate classes from which to choose
The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
and 4 for decryption.
The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
adding 12 rotate operations per round to compute the values contained in the other tables from
the contents of the first
The slowest version uses no static tables at all and computes the values
in each round.
This file contains the slowest performance version with no static tables
for round precomputation, but it has the smallest foot print.
Calculate the necessary round keys
The number of calculations depends on key size and block size
AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
This code is written assuming those are the only possible values
default constructor - 128 bit block size.
initialise an AES cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
An implementation of the AES Key Wrapper from the NIST Key Wrap Specification.
For further details see: http://csrc.nist.gov/encryption/kms/key-wrap.pdf.
A class that provides Blowfish key encryption operations,
such as encoding data and generating keys.
All the algorithms herein are from Applied Cryptography
and implement a simplified cryptography interface.
initialise a Blowfish cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
apply the encryption cycle to each value pair in the table.
Encrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
The input will be an exact multiple of our blocksize.
Decrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
The input will be an exact multiple of our blocksize.
Camellia - based on RFC 3713.
Camellia - based on RFC 3713, smaller implementation, about half the size of CamelliaEngine.
An implementation of the Camellia key wrapper based on RFC 3657/RFC 3394.
For further details see: http://www.ietf.org/rfc/rfc3657.txt.
A class that provides CAST key encryption operations,
such as encoding data and generating keys.
All the algorithms herein are from the Internet RFC's
RFC2144 - Cast5 (64bit block, 40-128bit key)
RFC2612 - CAST6 (128bit block, 128-256bit key)
and implement a simplified cryptography interface.
initialise a CAST cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Encrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param src The plaintext buffer
@param srcIndex An offset into src
@param dst The ciphertext buffer
@param dstIndex An offset into dst
Decrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param src The plaintext buffer
@param srcIndex An offset into src
@param dst The ciphertext buffer
@param dstIndex An offset into dst
The first of the three processing functions for the
encryption and decryption.
@param D the input to be processed
@param Kmi the mask to be used from Km[n]
@param Kri the rotation value to be used
The second of the three processing functions for the
encryption and decryption.
@param D the input to be processed
@param Kmi the mask to be used from Km[n]
@param Kri the rotation value to be used
The third of the three processing functions for the
encryption and decryption.
@param D the input to be processed
@param Kmi the mask to be used from Km[n]
@param Kri the rotation value to be used
Does the 16 rounds to encrypt the block.
@param L0 the LH-32bits of the plaintext block
@param R0 the RH-32bits of the plaintext block
A class that provides CAST6 key encryption operations,
such as encoding data and generating keys.
All the algorithms herein are from the Internet RFC
RFC2612 - CAST6 (128bit block, 128-256bit key)
and implement a simplified cryptography interface.
Encrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param src The plaintext buffer
@param srcIndex An offset into src
@param dst The ciphertext buffer
@param dstIndex An offset into dst
Decrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param src The plaintext buffer
@param srcIndex An offset into src
@param dst The ciphertext buffer
@param dstIndex An offset into dst
Does the 12 quad rounds rounds to encrypt the block.
@param A the 00-31 bits of the plaintext block
@param B the 32-63 bits of the plaintext block
@param C the 64-95 bits of the plaintext block
@param D the 96-127 bits of the plaintext block
@param result the resulting ciphertext
Does the 12 quad rounds rounds to decrypt the block.
@param A the 00-31 bits of the ciphertext block
@param B the 32-63 bits of the ciphertext block
@param C the 64-95 bits of the ciphertext block
@param D the 96-127 bits of the ciphertext block
@param result the resulting plaintext
Implementation of Daniel J. Bernstein's ChaCha stream cipher.
Creates a 20 rounds ChaCha engine.
Implementation of Daniel J. Bernstein's ChaCha stream cipher.
Creates a 20 rounds ChaCha engine.
Creates a ChaCha engine with a specific number of rounds.
the number of rounds (must be an even number).
ChaCha function.
The number of ChaCha rounds to execute
The input words.
The ChaCha state to modify.
A class that provides a basic DESede (or Triple DES) engine.
initialise a DESede cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
* Wrap keys according to
*
* draft-ietf-smime-key-wrap-01.txt.
*
* Note:
*
* - this is based on a draft, and as such is subject to change - don't use this class for anything requiring long term storage.
* - if you are using this to wrap triple-des keys you need to set the
* parity bits on the key and, if it's a two-key triple-des key, pad it
* yourself.
*
*
Field engine
Field param
Field paramPlusIV
Field iv
Field forWrapping
Field IV2
Method init
@param forWrapping
@param param
Method GetAlgorithmName
@return
Method wrap
@param in
@param inOff
@param inLen
@return
Method unwrap
@param in
@param inOff
@param inLen
@return
@throws InvalidCipherTextException
Some key wrap algorithms make use of the Key Checksum defined
in CMS [CMS-Algorithms]. This is used to provide an integrity
check value for the key being wrapped. The algorithm is
- Compute the 20 octet SHA-1 hash on the key being wrapped.
- Use the first 8 octets of this hash as the checksum value.
@param key
@return
@throws Exception
@see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
@param key
@param checksum
@return
@see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
A class that provides a basic DES engine.
initialise a DES cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
what follows is mainly taken from "Applied Cryptography", by
Bruce Schneier, however it also bears great resemblance to Richard
Outerbridge's D3DES...
Generate an integer based working key based on our secret key
and what we processing we are planning to do.
Acknowledgements for this routine go to James Gillogly and Phil Karn.
(whoever, and wherever they are!).
the DES engine.
implementation of DSTU 7624 (Kalyna)
this does your basic ElGamal algorithm.
initialise the ElGamal engine.
@param forEncryption true if we are encrypting, false otherwise.
@param param the necessary ElGamal key parameters.
Return the maximum size for an input block to this engine.
For ElGamal this is always one byte less than the size of P on
encryption, and twice the length as the size of P on decryption.
@return maximum size for an input block.
Return the maximum size for an output block to this engine.
For ElGamal this is always one byte less than the size of P on
decryption, and twice the length as the size of P on encryption.
@return maximum size for an output block.
Process a single block using the basic ElGamal algorithm.
@param in the input array.
@param inOff the offset into the input buffer where the data starts.
@param length the length of the data to be processed.
@return the result of the ElGamal process.
@exception DataLengthException the input block is too large.
implementation of GOST 28147-89
standard constructor.
initialise an Gost28147 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is inappropriate.
Return the S-Box associated with SBoxName
@param sBoxName name of the S-Box
@return byte array representing the S-Box
HC-128 is a software-efficient stream cipher created by Hongjun Wu. It
generates keystream from a 128-bit secret key and a 128-bit initialization
vector.
http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
It is a third phase candidate in the eStream contest, and is patent-free.
No attacks are known as of today (April 2007). See
http://www.ecrypt.eu.org/stream/hcp3.html
Initialise a HC-128 cipher.
@param forEncryption whether or not we are for encryption. Irrelevant, as
encryption and decryption are the same.
@param params the parameters required to set up the cipher.
@throws ArgumentException if the params argument is
inappropriate (ie. the key is not 128 bit long).
HC-256 is a software-efficient stream cipher created by Hongjun Wu. It
generates keystream from a 256-bit secret key and a 256-bit initialization
vector.
http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
Its brother, HC-128, is a third phase candidate in the eStream contest.
The algorithm is patent-free. No attacks are known as of today (April 2007).
See
http://www.ecrypt.eu.org/stream/hcp3.html
Initialise a HC-256 cipher.
@param forEncryption whether or not we are for encryption. Irrelevant, as
encryption and decryption are the same.
@param params the parameters required to set up the cipher.
@throws ArgumentException if the params argument is
inappropriate (ie. the key is not 256 bit long).
A class that provides a basic International Data Encryption Algorithm (IDEA) engine.
This implementation is based on the "HOWTO: INTERNATIONAL DATA ENCRYPTION ALGORITHM"
implementation summary by Fauzan Mirza (F.U.Mirza@sheffield.ac.uk). (baring 1 typo at the
end of the mulinv function!).
It can be found at ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/idea/
Note 1: This algorithm is patented in the USA, Japan, and Europe including
at least Austria, France, Germany, Italy, Netherlands, Spain, Sweden, Switzerland
and the United Kingdom. Non-commercial use is free, however any commercial
products are liable for royalties. Please see
www.mediacrypt.com for
further details. This announcement has been included at the request of
the patent holders.
Note 2: Due to the requests concerning the above, this algorithm is now only
included in the extended assembly. It is not included in the default distributions.
standard constructor.
initialise an IDEA cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return x = x * y where the multiplication is done modulo
65537 (0x10001) (as defined in the IDEA specification) and
a zero input is taken to be 65536 (0x10000).
@param x the x value
@param y the y value
@return x = x * y
The following function is used to expand the user key to the encryption
subkey. The first 16 bytes are the user key, and the rest of the subkey
is calculated by rotating the previous 16 bytes by 25 bits to the left,
and so on until the subkey is completed.
This function computes multiplicative inverse using Euclid's Greatest
Common Divisor algorithm. Zero and one are self inverse.
i.e. x * MulInv(x) == 1 (modulo BASE)
Return the additive inverse of x.
i.e. x + AddInv(x) == 0
The function to invert the encryption subkey to the decryption subkey.
It also involves the multiplicative inverse and the additive inverse functions.
support class for constructing intergrated encryption ciphers
for doing basic message exchanges on top of key agreement ciphers
set up for use with stream mode, where the key derivation function
is used to provide a stream of bytes to xor with the message.
@param agree the key agreement used as the basis for the encryption
@param kdf the key derivation function used for byte generation
@param mac the message authentication code generator for the message
set up for use in conjunction with a block cipher to handle the
message.
@param agree the key agreement used as the basis for the encryption
@param kdf the key derivation function used for byte generation
@param mac the message authentication code generator for the message
@param cipher the cipher to used for encrypting the message
Initialise the encryptor.
@param forEncryption whether or not this is encryption/decryption.
@param privParam our private key parameters
@param pubParam the recipient's/sender's public key parameters
@param param encoding and derivation parameters.
Implementation of Bob Jenkin's ISAAC (Indirection Shift Accumulate Add and Count).
see: http://www.burtleburtle.net/bob/rand/isaacafa.html
initialise an ISAAC cipher.
@param forEncryption whether or not we are for encryption.
@param params the parameters required to set up the cipher.
@exception ArgumentException if the params argument is
inappropriate.
NaccacheStern Engine. For details on this cipher, please see
http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
Initializes this algorithm. Must be called before all other Functions.
@see org.bouncycastle.crypto.AsymmetricBlockCipher#init(bool,
org.bouncycastle.crypto.CipherParameters)
Returns the input block size of this algorithm.
@see org.bouncycastle.crypto.AsymmetricBlockCipher#GetInputBlockSize()
Returns the output block size of this algorithm.
@see org.bouncycastle.crypto.AsymmetricBlockCipher#GetOutputBlockSize()
Process a single Block using the Naccache-Stern algorithm.
@see org.bouncycastle.crypto.AsymmetricBlockCipher#ProcessBlock(byte[],
int, int)
Encrypts a BigInteger aka Plaintext with the public key.
@param plain
The BigInteger to encrypt
@return The byte[] representation of the encrypted BigInteger (i.e.
crypted.toByteArray())
Adds the contents of two encrypted blocks mod sigma
@param block1
the first encrypted block
@param block2
the second encrypted block
@return encrypt((block1 + block2) mod sigma)
@throws InvalidCipherTextException
Convenience Method for data exchange with the cipher.
Determines blocksize and splits data to blocksize.
@param data the data to be processed
@return the data after it went through the NaccacheSternEngine.
@throws InvalidCipherTextException
Computes the integer x that is expressed through the given primes and the
congruences with the chinese remainder theorem (CRT).
@param congruences
the congruences c_i
@param primes
the primes p_i
@return an integer x for that x % p_i == c_i
A Noekeon engine, using direct-key mode.
Create an instance of the Noekeon encryption algorithm
and set some defaults
initialise
@param forEncryption whether or not we are for encryption.
@param params the parameters required to set up the cipher.
@exception ArgumentException if the params argument is
inappropriate.
Re-key the cipher.
@param key the key to be used
The no-op engine that just copies bytes through, irrespective of whether encrypting and decrypting.
Provided for the sake of completeness.
an implementation of RC2 as described in RFC 2268
"A Description of the RC2(r) Encryption Algorithm" R. Rivest.
initialise a RC2 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the result rotating the 16 bit number in x left by y
Wrap keys according to RFC 3217 - RC2 mechanism
Field engine
Field param
Field paramPlusIV
Field iv
Field forWrapping
Field IV2
Method init
@param forWrapping
@param param
Method GetAlgorithmName
@return
Method wrap
@param in
@param inOff
@param inLen
@return
Method unwrap
@param in
@param inOff
@param inLen
@return
@throws InvalidCipherTextException
Some key wrap algorithms make use of the Key Checksum defined
in CMS [CMS-Algorithms]. This is used to provide an integrity
check value for the key being wrapped. The algorithm is
- Compute the 20 octet SHA-1 hash on the key being wrapped.
- Use the first 8 octets of this hash as the checksum value.
@param key
@return
@throws Exception
@see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
@param key
@param checksum
@return
@see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
initialise a RC4 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
The specification for RC5 came from the RC5 Encryption Algorithm
publication in RSA CryptoBytes, Spring of 1995.
http://www.rsasecurity.com/rsalabs/cryptobytes.
This implementation has a word size of 32 bits.
Create an instance of the RC5 encryption algorithm
and set some defaults
initialise a RC5-32 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Re-key the cipher.
@param key the key to be used
Encrypt the given block starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param in in byte buffer containing data to encrypt
@param inOff offset into src buffer
@param out out buffer where encrypted data is written
@param outOff offset into out buffer
Perform a left "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(32) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % 32
Perform a right "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(32) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % 32
The specification for RC5 came from the RC5 Encryption Algorithm
publication in RSA CryptoBytes, Spring of 1995.
http://www.rsasecurity.com/rsalabs/cryptobytes.
This implementation is set to work with a 64 bit word size.
Create an instance of the RC5 encryption algorithm
and set some defaults
initialise a RC5-64 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Re-key the cipher.
@param key the key to be used
Encrypt the given block starting at the given offset and place
the result in the provided buffer starting at the given offset.
@param in in byte buffer containing data to encrypt
@param inOff offset into src buffer
@param out out buffer where encrypted data is written
@param outOff offset into out buffer
Perform a left "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(wordSize) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % wordSize
Perform a right "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(wordSize) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % wordSize
An RC6 engine.
Create an instance of the RC6 encryption algorithm
and set some defaults
initialise a RC5-32 cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Re-key the cipher.
@param inKey the key to be used
Perform a left "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(wordSize) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % wordSize
Perform a right "spin" of the word. The rotation of the given
word x is rotated left by y bits.
Only the lg(wordSize) low-order bits of y
are used to determine the rotation amount. Here it is
assumed that the wordsize used is a power of 2.
@param x word to rotate
@param y number of bits to rotate % wordSize
an implementation of the RFC 3211 Key Wrap
Specification.
An implementation of the AES Key Wrapper from the NIST Key Wrap
Specification as described in RFC 3394.
For further details see: http://www.ietf.org/rfc/rfc3394.txt
and http://csrc.nist.gov/encryption/kms/key-wrap.pdf.
an implementation of Rijndael, based on the documentation and reference implementation
by Paulo Barreto, Vincent Rijmen, for v2.0 August '99.
Note: this implementation is based on information prior to readonly NIST publication.
multiply two elements of GF(2^m)
needed for MixColumn and InvMixColumn
xor corresponding text input and round key input bytes
Row 0 remains unchanged
The other three rows are shifted a variable amount
Replace every byte of the input by the byte at that place
in the nonlinear S-box
Mix the bytes of every column in a linear way
Mix the bytes of every column in a linear way
This is the opposite operation of Mixcolumn
Calculate the necessary round keys
The number of calculations depends on keyBits and blockBits
default constructor - 128 bit block size.
basic constructor - set the cipher up for a given blocksize
@param blocksize the blocksize in bits, must be 128, 192, or 256.
initialise a Rijndael cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
this does your basic RSA algorithm with blinding
initialise the RSA engine.
@param forEncryption true if we are encrypting, false otherwise.
@param param the necessary RSA key parameters.
Return the maximum size for an input block to this engine.
For RSA this is always one byte less than the key size on
encryption, and the same length as the key size on decryption.
@return maximum size for an input block.
Return the maximum size for an output block to this engine.
For RSA this is always one byte less than the key size on
decryption, and the same length as the key size on encryption.
@return maximum size for an output block.
Process a single block using the basic RSA algorithm.
@param inBuf the input array.
@param inOff the offset into the input buffer where the data starts.
@param inLen the length of the data to be processed.
@return the result of the RSA process.
@exception DataLengthException the input block is too large.
This does your basic RSA Chaum's blinding and unblinding as outlined in
"Handbook of Applied Cryptography", page 475. You need to use this if you are
trying to get another party to generate signatures without them being aware
of the message they are signing.
Initialise the blinding engine.
@param forEncryption true if we are encrypting (blinding), false otherwise.
@param param the necessary RSA key parameters.
Return the maximum size for an input block to this engine.
For RSA this is always one byte less than the key size on
encryption, and the same length as the key size on decryption.
@return maximum size for an input block.
Return the maximum size for an output block to this engine.
For RSA this is always one byte less than the key size on
decryption, and the same length as the key size on encryption.
@return maximum size for an output block.
Process a single block using the RSA blinding algorithm.
@param in the input array.
@param inOff the offset into the input buffer where the data starts.
@param inLen the length of the data to be processed.
@return the result of the RSA process.
@throws DataLengthException the input block is too large.
this does your basic RSA algorithm.
initialise the RSA engine.
@param forEncryption true if we are encrypting, false otherwise.
@param param the necessary RSA key parameters.
Return the maximum size for an input block to this engine.
For RSA this is always one byte less than the key size on
encryption, and the same length as the key size on decryption.
@return maximum size for an input block.
Return the maximum size for an output block to this engine.
For RSA this is always one byte less than the key size on
decryption, and the same length as the key size on encryption.
@return maximum size for an output block.
this does your basic RSA algorithm.
initialise the RSA engine.
@param forEncryption true if we are encrypting, false otherwise.
@param param the necessary RSA key parameters.
Return the maximum size for an input block to this engine.
For RSA this is always one byte less than the key size on
encryption, and the same length as the key size on decryption.
@return maximum size for an input block.
Return the maximum size for an output block to this engine.
For RSA this is always one byte less than the key size on
decryption, and the same length as the key size on encryption.
@return maximum size for an output block.
Process a single block using the basic RSA algorithm.
@param inBuf the input array.
@param inOff the offset into the input buffer where the data starts.
@param inLen the length of the data to be processed.
@return the result of the RSA process.
@exception DataLengthException the input block is too large.
Implementation of Daniel J. Bernstein's Salsa20 stream cipher, Snuffle 2005
Constants
Creates a 20 round Salsa20 engine.
Creates a Salsa20 engine with a specific number of rounds.
the number of rounds (must be an even number).
Rotate left
@param x value to rotate
@param y amount to rotate x
@return rotated x
Implementation of the SEED algorithm as described in RFC 4009
An implementation of the SEED key wrapper based on RFC 4010/RFC 3394.
For further details see: http://www.ietf.org/rfc/rfc4010.txt.
* Serpent is a 128-bit 32-round block cipher with variable key lengths,
* including 128, 192 and 256 bit keys conjectured to be at least as
* secure as three-key triple-DES.
*
* Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
* candidate algorithm for the NIST AES Quest.
*
*
* For full details see The Serpent home page
*
Expand a user-supplied key material into a session key.
@param key The user-key bytes (multiples of 4) to use.
@exception ArgumentException
Encrypt one block of plaintext.
@param input the array containing the input data.
@param inOff offset into the in array the data starts at.
@param output the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
Decrypt one block of ciphertext.
@param input the array containing the input data.
@param inOff offset into the in array the data starts at.
@param output the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
initialise a Serpent cipher.
@param encrypting whether or not we are for encryption.
@param params the parameters required to set up the cipher.
@throws IllegalArgumentException if the params argument is
inappropriate.
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@return the number of bytes processed and produced.
@throws DataLengthException if there isn't enough data in in, or
space in out.
@throws IllegalStateException if the cipher isn't initialised.
InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms.
S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms.
InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps.
S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms.
InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps.
S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms.
InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms
S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms.
InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms.
S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms.
InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms.
S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms.
InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms.
S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms.
InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms.
Apply the linear transformation to the register set.
Apply the inverse of the linear transformation to the register set.
a class that provides a basic SKIPJACK engine.
initialise a SKIPJACK cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
The G permutation
the inverse of the G permutation.
SM2 public key encryption engine - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02.
An TEA engine.
Create an instance of the TEA encryption algorithm
and set some defaults
initialise
@param forEncryption whether or not we are for encryption.
@param params the parameters required to set up the cipher.
@exception ArgumentException if the params argument is
inappropriate.
Re-key the cipher.
@param key the key to be used
Implementation of the Threefish tweakable large block cipher in 256, 512 and 1024 bit block
sizes.
This is the 1.3 version of Threefish defined in the Skein hash function submission to the NIST
SHA-3 competition in October 2010.
Threefish was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
This implementation inlines all round functions, unrolls 8 rounds, and uses 1.2k of static tables
to speed up key schedule injection.
2 x block size state is retained by each cipher instance.
256 bit block size - Threefish-256
512 bit block size - Threefish-512
1024 bit block size - Threefish-1024
Size of the tweak in bytes (always 128 bit/16 bytes)
Rounds in Threefish-256
Rounds in Threefish-512
Rounds in Threefish-1024
Max rounds of any of the variants
Key schedule parity constant
Block size in bytes
Block size in 64 bit words
Buffer for byte oriented processBytes to call internal word API
Tweak bytes (2 byte t1,t2, calculated t3 and repeat of t1,t2 for modulo free lookup
Key schedule words
The internal cipher implementation (varies by blocksize)
Constructs a new Threefish cipher, with a specified block size.
the block size in bits, one of , ,
.
Initialise the engine.
Initialise for encryption if true, for decryption if false.
an instance of or (to
use a 0 tweak)
Initialise the engine, specifying the key and tweak directly.
the cipher mode.
the words of the key, or null
to use the current key.
the 2 word (128 bit) tweak, or null
to use the current tweak.
Process a block of data represented as 64 bit words.
the number of 8 byte words processed (which will be the same as the block size).
a block sized buffer of words to process.
a block sized buffer of words to receive the output of the operation.
if either the input or output is not block sized
if this engine is not initialised
Read a single 64 bit word from input in LSB first order.
Write a 64 bit word to output in LSB first order.
Rotate left + xor part of the mix operation.
Rotate xor + rotate right part of the unmix operation.
The extended + repeated tweak words
The extended + repeated key words
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Mix rotation constants defined in Skein 1.3 specification
Tnepres is a 128-bit 32-round block cipher with variable key lengths,
including 128, 192 and 256 bit keys conjectured to be at least as
secure as three-key triple-DES.
Tnepres is based on Serpent which was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
candidate algorithm for the NIST AES Quest. Unfortunately there was an endianness issue
with test vectors in the AES submission and the resulting confusion lead to the Tnepres cipher
as well, which is a byte swapped version of Serpent.
For full details see The Serpent home page
Expand a user-supplied key material into a session key.
@param key The user-key bytes (multiples of 4) to use.
@exception ArgumentException
Encrypt one block of plaintext.
@param input the array containing the input data.
@param inOff offset into the in array the data starts at.
@param output the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
Decrypt one block of ciphertext.
@param input the array containing the input data.
@param inOff offset into the in array the data starts at.
@param output the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
A class that provides Twofish encryption operations.
This Java implementation is based on the Java reference
implementation provided by Bruce Schneier and developed
by Raif S. Naffah.
Define the fixed p0/p1 permutations used in keyed S-box lookup.
By changing the following constant definitions, the S-boxes will
automatically Get changed in the Twofish engine.
gSubKeys[] and gSBox[] are eventually used in the
encryption and decryption methods.
initialise a Twofish cipher.
@param forEncryption whether or not we are for encryption.
@param parameters the parameters required to set up the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Encrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
The input will be an exact multiple of our blocksize.
encryptBlock uses the pre-calculated gSBox[] and subKey[]
arrays.
Decrypt the given input starting at the given offset and place
the result in the provided buffer starting at the given offset.
The input will be an exact multiple of our blocksize.
Use (12, 8) Reed-Solomon code over GF(256) to produce
a key S-box 32-bit entity from 2 key material 32-bit
entities.
@param k0 first 32-bit entity
@param k1 second 32-bit entity
@return Remainder polynomial Generated using RS code
* Reed-Solomon code parameters: (12,8) reversible code:
*
*
* G(x) = x^4 + (a+1/a)x^3 + ax^2 + (a+1/a)x + 1
*
* where a = primitive root of field generator 0x14D
*
initialise a VMPC cipher.
@param forEncryption
whether or not we are for encryption.
@param params
the parameters required to set up the cipher.
@exception ArgumentException
if the params argument is inappropriate.
Implementation of Daniel J. Bernstein's XSalsa20 stream cipher - Salsa20 with an extended nonce.
XSalsa20 requires a 256 bit key, and a 192 bit nonce.
XSalsa20 key generation: process 256 bit input key and 128 bits of the input nonce
using a core Salsa20 function without input addition to produce 256 bit working key
and use that with the remaining 64 bits of nonce to initialize a standard Salsa20 engine state.
An XTEA engine.
Create an instance of the TEA encryption algorithm
and set some defaults
initialise
@param forEncryption whether or not we are for encryption.
@param params the parameters required to set up the cipher.
@exception ArgumentException if the params argument is
inappropriate.
Re-key the cipher.
@param key the key to be used
Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on ISO 18033/P1363a.
Construct a KDF Parameters generator.
@param counterStart value of counter.
@param digest the digest to be used as the source of derived keys.
return the underlying digest.
fill len bytes of the output buffer with bytes generated from
the derivation function.
@throws ArgumentException if the size of the request will cause an overflow.
@throws DataLengthException if the out buffer is too small.
Core of password hashing scheme Bcrypt,
designed by Niels Provos and David Mazières,
corresponds to the C reference implementation.
This implementation does not correspondent to the 1999 published paper
"A Future-Adaptable Password Scheme" of Niels Provos and David Mazières,
see: https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html.
In contrast to the paper, the order of key setup and salt setup is reversed:
state <- ExpandKey(state, 0, key)
state %lt;- ExpandKey(state, 0, salt)
This corresponds to the OpenBSD reference implementation of Bcrypt.
Note:
There is no successful cryptanalysis (status 2015), but
the amount of memory and the band width of Bcrypt
may be insufficient to effectively prevent attacks
with custom hardware like FPGAs, ASICs
This implementation uses some parts of Bouncy Castle's BlowfishEngine.
Derives a raw 192 bit Bcrypt key
@param cost the cost factor, treated as an exponent of 2
@param salt a 16 byte salt
@param psw the password
@return a 192 bit key
Size of the salt parameter in bytes
Minimum value of cost parameter, equal to log2(bytes of salt)
Maximum value of cost parameter (31 == 2,147,483,648)
Maximum size of password == max (unrestricted) size of Blowfish key
Calculates the bcrypt hash of a password.
This implements the raw bcrypt function as defined in the bcrypt specification, not
the crypt encoded version implemented in OpenBSD.
@param password the password bytes (up to 72 bytes) to use for this invocation.
@param salt the 128 bit salt to use for this invocation.
@param cost the bcrypt cost parameter. The cost of the bcrypt function grows as
2^cost
. Legal values are 4..31 inclusive.
@return the output of the raw bcrypt operation: a 192 bit (24 byte) hash.
initialise the key generator - if strength is set to zero
the key Generated will be 192 bits in size, otherwise
strength can be 128 or 192 (or 112 or 168 if you don't count
parity bits), depending on whether you wish to do 2-key or 3-key
triple DES.
@param param the parameters to be used for key generation
initialise the key generator - if strength is set to zero
the key generated will be 64 bits in size, otherwise
strength can be 64 or 56 bits (if you don't count the parity bits).
@param param the parameters to be used for key generation
a basic Diffie-Hellman key pair generator.
This generates keys consistent for use with the basic algorithm for
Diffie-Hellman.
a Diffie-Hellman key pair generator.
This generates keys consistent for use in the MTI/A0 key agreement protocol
as described in "Handbook of Applied Cryptography", Pages 516-519.
which Generates the p and g values from the given parameters,
returning the DHParameters object.
Note: can take a while...
a DSA key pair generator.
This Generates DSA keys in line with the method described
in FIPS 186-3 B.1 FFC Key Pair Generation.
Generate suitable parameters for DSA, in line with FIPS 186-2, or FIPS 186-3.
Initialise the generator
This form can only be used for older DSA (pre-DSA2) parameters
the size of keys in bits (from 512 up to 1024, and a multiple of 64)
measure of robustness of primes (at least 80 for FIPS 186-2 compliance)
the source of randomness to use
Initialise the generator for DSA 2
You must use this Init method if you need to generate parameters for DSA 2 keys
An instance of DsaParameterGenerationParameters used to configure this generator
Generates a set of DsaParameters
Can take a while...
generate suitable parameters for DSA, in line with
FIPS 186-3 A.1 Generation of the FFC Primes p and q.
Given the domain parameters this routine generates an EC key
pair in accordance with X9.62 section 5.2.1 pages 26, 27.
a ElGamal key pair generator.
This Generates keys consistent for use with ElGamal as described in
page 164 of "Handbook of Applied Cryptography".
* which Generates the p and g values from the given parameters,
* returning the ElGamalParameters object.
*
* Note: can take a while...
*
a GOST3410 key pair generator.
This generates GOST3410 keys in line with the method described
in GOST R 34.10-94.
generate suitable parameters for GOST3410.
initialise the key generator.
@param size size of the key
@param typeProcedure type procedure A,B = 1; A',B' - else
@param random random byte source.
Procedure C
procedure generates the a value from the given p,q,
returning the a value.
which generates the p , q and a values from the given parameters,
returning the Gost3410Parameters object.
HMAC-based Extract-and-Expand Key Derivation Function (HKDF) implemented
according to IETF RFC 5869, May 2010 as specified by H. Krawczyk, IBM
Research & P. Eronen, Nokia. It uses a HMac internally to compute de OKM
(output keying material) and is likely to have better security properties
than KDF's based on just a hash function.
Creates a HKDFBytesGenerator based on the given hash function.
@param hash the digest to be used as the source of generatedBytes bytes
Performs the extract part of the key derivation function.
@param salt the salt to use
@param ikm the input keying material
@return the PRK as KeyParameter
Performs the expand part of the key derivation function, using currentT
as input and output buffer.
@throws DataLengthException if the total number of bytes generated is larger than the one
specified by RFC 5869 (255 * HashLen)
KFD2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on IEEE P1363/ISO 18033.
Construct a KDF1 byte generator.
@param digest the digest to be used as the source of derived keys.
KDF2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
This implementation is based on IEEE P1363/ISO 18033.
Construct a KDF2 bytes generator. Generates key material
according to IEEE P1363 or ISO 18033 depending on the initialisation.
@param digest the digest to be used as the source of derived keys.
Generator for MGF1 as defined in Pkcs 1v2
@param digest the digest to be used as the source of Generated bytes
return the underlying digest.
int to octet string.
fill len bytes of the output buffer with bytes Generated from
the derivation function.
@throws DataLengthException if the out buffer is too small.
Key generation parameters for NaccacheStern cipher. For details on this cipher, please see
http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
Generates a permuted ArrayList from the original one. The original List
is not modified
@param arr
the ArrayList to be permuted
@param rand
the source of Randomness for permutation
@return a new IList with the permuted elements.
Finds the first 'count' primes starting with 3
@param count
the number of primes to find
@return a vector containing the found primes as Integer
Password hashing scheme BCrypt,
designed by Niels Provos and David Mazières, using the
String format and the Base64 encoding
of the reference implementation on OpenBSD
Creates a 60 character Bcrypt String, including
version, cost factor, salt and hash, separated by '$'
@param cost the cost factor, treated as an exponent of 2
@param salt a 16 byte salt
@param password the password
@return a 60 character Bcrypt String
Creates a 60 character Bcrypt String, including
version, cost factor, salt and hash, separated by '$'
@param cost the cost factor, treated as an exponent of 2
@param salt a 16 byte salt
@param password the password
@return a 60 character Bcrypt String
Checks if a password corresponds to a 60 character Bcrypt String
@param bcryptString a 60 character Bcrypt String, including
version, cost factor, salt and hash,
separated by '$'
@param password the password as an array of chars
@return true if the password corresponds to the
Bcrypt String, otherwise false
Generator for PBE derived keys and ivs as usd by OpenSSL.
The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
iteration count of 1.
Construct a OpenSSL Parameters generator.
Initialise - note the iteration count for this algorithm is fixed at 1.
@param password password to use.
@param salt salt to use.
the derived key function, the ith hash of the password and the salt.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
@exception ArgumentException if the key length larger than the base hash size.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
@param keySize the size of the key we want (in bits)
@param ivSize the size of the iv we want (in bits)
@return a ParametersWithIV object.
@exception ArgumentException if keySize + ivSize is larger than the base hash size.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
@exception ArgumentException if the key length larger than the base hash size.
Generator for Pbe derived keys and ivs as defined by Pkcs 12 V1.0.
The document this implementation is based on can be found at
RSA's Pkcs12 Page
Construct a Pkcs 12 Parameters generator.
@param digest the digest to be used as the source of derived keys.
@exception ArgumentException if an unknown digest is passed in.
add a + b + 1, returning the result in a. The a value is treated
as a BigInteger of length (b.Length * 8) bits. The result is
modulo 2^b.Length in case of overflow.
generation of a derived key ala Pkcs12 V1.0.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
@param keySize the size of the key we want (in bits)
@param ivSize the size of the iv we want (in bits)
@return a ParametersWithIV object.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 1.
Note this generator is limited to the size of the hash produced by the
digest used to drive it.
The document this implementation is based on can be found at
RSA's Pkcs5 Page
Construct a Pkcs 5 Scheme 1 Parameters generator.
@param digest the digest to be used as the source of derived keys.
the derived key function, the ith hash of the mPassword and the mSalt.
Generate a key parameter derived from the mPassword, mSalt, and iteration
count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
@exception ArgumentException if the key length larger than the base hash size.
Generate a key with initialisation vector parameter derived from
the mPassword, mSalt, and iteration count we are currently initialised
with.
@param keySize the size of the key we want (in bits)
@param ivSize the size of the iv we want (in bits)
@return a ParametersWithIV object.
@exception ArgumentException if keySize + ivSize is larger than the base hash size.
Generate a key parameter for use with a MAC derived from the mPassword,
mSalt, and iteration count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
@exception ArgumentException if the key length larger than the base hash size.
Generator for Pbe derived keys and ivs as defined by Pkcs 5 V2.0 Scheme 2.
This generator uses a SHA-1 HMac as the calculation function.
The document this implementation is based on can be found at
RSA's Pkcs5 Page
construct a Pkcs5 Scheme 2 Parameters generator.
Generate a key parameter derived from the password, salt, and iteration
count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
Generate a key with initialisation vector parameter derived from
the password, salt, and iteration count we are currently initialised
with.
@param keySize the size of the key we want (in bits)
@param ivSize the size of the iv we want (in bits)
@return a ParametersWithIV object.
Generate a key parameter for use with a MAC derived from the password,
salt, and iteration count we are currently initialised with.
@param keySize the size of the key we want (in bits)
@return a KeyParameter object.
Generates keys for the Poly1305 MAC.
Poly1305 keys are 256 bit keys consisting of a 128 bit secret key used for the underlying block
cipher followed by a 128 bit {@code r} value used for the polynomial portion of the Mac.
The {@code r} value has a specific format with some bits required to be cleared, resulting in an
effective 106 bit key.
A separately generated 256 bit key can be modified to fit the Poly1305 key format by using the
{@link #clamp(byte[])} method to clear the required bits.
Initialises the key generator.
Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored.
Generates a 256 bit key in the format required for Poly1305 - e.g.
k[0] ... k[15], r[0] ... r[15]
with the required bits in r
cleared
as per .
Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by
clearing required bits in the r
(second 16 bytes) portion of the key.
Specifically:
- r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
- r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})
a 32 byte key value k[0] ... k[15], r[0] ... r[15]
Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g.
k[0] ... k[15], r[0] ... r[15]
with the required bits in r
cleared
as per .
Key.
if the key is of the wrong length, or has invalid bits set
in the r
portion of the key.
Generate a random factor suitable for use with RSA blind signatures
as outlined in Chaum's blinding and unblinding as outlined in
"Handbook of Applied Cryptography", page 475.
Initialise the factor generator
@param param the necessary RSA key parameters.
Generate a suitable blind factor for the public key the generator was initialised with.
@return a random blind factor
an RSA key pair generator.
Choose a random prime value for use with RSA
the bit-length of the returned prime
the RSA public exponent
a prime p, with (p-1) relatively prime to e
Implementation of the scrypt a password-based key derivation function.
Scrypt was created by Colin Percival and is specified in
draft-josefsson-scrypt-kd.
Generate a key using the scrypt key derivation function.
the bytes of the pass phrase.
the salt to use for this invocation.
CPU/Memory cost parameter. Must be larger than 1, a power of 2 and less than
2^(128 * r / 8)
.
the block size, must be >= 1.
Parallelization parameter. Must be a positive integer less than or equal to
Int32.MaxValue / (128 * r * 8)
.
the length of the key to generate.
the generated key.
Base interface for a public/private key block cipher.
The name of the algorithm this cipher implements.
Initialise the cipher.
Initialise for encryption if true, for decryption if false.
The key or other data required by the cipher.
The maximum size, in bytes, an input block may be.
The maximum size, in bytes, an output block will be.
Process a block.
The input buffer.
The offset into inBuf that the input block begins.
The length of the input block.
Input decrypts improperly.
Input is too large for the cipher.
interface that a public/private key pair generator should conform to.
intialise the key pair generator.
@param the parameters the key pair is to be initialised with.
return an AsymmetricCipherKeyPair containing the Generated keys.
@return an AsymmetricCipherKeyPair containing the Generated keys.
The basic interface that basic Diffie-Hellman implementations
conforms to.
initialise the agreement engine.
return the field size for the agreement algorithm in bytes.
given a public key from a given party calculate the next
message in the agreement sequence.
Base interface for a symmetric key block cipher.
The name of the algorithm this cipher implements.
Initialise the cipher.
Initialise for encryption if true, for decryption if false.
The key or other data required by the cipher.
The block size for this cipher, in bytes.
Indicates whether this cipher can handle partial blocks.
Process a block.
The input buffer.
The offset into inBuf that the input block begins.
The output buffer.
The offset into outBuf to write the output block.
If input block is wrong size, or outBuf too small.
The number of bytes processed and produced.
Reset the cipher to the same state as it was after the last init (if there was one).
Operators that reduce their input to a single block return an object
of this type.
Return the final result of the operation.
A block of bytes, representing the result of an operation.
Store the final result of the operation by copying it into the destination array.
The number of bytes copied into destination.
The byte array to copy the result into.
The offset into destination to start copying the result at.
Block cipher engines are expected to conform to this interface.
The name of the algorithm this cipher implements.
Initialise the cipher.
If true the cipher is initialised for encryption,
if false for decryption.
The key and other data required by the cipher.
Reset the cipher. After resetting the cipher is in the same state
as it was after the last init (if there was one).
all parameter classes implement this.
base interface for general purpose byte derivation functions.
return the message digest used as the basis for the function
Parameters for key/byte stream derivation classes
interface that a message digest conforms to.
return the algorithm name
@return the algorithm name
return the size, in bytes, of the digest produced by this message digest.
@return the size, in bytes, of the digest produced by this message digest.
return the size, in bytes, of the internal buffer used by this digest.
@return the size, in bytes, of the internal buffer used by this digest.
update the message digest with a single byte.
@param inByte the input byte to be entered.
update the message digest with a block of bytes.
@param input the byte array containing the data.
@param inOff the offset into the byte array where the data starts.
@param len the length of the data.
Close the digest, producing the final digest value. The doFinal
call leaves the digest reset.
@param output the array the digest is to be copied into.
@param outOff the offset into the out array the digest is to start at.
reset the digest back to it's initial state.
interface for classes implementing the Digital Signature Algorithm
initialise the signer for signature generation or signature
verification.
@param forSigning true if we are generating a signature, false
otherwise.
@param param key parameters for signature generation.
sign the passed in message (usually the output of a hash function).
@param message the message to be signed.
@return two big integers representing the r and s values respectively.
verify the message message against the signature values r and s.
@param message the message that was supposed to have been signed.
@param r the r signature value.
@param s the s signature value.
Base interface describing an entropy source for a DRBG.
Return whether or not this entropy source is regarded as prediction resistant.
true if this instance is prediction resistant; otherwise, false.
Return a byte array of entropy.
The entropy bytes.
Return the number of bits of entropy this source can produce.
The size, in bits, of the return value of getEntropy.
Base interface describing a provider of entropy sources.
Return an entropy source providing a block of entropy.
The size of the block of entropy required.
An entropy source providing bitsRequired blocks of entropy.
The base interface for implementations of message authentication codes (MACs).
Initialise the MAC.
@param param the key and other data required by the MAC.
@exception ArgumentException if the parameters argument is
inappropriate.
Return the name of the algorithm the MAC implements.
@return the name of the algorithm the MAC implements.
Return the block size for this MAC (in bytes).
@return the block size for this MAC in bytes.
add a single byte to the mac for processing.
@param in the byte to be processed.
@exception InvalidOperationException if the MAC is not initialised.
@param in the array containing the input.
@param inOff the index in the array the data begins at.
@param len the length of the input starting at inOff.
@exception InvalidOperationException if the MAC is not initialised.
@exception DataLengthException if there isn't enough data in in.
Compute the final stage of the MAC writing the output to the out
parameter.
doFinal leaves the MAC in the same state it was after the last init.
@param out the array the MAC is to be output to.
@param outOff the offset into the out buffer the output is to start at.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the MAC is not initialised.
Reset the MAC. At the end of resetting the MAC should be in the
in the same state it was after the last init (if there was one).
this exception is thrown whenever we find something we don't expect in a
message.
base constructor.
create a InvalidCipherTextException with the given message.
@param message the message to be carried with the exception.
Base interface for operators that serve as stream-based signature calculators.
The algorithm details object for this calculator.
Create a stream calculator for this signature calculator. The stream
calculator is used for the actual operation of entering the data to be signed
and producing the signature block.
A calculator producing an IBlockResult with a signature in it.
Return the name of the algorithm the signer implements.
@return the name of the algorithm the signer implements.
Initialise the signer for signing or verification.
@param forSigning true if for signing, false otherwise
@param param necessary parameters.
update the internal digest with the byte b
update the internal digest with the byte array in
Generate a signature for the message we've been loaded with using
the key we were initialised with.
return true if the internal state represents the signature described
in the passed in array.
reset the internal state
Signer with message recovery.
Returns true if the signer has recovered the full message as
part of signature verification.
@return true if full message recovered.
Returns a reference to what message was recovered (if any).
@return full/partial message, null if nothing.
Perform an update with the recovered message before adding any other data. This must
be the first update method called, and calling it will result in the signer assuming
that further calls to update will include message content past what is recoverable.
@param signature the signature that we are in the process of verifying.
@throws IllegalStateException
Base interface for cryptographic operations such as Hashes, MACs, and Signatures which reduce a stream of data
to a single value.
Return a "sink" stream which only exists to update the implementing object.
A stream to write to in order to update the implementing object.
Return the result of processing the stream. This value is only available once the stream
has been closed.
The result of processing the stream.
The interface stream ciphers conform to.
The name of the algorithm this cipher implements.
Initialise the cipher.
If true the cipher is initialised for encryption,
if false for decryption.
The key and other data required by the cipher.
If the parameters argument is inappropriate.
encrypt/decrypt a single byte returning the result.
the byte to be processed.
the result of processing the input byte.
Process a block of bytes from input putting the result into output.
The input byte array.
The offset into input where the data to be processed starts.
The number of bytes to be processed.
The output buffer the processed bytes go into.
The offset into output the processed data starts at.
If the output buffer is too small.
Reset the cipher to the same state as it was after the last init (if there was one).
Operators that reduce their input to the validation of a signature produce this type.
Return true if the passed in data matches what is expected by the verification result.
The bytes representing the signature.
true if the signature verifies, false otherwise.
Return true if the length bytes from off in the source array match the signature
expected by the verification result.
Byte array containing the signature.
The offset into the source array where the signature starts.
The number of bytes in source making up the signature.
true if the signature verifies, false otherwise.
Base interface for operators that serve as stream-based signature verifiers.
The algorithm details object for this verifier.
Create a stream calculator for this verifier. The stream
calculator is used for the actual operation of entering the data to be verified
and producing a result which can be used to verify the original signature.
A calculator producing an IVerifier which can verify the signature.
Base interface for a provider to support the dynamic creation of signature verifiers.
Return a signature verfier for signature algorithm described in the passed in algorithm details object.
The details of the signature algorithm verification is required for.
A new signature verifier.
The name of the algorithm this cipher implements.
With FIPS PUB 202 a new kind of message digest was announced which supported extendable output, or variable digest sizes.
This interface provides the extra method required to support variable output on a digest implementation.
Output the results of the final calculation for this digest to outLen number of bytes.
output array to write the output bytes to.
offset to start writing the bytes at.
the number of output bytes requested.
the number of bytes written
Start outputting the results of the final calculation for this digest. Unlike DoFinal, this method
will continue producing output until the Xof is explicitly reset, or signals otherwise.
output array to write the output bytes to.
offset to start writing the bytes at.
the number of output bytes requested.
the number of bytes written
The base class for parameters to key generators.
initialise the generator with a source of randomness
and a strength (in bits).
@param random the random byte source.
@param strength the size, in bits, of the keys we want to produce.
return the random source associated with this
generator.
@return the generators random source.
return the bit strength for keys produced by this generator,
@return the strength of the keys this generator produces (in bits).
standard CBC Block Cipher MAC - if no padding is specified the default of
pad of zeroes is used.
create a standard MAC based on a CBC block cipher. This will produce an
authentication code half the length of the block size of the cipher.
@param cipher the cipher to be used as the basis of the MAC generation.
create a standard MAC based on a CBC block cipher. This will produce an
authentication code half the length of the block size of the cipher.
@param cipher the cipher to be used as the basis of the MAC generation.
@param padding the padding to be used to complete the last block.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses CBC mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses CBC mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
@param padding the padding to be used to complete the last block.
Reset the mac generator.
implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
Basic constructor.
@param cipher the block cipher to be used as the basis of the
feedback mode.
@param blockSize the block size in bits (note: a multiple of 8)
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/CFB"
and the block size in bits.
return the block size we are operating at.
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the chaining vector back to the IV and reset the underlying
cipher.
create a standard MAC based on a CFB block cipher. This will produce an
authentication code half the length of the block size of the cipher, with
the CFB mode set to 8 bits.
@param cipher the cipher to be used as the basis of the MAC generation.
create a standard MAC based on a CFB block cipher. This will produce an
authentication code half the length of the block size of the cipher, with
the CFB mode set to 8 bits.
@param cipher the cipher to be used as the basis of the MAC generation.
@param padding the padding to be used.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses CFB mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param cfbBitSize the size of an output block produced by the CFB mode.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses CFB mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param cfbBitSize the size of an output block produced by the CFB mode.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
@param padding a padding to be used.
Reset the mac generator.
CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html
CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC
CMAC is a NIST recomendation - see
csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
CMAC/OMAC1 is a blockcipher-based message authentication code designed and
analyzed by Tetsu Iwata and Kaoru Kurosawa.
CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message
Authentication Code). OMAC stands for One-Key CBC MAC.
It supports 128- or 64-bits block ciphers, with any key size, and returns
a MAC with dimension less or equal to the block size of the underlying
cipher.
create a standard MAC based on a CBC block cipher (64 or 128 bit block).
This will produce an authentication code the length of the block size
of the cipher.
@param cipher the cipher to be used as the basis of the MAC generation.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8 and @lt;= 128.
Reset the mac generator.
Implementation of DSTU7564 mac mode
implementation of DSTU 7624 MAC
The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
800-38D.
GMac is an invocation of the GCM mode where no data is encrypted (i.e. all input data to the Mac
is processed as additional authenticated data with the underlying GCM block cipher).
Creates a GMAC based on the operation of a block cipher in GCM mode.
This will produce an authentication code the length of the block size of the cipher.
the cipher to be used in GCM mode to generate the MAC.
Creates a GMAC based on the operation of a 128 bit block cipher in GCM mode.
This will produce an authentication code the length of the block size of the cipher.
the cipher to be used in GCM mode to generate the MAC.
the mac size to generate, in bits. Must be a multiple of 8, between 32 and 128 (inclusive).
Sizes less than 96 are not recommended, but are supported for specialized applications.
Initialises the GMAC - requires a
providing a and a nonce.
implementation of GOST 28147-89 MAC
HMAC implementation based on RFC2104
H(K XOR opad, H(K XOR ipad, text))
Reset the mac generator.
DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC)
This could as well be derived from CBCBlockCipherMac, but then the property mac in the base
class must be changed to protected
create a Retail-MAC based on a CBC block cipher. This will produce an
authentication code of the length of the block size of the cipher.
@param cipher the cipher to be used as the basis of the MAC generation. This must
be DESEngine.
create a Retail-MAC based on a CBC block cipher. This will produce an
authentication code of the length of the block size of the cipher.
@param cipher the cipher to be used as the basis of the MAC generation.
@param padding the padding to be used to complete the last block.
create a Retail-MAC based on a block cipher with the size of the
MAC been given in bits. This class uses single DES CBC mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses single DES CBC mode as the basis for the
MAC generation. The final block is decrypted and then encrypted using the
middle and right part of the key.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
@param cipher the cipher to be used as the basis of the MAC generation.
@param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
@param padding the padding to be used to complete the last block.
Reset the mac generator.
Poly1305 message authentication code, designed by D. J. Bernstein.
Poly1305 computes a 128-bit (16 bytes) authenticator, using a 128 bit nonce and a 256 bit key
consisting of a 128 bit key applied to an underlying cipher, and a 128 bit key (with 106
effective key bits) used in the authenticator.
The polynomial calculation in this implementation is adapted from the public domain poly1305-donna-unrolled C implementation
by Andrew M (@floodyberry).
Polynomial key
Polynomial key
Polynomial key
Polynomial key
Polynomial key
Precomputed 5 * r[1..4]
Precomputed 5 * r[1..4]
Precomputed 5 * r[1..4]
Precomputed 5 * r[1..4]
Encrypted nonce
Encrypted nonce
Encrypted nonce
Encrypted nonce
Current block of buffered input
Current offset in input buffer
Polynomial accumulator
Polynomial accumulator
Polynomial accumulator
Polynomial accumulator
Polynomial accumulator
Constructs a Poly1305 MAC, where the key passed to init() will be used directly.
Constructs a Poly1305 MAC, using a 128 bit block cipher.
Initialises the Poly1305 MAC.
a {@link ParametersWithIV} containing a 128 bit nonce and a {@link KeyParameter} with
a 256 bit key complying to the {@link Poly1305KeyGenerator Poly1305 key format}.
Implementation of SipHash as specified in "SipHash: a fast short-input PRF", by Jean-Philippe
Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf).
"SipHash is a family of PRFs SipHash-c-d where the integer parameters c and d are the number of
compression rounds and the number of finalization rounds. A compression round is identical to a
finalization round and this round function is called SipRound. Given a 128-bit key k and a
(possibly empty) byte string m, SipHash-c-d returns a 64-bit value..."
SipHash-2-4
SipHash-c-d
the number of compression rounds
the number of finalization rounds
Implementation of the Skein parameterised MAC function in 256, 512 and 1024 bit block sizes,
based on the Threefish tweakable block cipher.
This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
competition in October 2010.
Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
256 bit block size - Skein-256
512 bit block size - Skein-512
1024 bit block size - Skein-1024
Constructs a Skein MAC with an internal state size and output size.
the internal state size in bits - one of or
.
the output/MAC size to produce in bits, which must be an integral number of
bytes.
Optionally initialises the Skein digest with the provided parameters.
See for details on the parameterisation of the Skein hash function.
the parameters to apply to this engine, or null
to use no parameters.
This exception is thrown whenever a cipher requires a change of key, iv
or similar after x amount of bytes enciphered
implements Cipher-Block-Chaining (CBC) mode on top of a simple cipher.
Basic constructor.
@param cipher the block cipher to be used as the basis of chaining.
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/CBC".
return the block size of the underlying cipher.
@return the block size of the underlying cipher.
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the chaining vector back to the IV and reset the underlying
cipher.
Do the appropriate chaining step for CBC mode encryption.
@param in the array containing the data to be encrypted.
@param inOff offset into the in array the data starts at.
@param out the array the encrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Do the appropriate chaining step for CBC mode decryption.
@param in the array containing the data to be decrypted.
@param inOff offset into the in array the data starts at.
@param out the array the decrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Implements the Counter with Cipher Block Chaining mode (CCM) detailed in
NIST Special Publication 800-38C.
Note: this mode is a packet mode - it needs all the data up front.
Basic constructor.
@param cipher the block cipher to be used.
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Returns a byte array containing the mac calculated as part of the
last encrypt or decrypt operation.
@return the last mac calculated.
Process a packet of data for either CCM decryption or encryption.
@param in data for processing.
@param inOff offset at which data starts in the input array.
@param inLen length of the data in the input array.
@return a byte array containing the processed input..
@throws IllegalStateException if the cipher is not appropriately set up.
@throws InvalidCipherTextException if the input data is truncated or the mac check fails.
Process a packet of data for either CCM decryption or encryption.
@param in data for processing.
@param inOff offset at which data starts in the input array.
@param inLen length of the data in the input array.
@param output output array.
@param outOff offset into output array to start putting processed bytes.
@return the number of bytes added to output.
@throws IllegalStateException if the cipher is not appropriately set up.
@throws InvalidCipherTextException if the input data is truncated or the mac check fails.
@throws DataLengthException if output buffer too short.
implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
Basic constructor.
@param cipher the block cipher to be used as the basis of the
feedback mode.
@param blockSize the block size in bits (note: a multiple of 8)
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/CFB"
and the block size in bits.
return the block size we are operating at.
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Do the appropriate processing for CFB mode encryption.
@param in the array containing the data to be encrypted.
@param inOff offset into the in array the data starts at.
@param out the array the encrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Do the appropriate processing for CFB mode decryption.
@param in the array containing the data to be decrypted.
@param inOff offset into the in array the data starts at.
@param out the array the encrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the chaining vector back to the IV and reset the underlying
cipher.
A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
be used to produce cipher text which is the same outLength as the plain text.
Create a buffered block cipher that uses Cipher Text Stealing
@param cipher the underlying block cipher this buffering object wraps.
return the size of the output buffer required for an update of 'length' bytes.
@param length the outLength of the input.
@return the space required to accommodate a call to update
with length bytes of input.
return the size of the output buffer required for an update plus a
doFinal with an input of length bytes.
@param length the outLength of the input.
@return the space required to accommodate a call to update and doFinal
with length bytes of input.
process a single byte, producing an output block if necessary.
@param in the input byte.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
process an array of bytes, producing output if necessary.
@param in the input byte array.
@param inOff the offset at which the input data starts.
@param length the number of bytes to be copied out of the input array.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
Process the last block in the buffer.
@param out the array the block currently being held is copied into.
@param outOff the offset at which the copying starts.
@return the number of output bytes copied to out.
@exception DataLengthException if there is insufficient space in out for
the output.
@exception InvalidOperationException if the underlying cipher is not
initialised.
@exception InvalidCipherTextException if cipher text decrypts wrongly (in
case the exception will never Get thrown).
A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and
Efficiency - by M. Bellare, P. Rogaway, D. Wagner.
http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf
EAX is an AEAD scheme based on CTR and OMAC1/CMAC, that uses a single block
cipher to encrypt and authenticate data. It's on-line (the length of a
message isn't needed to begin processing it), has good performances, it's
simple and provably secure (provided the underlying block cipher is secure).
Of course, this implementations is NOT thread-safe.
Constructor that accepts an instance of a block cipher engine.
@param cipher the engine to use
Implements the Galois/Counter mode (GCM) detailed in
NIST Special Publication 800-38D.
MAC sizes from 32 bits to 128 bits (must be a multiple of 8) are supported. The default is 128 bits.
Sizes less than 96 are not recommended, but are supported for specialized applications.
implements the GOST 28147 OFB counter mode (GCTR).
Basic constructor.
@param cipher the block cipher to be used as the basis of the
counter mode (must have a 64 bit block size).
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param encrypting if true the cipher is initialised for
encryption, if false for decryption.
@param parameters the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/GCTR"
and the block size in bits
return the block size we are operating at (in bytes).
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the feedback vector back to the IV and reset the underlying
cipher.
A block cipher mode that includes authenticated encryption with a streaming mode
and optional associated data.
The name of the algorithm this cipher implements.
The block cipher underlying this algorithm.
Initialise the cipher.
Parameter can either be an AeadParameters or a ParametersWithIV object.
Initialise for encryption if true, for decryption if false.
The key or other data required by the cipher.
The block size for this cipher, in bytes.
Add a single byte to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.
The byte to be processed.
Add a sequence of bytes to the associated data check.
If the implementation supports it, this will be an online operation and will not retain the associated data.
The input byte array.
The offset into the input array where the data to be processed starts.
The number of bytes to be processed.
Encrypt/decrypt a single byte.
@param input the byte to be processed.
@param outBytes the output buffer the processed byte goes into.
@param outOff the offset into the output byte array the processed data starts at.
@return the number of bytes written to out.
@exception DataLengthException if the output buffer is too small.
Process a block of bytes from in putting the result into out.
@param inBytes the input byte array.
@param inOff the offset into the in array where the data to be processed starts.
@param len the number of bytes to be processed.
@param outBytes the output buffer the processed bytes go into.
@param outOff the offset into the output byte array the processed data starts at.
@return the number of bytes written to out.
@exception DataLengthException if the output buffer is too small.
Finish the operation either appending or verifying the MAC at the end of the data.
@param outBytes space for any resulting output data.
@param outOff offset into out to start copying the data at.
@return number of bytes written into out.
@throws InvalidOperationException if the cipher is in an inappropriate state.
@throws InvalidCipherTextException if the MAC fails to match.
Return the value of the MAC associated with the last stream processed.
@return MAC for plaintext data.
Return the size of the output buffer required for a ProcessBytes
an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to ProcessBytes
with len bytes of input.
Return the size of the output buffer required for a ProcessBytes plus a
DoFinal with an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to ProcessBytes and DoFinal
with len bytes of input.
Reset the cipher to the same state as it was after the last init (if there was one).
Base constructor. Nb value is set to 4.
base cipher to use under CCM.
Constructor allowing Nb configuration.
Nb is a parameter specified in CCM mode of DSTU7624 standard.
This parameter specifies maximum possible length of input.It should
be calculated as follows: Nb = 1 / 8 * (-3 + log[2]Nmax) + 1,
where Nmax - length of input message in bits.For practical reasons
Nmax usually less than 4Gb, e.g. for Nmax = 2^32 - 1, Nb = 4.
base cipher to use under CCM.
Nb value to use.
Implements a Gamming or Counter (CTR) mode on top of a DSTU 7624 block cipher.
Basic constructor.
@param cipher the block cipher to be used as the basis of the
feedback mode.
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/KCTR"
and the block size in bits.
return the block size we are operating at.
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param input the array containing the input data.
@param inOff offset into the in array the data starts at.
@param output the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the chaining vector back to the IV and reset the underlying
cipher.
An implementation of RFC 7253 on The OCB
Authenticated-Encryption Algorithm, licensed per:
License for
Open-Source Software Implementations of OCB (Jan 9, 2013) - 'License 1'
Under this license, you are authorized to make, use, and distribute open-source software
implementations of OCB. This license terminates for you if you sue someone over their open-source
software implementation of OCB claiming that you have a patent covering their implementation.
This is a non-binding summary of a legal document (the link above). The parameters of the license
are specified in the license document and that document is controlling.
implements a Output-FeedBack (OFB) mode on top of a simple cipher.
Basic constructor.
@param cipher the block cipher to be used as the basis of the
feedback mode.
@param blockSize the block size in bits (note: a multiple of 8)
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/OFB"
and the block size in bits
return the block size we are operating at (in bytes).
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the feedback vector back to the IV and reset the underlying
cipher.
* Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode
* on top of a simple cipher. This class assumes the IV has been prepended
* to the data stream already, and just accomodates the reset after
* (blockSize + 2) bytes have been read.
*
* For further info see RFC 2440.
*
Basic constructor.
@param cipher the block cipher to be used as the basis of the
feedback mode.
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
return the algorithm name and mode.
@return the name of the underlying algorithm followed by "/PGPCFB"
and the block size in bits.
return the block size we are operating at.
@return the block size we are operating at (in bytes).
Process one block of input from the array in and write it to
the out array.
@param in the array containing the input data.
@param inOff offset into the in array the data starts at.
@param out the array the output data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
reset the chaining vector back to the IV and reset the underlying
cipher.
Initialise the cipher and, possibly, the initialisation vector (IV).
If an IV isn't passed as part of the parameter, the IV will be all zeros.
An IV which is too short is handled in FIPS compliant fashion.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param parameters the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
Encrypt one byte of data according to CFB mode.
@param data the byte to encrypt
@param blockOff offset in the current block
@returns the encrypted byte
Do the appropriate processing for CFB IV mode encryption.
@param in the array containing the data to be encrypted.
@param inOff offset into the in array the data starts at.
@param out the array the encrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Do the appropriate processing for CFB IV mode decryption.
@param in the array containing the data to be decrypted.
@param inOff offset into the in array the data starts at.
@param out the array the encrypted data will be copied into.
@param outOff the offset into the out array the output will start at.
@exception DataLengthException if there isn't enough data in in, or
space in out.
@exception InvalidOperationException if the cipher isn't initialised.
@return the number of bytes processed and produced.
Implements the Segmented Integer Counter (SIC) mode on top of a simple
block cipher.
Basic constructor.
@param c the block cipher to be used.
return the underlying block cipher that we are wrapping.
@return the underlying block cipher that we are wrapping.
Return the digest algorithm using one of the standard JCA string
representations rather than the algorithm identifier (if possible).
Calculator factory class for signature generation in ASN.1 based profiles that use an AlgorithmIdentifier to preserve
signature algorithm details.
Base constructor.
The name of the signature algorithm to use.
The private key to be used in the signing operation.
Constructor which also specifies a source of randomness to be used if one is required.
The name of the signature algorithm to use.
The private key to be used in the signing operation.
The source of randomness to be used in signature calculation.
Allows enumeration of the signature names supported by the verifier provider.
Verifier class for signature verification in ASN.1 based profiles that use an AlgorithmIdentifier to preserve
signature algorithm details.
Base constructor.
The name of the signature algorithm to use.
The public key to be used in the verification operation.
Provider class which supports dynamic creation of signature verifiers.
Base constructor - specify the public key to be used in verification.
The public key to be used in creating verifiers provided by this object.
Allows enumeration of the signature names supported by the verifier provider.
Block cipher padders are expected to conform to this interface
Initialise the padder.
@param param parameters, if any required.
Return the name of the algorithm the cipher implements.
@return the name of the algorithm the cipher implements.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
@exception InvalidCipherTextException if the padding is badly formed
or invalid.
A padder that adds ISO10126-2 padding to a block.
Initialise the padder.
@param random a SecureRandom if available.
Return the name of the algorithm the cipher implements.
@return the name of the algorithm the cipher implements.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
A padder that adds the padding according to the scheme referenced in
ISO 7814-4 - scheme 2 from ISO 9797-1. The first byte is 0x80, rest is 0x00
Initialise the padder.
@param random - a SecureRandom if available.
Return the name of the algorithm the padder implements.
@return the name of the algorithm the padder implements.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
A wrapper class that allows block ciphers to be used to process data in
a piecemeal fashion with padding. The PaddedBufferedBlockCipher
outputs a block only when the buffer is full and more data is being added,
or on a doFinal (unless the current block in the buffer is a pad block).
The default padding mechanism used is the one outlined in Pkcs5/Pkcs7.
Create a buffered block cipher with the desired padding.
@param cipher the underlying block cipher this buffering object wraps.
@param padding the padding type.
Create a buffered block cipher Pkcs7 padding
@param cipher the underlying block cipher this buffering object wraps.
initialise the cipher.
@param forEncryption if true the cipher is initialised for
encryption, if false for decryption.
@param param the key and other data required by the cipher.
@exception ArgumentException if the parameters argument is
inappropriate.
return the minimum size of the output buffer required for an update
plus a doFinal with an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update and doFinal
with len bytes of input.
return the size of the output buffer required for an update
an input of len bytes.
@param len the length of the input.
@return the space required to accommodate a call to update
with len bytes of input.
process a single byte, producing an output block if necessary.
@param in the input byte.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
process an array of bytes, producing output if necessary.
@param in the input byte array.
@param inOff the offset at which the input data starts.
@param len the number of bytes to be copied out of the input array.
@param out the space for any output that might be produced.
@param outOff the offset from which the output will be copied.
@return the number of output bytes copied to out.
@exception DataLengthException if there isn't enough space in out.
@exception InvalidOperationException if the cipher isn't initialised.
Process the last block in the buffer. If the buffer is currently
full and padding needs to be added a call to doFinal will produce
2 * GetBlockSize() bytes.
@param out the array the block currently being held is copied into.
@param outOff the offset at which the copying starts.
@return the number of output bytes copied to out.
@exception DataLengthException if there is insufficient space in out for
the output or we are decrypting and the input is not block size aligned.
@exception InvalidOperationException if the underlying cipher is not
initialised.
@exception InvalidCipherTextException if padding is expected and not found.
A padder that adds Pkcs7/Pkcs5 padding to a block.
Initialise the padder.
@param random - a SecureRandom if available.
Return the name of the algorithm the cipher implements.
@return the name of the algorithm the cipher implements.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
A padder that adds Trailing-Bit-Compliment padding to a block.
This padding pads the block out compliment of the last bit
of the plain text.
Return the name of the algorithm the cipher implements.
the name of the algorithm the cipher implements.
Initialise the padder.
- a SecureRandom if available.
add the pad bytes to the passed in block, returning the
number of bytes added.
Note: this assumes that the last block of plain text is always
passed to it inside in. i.e. if inOff is zero, indicating the
entire block is to be overwritten with padding the value of in
should be the same as the last block of plain text.
return the number of pad bytes present in the block.
A padder that adds X9.23 padding to a block - if a SecureRandom is
passed in random padding is assumed, otherwise padding with zeros is used.
Initialise the padder.
@param random a SecureRandom if one is available.
Return the name of the algorithm the cipher implements.
@return the name of the algorithm the cipher implements.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
A padder that adds Null byte padding to a block.
Return the name of the algorithm the cipher implements.
the name of the algorithm the cipher implements.
Initialise the padder.
- a SecureRandom if available.
add the pad bytes to the passed in block, returning the
number of bytes added.
return the number of pad bytes present in the block.
Base constructor.
@param key key to be used by underlying cipher
@param macSize macSize in bits
@param nonce nonce to be used
Base constructor.
@param key key to be used by underlying cipher
@param macSize macSize in bits
@param nonce nonce to be used
@param associatedText associated text, if any
Base constructor.
@param key key to be used by underlying cipher
@param macSize macSize in bits
@param nonce nonce to be used
@param associatedText associated text, if any
return true if the passed in key is a DES-EDE weak key.
@param key bytes making up the key
@param offset offset into the byte array the key starts at
@param length number of bytes making up the key
return true if the passed in key is a DES-EDE weak key.
@param key bytes making up the key
@param offset offset into the byte array the key starts at
return true if the passed in key is a real 2/3 part DES-EDE key.
@param key bytes making up the key
@param offset offset into the byte array the key starts at
return true if the passed in key is a real 2 part DES-EDE key.
@param key bytes making up the key
@param offset offset into the byte array the key starts at
return true if the passed in key is a real 3 part DES-EDE key.
@param key bytes making up the key
@param offset offset into the byte array the key starts at
DES has 16 weak keys. This method will check
if the given DES key material is weak or semi-weak.
Key material that is too short is regarded as weak.
See "Applied
Cryptography" by Bruce Schneier for more information.
@return true if the given DES key material is weak or semi-weak,
false otherwise.
DES Keys use the LSB as the odd parity bit. This can
be used to check for corrupt keys.
@param bytes the byte array to set the parity on.
The minimum bitlength of the private value.
The bitlength of the private value.
Construct without a usage index, this will do a random construction of G.
@param L desired length of prime P in bits (the effective key size).
@param N desired length of prime Q in bits.
@param certainty certainty level for prime number generation.
@param random the source of randomness to use.
Construct for a specific usage index - this has the effect of using verifiable canonical generation of G.
@param L desired length of prime P in bits (the effective key size).
@param N desired length of prime Q in bits.
@param certainty certainty level for prime number generation.
@param random the source of randomness to use.
@param usageIndex a valid usage index.
return the generator - g
return private value limit - l
Parameter class for the HkdfBytesGenerator class.
Generates parameters for HKDF, specifying both the optional salt and
optional info. Step 1: Extract won't be skipped.
@param ikm the input keying material or seed
@param salt the salt to use, may be null for a salt for hashLen zeros
@param info the info to use, may be null for an info field of zero bytes
Factory method that makes the HKDF skip the extract part of the key
derivation function.
@param ikm the input keying material or seed, directly used for step 2:
Expand
@param info the info to use, may be null for an info field of zero bytes
@return HKDFParameters that makes the implementation skip step 1
Returns the input keying material or seed.
@return the keying material
Returns if step 1: extract has to be skipped or not
@return true for skipping, false for no skipping of step 1
Returns the salt, or null if the salt should be generated as a byte array
of HashLen zeros.
@return the salt, or null
Returns the info field, which may be empty (null is converted to empty).
@return the info field, never null
parameters for using an integrated cipher in stream mode.
@param derivation the derivation parameter for the KDF function.
@param encoding the encoding parameter for the KDF function.
@param macKeySize the size of the MAC key (in bits).
@param derivation the derivation parameter for the KDF function.
@param encoding the encoding parameter for the KDF function.
@param macKeySize the size of the MAC key (in bits).
@param cipherKeySize the size of the associated Cipher key (in bits).
parameters for Key derivation functions for ISO-18033
parameters for Key derivation functions for IEEE P1363a
Parameters for mask derivation functions.
Parameters for NaccacheStern public private key generation. For details on
this cipher, please see
http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
Parameters for generating a NaccacheStern KeyPair.
@param random
The source of randomness
@param strength
The desired strength of the Key in Bits
@param certainty
the probability that the generated primes are not really prime
as integer: 2^(-certainty) is then the probability
@param countSmallPrimes
How many small key factors are desired
* Parameters for a NaccacheStern KeyPair.
*
* @param random
* The source of randomness
* @param strength
* The desired strength of the Key in Bits
* @param certainty
* the probability that the generated primes are not really prime
* as integer: 2^(-certainty) is then the probability
* @param cntSmallPrimes
* How many small key factors are desired
* @param debug
* Ignored
@return Returns the certainty.
@return Returns the countSmallPrimes.
Public key parameters for NaccacheStern cipher. For details on this cipher,
please see
http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
@param privateKey
@return Returns the g.
@return Returns the lowerSigmaBound.
@return Returns the n.
Private key parameters for NaccacheStern cipher. For details on this cipher,
please see
http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
Constructs a NaccacheSternPrivateKey
@param g
the public enryption parameter g
@param n
the public modulus n = p*q
@param lowerSigmaBound
the public lower sigma bound up to which data can be encrypted
@param smallPrimes
the small primes, of which sigma is constructed in the right
order
@param phi_n
the private modulus phi(n) = (p-1)(q-1)
Cipher parameters with a fixed salt value associated with them.
Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
Parameterised Skein can be used for:
- MAC generation, by providing a key.
- Randomised hashing, by providing a nonce.
- A hash function for digital signatures, associating a
public key with the message digest.
- A key derivation function, by providing a
key identifier.
- Personalised hashing, by providing a
recommended format or
arbitrary personalisation string.
The parameter type for a secret key, supporting MAC or KDF functions: 0
The parameter type for the Skein configuration block: 4
The parameter type for a personalisation string: 8
The parameter type for a public key: 12
The parameter type for a key identifier string: 16
The parameter type for a nonce: 20
The parameter type for the message: 48
The parameter type for the output transformation: 63
Obtains a map of type (int) to value (byte[]) for the parameters tracked in this object.
Obtains the value of the key parameter, or null
if not
set.
The key.
Obtains the value of the personalisation parameter, or
null
if not set.
Obtains the value of the public key parameter, or
null
if not set.
Obtains the value of the key identifier parameter, or
null
if not set.
Obtains the value of the nonce parameter, or null
if
not set.
A builder for .
Sets a parameters to apply to the Skein hash function.
Parameter types must be in the range 0,5..62, and cannot use the value 48
(reserved for message body).
Parameters with type < 48 are processed before
the message content, parameters with type > 48
are processed after the message and prior to output.
the type of the parameter, in the range 5..62.
the byte sequence of the parameter.
Sets the parameter.
Sets the parameter.
Implements the recommended personalisation format for Skein defined in Section 4.11 of
the Skein 1.3 specification.
The format is YYYYMMDD email@address distinguisher
, encoded to a byte
sequence using UTF-8 encoding.
the date the personalised application of the Skein was defined.
the email address of the creation of the personalised application.
an arbitrary personalisation string distinguishing the application.
Sets the parameter.
Sets the parameter.
Sets the parameter.
Constructs a new instance with the parameters provided to this
builder.
Private parameters for an SM2 key exchange.
The ephemeralPrivateKey is used to calculate the random point used in the algorithm.
Public parameters for an SM2 key exchange.
In this case the ephemeralPublicKey provides the random point used in the algorithm.
Parameters for tweakable block ciphers.
Gets the key.
the key to use, or null
to use the current key.
Gets the tweak value.
The tweak to use, or null
to use the current tweak.
super class for all Password Based Encyrption (Pbe) parameter generator classes.
base constructor.
initialise the Pbe generator.
@param password the password converted into bytes (see below).
@param salt the salt to be mixed with the password.
@param iterationCount the number of iterations the "mixing" function
is to be applied for.
return the password byte array.
@return the password byte array.
return the salt byte array.
@return the salt byte array.
return the iteration count.
@return the iteration count.
Generate derived parameters for a key of length keySize.
@param keySize the length, in bits, of the key required.
@return a parameters object representing a key.
Generate derived parameters for a key of length keySize, and
an initialisation vector (IV) of length ivSize.
@param keySize the length, in bits, of the key required.
@param ivSize the length, in bits, of the iv required.
@return a parameters object representing a key and an IV.
Generate derived parameters for a key of length keySize, specifically
for use with a MAC.
@param keySize the length, in bits, of the key required.
@return a parameters object representing a key.
converts a password to a byte array according to the scheme in
Pkcs5 (ascii, no padding)
@param password a character array representing the password.
@return a byte array representing the password.
converts a password to a byte array according to the scheme in
PKCS5 (UTF-8, no padding)
@param password a character array representing the password.
@return a byte array representing the password.
converts a password to a byte array according to the scheme in
Pkcs12 (unicode, big endian, 2 zero pad bytes at the end).
@param password a character array representing the password.
@return a byte array representing the password.
An EntropySourceProvider where entropy generation is based on a SecureRandom output using SecureRandom.generateSeed().
Create a entropy source provider based on the passed in SecureRandom.
@param secureRandom the SecureRandom to base EntropySource construction on.
@param isPredictionResistant boolean indicating if the SecureRandom is based on prediction resistant entropy or not (true if it is).
Return an entropy source that will create bitsRequired bits of entropy on
each invocation of getEntropy().
@param bitsRequired size (in bits) of entropy to be created by the provided source.
@return an EntropySource that generates bitsRequired bits of entropy on each call to its getEntropy() method.
Uses RandomNumberGenerator.Create() to get randomness generator
Random generation based on the digest with counter. Calling AddSeedMaterial will
always increase the entropy of the hash.
Internal access to the digest is synchronized so a single one of these can be shared.
A SP800-90A CTR DRBG.
Construct a SP800-90A CTR DRBG.
Minimum entropy requirement is the security strength requested.
@param engine underlying block cipher to use to support DRBG
@param keySizeInBits size of the key to use with the block cipher.
@param securityStrength security strength required (in bits)
@param entropySource source of entropy to use for seeding/reseeding.
@param personalizationString personalization string to distinguish this DRBG (may be null).
@param nonce nonce to further distinguish this DRBG (may be null).
Return the block size (in bits) of the DRBG.
@return the number of bits produced on each internal round of the DRBG.
Populate a passed in array with random data.
@param output output array for generated bits.
@param additionalInput additional input to be added to the DRBG in this step.
@param predictionResistant true if a reseed should be forced, false otherwise.
@return number of bits generated, -1 if a reseed required.
Reseed the DRBG.
@param additionalInput additional input to be added to the DRBG in this step.
Pad out a key for TDEA, setting odd parity for each byte.
@param keyMaster
@param keyOff
@param tmp
@param tmpOff
Used by both Dual EC and Hash.
A SP800-90A Hash DRBG.
Construct a SP800-90A Hash DRBG.
Minimum entropy requirement is the security strength requested.
@param digest source digest to use for DRB stream.
@param securityStrength security strength required (in bits)
@param entropySource source of entropy to use for seeding/reseeding.
@param personalizationString personalization string to distinguish this DRBG (may be null).
@param nonce nonce to further distinguish this DRBG (may be null).
Return the block size (in bits) of the DRBG.
@return the number of bits produced on each internal round of the DRBG.
Populate a passed in array with random data.
@param output output array for generated bits.
@param additionalInput additional input to be added to the DRBG in this step.
@param predictionResistant true if a reseed should be forced, false otherwise.
@return number of bits generated, -1 if a reseed required.
Reseed the DRBG.
@param additionalInput additional input to be added to the DRBG in this step.
A SP800-90A HMAC DRBG.
Construct a SP800-90A Hash DRBG.
Minimum entropy requirement is the security strength requested.
@param hMac Hash MAC to base the DRBG on.
@param securityStrength security strength required (in bits)
@param entropySource source of entropy to use for seeding/reseeding.
@param personalizationString personalization string to distinguish this DRBG (may be null).
@param nonce nonce to further distinguish this DRBG (may be null).
Return the block size (in bits) of the DRBG.
@return the number of bits produced on each round of the DRBG.
Populate a passed in array with random data.
@param output output array for generated bits.
@param additionalInput additional input to be added to the DRBG in this step.
@param predictionResistant true if a reseed should be forced, false otherwise.
@return number of bits generated, -1 if a reseed required.
Reseed the DRBG.
@param additionalInput additional input to be added to the DRBG in this step.
Interface to SP800-90A deterministic random bit generators.
Return the block size of the DRBG.
@return the block size (in bits) produced by each round of the DRBG.
Populate a passed in array with random data.
@param output output array for generated bits.
@param additionalInput additional input to be added to the DRBG in this step.
@param predictionResistant true if a reseed should be forced, false otherwise.
@return number of bits generated, -1 if a reseed required.
Reseed the DRBG.
@param additionalInput additional input to be added to the DRBG in this step.
Generate numBytes worth of entropy from the passed in entropy source.
@param entropySource the entropy source to request the data from.
@param numBytes the number of bytes of entropy requested.
@return a byte array populated with the random data.
Generic interface for objects generating random bytes.
Add more seed material to the generator.
A byte array to be mixed into the generator's state.
Add more seed material to the generator.
A long value to be mixed into the generator's state.
Fill byte array with random values.
Array to be filled.
Fill byte array with random values.
Array to receive bytes.
Index to start filling at.
Length of segment to fill.
Takes bytes generated by an underling RandomGenerator and reverses the order in
each small window (of configurable size).
Access to internals is synchronized so a single one of these can be shared.
Add more seed material to the generator.
A byte array to be mixed into the generator's state.
Add more seed material to the generator.
A long value to be mixed into the generator's state.
Fill byte array with random values.
Array to be filled.
Fill byte array with random values.
Array to receive bytes.
Index to start filling at.
Length of segment to fill.
Force a reseed of the DRBG.
optional additional input
Builder class for making SecureRandom objects based on SP 800-90A Deterministic Random Bit Generators (DRBG).
Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
predictionResistant set to false.
Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
the default SecureRandom does for its generateSeed() call.
Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
for prediction resistance.
Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
the passed in SecureRandom does for its generateSeed() call.
@param entropySource
@param predictionResistant
Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
Note: If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
@param entropySourceProvider a provider of EntropySource objects.
Set the personalization string for DRBG SecureRandoms created by this builder
@param personalizationString the personalisation string for the underlying DRBG.
@return the current builder.
Set the security strength required for DRBGs used in building SecureRandom objects.
@param securityStrength the security strength (in bits)
@return the current builder.
Set the amount of entropy bits required for seeding and reseeding DRBGs used in building SecureRandom objects.
@param entropyBitsRequired the number of bits of entropy to be requested from the entropy source on each seed/reseed.
@return the current builder.
Build a SecureRandom based on a SP 800-90A Hash DRBG.
@param digest digest algorithm to use in the DRBG underneath the SecureRandom.
@param nonce nonce value to use in DRBG construction.
@param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
@return a SecureRandom supported by a Hash DRBG.
Build a SecureRandom based on a SP 800-90A CTR DRBG.
@param cipher the block cipher to base the DRBG on.
@param keySizeInBits key size in bits to be used with the block cipher.
@param nonce nonce value to use in DRBG construction.
@param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
@return a SecureRandom supported by a CTR DRBG.
Build a SecureRandom based on a SP 800-90A HMAC DRBG.
@param hMac HMAC algorithm to use in the DRBG underneath the SecureRandom.
@param nonce nonce value to use in DRBG construction.
@param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
@return a SecureRandom supported by a HMAC DRBG.
A thread based seed generator - one source of randomness.
Based on an idea from Marcus Lippert.
Generate seed bytes. Set fast to false for best quality.
If fast is set to true, the code should be round about 8 times faster when
generating a long sequence of random bytes. 20 bytes of random values using
the fast mode take less than half a second on a Nokia e70. If fast is set to false,
it takes round about 2500 ms.
@param numBytes the number of bytes to generate
@param fast true if fast mode should be used
Permutation generated by code:
// First 1850 fractional digit of Pi number.
byte[] key = new BigInteger("14159265358979323846...5068006422512520511").ToByteArray();
s = 0;
P = new byte[256];
for (int i = 0; i < 256; i++)
{
P[i] = (byte) i;
}
for (int m = 0; m < 768; m++)
{
s = P[(s + P[m & 0xff] + key[m % key.length]) & 0xff];
byte temp = P[m & 0xff];
P[m & 0xff] = P[s & 0xff];
P[s & 0xff] = temp;
}
Value generated in the same way as P.
@param engine
@param entropySource
Populate a passed in array with random data.
@param output output array for generated bits.
@param predictionResistant true if a reseed should be forced, false otherwise.
@return number of bits generated, -1 if a reseed required.
Reseed the RNG.
Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
predictionResistant set to false.
Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
the default SecureRandom does for its generateSeed() call.
Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
for prediction resistance.
Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
the passed in SecureRandom does for its generateSeed() call.
@param entropySource
@param predictionResistant
Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
Note: If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
@param entropySourceProvider a provider of EntropySource objects.
Construct a X9.31 secure random generator using the passed in engine and key. If predictionResistant is true the
generator will be reseeded on each request.
@param engine a block cipher to use as the operator.
@param key the block cipher key to initialise engine with.
@param predictionResistant true if engine to be reseeded on each use, false otherwise.
@return a SecureRandom.
update the internal digest with the byte b
update the internal digest with the byte array in
Generate a signature for the message we've been loaded with using
the key we were initialised with.
true if the internal state represents the signature described in the passed in array.
Reset the internal state
The Digital Signature Algorithm - as described in "Handbook of Applied
Cryptography", pages 452 - 453.
Default configuration, random K values.
Configuration with an alternate, possibly deterministic calculator of K.
@param kCalculator a K value calculator.
Generate a signature for the given message using the key we were
initialised with. For conventional DSA the message should be a SHA-1
hash of the message of interest.
@param message the message that will be verified later.
return true if the value r and s represent a DSA signature for
the passed in message for standard DSA the message should be a
SHA-1 hash of the real message to be verified.
EC-DSA as described in X9.62
Default configuration, random K values.
Configuration with an alternate, possibly deterministic calculator of K.
@param kCalculator a K value calculator.
Generate a signature for the given message using the key we were
initialised with. For conventional DSA the message should be a SHA-1
hash of the message of interest.
@param message the message that will be verified later.
return true if the value r and s represent a DSA signature for
the passed in message (for standard DSA the message should be
a SHA-1 hash of the real message to be verified).
GOST R 34.10-2001 Signature Algorithm
generate a signature for the given message using the key we were
initialised with. For conventional GOST3410 the message should be a GOST3411
hash of the message of interest.
@param message the message that will be verified later.
return true if the value r and s represent a GOST3410 signature for
the passed in message (for standard GOST3410 the message should be
a GOST3411 hash of the real message to be verified).
EC-NR as described in IEEE 1363-2000
generate a signature for the given message using the key we were
initialised with. Generally, the order of the curve should be at
least as long as the hash of the message of interest, and with
ECNR it *must* be at least as long.
@param digest the digest to be signed.
@exception DataLengthException if the digest is longer than the key allows
return true if the value r and s represent a signature for the
message passed in. Generally, the order of the curve should be at
least as long as the hash of the message of interest, and with
ECNR, it *must* be at least as long. But just in case the signer
applied mod(n) to the longer digest, this implementation will
apply mod(n) during verification.
@param digest the digest to be verified.
@param r the r value of the signature.
@param s the s value of the signature.
@exception DataLengthException if the digest is longer than the key allows
initialise the signer for signing or verification.
@param forSigning
true if for signing, false otherwise
@param parameters
necessary parameters.
update the internal digest with the byte b
update the internal digest with the byte array in
Generate a signature for the message we've been loaded with using the key
we were initialised with.
return true if the internal state represents the signature described in
the passed in array.
update the internal digest with the byte b
update the internal digest with the byte array in
Generate a signature for the message we've been loaded with using
the key we were initialised with.
true if the internal state represents the signature described in the passed in array.
Reset the internal state
Gost R 34.10-94 Signature Algorithm
generate a signature for the given message using the key we were
initialised with. For conventional Gost3410 the message should be a Gost3411
hash of the message of interest.
@param message the message that will be verified later.
return true if the value r and s represent a Gost3410 signature for
the passed in message for standard Gost3410 the message should be a
Gost3411 hash of the real message to be verified.
A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979.
Base constructor.
@param digest digest to build the HMAC on.
Interface define calculators of K values for DSA/ECDSA.
Return true if this calculator is deterministic, false otherwise.
@return true if deterministic, otherwise false.
Non-deterministic initialiser.
@param n the order of the DSA group.
@param random a source of randomness.
Deterministic initialiser.
@param n the order of the DSA group.
@param d the DSA private value.
@param message the message being signed.
Return the next valid value of K.
@return a K value.
ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3).
Note: the usual length for the salt is the length of the hash
function used in bytes.
Return a reference to the recoveredMessage message.
The full/partial recoveredMessage message.
Generate a signer with either implicit or explicit trailers for ISO9796-2, scheme 2 or 3.
base cipher to use for signature creation/verification
digest to use.
length of salt in bytes.
whether or not the trailer is implicit or gives the hash.
Constructor for a signer with an explicit digest trailer.
cipher to use.
digest to sign with.
length of salt in bytes.
Initialise the signer.
true if for signing, false if for verification.
parameters for signature generation/verification. If the
parameters are for generation they should be a ParametersWithRandom,
a ParametersWithSalt, or just an RsaKeyParameters object. If RsaKeyParameters
are passed in a SecureRandom will be created.
if wrong parameter type or a fixed
salt is passed in which is the wrong length.
compare two byte arrays - constant time.
clear possible sensitive data
update the internal digest with the byte b
update the internal digest with the byte array in
reset the internal state
Generate a signature for the loaded message using the key we were
initialised with.
return true if the signature represents a ISO9796-2 signature
for the passed in message.
Return true if the full message was recoveredMessage.
true on full message recovery, false otherwise, or if not sure.
int to octet string.
int to octet string.
long to octet string.
mask generator function, as described in Pkcs1v2.
ISO9796-2 - mechanism using a hash function with recovery (scheme 1)
Return a reference to the recoveredMessage message.
The full/partial recoveredMessage message.
Generate a signer with either implicit or explicit trailers for ISO9796-2.
base cipher to use for signature creation/verification
digest to use.
whether or not the trailer is implicit or gives the hash.
Constructor for a signer with an explicit digest trailer.
cipher to use.
digest to sign with.
compare two byte arrays - constant time.
clear possible sensitive data
update the internal digest with the byte b
update the internal digest with the byte array in
reset the internal state
Generate a signature for the loaded message using the key we were
initialised with.
return true if the signature represents a ISO9796-2 signature
for the passed in message.
Return true if the full message was recoveredMessage.
true on full message recovery, false otherwise.
RSA-PSS as described in Pkcs# 1 v 2.1.
Note: the usual value for the salt length is the number of
bytes in the hash function.
Basic constructor
the asymmetric cipher to use.
the digest to use.
the length of the salt to use (in bytes).
Basic constructor
the asymmetric cipher to use.
the digest to use.
the fixed salt to be used.
clear possible sensitive data
update the internal digest with the byte b
update the internal digest with the byte array in
reset the internal state
Generate a signature for the message we've been loaded with using
the key we were initialised with.
return true if the internal state represents the signature described
in the passed in array.
int to octet string.
mask generator function, as described in Pkcs1v2.
Load oid table.
Initialise the signer for signing or verification.
@param forSigning true if for signing, false otherwise
@param param necessary parameters.
update the internal digest with the byte b
update the internal digest with the byte array in
Generate a signature for the message we've been loaded with using
the key we were initialised with.
return true if the internal state represents the signature described
in the passed in array.
The SM2 Digital Signature algorithm.
X9.31-1998 - signing using a hash.
The message digest hash, H, is encapsulated to form a byte string as follows
EB = 06 || PS || 0xBA || H || TRAILER
where PS is a string of bytes all of value 0xBB of length such that |EB|=|n|, and TRAILER is the ISO/IEC 10118 part number†for the digest. The byte string, EB, is converted to an integer value, the message representative, f.
Generate a signer with either implicit or explicit trailers for X9.31.
@param cipher base cipher to use for signature creation/verification
@param digest digest to use.
@param implicit whether or not the trailer is implicit or gives the hash.
Constructor for a signer with an explicit digest trailer.
@param cipher cipher to use.
@param digest digest to sign with.
clear possible sensitive data
update the internal digest with the byte b
update the internal digest with the byte array in
reset the internal state
generate a signature for the loaded message using the key we were
initialised with.
return true if the signature represents a ISO9796-2 signature
for the passed in message.
a wrapper for block ciphers with a single byte block size, so that they
can be treated like stream ciphers.
basic constructor.
@param cipher the block cipher to be wrapped.
@exception ArgumentException if the cipher has a block size other than
one.
initialise the underlying cipher.
@param forEncryption true if we are setting up for encryption, false otherwise.
@param param the necessary parameters for the underlying cipher to be initialised.
return the name of the algorithm we are wrapping.
@return the name of the algorithm we are wrapping.
encrypt/decrypt a single byte returning the result.
@param in the byte to be processed.
@return the result of processing the input byte.
process a block of bytes from in putting the result into out.
@param in the input byte array.
@param inOff the offset into the in array where the data to be processed starts.
@param len the number of bytes to be processed.
@param out the output buffer the processed bytes go into.
@param outOff the offset into the output byte array the processed data stars at.
@exception DataLengthException if the output buffer is too small.
reset the underlying cipher. This leaves it in the same state
it was at after the last init (if there was one).
RFC 5246 7.2
This message notifies the recipient that the sender will not send any more messages on this
connection. Note that as of TLS 1.1, failure to properly close a connection no longer
requires that a session not be resumed. This is a change from TLS 1.0 ("The session becomes
unresumable if any connection is terminated without proper close_notify messages with level
equal to warning.") to conform with widespread implementation practice.
An inappropriate message was received. This alert is always fatal and should never be
observed in communication between proper implementations.
This alert is returned if a record is received with an incorrect MAC. This alert also MUST be
returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: either it
wasn't an even multiple of the block length, or its padding values, when checked, weren't
correct. This message is always fatal and should never be observed in communication between
proper implementations (except when messages were corrupted in the network).
This alert was used in some earlier versions of TLS, and may have permitted certain attacks
against the CBC mode [CBCATT]. It MUST NOT be sent by compliant implementations.
A TLSCiphertext record was received that had a length more than 2^14+2048 bytes, or a record
decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always
fatal and should never be observed in communication between proper implementations (except
when messages were corrupted in the network).
The decompression function received improper input (e.g., data that would expand to excessive
length). This message is always fatal and should never be observed in communication between
proper implementations.
Reception of a handshake_failure alert message indicates that the sender was unable to
negotiate an acceptable set of security parameters given the options available. This is a
fatal error.
This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant
implementations.
A certificate was corrupt, contained signatures that did not verify correctly, etc.
A certificate was of an unsupported type.
A certificate was revoked by its signer.
A certificate has expired or is not currently valid.
Some other (unspecified) issue arose in processing the certificate, rendering it
unacceptable.
A field in the handshake was out of range or inconsistent with other fields. This message is
always fatal.
A valid certificate chain or partial chain was received, but the certificate was not accepted
because the CA certificate could not be located or couldn't be matched with a known, trusted
CA. This message is always fatal.
A valid certificate was received, but when access control was applied, the sender decided not
to proceed with negotiation. This message is always fatal.
A message could not be decoded because some field was out of the specified range or the
length of the message was incorrect. This message is always fatal and should never be
observed in communication between proper implementations (except when messages were corrupted
in the network).
A handshake cryptographic operation failed, including being unable to correctly verify a
signature or validate a Finished message. This message is always fatal.
This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant
implementations.
The protocol version the client has attempted to negotiate is recognized but not supported.
(For example, old protocol versions might be avoided for security reasons.) This message is
always fatal.
Returned instead of handshake_failure when a negotiation has failed specifically because the
server requires ciphers more secure than those supported by the client. This message is
always fatal.
An internal error unrelated to the peer or the correctness of the protocol (such as a memory
allocation failure) makes it impossible to continue. This message is always fatal.
This handshake is being canceled for some reason unrelated to a protocol failure. If the user
cancels an operation after the handshake is complete, just closing the connection by sending
a close_notify is more appropriate. This alert should be followed by a close_notify. This
message is generally a warning.
Sent by the client in response to a hello request or by the server in response to a client
hello after initial handshaking. Either of these would normally lead to renegotiation; when
that is not appropriate, the recipient should respond with this alert. At that point, the
original requester can decide whether to proceed with the connection. One case where this
would be appropriate is where a server has spawned a process to satisfy a request; the
process might receive security parameters (key length, authentication, etc.) at startup, and
it might be difficult to communicate changes to these parameters after that point. This
message is always a warning.
Sent by clients that receive an extended server hello containing an extension that they did
not put in the corresponding client hello. This message is always fatal.
This alert is sent by servers who are unable to retrieve a certificate chain from the URL
supplied by the client (see Section 3.3). This message MAY be fatal - for example if client
authentication is required by the server for the handshake to continue and the server is
unable to retrieve the certificate chain, it may send a fatal alert.
This alert is sent by servers that receive a server_name extension request, but do not
recognize the server name. This message MAY be fatal.
This alert is sent by clients that receive an invalid certificate status response (see
Section 3.6). This message is always fatal.
This alert is sent by servers when a certificate hash does not match a client provided
certificate_hash. This message is always fatal.
If the server does not recognize the PSK identity, it MAY respond with an
"unknown_psk_identity" alert message.
If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest protocol version
supported by the server is higher than the version indicated in ClientHello.client_version,
the server MUST respond with a fatal inappropriate_fallback alert [..].
RFC 5246 7.2
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
A queue for bytes.
This file could be more optimized.
The smallest number which can be written as 2^x which is bigger than i.
The initial size for our buffer.
The buffer where we store our data.
How many bytes at the beginning of the buffer are skipped.
How many bytes in the buffer are valid data.
Add some data to our buffer.
A byte-array to read data from.
How many bytes to skip at the beginning of the array.
How many bytes to read from the array.
The number of bytes which are available in this buffer.
Copy some bytes from the beginning of the data to the provided Stream.
The Stream to copy the bytes to.
How many bytes to copy.
If insufficient data is available.
If there is a problem copying the data.
Read data from the buffer.
The buffer where the read data will be copied to.
How many bytes to skip at the beginning of buf.
How many bytes to read at all.
How many bytes from our data to skip.
Return a MemoryStream over some bytes at the beginning of the data.
How many bytes will be readable.
A MemoryStream over the data.
If insufficient data is available.
Remove some bytes from our data from the beginning.
How many bytes to remove.
Parsing and encoding of a Certificate struct from RFC 4346.
opaque ASN.1Cert<2^24-1>;
struct {
ASN.1Cert certificate_list<0..2^24-1>;
} Certificate;
@see Spire.Security.Asn1.X509.X509CertificateStructure
The certificates.
@return an array of {@link org.bouncycastle.asn1.x509.Certificate} representing a certificate
chain.
@return true
if this certificate chain contains no certificates, or
false
otherwise.
Encode this {@link Certificate} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link Certificate} from a {@link Stream}.
@param input the {@link Stream} to parse from.
@return a {@link Certificate} object.
@throws IOException
Parsing and encoding of a CertificateRequest struct from RFC 4346.
struct {
ClientCertificateType certificate_types<1..2^8-1>;
DistinguishedName certificate_authorities<3..2^16-1>
} CertificateRequest;
@see ClientCertificateType
@see X509Name
@param certificateTypes see {@link ClientCertificateType} for valid constants.
@param certificateAuthorities an {@link IList} of {@link X509Name}.
@return an array of certificate types
@see {@link ClientCertificateType}
@return an {@link IList} of {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
@return an {@link IList} of {@link X509Name}
Encode this {@link CertificateRequest} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link CertificateRequest} from a {@link Stream}.
@param context
the {@link TlsContext} of the current connection.
@param input
the {@link Stream} to parse from.
@return a {@link CertificateRequest} object.
@throws IOException
Encode this {@link CertificateStatus} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link CertificateStatus} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link CertificateStatus} object.
@throws IOException
Encode this {@link CertificateStatusRequest} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link CertificateStatusRequest} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link CertificateStatusRequest} object.
@throws IOException
RFC 6091
@param type
see {@link CertChainType} for valid constants.
@param urlAndHashList
a {@link IList} of {@link UrlAndHash}.
@return {@link CertChainType}
@return an {@link IList} of {@link UrlAndHash}
Encode this {@link CertificateUrl} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link CertificateUrl} from a {@link Stream}.
@param context
the {@link TlsContext} of the current connection.
@param input
the {@link Stream} to parse from.
@return a {@link CertificateUrl} object.
@throws IOException
draft-ietf-tls-chacha20-poly1305-04
RFC 2246 A.5
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
A combined hash, which implements md5(m) || sha1(m).
@see org.bouncycastle.crypto.Digest#update(byte[], int, int)
@see org.bouncycastle.crypto.Digest#doFinal(byte[], int)
@see org.bouncycastle.crypto.Digest#reset()
RFC 2246 6.1
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
RFC 2246 6.2.1
Accept only the group parameters specified in RFC 5054 Appendix A.
Specify a custom set of acceptable group parameters.
@param groups a {@link Vector} of acceptable {@link SRP6GroupParameters}
Buffers input until the hash algorithm is determined.
@return a {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
Encode this {@link DigitallySigned} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link DigitallySigned} from a {@link Stream}.
@param context
the {@link TlsContext} of the current connection.
@param input
the {@link Stream} to parse from.
@return a {@link DigitallySigned} object.
@throws IOException
Check that there are no "extra" messages left in the current inbound flight
RFC 4347 4.1.2.5 Anti-replay
Support fast rejection of duplicate records by maintaining a sliding receive window
Check whether a received record with the given sequence number should be rejected as a duplicate.
@param seq the 48-bit DTLSPlainText.sequence_number field of a received record.
@return true if the record should be discarded without further processing.
Report that a received record with the given sequence number passed authentication checks.
@param seq the 48-bit DTLSPlainText.sequence_number field of an authenticated record.
When a new epoch begins, sequence numbers begin again at 0
RFC 4492 5.4. (Errata ID: 2389)
RFC 4492 5.4
Indicates the elliptic curve domain parameters are conveyed verbosely, and the
underlying finite field is a prime field.
Indicates the elliptic curve domain parameters are conveyed verbosely, and the
underlying finite field is a characteristic-2 field.
Indicates that a named curve is used. This option SHOULD be used when applicable.
RFC 4492 5.1.2
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
RFC 5705
RFC 5246 7.4.1.4.1
Encode this {@link HeartbeatExtension} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link HeartbeatExtension} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link HeartbeatExtension} object.
@throws IOException
Encode this {@link HeartbeatMessage} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link HeartbeatMessage} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link HeartbeatMessage} object.
@throws IOException
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
RFC 2246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
RFC 4492 5.1.1
The named curves defined here are those specified in SEC 2 [13]. Note that many of
these curves are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00
through 0xFEFF are reserved for private use. Values 0xFF01 and 0xFF02 indicate that the
client supports arbitrary prime and characteristic-2 curves, respectively (the curve
parameters must be encoded explicitly in ECParameters).
Encode this {@link NewSessionTicket} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link NewSessionTicket} from a {@link Stream}.
@param input the {@link Stream} to parse from.
@return a {@link NewSessionTicket} object.
@throws IOException
RFC 3546 3.6
@param responderIDList
an {@link IList} of {@link ResponderID}, specifying the list of trusted OCSP
responders. An empty list has the special meaning that the responders are
implicitly known to the server - e.g., by prior arrangement.
@param requestExtensions
OCSP request extensions. A null value means that there are no extensions.
@return an {@link IList} of {@link ResponderID}
@return OCSP request extensions
Encode this {@link OcspStatusRequest} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link OcspStatusRequest} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return an {@link OcspStatusRequest} object.
@throws IOException
RFC 5246
Note that the values here are implementation-specific and arbitrary. It is recommended not to
depend on the particular values (e.g. serialization).
An implementation of the TLS 1.0/1.1/1.2 record layer, allowing downgrade to SSLv3.
RFC 5246 E.1. "Earlier versions of the TLS specification were not fully clear on what the
record layer version number (TLSPlaintext.version) should contain when sending ClientHello
(i.e., before it is known which version of the protocol will be employed). Thus, TLS servers
compliant with this specification MUST accept any value {03,XX} as the record layer version
number for ClientHello."
@return {@link ConnectionEnd}
@return {@link CipherSuite}
@return {@link CompressionMethod}
@return {@link PRFAlgorithm}
Encode this {@link ServerDHParams} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link ServerDHParams} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link ServerDHParams} object.
@throws IOException
Encode this {@link ServerName} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link ServerName} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link ServerName} object.
@throws IOException
@param serverNameList an {@link IList} of {@link ServerName}.
@return an {@link IList} of {@link ServerName}.
Encode this {@link ServerNameList} to a {@link Stream}.
@param output
the {@link Stream} to encode to.
@throws IOException
Parse a {@link ServerNameList} from a {@link Stream}.
@param input
the {@link Stream} to parse from.
@return a {@link ServerNameList} object.
@throws IOException
Encode this {@link ServerSRPParams} to an {@link OutputStream}.
@param output
the {@link OutputStream} to encode to.
@throws IOException
Parse a {@link ServerSRPParams} from an {@link InputStream}.
@param input
the {@link InputStream} to parse from.
@return a {@link ServerSRPParams} object.
@throws IOException
RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned)
RFC 5246 7.4.1.4.1
@param hash {@link HashAlgorithm}
@param signature {@link SignatureAlgorithm}
@return {@link HashAlgorithm}
@return {@link SignatureAlgorithm}
Encode this {@link SignatureAndHashAlgorithm} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link SignatureAndHashAlgorithm} from a {@link Stream}.
@param input the {@link Stream} to parse from.
@return a {@link SignatureAndHashAlgorithm} object.
@throws IOException
An implementation of {@link TlsSRPIdentityManager} that simulates the existence of "unknown" identities
to obscure the fact that there is no verifier for them.
Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3
@param group the {@link SRP6GroupParameters} defining the group that SRP is operating in
@param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3
@return an instance of {@link SimulatedTlsSRPIdentityManager}
HMAC implementation based on original internet draft for HMAC (RFC 2104)
The difference is that padding is concatentated versus XORed with the key
H(K + opad, H(K + ipad, text))
Base constructor for one of the standard digest algorithms that the byteLength of
the algorithm is know for. Behaviour is undefined for digests other than MD5 or SHA1.
@param digest the digest.
Reset the mac generator.
RFC 4680
Called by the protocol handler to report the server certificate.
This method is responsible for certificate verification and validation
The server received
Return client credentials in response to server's certificate request
A containing server certificate request details
A to be used for client authentication
(or null for no client authentication)
A generic TLS 1.0-1.2 / SSLv3 block cipher. This can be used for AES or 3DES for example.
Called at the start of a new TLS session, before any other methods.
A
Return the session this client wants to resume, if any.
Note that the peer's certificate chain for the session (if any) may need to be periodically revalidated.
A representing the resumable session to be used for this connection,
or null to use a new session.
Return the to use for the TLSPlaintext.version field prior to
receiving the server version. NOTE: This method is not called for DTLS.
See RFC 5246 E.1.: "TLS clients that wish to negotiate with older servers MAY send any value
{03,XX} as the record layer version number. Typical values would be {03,00}, the lowest
version number supported by the client, and the value of ClientHello.client_version. No
single value will guarantee interoperability with all old servers, but this is a complex
topic beyond the scope of this document."
The to use.
Get the list of cipher suites that this client supports.
An array of values, each specifying a supported cipher suite.
Get the list of compression methods that this client supports.
An array of values, each specifying a supported compression method.
Get the (optional) table of client extensions to be included in (extended) client hello.
A (Int32 -> byte[]). May be null.
Notifies the client of the session_id sent in the ServerHello.
An array of
Report the cipher suite that was selected by the server.
The protocol handler validates this value against the offered cipher suites
A
Report the compression method that was selected by the server.
The protocol handler validates this value against the offered compression methods
A
Report the extensions from an extended server hello.
Will only be called if we returned a non-null result from .
A (Int32 -> byte[])
A list of
Return an implementation of to negotiate the key exchange
part of the protocol.
A
Return an implementation of to handle authentication
part of the protocol.
A list of
RFC 5077 3.3. NewSessionTicket Handshake Message
This method will be called (only) when a NewSessionTicket handshake message is received. The
ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption
that it complies with e.g. RFC 5077 4. Recommended Ticket Construction.
The ticket
Constructor for blocking mode.
@param stream The bi-directional stream of data to/from the server
@param secureRandom Random number generator for various cryptographic functions
Constructor for blocking mode.
@param input The stream of data from the server
@param output The stream of data to the server
@param secureRandom Random number generator for various cryptographic functions
Constructor for non-blocking mode.
When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to
provide the received ciphertext, then use
{@link #readInput(byte[], int, int)} to read the corresponding cleartext.
Similarly, when data needs to be sent, use
{@link #offerOutput(byte[], int, int)} to provide the cleartext, then use
{@link #readOutput(byte[], int, int)} to get the corresponding
ciphertext.
@param secureRandom
Random number generator for various cryptographic functions
Initiates a TLS handshake in the role of client.
In blocking mode, this will not return until the handshake is complete.
In non-blocking mode, use {@link TlsPeer#NotifyHandshakeComplete()} to
receive a callback when the handshake is complete.
@param tlsClient The {@link TlsClient} to use for the handshake.
@throws IOException If in blocking mode and handshake was not successful.
Used to get the resumable session, if any, used by this connection. Only available after the
handshake has successfully completed.
@return A {@link TlsSession} representing the resumable session used by this connection, or
null if no resumable session available.
@see TlsPeer#NotifyHandshakeComplete()
Export keying material according to RFC 5705: "Keying Material Exporters for TLS".
@param asciiLabel indicates which application will use the exported keys.
@param context_value allows the application using the exporter to mix its own data with the TLS PRF for
the exporter output.
@param length the number of bytes to generate
@return a pseudorandom bit string of 'length' bytes generated from the master_secret.
(D)TLS DH key exchange.
(D)TLS ECDHE key exchange (see RFC 4492).
(D)TLS ECDH key exchange (see RFC 4492).
A generic interface for key exchange implementations in (D)TLS.
A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest.
Generate a new instance of an TlsMac.
@param context the TLS client context
@param digest The digest to use.
@param key A byte-array where the key for this MAC is located.
@param keyOff The number of bytes to skip, before the key starts in the buffer.
@param keyLen The length of the key.
@return the MAC write secret
@return The output length of this MAC.
Calculate the MAC for some given data.
@param type The message type of the message.
@param message A byte-buffer containing the message.
@param offset The number of bytes to skip, before the message starts.
@param length The length of the message.
@return A new byte-buffer containing the MAC value.
This exception will be thrown(only) when the connection is closed by the peer without sending a
close_notify
warning alert.
If this happens, the TLS protocol cannot rule out truncation of the connection data (potentially
malicious). It may be possible to check for truncation via some property of a higher level protocol
built upon TLS, e.g.the Content-Length header for HTTPS.
A NULL CipherSuite, with optional MAC.
draft-mathewson-no-gmtunixtime-00 2. "If existing users of a TLS implementation may rely on
gmt_unix_time containing the current time, we recommend that implementors MAY provide the
ability to set gmt_unix_time as an option only, off by default."
true
if the current time should be used in the gmt_unix_time field of
Random, or false
if gmt_unix_time should contain a cryptographically
random value.
Report whether the server supports secure renegotiation
The protocol handler automatically processes the relevant extensions
A , true if the server supports secure renegotiation
Return an implementation of to handle record compression.
A
Return an implementation of to use for encryption/decryption.
A
This method will be called when an alert is raised by the protocol.
A human-readable message explaining what caused this alert. May be null.
The Exception that caused this alert to be raised. May be null.
This method will be called when an alert is received from the remote peer.
Notifies the peer that the handshake has been successfully completed.
This method is called, when a change cipher spec message is received.
@throws IOException If the message has an invalid content or the handshake is not in the correct
state.
Read data from the network. The method will return immediately, if there is still some data
left in the buffer, or block until some application data has been read from the network.
@param buf The buffer where the data will be copied to.
@param offset The position where the data will be placed in the buffer.
@param len The maximum number of bytes to read.
@return The number of bytes read.
@throws IOException If something goes wrong during reading data.
Send some application data to the remote system.
The method will handle fragmentation internally.
@param buf The buffer with the data.
@param offset The position in the buffer where the data is placed.
@param len The length of the data.
@throws IOException If something goes wrong during sending.
The secure bidirectional stream for this connection
Only allowed in blocking mode.
Should be called in non-blocking mode when the input data reaches EOF.
Offer input from an arbitrary source. Only allowed in non-blocking mode.
After this method returns, the input buffer is "owned" by this object. Other code
must not attempt to do anything with it.
This method will decrypt and process all records that are fully available.
If only part of a record is available, the buffer will be retained until the
remainder of the record is offered.
If any records containing application data were processed, the decrypted data
can be obtained using {@link #readInput(byte[], int, int)}. If any records
containing protocol data were processed, a response may have been generated.
You should always check to see if there is any available output after calling
this method by calling {@link #getAvailableOutputBytes()}.
@param input The input buffer to offer
@throws IOException If an error occurs while decrypting or processing a record
Gets the amount of received application data. A call to {@link #readInput(byte[], int, int)}
is guaranteed to be able to return at least this much data.
Only allowed in non-blocking mode.
@return The number of bytes of available application data
Retrieves received application data. Use {@link #getAvailableInputBytes()} to check
how much application data is currently available. This method functions similarly to
{@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
is available, nothing will be copied and zero will be returned.
Only allowed in non-blocking mode.
@param buffer The buffer to hold the application data
@param offset The start offset in the buffer at which the data is written
@param length The maximum number of bytes to read
@return The total number of bytes copied to the buffer. May be less than the
length specified if the length was greater than the amount of available data.
Offer output from an arbitrary source. Only allowed in non-blocking mode.
After this method returns, the specified section of the buffer will have been
processed. Use {@link #readOutput(byte[], int, int)} to get the bytes to
transmit to the other peer.
This method must not be called until after the handshake is complete! Attempting
to call it before the handshake is complete will result in an exception.
@param buffer The buffer containing application data to encrypt
@param offset The offset at which to begin reading data
@param length The number of bytes of data to read
@throws IOException If an error occurs encrypting the data, or the handshake is not complete
Gets the amount of encrypted data available to be sent. A call to
{@link #readOutput(byte[], int, int)} is guaranteed to be able to return at
least this much data.
Only allowed in non-blocking mode.
@return The number of bytes of available encrypted data
Retrieves encrypted data to be sent. Use {@link #getAvailableOutputBytes()} to check
how much encrypted data is currently available. This method functions similarly to
{@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
is available, nothing will be copied and zero will be returned.
Only allowed in non-blocking mode.
@param buffer The buffer to hold the encrypted data
@param offset The start offset in the buffer at which the data is written
@param length The maximum number of bytes to read
@return The total number of bytes copied to the buffer. May be less than the
length specified if the length was greater than the amount of available data.
Closes this connection.
@throws IOException If something goes wrong during closing.
Make sure the InputStream 'buf' now empty. Fail otherwise.
@param buf The InputStream to check.
@throws IOException If 'buf' is not empty.
'sender' only relevant to SSLv3
Both streams can be the same object
(D)TLS PSK key exchange (RFC 4279).
(D)TLS and SSLv3 RSA key exchange.
A (Int32 -> byte[]). Will never be null.
Get the (optional) table of server extensions to be included in (extended) server hello.
A (Int32 -> byte[]). May be null.
A (). May be null.
This method will be called (only) if the server included an extension of type
"status_request" with empty "extension_data" in the extended server hello. See RFC 3546
3.6. Certificate Status Request. If a non-null is returned, it
is sent to the client as a handshake message of type "certificate_status".
A to be sent to the client (or null for none).
()
Called by the protocol handler to report the client certificate, only if GetCertificateRequest
returned non-null.
Note: this method is responsible for certificate verification and validation.
the effective client certificate (may be an empty chain).
RFC 5077 3.3. NewSessionTicket Handshake Message.
This method will be called (only) if a NewSessionTicket extension was sent by the server. See
RFC 5077 4. Recommended Ticket Construction for recommended format and protection.
The ticket)
Constructor for blocking mode.
@param stream The bi-directional stream of data to/from the client
@param output The stream of data to the client
@param secureRandom Random number generator for various cryptographic functions
Constructor for blocking mode.
@param input The stream of data from the client
@param output The stream of data to the client
@param secureRandom Random number generator for various cryptographic functions
Constructor for non-blocking mode.
When data is received, use {@link #offerInput(java.nio.ByteBuffer)} to
provide the received ciphertext, then use
{@link #readInput(byte[], int, int)} to read the corresponding cleartext.
Similarly, when data needs to be sent, use
{@link #offerOutput(byte[], int, int)} to provide the cleartext, then use
{@link #readOutput(byte[], int, int)} to get the corresponding
ciphertext.
@param secureRandom
Random number generator for various cryptographic functions
Receives a TLS handshake in the role of server.
In blocking mode, this will not return until the handshake is complete.
In non-blocking mode, use {@link TlsPeer#notifyHandshakeComplete()} to
receive a callback when the handshake is complete.
@param tlsServer
@throws IOException If in blocking mode and handshake was not successful.
Check whether the given SRP group parameters are acceptable for use.
@param group the {@link SRP6GroupParameters} to check
@return true if (and only if) the specified group parameters are acceptable
Lookup the {@link TlsSRPLoginParameters} corresponding to the specified identity.
NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC
5054 2.5.1.3. {@link SimulatedTlsSRPIdentityManager} is provided for this purpose.
@param identity
the SRP identity sent by the connecting client
@return the {@link TlsSRPLoginParameters} for the specified identity, or else 'simulated'
parameters if the identity is not recognized. A null value is also allowed, but not
recommended.
(D)TLS SRP key exchange (RFC 5054).
RFC 5764 DTLS Extension to Establish Keys for SRTP.
Some helper functions for MicroTLS.
Add a 'signature_algorithms' extension to existing extensions.
@param extensions A {@link Hashtable} to add the extension to.
@param supportedSignatureAlgorithms {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
@throws IOException
Get a 'signature_algorithms' extension from extensions.
@param extensions A {@link Hashtable} to get the extension from, if it is present.
@return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}, or null.
@throws IOException
Create a 'signature_algorithms' extension value.
@param supportedSignatureAlgorithms A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
@return A byte array suitable for use as an extension value.
@throws IOException
Read 'signature_algorithms' extension data.
@param extensionData The extension data.
@return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
@throws IOException
RFC 6066 5.
Encode this {@link UrlAndHash} to a {@link Stream}.
@param output the {@link Stream} to encode to.
@throws IOException
Parse a {@link UrlAndHash} from a {@link Stream}.
@param context
the {@link TlsContext} of the current connection.
@param input
the {@link Stream} to parse from.
@return a {@link UrlAndHash} object.
@throws IOException
RFC 4681
RFC 5764 4.1.1
@param protectionProfiles see {@link SrtpProtectionProfile} for valid constants.
@param mki valid lengths from 0 to 255.
@return see {@link SrtpProtectionProfile} for valid constants.
@return valid lengths from 0 to 255.
return a = a + b - b preserved.
unsigned comparison on two arrays - note the arrays may
start with leading zeros.
return z = x / y - done in place (z value preserved, x contains the
remainder)
return whether or not a BigInteger is probably prime with a
probability of 1 - (1/2)**certainty.
From Knuth Vol 2, pg 395.
Calculate the numbers u1, u2, and u3 such that:
u1 * a + u2 * b = u3
where u3 is the greatest common divider of a and b.
a and b using the extended Euclid algorithm (refer p. 323
of The Art of Computer Programming vol 2, 2nd ed).
This also seems to have the side effect of calculating
some form of multiplicative inverse.
@param a First number to calculate gcd for
@param b Second number to calculate gcd for
@param u1Out the return object for the u1 value
@return The greatest common divisor of a and b
return w with w = x * x - w is assumed to have enough space.
return x with x = y * z - x is assumed to have enough space.
Calculate mQuote = -m^(-1) mod b with b = 2^32 (32 = word size)
Montgomery multiplication: a = x * y * R^(-1) mod m
Based algorithm 14.36 of Handbook of Applied Cryptography.
m, x, y should have length n
a should have length (n + 1)
b = 2^32, R = b^n
The result is put in x
NOTE: the indices of x, y, m, a different in HAC and in Java
return x = x % y - done in place (y value preserved)
do a left shift - this returns a new array.
do a right shift - this does it in place.
do a right shift by one - this does it in place.
returns x = x - y - we assume x is >= y
Class representing a simple version of a big decimal. A
SimpleBigDecimal
is basically a
{@link java.math.BigInteger BigInteger} with a few digits on the right of
the decimal point. The number of (binary) digits on the right of the decimal
point is called the scale
of the SimpleBigDecimal
.
Unlike in {@link java.math.BigDecimal BigDecimal}, the scale is not adjusted
automatically, but must be set manually. All SimpleBigDecimal
s
taking part in the same arithmetic operation must have equal scale. The
result of a multiplication of two SimpleBigDecimal
s returns a
SimpleBigDecimal
with double scale.
Returns a SimpleBigDecimal
representing the same numerical
value as value
.
@param value The value of the SimpleBigDecimal
to be
created.
@param scale The scale of the SimpleBigDecimal
to be
created.
@return The such created SimpleBigDecimal
.
Constructor for SimpleBigDecimal
. The value of the
constructed SimpleBigDecimal
Equals bigInt /
2scale
.
@param bigInt The bigInt
value parameter.
@param scale The scale of the constructed SimpleBigDecimal
.
Class holding methods for point multiplication based on the window
τ-adic nonadjacent form (WTNAF). The algorithms are based on the
paper "Improved Algorithms for Arithmetic on Anomalous Binary Curves"
by Jerome A. Solinas. The paper first appeared in the Proceedings of
Crypto 1997.
The window width of WTNAF. The standard value of 4 is slightly less
than optimal for running time, but keeps space requirements for
precomputation low. For typical curves, a value of 5 or 6 results in
a better running time. When changing this value, the
αu
's must be computed differently, see
e.g. "Guide to Elliptic Curve Cryptography", Darrel Hankerson,
Alfred Menezes, Scott Vanstone, Springer-Verlag New York Inc., 2004,
p. 121-122
24
The αu
's for a=0
as an array
of ZTauElement
s.
The αu
's for a=0
as an array
of TNAFs.
The αu
's for a=1
as an array
of ZTauElement
s.
The αu
's for a=1
as an array
of TNAFs.
Computes the norm of an element λ
of
Z[τ]
.
@param mu The parameter μ
of the elliptic curve.
@param lambda The element λ
of
Z[τ]
.
@return The norm of λ
.
Computes the norm of an element λ
of
R[τ]
, where λ = u + vτ
and u
and u
are real numbers (elements of
R
).
@param mu The parameter μ
of the elliptic curve.
@param u The real part of the element λ
of
R[τ]
.
@param v The τ
-adic part of the element
λ
of R[τ]
.
@return The norm of λ
.
Rounds an element λ
of R[τ]
to an element of Z[τ]
, such that their difference
has minimal norm. λ
is given as
λ = λ0 + λ1τ
.
@param lambda0 The component λ0
.
@param lambda1 The component λ1
.
@param mu The parameter μ
of the elliptic curve. Must
equal 1 or -1.
@return The rounded element of Z[τ]
.
@throws ArgumentException if lambda0
and
lambda1
do not have same scale.
Approximate division by n
. For an integer
k
, the value λ = s k / n
is
computed to c
bits of accuracy.
@param k The parameter k
.
@param s The curve parameter s0
or
s1
.
@param vm The Lucas Sequence element Vm
.
@param a The parameter a
of the elliptic curve.
@param m The bit length of the finite field
Fm
.
@param c The number of bits of accuracy, i.e. the scale of the returned
SimpleBigDecimal
.
@return The value λ = s k / n
computed to
c
bits of accuracy.
Computes the τ
-adic NAF (non-adjacent form) of an
element λ
of Z[τ]
.
@param mu The parameter μ
of the elliptic curve.
@param lambda The element λ
of
Z[τ]
.
@return The τ
-adic NAF of λ
.
Applies the operation τ()
to an
AbstractF2mPoint
.
@param p The AbstractF2mPoint to which τ()
is applied.
@return τ(p)
Returns the parameter μ
of the elliptic curve.
@param curve The elliptic curve from which to obtain μ
.
The curve must be a Koblitz curve, i.e. a
Equals
0
or 1
and b
Equals
1
.
@return μ
of the elliptic curve.
@throws ArgumentException if the given ECCurve is not a Koblitz
curve.
Calculates the Lucas Sequence elements Uk-1
and
Uk
or Vk-1
and
Vk
.
@param mu The parameter μ
of the elliptic curve.
@param k The index of the second element of the Lucas Sequence to be
returned.
@param doV If set to true, computes Vk-1
and
Vk
, otherwise Uk-1
and
Uk
.
@return An array with 2 elements, containing Uk-1
and Uk
or Vk-1
and Vk
.
Computes the auxiliary value tw
. If the width is
4, then for mu = 1
, tw = 6
and for
mu = -1
, tw = 10
@param mu The parameter μ
of the elliptic curve.
@param w The window width of the WTNAF.
@return the auxiliary value tw
Computes the auxiliary values s0
and
s1
used for partial modular reduction.
@param curve The elliptic curve for which to compute
s0
and s1
.
@throws ArgumentException if curve
is not a
Koblitz curve (Anomalous Binary Curve, ABC).
Partial modular reduction modulo
(τm - 1)/(τ - 1)
.
@param k The integer to be reduced.
@param m The bitlength of the underlying finite field.
@param a The parameter a
of the elliptic curve.
@param s The auxiliary values s0
and
s1
.
@param mu The parameter μ of the elliptic curve.
@param c The precision (number of bits of accuracy) of the partial
modular reduction.
@return ρ := k partmod (τm - 1)/(τ - 1)
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by a BigInteger
using the reduced τ
-adic
NAF (RTNAF) method.
@param p The AbstractF2mPoint to Multiply.
@param k The BigInteger
by which to Multiply p
.
@return k * p
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by an element λ
of Z[τ]
using the τ
-adic NAF (TNAF) method.
@param p The AbstractF2mPoint to Multiply.
@param lambda The element λ
of
Z[τ]
.
@return λ * p
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by an element λ
of Z[τ]
using the τ
-adic NAF (TNAF) method, given the TNAF
of λ
.
@param p The AbstractF2mPoint to Multiply.
@param u The the TNAF of λ
..
@return λ * p
Computes the [τ]
-adic window NAF of an element
λ
of Z[τ]
.
@param mu The parameter μ of the elliptic curve.
@param lambda The element λ
of
Z[τ]
of which to compute the
[τ]
-adic NAF.
@param width The window width of the resulting WNAF.
@param pow2w 2width.
@param tw The auxiliary value tw
.
@param alpha The αu
's for the window width.
@return The [τ]
-adic window NAF of
λ
.
Does the precomputation for WTNAF multiplication.
@param p The ECPoint
for which to do the precomputation.
@param a The parameter a
of the elliptic curve.
@return The precomputation array for p
.
Class representing an element of Z[τ]
. Let
λ
be an element of Z[τ]
. Then
λ
is given as λ = u + vτ
. The
components u
and v
may be used directly, there
are no accessor methods.
Immutable class.
The "real" part of λ
.
The "τ
-adic" part of λ
.
Constructor for an element λ
of
Z[τ]
.
@param u The "real" part of λ
.
@param v The "τ
-adic" part of
λ
.
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve the curve to use
@param x affine x co-ordinate
@param y affine y co-ordinate
@deprecated Use ECCurve.CreatePoint to construct points
Create a point that encodes with or without point compresion.
@param curve the curve to use
@param x affine x co-ordinate
@param y affine y co-ordinate
@param withCompression if true encode with point compression
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(boolean)}
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.CreatePoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.CreatePoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.CreatePoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
return a sqrt root - the routine verifies that the calculation returns the right value - if
none exists it returns null.
Create a point which encodes with point compression.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@deprecated Use ECCurve.createPoint to construct points
Create a point that encodes with or without point compresion.
@param curve
the curve to use
@param x
affine x co-ordinate
@param y
affine y co-ordinate
@param withCompression
if true encode with point compression
@deprecated per-point compression property will be removed, refer
{@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
@deprecated Use ECCurve.createPoint to construct points
@deprecated per-point compression property will be removed, refer {@link #getEncoded(bool)}
Simple shift-and-add multiplication. Serves as reference implementation
to verify (possibly faster) implementations, and for very small scalars.
@param p
The point to multiply.
@param k
The multiplier.
@return The result of the point multiplication kP
.
Base class for an elliptic curve.
Adds PreCompInfo
for a point on this curve, under a given name. Used by
ECMultiplier
s to save the precomputation for this ECPoint
for use
by subsequent multiplication.
@param point
The ECPoint
to store precomputations for.
@param name
A String
used to index precomputations of different types.
@param preCompInfo
The values precomputed by the ECMultiplier
.
Normalization ensures that any projective coordinate is 1, and therefore that the x, y
coordinates reflect those of the equivalent point in an affine coordinate system. Where more
than one point is to be normalized, this method will generally be more efficient than
normalizing each point separately.
@param points
An array of points that will be updated in place with their normalized versions,
where necessary
Normalization ensures that any projective coordinate is 1, and therefore that the x, y
coordinates reflect those of the equivalent point in an affine coordinate system. Where more
than one point is to be normalized, this method will generally be more efficient than
normalizing each point separately. An (optional) z-scaling factor can be applied; effectively
each z coordinate is scaled by this value prior to normalization (but only one
actual multiplication is needed).
@param points
An array of points that will be updated in place with their normalized versions,
where necessary
@param off
The start of the range of points to normalize
@param len
The length of the range of points to normalize
@param iso
The (optional) z-scaling factor - can be null
Sets the default ECMultiplier
, unless already set.
Decode a point on this curve from its ASN.1 encoding. The different
encodings are taken account of, including point compression for
Fp
(X9.62 s 4.2.1 pg 17).
@return The decoded point.
Elliptic curve over Fp
The auxiliary values s0
and
s1
used for partial modular reduction for
Koblitz curves.
Solves a quadratic equation z2 + z = beta
(X9.62
D.1.6) The other solution is z + 1
.
@param beta
The value to solve the qradratic equation for.
@return the solution for z2 + z = beta
or
null
if no solution exists.
@return the auxiliary values s0
and
s1
used for partial modular reduction for
Koblitz curves.
Returns true if this is a Koblitz curve (ABC curve).
@return true if this is a Koblitz curve (ABC curve), false otherwise
Elliptic curves over F2m. The Weierstrass equation is given by
y2 + xy = x3 + ax2 + b
.
The exponent m
of F2m
.
TPB: The integer k
where xm +
xk + 1
represents the reduction polynomial
f(z)
.
PPB: The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
TPB: Always set to 0
PPB: The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
TPB: Always set to 0
PPB: The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
The point at infinity on this curve.
Constructor for Trinomial Polynomial Basis (TPB).
@param m The exponent m
of
F2m
.
@param k The integer k
where xm +
xk + 1
represents the reduction
polynomial f(z)
.
@param a The coefficient a
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param b The coefficient b
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
Constructor for Trinomial Polynomial Basis (TPB).
@param m The exponent m
of
F2m
.
@param k The integer k
where xm +
xk + 1
represents the reduction
polynomial f(z)
.
@param a The coefficient a
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param b The coefficient b
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param order The order of the main subgroup of the elliptic curve.
@param cofactor The cofactor of the elliptic curve, i.e.
#Ea(F2m) = h * n
.
Constructor for Pentanomial Polynomial Basis (PPB).
@param m The exponent m
of
F2m
.
@param k1 The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k2 The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k3 The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param a The coefficient a
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param b The coefficient b
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
Constructor for Pentanomial Polynomial Basis (PPB).
@param m The exponent m
of
F2m
.
@param k1 The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k2 The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k3 The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param a The coefficient a
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param b The coefficient b
in the Weierstrass equation
for non-supersingular elliptic curves over
F2m
.
@param order The order of the main subgroup of the elliptic curve.
@param cofactor The cofactor of the elliptic curve, i.e.
#Ea(F2m) = h * n
.
Return true if curve uses a Trinomial basis.
@return true if curve Trinomial, false otherwise.
return the field name for this field.
@return the string "Fp".
return a sqrt root - the routine verifies that the calculation
returns the right value - if none exists it returns null.
Class representing the Elements of the finite field
F2m
in polynomial basis (PB)
representation. Both trinomial (Tpb) and pentanomial (Ppb) polynomial
basis representations are supported. Gaussian normal basis (GNB)
representation is not supported.
Indicates gaussian normal basis representation (GNB). Number chosen
according to X9.62. GNB is not implemented at present.
Indicates trinomial basis representation (Tpb). Number chosen
according to X9.62.
Indicates pentanomial basis representation (Ppb). Number chosen
according to X9.62.
Tpb or Ppb.
The exponent m
of F2m
.
The LongArray
holding the bits.
Constructor for Ppb.
@param m The exponent m
of
F2m
.
@param k1 The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k2 The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param k3 The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@param x The BigInteger representing the value of the field element.
Constructor for Tpb.
@param m The exponent m
of
F2m
.
@param k The integer k
where xm +
xk + 1
represents the reduction
polynomial f(z)
.
@param x The BigInteger representing the value of the field element.
Checks, if the ECFieldElements a
and b
are elements of the same field F2m
(having the same representation).
@param a field element.
@param b field element to be compared.
@throws ArgumentException if a
and b
are not elements of the same field
F2m
(having the same
representation).
@return the representation of the field
F2m
, either of
{@link F2mFieldElement.Tpb} (trinomial
basis representation) or
{@link F2mFieldElement.Ppb} (pentanomial
basis representation).
@return the degree m
of the reduction polynomial
f(z)
.
@return Tpb: The integer k
where xm +
xk + 1
represents the reduction polynomial
f(z)
.
Ppb: The integer k1
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@return Tpb: Always returns 0
Ppb: The integer k2
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
@return Tpb: Always set to 0
Ppb: The integer k3
where xm +
xk3 + xk2 + xk1 + 1
represents the reduction polynomial f(z)
.
base class for points on elliptic curves.
Normalizes this point, and then returns the affine x-coordinate.
Note: normalization can be expensive, this method is deprecated in favour
of caller-controlled normalization.
Normalizes this point, and then returns the affine y-coordinate.
Note: normalization can be expensive, this method is deprecated in favour
of caller-controlled normalization.
Returns the affine x-coordinate after checking that this point is normalized.
@return The affine x-coordinate of this point
@throws IllegalStateException if the point is not normalized
Returns the affine y-coordinate after checking that this point is normalized
@return The affine y-coordinate of this point
@throws IllegalStateException if the point is not normalized
Returns the x-coordinate.
Caution: depending on the curve's coordinate system, this may not be the same value as in an
affine coordinate system; use Normalize() to get a point where the coordinates have their
affine values, or use AffineXCoord if you expect the point to already have been normalized.
@return the x-coordinate of this point
Returns the y-coordinate.
Caution: depending on the curve's coordinate system, this may not be the same value as in an
affine coordinate system; use Normalize() to get a point where the coordinates have their
affine values, or use AffineYCoord if you expect the point to already have been normalized.
@return the y-coordinate of this point
Normalization ensures that any projective coordinate is 1, and therefore that the x, y
coordinates reflect those of the equivalent point in an affine coordinate system.
@return a new ECPoint instance representing the same point, but with normalized coordinates
return the field element encoded with point compression. (S 4.3.6)
Multiplies this ECPoint
by the given number.
@param k The multiplicator.
@return k * this
.
Elliptic curve points over Fp
Create a point which encodes without point compression.
@param curve the curve to use
@param x affine x co-ordinate
@param y affine y co-ordinate
Create a point that encodes with or without point compression.
@param curve the curve to use
@param x affine x co-ordinate
@param y affine y co-ordinate
@param withCompression if true encode with point compression
Elliptic curve points over F2m
@param curve base curve
@param x x point
@param y y point
@param curve base curve
@param x x point
@param y y point
@param withCompression true if encode with point compression.
Constructor for point at infinity
Joye's double-add algorithm.
Interface for classes encapsulating a point multiplication algorithm
for ECPoint
s.
Multiplies the ECPoint p
by k
, i.e.
p
is added k
times to itself.
@param p The ECPoint
to be multiplied.
@param k The factor by which p
is multiplied.
@return p
multiplied by k
.
Class holding precomputation data for fixed-point multiplications.
Array holding the precomputed ECPoint
s used for a fixed
point multiplication.
The width used for the precomputation. If a larger width precomputation
is already available this may be larger than was requested, so calling
code should refer to the actual width.
Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left) using
mixed coordinates.
By default, addition will be done in Jacobian coordinates, and doubling will be done in
Modified Jacobian coordinates (independent of the original coordinate system of each point).
Montgomery ladder.
Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (left-to-right).
Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left).
Interface for classes storing precomputation data for multiplication
algorithms. Used as a Memento (see GOF patterns) for
WNafMultiplier
.
Class implementing the WNAF (Window Non-Adjacent Form) multiplication
algorithm.
Multiplies this
by an integer k
using the
Window NAF method.
@param k The integer by which this
is multiplied.
@return A new ECPoint
which equals this
multiplied by k
.
Determine window width to use for a scalar multiplication of the given size.
@param bits the bit-length of the scalar to multiply by
@return the window size to use
Class holding precomputation data for the WNAF (Window Non-Adjacent Form)
algorithm.
Array holding the precomputed ECPoint
s used for a Window
NAF multiplication.
Array holding the negations of the precomputed ECPoint
s used
for a Window NAF multiplication.
Holds an ECPoint
representing Twice(this). Used for the
Window NAF multiplication to create or extend the precomputed values.
Computes the Window NAF (non-adjacent Form) of an integer.
@param width The width w
of the Window NAF. The width is
defined as the minimal number w
, such that for any
w
consecutive digits in the resulting representation, at
most one is non-zero.
@param k The integer of which the Window NAF is computed.
@return The Window NAF of the given width, such that the following holds:
k = ∑i=0l-1 ki2i
, where the ki
denote the elements of the
returned byte[]
.
Determine window width to use for a scalar multiplication of the given size.
@param bits the bit-length of the scalar to multiply by
@return the window size to use
Determine window width to use for a scalar multiplication of the given size.
@param bits the bit-length of the scalar to multiply by
@param windowSizeCutoffs a monotonically increasing list of bit sizes at which to increment the window width
@return the window size to use
Class implementing the WTNAF (Window
τ
-adic Non-Adjacent Form) algorithm.
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by k
using the reduced τ
-adic NAF (RTNAF)
method.
@param p The AbstractF2mPoint to multiply.
@param k The integer by which to multiply k
.
@return p
multiplied by k
.
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by an element λ
of Z[τ]
using
the τ
-adic NAF (TNAF) method.
@param p The AbstractF2mPoint to multiply.
@param lambda The element λ
of
Z[τ]
of which to compute the
[τ]
-adic NAF.
@return p
multiplied by λ
.
Multiplies a {@link org.bouncycastle.math.ec.AbstractF2mPoint AbstractF2mPoint}
by an element λ
of Z[τ]
using the window τ
-adic NAF (TNAF) method, given the
WTNAF of λ
.
@param p The AbstractF2mPoint to multiply.
@param u The the WTNAF of λ
..
@return λ * p
Class holding precomputation data for the WTNAF (Window
τ
-adic Non-Adjacent Form) algorithm.
Array holding the precomputed AbstractF2mPoint
s used for the
WTNAF multiplication in
{@link org.bouncycastle.math.ec.multiplier.WTauNafMultiplier.multiply()
WTauNafMultiplier.multiply()}
.
'Zeroless' Signed Digit Left-to-Right.
'Zeroless' Signed Digit Right-to-Left.
Utility methods for generating primes and testing for primality.
Used to return the output from the
{@linkplain Primes#enhancedMRProbablePrimeTest(BigInteger, SecureRandom, int) Enhanced
Miller-Rabin Probabilistic Primality Test}
Used to return the output from the {@linkplain Primes#generateSTRandomPrime(Digest, int, byte[]) Shawe-Taylor Random_Prime Routine}
FIPS 186-4 C.6 Shawe-Taylor Random_Prime Routine
Construct a provable prime number using a hash function.
@param hash
the {@link Digest} instance to use (as "Hash()"). Cannot be null.
@param length
the length (in bits) of the prime to be generated. Must be at least 2.
@param inputSeed
the seed to be used for the generation of the requested prime. Cannot be null or
empty.
@return an {@link STOutput} instance containing the requested prime.
FIPS 186-4 C.3.2 Enhanced Miller-Rabin Probabilistic Primality Test
Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases. This is an
alternative to {@link #isMRProbablePrime(BigInteger, SecureRandom, int)} that provides more
information about a composite candidate, which may be useful when generating or validating
RSA moduli.
@param candidate
the {@link BigInteger} instance to test for primality.
@param random
the source of randomness to use to choose bases.
@param iterations
the number of randomly-chosen bases to perform the test for.
@return an {@link MROutput} instance that can be further queried for details.
A fast check for small divisors, up to some implementation-specific limit.
@param candidate
the {@link BigInteger} instance to test for division by small factors.
@return true
if the candidate is found to have any small factors,
false
otherwise.
FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test
Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases.
@param candidate
the {@link BigInteger} instance to test for primality.
@param random
the source of randomness to use to choose bases.
@param iterations
the number of randomly-chosen bases to perform the test for.
@return false
if any witness to compositeness is found amongst the chosen bases
(so candidate
is definitely NOT prime), or else true
(indicating primality with some probability dependent on the number of iterations
that were performed).
FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test (to a fixed base).
Run a single iteration of the Miller-Rabin algorithm against the specified base.
@param candidate
the {@link BigInteger} instance to test for primality.
@param baseValue
the base value to use for this iteration.
@return false
if the specified base is a witness to compositeness (so
candidate
is definitely NOT prime), or else true
.
BasicOcspResponse ::= SEQUENCE {
tbsResponseData ResponseData,
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING,
certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL
}
The DER encoding of the tbsResponseData field.
In the event of an encoding error.
The certificates, if any, associated with the response.
In the event of an encoding error.
Verify the signature against the tbsResponseData object we contain.
The ASN.1 encoded representation of this object.
Generator for basic OCSP response objects.
basic constructor
construct with the responderID to be the SHA-1 keyHash of the passed in public key.
Add a response for a particular Certificate ID.
@param certID certificate ID details
@param certStatus status of the certificate - null if okay
Add a response for a particular Certificate ID.
@param certID certificate ID details
@param certStatus status of the certificate - null if okay
@param singleExtensions optional extensions
Add a response for a particular Certificate ID.
@param certID certificate ID details
@param nextUpdate date when next update should be requested
@param certStatus status of the certificate - null if okay
@param singleExtensions optional extensions
Add a response for a particular Certificate ID.
@param certID certificate ID details
@param thisUpdate date this response was valid on
@param nextUpdate date when next update should be requested
@param certStatus status of the certificate - null if okay
@param singleExtensions optional extensions
Set the extensions for the response.
@param responseExtensions the extension object to carry.
Generate the signed response using the passed in signature calculator.
Implementation of signing calculator factory.
The certificate chain associated with the response signer.
"produced at" date.
Return an IEnumerable of the signature names supported by the generator.
@return an IEnumerable containing recognised names.
create from an issuer certificate and the serial number of the
certificate it signed.
@exception OcspException if any problems occur creating the id fields.
return the serial number for the certificate associated
with this request.
Create a new CertificateID for a new serial number derived from a previous one
calculated for the same CA certificate.
@param original the previously calculated CertificateID for the CA.
@param newSerialNumber the serial number for the new certificate of interest.
@return a new CertificateID for newSerialNumber
OcspRequest ::= SEQUENCE {
tbsRequest TBSRequest,
optionalSignature [0] EXPLICIT Signature OPTIONAL }
TBSRequest ::= SEQUENCE {
version [0] EXPLICIT Version DEFAULT v1,
requestorName [1] EXPLICIT GeneralName OPTIONAL,
requestList SEQUENCE OF Request,
requestExtensions [2] EXPLICIT Extensions OPTIONAL }
Signature ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
signature BIT STRING,
certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL}
Version ::= INTEGER { v1(0) }
Request ::= SEQUENCE {
reqCert CertID,
singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
CertID ::= SEQUENCE {
hashAlgorithm AlgorithmIdentifier,
issuerNameHash OCTET STRING, -- Hash of Issuer's DN
issuerKeyHash OCTET STRING, -- Hash of Issuers public key
serialNumber CertificateSerialNumber }
Return the DER encoding of the tbsRequest field.
@return DER encoding of tbsRequest
@throws OcspException in the event of an encoding error.
return the object identifier representing the signature algorithm
If the request is signed return a possibly empty CertStore containing the certificates in the
request. If the request is not signed the method returns null.
@return null if not signed, a CertStore otherwise
@throws OcspException
Return whether or not this request is signed.
@return true if signed false otherwise.
Verify the signature against the TBSRequest object we contain.
return the ASN.1 encoded representation of this object.
Add a request for the given CertificateID.
@param certId certificate ID of interest
Add a request with extensions
@param certId certificate ID of interest
@param singleRequestExtensions the extensions to attach to the request
Set the requestor name to the passed in X509Principal
@param requestorName a X509Principal representing the requestor name.
Generate an unsigned request
@return the OcspReq
@throws OcspException
Return an IEnumerable of the signature names supported by the generator.
@return an IEnumerable containing recognised names.
return the ASN.1 encoded representation of this object.
base generator for an OCSP response - at the moment this only supports the
generation of responses containing BasicOCSP responses.
note 4 is not used.
Carrier for a ResponderID.
wrapper for the RevokedInfo object
return the revocation reason. Note: this field is optional, test for it
with hasRevocationReason() first.
@exception InvalidOperationException if a reason is asked for and none is avaliable
Return the status object for the response - null indicates good.
@return the status object for the response, null if it is good.
return the NextUpdate value - note: this is an optional field so may
be returned as null.
@return nextUpdate, or null if not present.
wrapper for the UnknownInfo object
Utility class for creating IBasicAgreement objects from their names/Oids
Cipher Utility class contains methods that can not be specifically grouped into other classes.
Returns a ObjectIdentifier for a give encoding.
A string representation of the encoding.
A DerObjectIdentifier, null if the Oid is not available.
Utility class for creating IDigest objects from their names/Oids
Returns a ObjectIdentifier for a given digest mechanism.
A string representation of the digest meanism.
A DerObjectIdentifier, null if the Oid is not available.
A class containing methods to interface the BouncyCastle world to the .NET Crypto world.
Create an System.Security.Cryptography.X509Certificate from an X509Certificate Structure.
A System.Security.Cryptography.X509Certificate.
Utility class for creating HMac object from their names/Oids
Returns a ObjectIdentifier for a give encoding.
A string representation of the encoding.
A DerObjectIdentifier, null if the Oid is not available.
Create and auto-seed an instance based on the given algorithm.
Equivalent to GetInstance(algorithm, true)
e.g. "SHA256PRNG"
Create an instance based on the given algorithm, with optional auto-seeding
e.g. "SHA256PRNG"
If true, the instance will be auto-seeded.
To replicate existing predictable output, replace with GetInstance("SHA1PRNG", false), followed by SetSeed(seed)
Use the specified instance of IRandomGenerator as random source.
This constructor performs no seeding of either the IRandomGenerator or the
constructed SecureRandom. It is the responsibility of the client to provide
proper seed material as necessary/appropriate for the given IRandomGenerator
implementation.
The source to generate all random bytes from.
base constructor.
create a SecurityUtilityException with the given message.
@param message the message to be carried with the exception.
Signer Utility class contains methods that can not be specifically grouped into other classes.
Returns an ObjectIdentifier for a given encoding.
A string representation of the encoding.
A DerObjectIdentifier, null if the OID is not available.
Utility class for creating IWrapper objects from their names/Oids
PEM generator for the original set of PEM objects used in Open SSL.
Class for reading OpenSSL PEM encoded streams containing
X509 certificates, PKCS8 encoded keys and PKCS7 objects.
In the case of PKCS7 objects the reader will return a CMS ContentInfo object. Keys and
Certificates will be returned using the appropriate java.security type.
Create a new PemReader
@param reader the Reader
Create a new PemReader with a password finder
@param reader the Reader
@param pFinder the password finder
Reads in a X509Certificate.
@return the X509Certificate
@throws IOException if an I/O error occured
Reads in a X509CRL.
@return the X509Certificate
@throws IOException if an I/O error occured
Reads in a PKCS10 certification request.
@return the certificate request.
@throws IOException if an I/O error occured
Reads in a X509 Attribute Certificate.
@return the X509 Attribute Certificate
@throws IOException if an I/O error occured
Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
API.
@return the X509Certificate
@throws IOException if an I/O error occured
Read a Key Pair
General purpose writer for OpenSSL PEM objects.
The TextWriter object to write the output to.
Constructor for an unencrypted private key PEM object.
@param key private key to be encoded.
Constructor for an encrypted private key PEM object.
@param key private key to be encoded
@param algorithm encryption algorithm to use
@param provider provider to use
@throws NoSuchAlgorithmException if algorithm/mode cannot be found
A class for verifying and creating Pkcs10 Certification requests.
CertificationRequest ::= Sequence {
certificationRequestInfo CertificationRequestInfo,
signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
signature BIT STRING
}
CertificationRequestInfo ::= Sequence {
version Integer { v1(0) } (v1,...),
subject Name,
subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
attributes [0] Attributes{{ CRIAttributes }}
}
Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
Attr { ATTRIBUTE:IOSet } ::= Sequence {
type ATTRIBUTE.&id({IOSet}),
values Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
}
see
Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
Name of Sig Alg.
X509Name of subject eg OU="My unit." O="My Organisatioin" C="au"
Public Key to be included in cert reqest.
ASN1Set of Attributes.
Matching Private key for nominated (above) public key to be used to sign the request.
Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
The factory for signature calculators to sign the PKCS#10 request with.
X509Name of subject eg OU="My unit." O="My Organisatioin" C="au"
Public Key to be included in cert reqest.
ASN1Set of Attributes.
Matching Private key for nominated (above) public key to be used to sign the request.
Get the public key.
The public key.
Verify Pkcs10 Cert Request is valid.
true = valid.
A class for creating and verifying Pkcs10 Certification requests (this is an extension on ).
The requests are made using delay signing. This is useful for situations where
the private key is in another environment and not directly accessible (e.g. HSM)
So the first step creates the request, then the signing is done outside this
object and the signature is then used to complete the request.
CertificationRequest ::= Sequence {
certificationRequestInfo CertificationRequestInfo,
signatureAlgorithm AlgorithmIdentifier{{ SignatureAlgorithms }},
signature BIT STRING
}
CertificationRequestInfo ::= Sequence {
version Integer { v1(0) } (v1,...),
subject Name,
subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
attributes [0] Attributes{{ CRIAttributes }}
}
Attributes { ATTRIBUTE:IOSet } ::= Set OF Attr{{ IOSet }}
Attr { ATTRIBUTE:IOSet } ::= Sequence {
type ATTRIBUTE.&id({IOSet}),
values Set SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type})
}
see
Instantiate a Pkcs10CertificationRequest object with the necessary credentials.
Name of Sig Alg.
X509Name of subject eg OU="My unit." O="My Organisatioin" C="au"
Public Key to be included in cert reqest.
ASN1Set of Attributes.
After the object is constructed use the and finally the
SignRequest methods to finalize the request.
simply return the cert entry for the private key
Utility class for reencoding PKCS#12 files to definite length.
Just re-encode the outer layer of the PKCS#12 file to definite length encoding.
@param berPKCS12File - original PKCS#12 file
@return a byte array representing the DER encoding of the PFX structure
@throws IOException
Re-encode the PKCS#12 structure to definite length encoding at the inner layer
as well, recomputing the MAC accordingly.
@param berPKCS12File - original PKCS12 file.
@param provider - provider to use for MAC calculation.
@return a byte array representing the DER encoding of the PFX structure.
@throws IOException on parsing, encoding errors.
Returns the revocationDate.
Returns the certStatus.
Returns an immutable Set
of X.509 attribute certificate
extensions that this PkixAttrCertChecker
supports or
null
if no extensions are supported.
Each element of the set is a String
representing the
Object Identifier (OID) of the X.509 extension that is supported.
All X.509 attribute certificate extensions that a
PkixAttrCertChecker
might possibly be able to process
should be included in the set.
@return an immutable Set
of X.509 extension OIDs (in
String
format) supported by this
PkixAttrCertChecker
, or null
if no
extensions are supported
Performs checks on the specified attribute certificate. Every handled
extension is rmeoved from the unresolvedCritExts
collection.
@param attrCert The attribute certificate to be checked.
@param certPath The certificate path which belongs to the attribute
certificate issuer public key certificate.
@param holderCertPath The certificate path which belongs to the holder
certificate.
@param unresolvedCritExts a Collection
of OID strings
representing the current set of unresolved critical extensions
@throws CertPathValidatorException if the specified attribute certificate
does not pass the check.
Returns a clone of this object.
@return a copy of this PkixAttrCertChecker
Build and validate a CertPath using the given parameter.
@param params PKIXBuilderParameters object containing all information to
build the CertPath
CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
@see org.bouncycastle.x509.ExtendedPkixParameters
Validates an attribute certificate with the given certificate path.
params
must be an instance of
ExtendedPkixParameters
.
The target constraints in the params
must be an
X509AttrCertStoreSelector
with at least the attribute
certificate criterion set. Obey that also target informations may be
necessary to correctly validate this attribute certificate.
The attribute certificate issuer must be added to the trusted attribute
issuers with {@link ExtendedPkixParameters#setTrustedACIssuers(Set)}.
@param certPath The certificate path which belongs to the attribute
certificate issuer public key certificate.
@param params The PKIX parameters.
@return A PKIXCertPathValidatorResult
of the result of
validating the certPath
.
@throws InvalidAlgorithmParameterException if params
is
inappropriate for this validator.
@throws CertPathValidatorException if the verification fails.
Summary description for PkixBuilderParameters.
Returns an instance of PkixBuilderParameters
.
This method can be used to get a copy from other
PKIXBuilderParameters
, PKIXParameters
,
and ExtendedPKIXParameters
instances.
@param pkixParams The PKIX parameters to create a copy of.
@return An PkixBuilderParameters
instance.
Excluded certificates are not used for building a certification path.
the excluded certificates.
Sets the excluded certificates which are not used for building a
certification path. If the ISet
is null
an
empty set is assumed.
The given set is cloned to protect it against subsequent modifications.
The excluded certificates to set.
Can alse handle ExtendedPKIXBuilderParameters
and
PKIXBuilderParameters
.
@param params Parameters to set.
@see org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters)
Makes a copy of this PKIXParameters
object. Changes to the
copy will not affect the original and vice versa.
@return a copy of this PKIXParameters
object
An immutable sequence of certificates (a certification path).
This is an abstract class that defines the methods common to all CertPaths.
Subclasses can handle different kinds of certificates (X.509, PGP, etc.).
All CertPath objects have a type, a list of Certificates, and one or more
supported encodings. Because the CertPath class is immutable, a CertPath
cannot change in any externally visible way after being constructed. This
stipulation applies to all public fields and methods of this class and any
added or overridden by subclasses.
The type is a string that identifies the type of Certificates in the
certification path. For each certificate cert in a certification path
certPath, cert.getType().equals(certPath.getType()) must be true.
The list of Certificates is an ordered List of zero or more Certificates.
This List and all of the Certificates contained in it must be immutable.
Each CertPath object must support one or more encodings so that the object
can be translated into a byte array for storage or transmission to other
parties. Preferably, these encodings should be well-documented standards
(such as PKCS#7). One of the encodings supported by a CertPath is considered
the default encoding. This encoding is used if no encoding is explicitly
requested (for the {@link #getEncoded()} method, for instance).
All CertPath objects are also Serializable. CertPath objects are resolved
into an alternate {@link CertPathRep} object during serialization. This
allows a CertPath object to be serialized into an equivalent representation
regardless of its underlying implementation.
CertPath objects can be created with a CertificateFactory or they can be
returned by other classes, such as a CertPathBuilder.
By convention, X.509 CertPaths (consisting of X509Certificates), are ordered
starting with the target certificate and ending with a certificate issued by
the trust anchor. That is, the issuer of one certificate is the subject of
the following one. The certificate representing the
{@link TrustAnchor TrustAnchor} should not be included in the certification
path. Unvalidated X.509 CertPaths may not follow these conventions. PKIX
CertPathValidators will detect any departure from these conventions that
cause the certification path to be invalid and throw a
CertPathValidatorException.
Concurrent Access
All CertPath objects must be thread-safe. That is, multiple threads may
concurrently invoke the methods defined in this class on a single CertPath
object (or more than one) with no ill effects. This is also true for the List
returned by CertPath.getCertificates.
Requiring CertPath objects to be immutable and thread-safe allows them to be
passed around to various pieces of code without worrying about coordinating
access. Providing this thread-safety is generally not difficult, since the
CertPath and List objects in question are immutable.
@see CertificateFactory
@see CertPathBuilder
CertPath implementation for X.509 certificates.
@param certs
Creates a CertPath of the specified type.
This constructor is protected because most users should use
a CertificateFactory to create CertPaths.
@param type the standard name of the type of Certificatesin this path
Creates a CertPath of the specified type.
This constructor is protected because most users should use
a CertificateFactory to create CertPaths.
@param type the standard name of the type of Certificatesin this path
Returns an iteration of the encodings supported by this
certification path, with the default encoding
first. Attempts to modify the returned Iterator via its
remove method result in an UnsupportedOperationException.
@return an Iterator over the names of the supported encodings (as Strings)
Compares this certification path for equality with the specified object.
Two CertPaths are equal if and only if their types are equal and their
certificate Lists (and by implication the Certificates in those Lists)
are equal. A CertPath is never equal to an object that is not a CertPath.
This algorithm is implemented by this method. If it is overridden, the
behavior specified here must be maintained.
@param other
the object to test for equality with this certification path
@return true if the specified object is equal to this certification path,
false otherwise
@see Object#hashCode() Object.hashCode()
Returns the encoded form of this certification path, using
the default encoding.
@return the encoded bytes
@exception CertificateEncodingException if an encoding error occurs
Returns the encoded form of this certification path, using
the specified encoding.
@param encoding the name of the encoding to use
@return the encoded bytes
@exception CertificateEncodingException if an encoding error
occurs or the encoding requested is not supported
Returns the list of certificates in this certification
path.
Return a DERObject containing the encoded certificate.
@param cert the X509Certificate object to be encoded
@return the DERObject
Implements the PKIX CertPathBuilding algorithm for BouncyCastle.
@see CertPathBuilderSpi
Build and validate a CertPath using the given parameter.
@param params PKIXBuilderParameters object containing all information to
build the CertPath
Summary description for PkixCertPathBuilderException.
Summary description for PkixCertPathBuilderResult.
* Initializes the internal state of this PKIXCertPathChecker
.
*
* The forward
flag specifies the order that certificates
* will be passed to the {@link #check check} method (forward or reverse). A
* PKIXCertPathChecker
must support reverse checking
* and may support forward checking.
*
*
* @param forward
* the order that certificates are presented to the
* check
method. If true
,
* certificates are presented from target to most-trusted CA
* (forward); if false
, from most-trusted CA to
* target (reverse).
* @exception CertPathValidatorException
* if this PKIXCertPathChecker
is unable to
* check certificates in the specified order; it should never
* be thrown if the forward flag is false since reverse
* checking must be supported
Indicates if forward checking is supported. Forward checking refers to
the ability of the PKIXCertPathChecker
to perform its
checks when certificates are presented to the check
method
in the forward direction (from target to most-trusted CA).
@return true
if forward checking is supported,
false
otherwise
* Returns an immutable Set
of X.509 certificate extensions
* that this PKIXCertPathChecker
supports (i.e. recognizes,
* is able to process), or null
if no extensions are
* supported.
*
* Each element of the set is a String
representing the
* Object Identifier (OID) of the X.509 extension that is supported. The OID
* is represented by a set of nonnegative integers separated by periods.
*
* All X.509 certificate extensions that a PKIXCertPathChecker
* might possibly be able to process should be included in the set.
*
*
* @return an immutable Set
of X.509 extension OIDs (in
* String
format) supported by this
* PKIXCertPathChecker
, or null
if no
* extensions are supported
Performs the check(s) on the specified certificate using its internal
state and removes any critical extensions that it processes from the
specified collection of OID strings that represent the unresolved
critical extensions. The certificates are presented in the order
specified by the init
method.
@param cert
the Certificate
to be checked
@param unresolvedCritExts
a Collection
of OID strings representing the
current set of unresolved critical extensions
@exception CertPathValidatorException
if the specified certificate does not pass the check
Returns a clone of this object. Calls the Object.clone()
method. All subclasses which maintain state must support and override
this method, if necessary.
@return a copy of this PKIXCertPathChecker
The Service Provider Interface (SPI)
for the {@link CertPathValidator CertPathValidator} class. All
CertPathValidator
implementations must include a class (the
SPI class) that extends this class (CertPathValidatorSpi
)
and implements all of its methods. In general, instances of this class
should only be accessed through the CertPathValidator
class.
For details, see the Java Cryptography Architecture.
Concurrent Access
Instances of this class need not be protected against concurrent
access from multiple threads. Threads that need to access a single
CertPathValidatorSpi
instance concurrently should synchronize
amongst themselves and provide the necessary locking before calling the
wrapping CertPathValidator
object.
However, implementations of CertPathValidatorSpi
may still
encounter concurrency issues, since multiple threads each
manipulating a different CertPathValidatorSpi
instance need not
synchronize.
CertPathValidatorSpi implementation for X.509 Certificate validation a la RFC
3280.
An exception indicating one of a variety of problems encountered when
validating a certification path.
A CertPathValidatorException
provides support for wrapping
exceptions. The {@link #getCause getCause} method returns the throwable,
if any, that caused this exception to be thrown.
A CertPathValidatorException
may also include the
certification path that was being validated when the exception was thrown
and the index of the certificate in the certification path that caused the
exception to be thrown. Use the {@link #getCertPath getCertPath} and
{@link #getIndex getIndex} methods to retrieve this information.
Concurrent Access
Unless otherwise specified, the methods defined in this class are not
thread-safe. Multiple threads that need to access a single
object concurrently should synchronize amongst themselves and
provide the necessary locking. Multiple threads each manipulating
separate objects need not synchronize.
@see CertPathValidator
Creates a PkixCertPathValidatorException
with the given detail
message. A detail message is a String
that describes this
particular exception.
the detail message
Creates a PkixCertPathValidatorException
with the specified
detail message and cause.
the detail message
the cause (which is saved for later retrieval by the
{@link #getCause getCause()} method). (A null
value is permitted, and indicates that the cause is
nonexistent or unknown.)
Creates a PkixCertPathValidatorException
with the specified
detail message, cause, certification path, and index.
the detail message (or null
if none)
the cause (or null
if none)
the certification path that was in the process of being
validated when the error was encountered
the index of the certificate in the certification path that *
Returns the detail message for this CertPathValidatorException
.
the detail message, or null
if neither the message nor cause were specified
Returns the certification path that was being validated when the
exception was thrown.
@return the CertPath
that was being validated when the
exception was thrown (or null
if not specified)
Returns the index of the certificate in the certification path that
caused the exception to be thrown. Note that the list of certificates in
a CertPath
is zero based. If no index has been set, -1 is
returned.
@return the index that has been set, or -1 if none has been set
Summary description for PkixCertPathValidatorResult.
Summary description for PkixCertPathValidatorUtilities.
key usage bits
Search the given Set of TrustAnchor's for one that is the
issuer of the given X509 certificate.
the X509 certificate
a Set of TrustAnchor's
the TrustAnchor
object if found or
null
if not.
@exception
Returns the issuer of an attribute certificate or certificate.
The attribute certificate or certificate.
The issuer as X500Principal
.
Return the next working key inheriting DSA parameters if necessary.
This methods inherits DSA parameters from the indexed certificate or
previous certificates in the certificate chain to the returned
PublicKey
. The list is searched upwards, meaning the end
certificate is at position 0 and previous certificates are following.
If the indexed certificate does not contain a DSA key this method simply
returns the public key. If the DSA key already contains DSA parameters
the key is also only returned.
@param certs The certification path.
@param index The index of the certificate which contains the public key
which should be extended with DSA parameters.
@return The public key of the certificate in list position
index
extended with DSA parameters if applicable.
@throws Exception if DSA parameters cannot be inherited.
Return a Collection of all certificates or attribute certificates found
in the X509Store's that are matching the certSelect criteriums.
a {@link Selector} object that will be used to select
the certificates
a List containing only X509Store objects. These
are used to search for certificates.
a Collection of all found or
objects.
May be empty but never null
.
Add the CRL issuers from the cRLIssuer field of the distribution point or
from the certificate if not given to the issuer criterion of the
selector
.
The issuerPrincipals
are a collection with a single
X500Principal
for X509Certificate
s. For
{@link X509AttributeCertificate}s the issuer may contain more than one
X500Principal
.
@param dp The distribution point.
@param issuerPrincipals The issuers of the certificate or attribute
certificate which contains the distribution point.
@param selector The CRL selector.
@param pkixParams The PKIX parameters containing the cert stores.
@throws Exception if an exception occurs while processing.
@throws ClassCastException if issuerPrincipals
does not
contain only X500Principal
s.
Fetches complete CRLs according to RFC 3280.
@param dp The distribution point for which the complete CRL
@param cert The X509Certificate
or
{@link org.bouncycastle.x509.X509AttributeCertificate} for
which the CRL should be searched.
@param currentDate The date for which the delta CRLs must be valid.
@param paramsPKIX The extended PKIX parameters.
@return A Set
of X509CRL
s with complete
CRLs.
@throws Exception if an exception occurs while picking the CRLs
or no CRLs are found.
Fetches delta CRLs according to RFC 3280 section 5.2.4.
@param currentDate The date for which the delta CRLs must be valid.
@param paramsPKIX The extended PKIX parameters.
@param completeCRL The complete CRL the delta CRL is for.
@return A Set
of X509CRL
s with delta CRLs.
@throws Exception if an exception occurs while picking the delta
CRLs.
Find the issuer certificates of a given certificate.
@param cert
The certificate for which an issuer should be found.
@param pkixParams
@return A Collection
object containing the issuer
X509Certificate
s. Never null
.
@exception Exception
if an error occurs.
Extract the value of the given extension, if it exists.
The extension object.
The object identifier to obtain.
Asn1Object
if the extension cannot be read.
crl checking
Return a Collection of all CRLs found in the X509Store's that are
matching the crlSelect criteriums.
a {@link X509CRLStoreSelector} object that will be used
to select the CRLs
a List containing only {@link org.bouncycastle.x509.X509Store
X509Store} objects. These are used to search for CRLs
a Collection of all found {@link X509CRL X509CRL} objects. May be
empty but never null
.
Returns the intersection of the permitted IP ranges in
permitted
with ip
.
@param permitted A Set
of permitted IP addresses with
their subnet mask as byte arrays.
@param ips The IP address with its subnet mask.
@return The Set
of permitted IP ranges intersected with
ip
.
Returns the union of the excluded IP ranges in excluded
with ip
.
@param excluded A Set
of excluded IP addresses with their
subnet mask as byte arrays.
@param ip The IP address with its subnet mask.
@return The Set
of excluded IP ranges unified with
ip
as byte arrays.
Calculates the union if two IP ranges.
@param ipWithSubmask1 The first IP address with its subnet mask.
@param ipWithSubmask2 The second IP address with its subnet mask.
@return A Set
with the union of both addresses.
Calculates the interesction if two IP ranges.
@param ipWithSubmask1 The first IP address with its subnet mask.
@param ipWithSubmask2 The second IP address with its subnet mask.
@return A Set
with the single IP address with its subnet
mask as a byte array or an empty Set
.
Concatenates the IP address with its subnet mask.
@param ip The IP address.
@param subnetMask Its subnet mask.
@return The concatenated IP address with its subnet mask.
Splits the IP addresses and their subnet mask.
@param ipWithSubmask1 The first IP address with the subnet mask.
@param ipWithSubmask2 The second IP address with the subnet mask.
@return An array with two elements. Each element contains the IP address
and the subnet mask in this order.
Based on the two IP addresses and their subnet masks the IP range is
computed for each IP address - subnet mask pair and returned as the
minimum IP address and the maximum address of the range.
@param ip1 The first IP address.
@param subnetmask1 The subnet mask of the first IP address.
@param ip2 The second IP address.
@param subnetmask2 The subnet mask of the second IP address.
@return A array with two elements. The first/second element contains the
min and max IP address of the first/second IP address and its
subnet mask.
Checks if the IP ip
is included in the permitted ISet
permitted
.
@param permitted A Set
of permitted IP addresses with
their subnet mask as byte arrays.
@param ip The IP address.
@throws PkixNameConstraintValidatorException
if the IP is not permitted.
Checks if the IP ip
is included in the excluded ISet
excluded
.
@param excluded A Set
of excluded IP addresses with their
subnet mask as byte arrays.
@param ip The IP address.
@throws PkixNameConstraintValidatorException
if the IP is excluded.
Checks if the IP address ip
is constrained by
constraint
.
@param ip The IP address.
@param constraint The constraint. This is an IP address concatenated with
its subnetmask.
@return true
if constrained, false
otherwise.
The common part of email1
and email2
is
added to the union union
. If email1
and
email2
have nothing in common they are added both.
@param email1 Email address constraint 1.
@param email2 Email address constraint 2.
@param union The union.
The most restricting part from email1
and
email2
is added to the intersection intersect
.
@param email1 Email address constraint 1.
@param email2 Email address constraint 2.
@param intersect The intersection.
Checks if the given GeneralName is in the permitted ISet.
@param name The GeneralName
@throws PkixNameConstraintValidatorException
If the name
Check if the given GeneralName is contained in the excluded ISet.
@param name The GeneralName.
@throws PkixNameConstraintValidatorException
If the name
is
excluded.
Updates the permitted ISet of these name constraints with the intersection
with the given subtree.
@param permitted The permitted subtrees
Adds a subtree to the excluded ISet of these name constraints.
@param subtree A subtree with an excluded GeneralName.
Returns the maximum IP address.
@param ip1 The first IP address.
@param ip2 The second IP address.
@return The maximum IP address.
Returns the minimum IP address.
@param ip1 The first IP address.
@param ip2 The second IP address.
@return The minimum IP address.
Compares IP address ip1
with ip2
. If ip1
is equal to ip2 0 is returned. If ip1 is bigger 1 is returned, -1
otherwise.
@param ip1 The first IP address.
@param ip2 The second IP address.
@return 0 if ip1 is equal to ip2, 1 if ip1 is bigger, -1 otherwise.
Returns the logical OR of the IP addresses ip1
and
ip2
.
@param ip1 The first IP address.
@param ip2 The second IP address.
@return The OR of ip1
and ip2
.
Stringifies an IPv4 or v6 address with subnet mask.
@param ip The IP with subnet mask.
@return The stringified IP address.
Summary description for PkixParameters.
This is the default PKIX validity model. Actually there are two variants
of this: The PKIX model and the modified PKIX model. The PKIX model
verifies that all involved certificates must have been valid at the
current time. The modified PKIX model verifies that all involved
certificates were valid at the signing time. Both are indirectly choosen
with the {@link PKIXParameters#setDate(java.util.Date)} method, so this
methods sets the Date when all certificates must have been
valid.
This model uses the following validity model. Each certificate must have
been valid at the moment where is was used. That means the end
certificate must have been valid at the time the signature was done. The
CA certificate which signed the end certificate must have been valid,
when the end certificate was signed. The CA (or Root CA) certificate must
have been valid, when the CA certificate was signed and so on. So the
{@link PKIXParameters#setDate(java.util.Date)} method sets the time, when
the end certificate must have been valid. It is used e.g.
in the German signature law.
Creates an instance of PKIXParameters with the specified Set of
most-trusted CAs. Each element of the set is a TrustAnchor.
Note that the Set is copied to protect against subsequent modifications.
@param trustAnchors
a Set of TrustAnchors
@exception InvalidAlgorithmParameterException
if the specified Set is empty
(trustAnchors.isEmpty() == true)
@exception NullPointerException
if the specified Set is null
@exception ClassCastException
if any of the elements in the Set are not of type
java.security.cert.TrustAnchor
Returns the required constraints on the target certificate. The
constraints are returned as an instance of CertSelector. If
null
, no constraints are defined.
Note that the CertSelector returned is cloned to protect against
subsequent modifications.
@return a CertSelector specifying the constraints on the target
certificate (or null
)
@see #setTargetCertConstraints(CertSelector)
Sets the required constraints on the target certificate. The constraints
are specified as an instance of CertSelector. If null, no constraints are
defined.
Note that the CertSelector specified is cloned to protect against
subsequent modifications.
@param selector
a CertSelector specifying the constraints on the target
certificate (or null
)
@see #getTargetCertConstraints()
Returns an immutable Set of initial policy identifiers (OID strings),
indicating that any one of these policies would be acceptable to the
certificate user for the purposes of certification path processing. The
default return value is an empty Set
, which is
interpreted as meaning that any policy would be acceptable.
@return an immutable Set
of initial policy OIDs in String
format, or an empty Set
(implying any policy is
acceptable). Never returns null
.
@see #setInitialPolicies(java.util.Set)
Sets the Set
of initial policy identifiers (OID strings),
indicating that any one of these policies would be acceptable to the
certificate user for the purposes of certification path processing. By
default, any policy is acceptable (i.e. all policies), so a user that
wants to allow any policy as acceptable does not need to call this
method, or can call it with an empty Set
(or
null
).
Note that the Set is copied to protect against subsequent modifications.
@param initialPolicies
a Set of initial policy OIDs in String format (or
null
)
@exception ClassCastException
if any of the elements in the set are not of type String
@see #getInitialPolicies()
Sets a List
of additional certification path checkers. If
the specified List contains an object that is not a PKIXCertPathChecker,
it is ignored.
Each PKIXCertPathChecker
specified implements additional
checks on a certificate. Typically, these are checks to process and
verify private extensions contained in certificates. Each
PKIXCertPathChecker
should be instantiated with any
initialization parameters needed to execute the check.
This method allows sophisticated applications to extend a PKIX
CertPathValidator
or CertPathBuilder
. Each
of the specified PKIXCertPathCheckers will be called, in turn, by a PKIX
CertPathValidator
or CertPathBuilder
for
each certificate processed or validated.
Regardless of whether these additional PKIXCertPathCheckers are set, a
PKIX CertPathValidator
or CertPathBuilder
must perform all of the required PKIX checks on each certificate. The one
exception to this rule is if the RevocationEnabled flag is set to false
(see the {@link #setRevocationEnabled(boolean) setRevocationEnabled}
method).
Note that the List supplied here is copied and each PKIXCertPathChecker
in the list is cloned to protect against subsequent modifications.
@param checkers
a List of PKIXCertPathCheckers. May be null, in which case no
additional checkers will be used.
@exception ClassCastException
if any of the elements in the list are not of type
java.security.cert.PKIXCertPathChecker
@see #getCertPathCheckers()
Returns the List of certification path checkers. Each PKIXCertPathChecker
in the returned IList is cloned to protect against subsequent modifications.
@return an immutable List of PKIXCertPathCheckers (may be empty, but not
null
)
@see #setCertPathCheckers(java.util.List)
Adds a PKIXCertPathChecker
to the list of certification
path checkers. See the {@link #setCertPathCheckers setCertPathCheckers}
method for more details.
Note that the PKIXCertPathChecker
is cloned to protect
against subsequent modifications.
@param checker a PKIXCertPathChecker
to add to the list of
checks. If null
, the checker is ignored (not added to list).
Method to support Clone()
under J2ME.
super.Clone()
does not exist and fields are not copied.
@param params Parameters to set. If this are
ExtendedPkixParameters
they are copied to.
Whether delta CRLs should be used for checking the revocation status.
Defaults to false
.
The validity model.
@see #CHAIN_VALIDITY_MODEL
@see #PKIX_VALIDITY_MODEL
Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute
certificates or cross certificates.
The IList
is cloned.
@param stores A list of stores to use.
@see #getStores
@throws ClassCastException if an element of stores
is not
a {@link Store}.
Adds a Bouncy Castle {@link Store} to find CRLs, certificates, attribute
certificates or cross certificates.
This method should be used to add local stores, like collection based
X.509 stores, if available. Local stores should be considered first,
before trying to use additional (remote) locations, because they do not
need possible additional network traffic.
If store
is null
it is ignored.
@param store The store to add.
@see #getStores
Adds an additional Bouncy Castle {@link Store} to find CRLs, certificates,
attribute certificates or cross certificates.
You should not use this method. This method is used for adding additional
X.509 stores, which are used to add (remote) locations, e.g. LDAP, found
during X.509 object processing, e.g. in certificates or CRLs. This method
is used in PKIX certification path processing.
If store
is null
it is ignored.
@param store The store to add.
@see #getStores()
Returns an IList
of additional Bouncy Castle
Store
s used for finding CRLs, certificates, attribute
certificates or cross certificates.
@return an immutable IList
of additional Bouncy Castle
Store
s. Never null
.
@see #addAddionalStore(Store)
Returns an IList
of Bouncy Castle
Store
s used for finding CRLs, certificates, attribute
certificates or cross certificates.
@return an immutable IList
of Bouncy Castle
Store
s. Never null
.
@see #setStores(IList)
Returns if additional {@link X509Store}s for locations like LDAP found
in certificates or CRLs should be used.
@return Returns true
if additional stores are used.
Sets if additional {@link X509Store}s for locations like LDAP found in
certificates or CRLs should be used.
@param enabled true
if additional stores are used.
Returns the required constraints on the target certificate or attribute
certificate. The constraints are returned as an instance of
IX509Selector
. If null
, no constraints are
defined.
The target certificate in a PKIX path may be a certificate or an
attribute certificate.
Note that the IX509Selector
returned is cloned to protect
against subsequent modifications.
@return a IX509Selector
specifying the constraints on the
target certificate or attribute certificate (or null
)
@see #setTargetConstraints
@see X509CertStoreSelector
@see X509AttributeCertStoreSelector
Sets the required constraints on the target certificate or attribute
certificate. The constraints are specified as an instance of
IX509Selector
. If null
, no constraints are
defined.
The target certificate in a PKIX path may be a certificate or an
attribute certificate.
Note that the IX509Selector
specified is cloned to protect
against subsequent modifications.
@param selector a IX509Selector
specifying the constraints on
the target certificate or attribute certificate (or
null
)
@see #getTargetConstraints
@see X509CertStoreSelector
@see X509AttributeCertStoreSelector
Returns the trusted attribute certificate issuers. If attribute
certificates is verified the trusted AC issuers must be set.
The returned ISet
consists of TrustAnchor
s.
The returned ISet
is immutable. Never null
@return Returns an immutable set of the trusted AC issuers.
Sets the trusted attribute certificate issuers. If attribute certificates
is verified the trusted AC issuers must be set.
The trustedACIssuers
must be a ISet
of
TrustAnchor
The given set is cloned.
@param trustedACIssuers The trusted AC issuers to set. Is never
null
.
@throws ClassCastException if an element of stores
is not
a TrustAnchor
.
Returns the necessary attributes which must be contained in an attribute
certificate.
The returned ISet
is immutable and contains
String
s with the OIDs.
@return Returns the necessary AC attributes.
Sets the necessary which must be contained in an attribute certificate.
The ISet
must contain String
s with the
OIDs.
The set is cloned.
@param necessaryACAttributes The necessary AC attributes to set.
@throws ClassCastException if an element of
necessaryACAttributes
is not a
String
.
Returns the attribute certificates which are not allowed.
The returned ISet
is immutable and contains
String
s with the OIDs.
@return Returns the prohibited AC attributes. Is never null
.
Sets the attribute certificates which are not allowed.
The ISet
must contain String
s with the
OIDs.
The set is cloned.
@param prohibitedACAttributes The prohibited AC attributes to set.
@throws ClassCastException if an element of
prohibitedACAttributes
is not a
String
.
Returns the attribute certificate checker. The returned set contains
{@link PKIXAttrCertChecker}s and is immutable.
@return Returns the attribute certificate checker. Is never
null
.
Sets the attribute certificate checkers.
All elements in the ISet
must a {@link PKIXAttrCertChecker}.
The given set is cloned.
@param attrCertCheckers The attribute certificate checkers to set. Is
never null
.
@throws ClassCastException if an element of attrCertCheckers
is not a PKIXAttrCertChecker
.
Summary description for PkixPolicyNode.
Constructors
This class helps to handle CRL revocation reasons mask. Each CRL handles a
certain set of revocation reasons.
Constructs are reason mask with the reasons.
The reasons.
A reason mask with no reason.
A mask with all revocation reasons.
Adds all reasons from the reasons mask to this mask.
@param mask The reasons mask to add.
Returns true
if this reasons mask contains all possible
reasons.
true if this reasons mask contains all possible reasons.
Intersects this mask with the given reasons mask.
mask The mask to intersect with.
The intersection of this and teh given mask.
Returns true if the passed reasons mask has new reasons.
The reasons mask which should be tested for new reasons.
true if the passed reasons mask has new reasons.
Returns the reasons in this mask.
If the complete CRL includes an issuing distribution point (IDP) CRL
extension check the following:
(i) If the distribution point name is present in the IDP CRL extension
and the distribution field is present in the DP, then verify that one of
the names in the IDP matches one of the names in the DP. If the
distribution point name is present in the IDP CRL extension and the
distribution field is omitted from the DP, then verify that one of the
names in the IDP matches one of the names in the cRLIssuer field of the
DP.
(ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL
extension, verify that the certificate does not include the basic
constraints extension with the cA boolean asserted.
(iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL
extension, verify that the certificate includes the basic constraints
extension with the cA boolean asserted.
(iv) Verify that the onlyContainsAttributeCerts boolean is not asserted.
@param dp The distribution point.
@param cert The certificate.
@param crl The CRL.
@throws AnnotatedException if one of the conditions is not met or an error occurs.
If the DP includes cRLIssuer, then verify that the issuer field in the
complete CRL matches cRLIssuer in the DP and that the complete CRL
contains an
g distribution point extension with the indirectCRL
boolean asserted. Otherwise, verify that the CRL issuer matches the
certificate issuer.
@param dp The distribution point.
@param cert The certificate ot attribute certificate.
@param crl The CRL for cert
.
@throws AnnotatedException if one of the above conditions does not apply or an error
occurs.
Obtain and validate the certification path for the complete CRL issuer.
If a key usage extension is present in the CRL issuer's certificate,
verify that the cRLSign bit is set.
@param crl CRL which contains revocation information for the certificate
cert
.
@param cert The attribute certificate or certificate to check if it is
revoked.
@param defaultCRLSignCert The issuer certificate of the certificate cert
.
@param defaultCRLSignKey The public key of the issuer certificate
defaultCRLSignCert
.
@param paramsPKIX paramsPKIX PKIX parameters.
@param certPathCerts The certificates on the certification path.
@return A Set
with all keys of possible CRL issuer
certificates.
@throws AnnotatedException if the CRL is not valid or the status cannot be checked or
some error occurs.
Checks a distribution point for revocation information for the
certificate cert
.
@param dp The distribution point to consider.
@param paramsPKIX PKIX parameters.
@param cert Certificate to check if it is revoked.
@param validDate The date when the certificate revocation status should be
checked.
@param defaultCRLSignCert The issuer certificate of the certificate cert
.
@param defaultCRLSignKey The public key of the issuer certificate
defaultCRLSignCert
.
@param certStatus The current certificate revocation status.
@param reasonMask The reasons mask which is already checked.
@param certPathCerts The certificates of the certification path.
@throws AnnotatedException if the certificate is revoked or the status cannot be checked
or some error occurs.
Checks a certificate if it is revoked.
@param paramsPKIX PKIX parameters.
@param cert Certificate to check if it is revoked.
@param validDate The date when the certificate revocation status should be
checked.
@param sign The issuer certificate of the certificate cert
.
@param workingPublicKey The public key of the issuer certificate sign
.
@param certPathCerts The certificates of the certification path.
@throws AnnotatedException if the certificate is revoked or the status cannot be checked
or some error occurs.
If use-deltas is set, verify the issuer and scope of the delta CRL.
@param deltaCRL The delta CRL.
@param completeCRL The complete CRL.
@param pkixParams The PKIX paramaters.
@throws AnnotatedException if an exception occurs.
Checks if an attribute certificate is revoked.
@param attrCert Attribute certificate to check if it is revoked.
@param paramsPKIX PKIX parameters.
@param issuerCert The issuer certificate of the attribute certificate
attrCert
.
@param validDate The date when the certificate revocation status should
be checked.
@param certPathCerts The certificates of the certification path to be
checked.
@throws CertPathValidatorException if the certificate is revoked or the
status cannot be checked or some error occurs.
Searches for a holder public key certificate and verifies its
certification path.
@param attrCert the attribute certificate.
@param pkixParams The PKIX parameters.
@return The certificate path of the holder certificate.
@throws Exception if
- no public key certificate can be found although holder
information is given by an entity name or a base certificate
ID
- support classes cannot be created
- no certification path for the public key certificate can
be built
Checks a distribution point for revocation information for the
certificate attrCert
.
@param dp The distribution point to consider.
@param attrCert The attribute certificate which should be checked.
@param paramsPKIX PKIX parameters.
@param validDate The date when the certificate revocation status should
be checked.
@param issuerCert Certificate to check if it is revoked.
@param reasonMask The reasons mask which is already checked.
@param certPathCerts The certificates of the certification path to be
checked.
@throws Exception if the certificate is revoked or the status
cannot be checked or some error occurs.
A trust anchor or most-trusted Certification Authority (CA).
This class represents a "most-trusted CA", which is used as a trust anchor
for validating X.509 certification paths. A most-trusted CA includes the
public key of the CA, the CA's name, and any constraints upon the set of
paths which may be validated using this key. These parameters can be
specified in the form of a trusted X509Certificate or as individual
parameters.
Creates an instance of TrustAnchor with the specified X509Certificate and
optional name constraints, which are intended to be used as additional
constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array
should contain the DER encoded form of the name constraints, as they
would appear in the NameConstraints structure defined in RFC 2459 and
X.509. The ASN.1 definition of this structure appears below.
NameConstraints ::= SEQUENCE {
permittedSubtrees [0] GeneralSubtrees OPTIONAL,
excludedSubtrees [1] GeneralSubtrees OPTIONAL }
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
GeneralSubtree ::= SEQUENCE {
base GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL }
BaseDistance ::= INTEGER (0..MAX)
GeneralName ::= CHOICE {
otherName [0] OtherName,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER}
Note that the name constraints byte array supplied is cloned to protect
against subsequent modifications.
a trusted X509Certificate
a byte array containing the ASN.1 DER encoding of a
NameConstraints extension to be used for checking name
constraints. Only the value of the extension is included, not
the OID or criticality flag. Specify null to omit the
parameter.
if the specified X509Certificate is null
Creates an instance of TrustAnchor where the
most-trusted CA is specified as an X500Principal and public key.
Name constraints are an optional parameter, and are intended to be used
as additional constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array
contains the DER encoded form of the name constraints, as they
would appear in the NameConstraints structure defined in RFC 2459
and X.509. The ASN.1 notation for this structure is supplied in the
documentation for the other constructors.
Note that the name constraints byte array supplied here is cloned to
protect against subsequent modifications.
the name of the most-trusted CA as X509Name
the public key of the most-trusted CA
a byte array containing the ASN.1 DER encoding of a NameConstraints extension to
be used for checking name constraints. Only the value of the extension is included,
not the OID or criticality flag. Specify null to omit the parameter.
if caPrincipal or pubKey is null
Creates an instance of TrustAnchor
where the most-trusted
CA is specified as a distinguished name and public key. Name constraints
are an optional parameter, and are intended to be used as additional
constraints when validating an X.509 certification path.
The name constraints are specified as a byte array. This byte array
contains the DER encoded form of the name constraints, as they would
appear in the NameConstraints structure defined in RFC 2459 and X.509.
the X.500 distinguished name of the most-trusted CA in RFC
2253 string format
the public key of the most-trusted CA
a byte array containing the ASN.1 DER encoding of a
NameConstraints extension to be used for checking name
constraints. Only the value of the extension is included, not
the OID or criticality flag. Specify null to omit the
parameter.
throws NullPointerException, IllegalArgumentException
Returns the most-trusted CA certificate.
Returns the name of the most-trusted CA as an X509Name.
Returns the name of the most-trusted CA in RFC 2253 string format.
Returns the public key of the most-trusted CA.
Decode the name constraints and clone them if not null.
Returns a formatted string describing the TrustAnchor
.
a formatted string describing the TrustAnchor
Base class for an RFC 3161 Time Stamp Request.
Create a TimeStampRequest from the past in byte array.
@param req byte array containing the request.
@throws IOException if the request is malformed.
Create a TimeStampRequest from the past in input stream.
@param in input stream containing the request.
@throws IOException if the request is malformed.
Validate the timestamp request, checking the digest to see if it is of an
accepted type and whether it is of the correct length for the algorithm specified.
@param algorithms a set of string OIDS giving accepted algorithms.
@param policies if non-null a set of policies we are willing to sign under.
@param extensions if non-null a set of extensions we are willing to accept.
@throws TspException if the request is invalid, or processing fails.
return the ASN.1 encoded representation of this object.
Generator for RFC 3161 Time Stamp Request objects.
add a given extension field for the standard extensions tag (tag 3)
@throws IOException
add a given extension field for the standard extensions tag
The value parameter becomes the contents of the octet string associated
with the extension.
add a given extension field for the standard extensions tag (tag 3)
@throws IOException
add a given extension field for the standard extensions tag
The value parameter becomes the contents of the octet string associated
with the extension.
Base class for an RFC 3161 Time Stamp Response object.
Create a TimeStampResponse from a byte array containing an ASN.1 encoding.
@param resp the byte array containing the encoded response.
@throws TspException if the response is malformed.
@throws IOException if the byte array doesn't represent an ASN.1 encoding.
Create a TimeStampResponse from an input stream containing an ASN.1 encoding.
@param input the input stream containing the encoded response.
@throws TspException if the response is malformed.
@throws IOException if the stream doesn't represent an ASN.1 encoding.
Check this response against to see if it a well formed response for
the passed in request. Validation will include checking the time stamp
token if the response status is GRANTED or GRANTED_WITH_MODS.
@param request the request to be checked against
@throws TspException if the request can not match this response.
return the ASN.1 encoded representation of this object.
Generator for RFC 3161 Time Stamp Responses.
Return an appropriate TimeStampResponse.
If genTime is null a timeNotAvailable error response will be returned.
@param request the request this response is for.
@param serialNumber serial number for the response token.
@param genTime generation time for the response token.
@param provider provider to use for signature calculation.
@return
@throws NoSuchAlgorithmException
@throws NoSuchProviderException
@throws TSPException
Generate a TimeStampResponse with chosen status and FailInfoField.
@param status the PKIStatus to set.
@param failInfoField the FailInfoField to set.
@param statusString an optional string describing the failure.
@return a TimeStampResponse with a failInfoField and optional statusString
@throws TSPException in case the response could not be created
Validate the time stamp token.
To be valid the token must be signed by the passed in certificate and
the certificate must be the one referred to by the SigningCertificate
attribute included in the hashed attributes of the token. The
certificate must also have the ExtendedKeyUsageExtension with only
KeyPurposeID.IdKPTimeStamping and have been valid at the time the
timestamp was created.
A successful call to validate means all the above are true.
Return the underlying CmsSignedData object.
@return the underlying CMS structure.
Return a ASN.1 encoded byte stream representing the encoded object.
@throws IOException if encoding fails.
basic creation - only the default attributes will be included here.
create with a signer with extra signed/unsigned attributes.
@return the nonce value, null if there isn't one.
Recognised hash algorithms for the time stamp protocol.
Fetches the signature time-stamp attributes from a SignerInformation object.
Checks that the MessageImprint for each time-stamp matches the signature field.
(see RFC 3161 Appendix A).
@param signerInfo a SignerInformation to search for time-stamps
@return a collection of TimeStampToken objects
@throws TSPValidationException
Validate the passed in certificate as being of the correct type to be used
for time stamping. To be valid it must have an ExtendedKeyUsage extension
which has a key purpose identifier of id-kp-timeStamping.
@param cert the certificate of interest.
@throws TspValidationException if the certicate fails on one of the check points.
Return the digest algorithm using one of the standard JCA string
representations rather than the algorithm identifier (if possible).
Exception thrown if a TSP request or response fails to validate.
If a failure code is associated with the exception it can be retrieved using
the getFailureCode() method.
Return the failure code associated with this exception - if one is set.
@return the failure code if set, -1 otherwise.
General array utilities.
Are two arrays equal.
Left side.
Right side.
True if equal.
A constant time equals comparison - does not terminate early if
test will fail.
first array
second array
true if arrays equal, false otherwise.
Make a copy of a range of bytes from the passed in data array. The range can
extend beyond the end of the input array, in which case the return array will
be padded with zeroes.
@param data the array from which the data is to be copied.
@param from the start index at which the copying should take place.
@param to the final index of the range (exclusive).
@return a new byte array containing the range given.
BigInteger utilities.
Return the passed in value as an unsigned byte array.
@param value value to be converted.
@return a byte array without a leading zero byte if present in the signed encoding.
Return the passed in value as an unsigned byte array of specified length, zero-extended as necessary.
@param length desired length of result array.
@param n value to be converted.
@return a byte array of specified length, with leading zeroes as necessary given the size of n.
Return a random BigInteger not less than 'min' and not greater than 'max'
@param min the least value that may be generated
@param max the greatest value that may be generated
@param random the source of randomness
@return a random BigInteger value in the range [min,max]
Return the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC) for a given DateTime value.
A UTC DateTime value not before epoch.
Number of whole milliseconds after epoch.
'dateTime' is before epoch.
Create a DateTime value from the number of milliseconds since the Unix epoch (1 Jan., 1970 UTC).
Number of milliseconds since the epoch.
A UTC DateTime value
Return the current number of milliseconds since the Unix epoch (1 Jan., 1970 UTC).
encode the input data producing a base 64 encoded byte array.
@return a byte array containing the base 64 encoded data.
encode the input data producing a base 64 encoded byte array.
@return a byte array containing the base 64 encoded data.
Encode the byte data to base 64 writing it to the given output stream.
@return the number of bytes produced.
Encode the byte data to base 64 writing it to the given output stream.
@return the number of bytes produced.
decode the base 64 encoded input data. It is assumed the input data is valid.
@return a byte array representing the decoded data.
decode the base 64 encoded string data - whitespace will be ignored.
@return a byte array representing the decoded data.
decode the base 64 encoded string data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
encode the input data producing a base 64 output stream.
@return the number of bytes produced.
decode the base 64 encoded byte data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
decode the base 64 encoded string data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
A buffering class to allow translation from one format to another to
be done in discrete chunks.
Create a buffered Decoder.
The translater to use.
The size of the buffer.
Process one byte of data.
Data in.
Byte array for the output.
The offset in the output byte array to start writing from.
The amount of output bytes.
Process data from a byte array.
The input data.
Start position within input data array.
Amount of data to process from input data array.
Array to store output.
Position in output array to start writing from.
The amount of output bytes.
A class that allows encoding of data using a specific encoder to be processed in chunks.
Create.
The translator to use.
Size of the chunks.
Process one byte of data.
The byte.
An array to store output in.
Offset within output array to start writing from.
Process data from a byte array.
Input data Byte array containing data to be processed.
Start position within input data array.
Amount of input data to be processed.
Output data array.
Offset within output data array to start writing to.
The amount of data written.
Class to decode and encode Hex.
encode the input data producing a Hex encoded byte array.
@return a byte array containing the Hex encoded data.
encode the input data producing a Hex encoded byte array.
@return a byte array containing the Hex encoded data.
Hex encode the byte data writing it to the given output stream.
@return the number of bytes produced.
Hex encode the byte data writing it to the given output stream.
@return the number of bytes produced.
decode the Hex encoded input data. It is assumed the input data is valid.
@return a byte array representing the decoded data.
decode the Hex encoded string data - whitespace will be ignored.
@return a byte array representing the decoded data.
decode the Hex encoded string data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
encode the input data producing a Hex output stream.
@return the number of bytes produced.
decode the Hex encoded byte data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
decode the Hex encoded string data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
A hex translator.
Return encoded block size.
2
Encode some data.
Input data array.
Start position within input data array.
The amount of data to process.
The output data array.
The offset within the output data array to start writing from.
Amount of data encoded.
Returns the decoded block size.
1
Decode data from a byte array.
The input data array.
Start position within input data array.
The amounty of data to process.
The output data array.
The position within the output data array to start writing from.
The amount of data written.
Encode and decode byte arrays (typically from binary to 7-bit ASCII
encodings).
Translator interface.
Convert binary data to and from UrlBase64 encoding. This is identical to
Base64 encoding, except that the padding character is "." and the other
non-alphanumeric characters are "-" and "_" instead of "+" and "/".
The purpose of UrlBase64 encoding is to provide a compact encoding of binary
data that is safe for use as an URL parameter. Base64 encoding does not
produce encoded values that are safe for use in URLs, since "/" can be
interpreted as a path delimiter; "+" is the encoded form of a space; and
"=" is used to separate a name from the corresponding value in an URL
parameter.
Encode the input data producing a URL safe base 64 encoded byte array.
@return a byte array containing the URL safe base 64 encoded data.
Encode the byte data writing it to the given output stream.
@return the number of bytes produced.
Decode the URL safe base 64 encoded input data - white space will be ignored.
@return a byte array representing the decoded data.
decode the URL safe base 64 encoded byte data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
decode the URL safe base 64 encoded string data - whitespace will be ignored.
@return a byte array representing the decoded data.
Decode the URL safe base 64 encoded string data writing it to the given output stream,
whitespace characters will be ignored.
@return the number of bytes produced.
Convert binary data to and from UrlBase64 encoding. This is identical to
Base64 encoding, except that the padding character is "." and the other
non-alphanumeric characters are "-" and "_" instead of "+" and "/".
The purpose of UrlBase64 encoding is to provide a compact encoding of binary
data that is safe for use as an URL parameter. Base64 encoding does not
produce encoded values that are safe for use in URLs, since "/" can be
interpreted as a path delimiter; "+" is the encoded form of a space; and
"=" is used to separate a name from the corresponding value in an URL
parameter.
Produce a copy of this object with its configuration and in its current state.
The returned object may be used simply to store the state, or may be used as a similar object
starting from the copied state.
Restore a copied object state into this object.
Implementations of this method should try to avoid or minimise memory allocation to perform the reset.
an object originally {@link #copy() copied} from an object of the same type as this instance.
if the provided object is not of the correct type.
if the other parameter is in some other way invalid.
A
A
A
A
A generic PEM writer, based on RFC 1421
Base constructor.
@param out output stream to use.
Return the number of bytes or characters required to contain the
passed in object if it is PEM encoded.
@param obj pem object to be output
@return an estimate of the number of bytes
Pipe all bytes from inStr to outStr, throwing StreamFlowException if greater
than limit bytes in inStr.
A
A
A
The number of bytes actually transferred, if not greater than limit
Exception to be thrown on a failure to reset an object implementing Memoable.
The exception extends InvalidCastException to enable users to have a single handling case,
only introducing specific handling of this one if required.
Basic Constructor.
@param msg message to be associated with this exception.
Validate the given IPv4 or IPv6 address.
@param address the IP address as a string.
@return true if a valid address, false otherwise
Validate the given IPv4 or IPv6 address and netmask.
@param address the IP address as a string.
@return true if a valid address with netmask, false otherwise
Validate the given IPv4 address.
@param address the IP address as a string.
@return true if a valid IPv4 address, false otherwise
Validate the given IPv6 address.
@param address the IP address as a string.
@return true if a valid IPv4 address, false otherwise
General string utilities.
Summary description for DeflaterOutputStream.
Summary description for DeflaterOutputStream.
The Holder object.
Holder ::= SEQUENCE {
baseCertificateID [0] IssuerSerial OPTIONAL,
-- the issuer and serial number of
-- the holder's Public Key Certificate
entityName [1] GeneralNames OPTIONAL,
-- the name of the claimant or role
objectDigestInfo [2] ObjectDigestInfo OPTIONAL
-- used to directly authenticate the holder,
-- for example, an executable
}
Constructs a holder for v2 attribute certificates with a hash value for
some type of object.
digestedObjectType
can be one of the following:
- 0 - publicKey - A hash of the public key of the holder must be
passed.
- 1 - publicKeyCert - A hash of the public key certificate of the
holder must be passed.
- 2 - otherObjectDigest - A hash of some other object type must be
passed.
otherObjectTypeID
must not be empty.
This cannot be used if a v1 attribute certificate is used.
@param digestedObjectType The digest object type.
@param digestAlgorithm The algorithm identifier for the hash.
@param otherObjectTypeID The object type ID if
digestedObjectType
is
otherObjectDigest
.
@param objectDigest The hash value.
Returns the digest object type if an object digest info is used.
- 0 - publicKey - A hash of the public key of the holder must be
passed.
- 1 - publicKeyCert - A hash of the public key certificate of the
holder must be passed.
- 2 - otherObjectDigest - A hash of some other object type must be
passed.
otherObjectTypeID
must not be empty.
@return The digest object type or -1 if no object digest info is set.
Returns the other object type ID if an object digest info is used.
@return The other object type ID or null
if no object
digest info is set.
Returns the hash if an object digest info is used.
@return The hash or null
if no object digest info is set.
Returns the digest algorithm ID if an object digest info is used.
@return The digest algorithm ID or null
if no object
digest info is set.
Return any principal objects inside the attribute certificate holder entity names field.
@return an array of IPrincipal objects (usually X509Name), null if no entity names field is set.
Return the principals associated with the issuer attached to this holder
@return an array of principals, null if no BaseCertificateID is set.
Return the serial number associated with the issuer attached to this holder.
@return the certificate serial number, null if no BaseCertificateID is set.
Carrying class for an attribute certificate issuer.
Set the issuer directly with the ASN.1 structure.
@param issuer The issuer
Return any principal objects inside the attribute certificate issuer object.
An array of IPrincipal objects (usually X509Principal).
A high level authority key identifier.
Constructor which will take the byte[] returned from getExtensionValue()
@param encodedValue a DER octet encoded string with the extension structure in it.
@throws IOException on parsing errors.
Create an AuthorityKeyIdentifier using the passed in certificate's public
key, issuer and serial number.
@param certificate the certificate providing the information.
@throws CertificateParsingException if there is a problem processing the certificate
Create an AuthorityKeyIdentifier using just the hash of the
public key.
@param pubKey the key to generate the hash from.
@throws InvalidKeyException if there is a problem using the key.
A high level subject key identifier.
Constructor which will take the byte[] returned from getExtensionValue()
@param encodedValue a DER octet encoded string with the extension structure in it.
@throws IOException on parsing errors.
Interface for an X.509 Attribute Certificate.
The version number for the certificate.
The serial number for the certificate.
The UTC DateTime before which the certificate is not valid.
The UTC DateTime after which the certificate is not valid.
The holder of the certificate.
The issuer details for the certificate.
Return the attributes contained in the attribute block in the certificate.
An array of attributes.
Return the attributes with the same type as the passed in oid.
The object identifier we wish to match.
An array of matched attributes, null if there is no match.
Return an ASN.1 encoded byte array representing the attribute certificate.
An ASN.1 encoded byte array.
If the certificate cannot be encoded.
Get all critical extension values, by oid
IDictionary with string (OID) keys and Asn1OctetString values
Get all non-critical extension values, by oid
IDictionary with string (OID) keys and Asn1OctetString values
A utility class that will extract X509Principal objects from X.509 certificates.
Use this in preference to trying to recreate a principal from a string, not all
DNs are what they should be, so it's best to leave them encoded where they
can be.
Return the issuer of the given cert as an X509Principal.
Return the subject of the given cert as an X509Principal.
Return the issuer of the given CRL as an X509Principal.
This class is an Selector
like implementation to select
attribute certificates from a given set of criteria.
@see org.bouncycastle.x509.X509AttributeCertificate
@see org.bouncycastle.x509.X509Store
Decides if the given attribute certificate should be selected.
The attribute certificate to be checked.
true
if the object matches this selector.
The attribute certificate which must be matched.
If null is given, any will do.
The criteria for validity
If null is given any will do.
The holder.
If null is given any will do.
The issuer.
If null is given any will do.
The serial number.
If null is given any will do.
Adds a target name criterion for the attribute certificate to the target
information extension criteria. The X509AttributeCertificate
must contain at least one of the specified target names.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
@param name The name as a GeneralName (not null
)
Adds a target name criterion for the attribute certificate to the target
information extension criteria. The X509AttributeCertificate
must contain at least one of the specified target names.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
@param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName
@throws IOException if a parsing error occurs.
Adds a collection with target names criteria. If null
is
given any will do.
The collection consists of either GeneralName objects or byte[] arrays representing
DER encoded GeneralName structures.
@param names A collection of target names.
@throws IOException if a parsing error occurs.
@see #AddTargetName(byte[])
@see #AddTargetName(GeneralName)
Gets the target names. The collection consists of List
s
made up of an Integer
in the first entry and a DER encoded
byte array or a String
in the second entry.
The returned collection is immutable.
@return The collection of target names
@see #setTargetNames(Collection)
Adds a target group criterion for the attribute certificate to the target
information extension criteria. The X509AttributeCertificate
must contain at least one of the specified target groups.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
@param group The group as GeneralName form (not null
)
Adds a target group criterion for the attribute certificate to the target
information extension criteria. The X509AttributeCertificate
must contain at least one of the specified target groups.
Each attribute certificate may contain a target information extension
limiting the servers where this attribute certificate can be used. If
this extension is not present, the attribute certificate is not targeted
and may be accepted by any server.
@param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName
@throws IOException if a parsing error occurs.
Adds a collection with target groups criteria. If null
is
given any will do.
The collection consists of GeneralName
objects or byte[]
representing DER encoded GeneralNames.
@param names A collection of target groups.
@throws IOException if a parsing error occurs.
@see #AddTargetGroup(byte[])
@see #AddTargetGroup(GeneralName)
Gets the target groups. The collection consists of List
s
made up of an Integer
in the first entry and a DER encoded
byte array or a String
in the second entry.
The returned collection is immutable.
@return The collection of target groups.
@see #setTargetGroups(Collection)
This class is an IX509Selector
implementation to select
certificate pairs, which are e.g. used for cross certificates. The set of
criteria is given from two X509CertStoreSelector
objects,
each of which, if present, must match the respective component of a pair.
The certificate pair which is used for testing on equality.
The certificate selector for the forward part.
The certificate selector for the reverse part.
Decides if the given certificate pair should be selected. If
obj is not a X509CertificatePair
, this method
returns false
.
The X509CertificatePair
to be tested.
true
if the object matches this selector.
An ISet
of DerObjectIdentifier
objects.
A simple collection backed store.
Basic constructor.
@param collection - initial contents for the store, this is copied.
Return the matches in the collection for the passed in selector.
@param selector the selector to match against.
@return a possibly empty collection of matching objects.
This class contains a collection for collection based X509Store
s.
Constructor.
The collection is copied.
The collection containing X.509 object types.
If collection is null.
Returns a copy of the ICollection
.
Returns a formatted string describing the parameters.
An ICollection
of X509Name
objects
The attribute certificate being checked. This is not a criterion.
Rather, it is optional information that may help a {@link X509Store} find
CRLs that would be relevant when checking revocation for the specified
attribute certificate. If null
is specified, then no such
optional information is provided.
@param attrCert the IX509AttributeCertificate
being checked (or
null
)
@see #getAttrCertificateChecking()
If true
only complete CRLs are returned. Defaults to
false
.
@return true
if only complete CRLs are returned.
Returns if this selector must match CRLs with the delta CRL indicator
extension set. Defaults to false
.
@return Returns true
if only CRLs with the delta CRL
indicator extension are selected.
The issuing distribution point.
The issuing distribution point extension is a CRL extension which
identifies the scope and the distribution point of a CRL. The scope
contains among others information about revocation reasons contained in
the CRL. Delta CRLs and complete CRLs must have matching issuing
distribution points.
The byte array is cloned to protect against subsequent modifications.
You must also enable or disable this criteria with
{@link #setIssuingDistributionPointEnabled(bool)}.
@param issuingDistributionPoint The issuing distribution point to set.
This is the DER encoded OCTET STRING extension value.
@see #getIssuingDistributionPoint()
Whether the issuing distribution point criteria should be applied.
Defaults to false
.
You may also set the issuing distribution point criteria if not a missing
issuing distribution point should be assumed.
@return Returns if the issuing distribution point check is enabled.
The maximum base CRL number. Defaults to null
.
@return Returns the maximum base CRL number.
@see #setMaxBaseCRLNumber(BigInteger)
A factory to produce Public Key Info Objects.
Create a Subject Public Key Info object for a given public key.
One of ElGammalPublicKeyParameters, DSAPublicKeyParameter, DHPublicKeyParameters, RsaKeyParameters or ECPublicKeyParameters
A subject public key info object.
Throw exception if object provided is not one of the above.
Create loading data from byte array.
Create loading data from byte array.
Generates a certificate object and initializes it with the data
read from the input stream inStream.
Returns a (possibly empty) collection view of the certificates
read from the given input stream inStream.
Class for carrying the values in an X.509 Attribute.
@param at an object representing an attribute.
Create an X.509 Attribute with the type given by the passed in oid and
the value represented by an ASN.1 Set containing value.
@param oid type of the attribute
@param value value object to go into the atribute's value set.
Create an X.59 Attribute with the type given by the passed in oid and the
value represented by an ASN.1 Set containing the objects in value.
@param oid type of the attribute
@param value vector of values to go in the attribute's value set.
An Object representing an X509 Certificate.
Has static methods for loading Certificates encoded in many forms that return X509Certificate Objects.
Return true if the current time is within the start and end times nominated on the certificate.
true id certificate is valid for the current time.
Return true if the nominated time is within the start and end times nominated on the certificate.
The time to test validity against.
True if certificate is valid for nominated time.
Checks if the current date is within certificate's validity period.
Checks if the given date is within certificate's validity period.
if the certificate is expired by given date
if the certificate is not yet valid on given date
Return the certificate's version.
An integer whose value Equals the version of the cerficate.
Return a BigInteger containing the serial number.
The Serial number.
Get the Issuer Distinguished Name. (Who signed the certificate.)
And X509Object containing name and value pairs.
Get the subject of this certificate.
An X509Name object containing name and value pairs.
The time that this certificate is valid from.
A DateTime object representing that time in the local time zone.
The time that this certificate is valid up to.
A DateTime object representing that time in the local time zone.
Return the Der encoded TbsCertificate data.
This is the certificate component less the signature.
To Get the whole certificate call the GetEncoded() member.
A byte array containing the Der encoded Certificate component.
The signature.
A byte array containg the signature of the certificate.
A meaningful version of the Signature Algorithm. (EG SHA1WITHRSA)
A sting representing the signature algorithm.
Get the Signature Algorithms Object ID.
A string containg a '.' separated object id.
Get the signature algorithms parameters. (EG DSA Parameters)
A byte array containing the Der encoded version of the parameters or null if there are none.
Get the issuers UID.
A DerBitString.
Get the subjects UID.
A DerBitString.
Get a key usage guidlines.
Get the public key of the subject of the certificate.
The public key parameters.
Return a Der encoded version of this certificate.
A byte array.
Verify the certificate's signature using the nominated public key.
An appropriate public key parameter object, RsaPublicKeyParameters, DsaPublicKeyParameters or ECDsaPublicKeyParameters
True if the signature is valid.
If key submitted is not of the above nominated types.
Verify the certificate's signature using a verifier created using the passed in verifier provider.
An appropriate provider for verifying the certificate's signature.
True if the signature is valid.
If verifier provider is not appropriate or the certificate algorithm is invalid.
This class contains a cross certificate pair. Cross certificates pairs may
contain two cross signed certificates from two CAs. A certificate from the
other CA to this CA is contained in the forward certificate, the certificate
from this CA to the other CA is contained in the reverse certificate.
Constructor
Certificate from the other CA to this CA.
Certificate from this CA to the other CA.
Constructor from a ASN.1 CertificatePair structure.
The CertificatePair ASN.1 object.
Returns the certificate from the other CA to this CA.
Returns the certificate from this CA to the other CA.
class for dealing with X509 certificates.
At the moment this will deal with "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----"
base 64 encoded certs, as well as the BER binaries of certificates and some classes of PKCS#7
objects.
Create loading data from byte array.
Create loading data from byte array.
Generates a certificate object and initializes it with the data
read from the input stream inStream.
Returns a (possibly empty) collection view of the certificates
read from the given input stream inStream.
Create loading data from byte array.
Create loading data from byte array.
The following extensions are listed in RFC 2459 as relevant to CRLs
Authority Key Identifier
Issuer Alternative Name
CRL Number
Delta CRL Indicator (critical)
Issuing Distribution Point (critical)
Verify the CRL's signature using a verifier created using the passed in verifier provider.
An appropriate provider for verifying the CRL's signature.
True if the signature is valid.
If verifier provider is not appropriate or the CRL algorithm is invalid.
Returns a string representation of this CRL.
@return a string representation of this CRL.
Checks whether the given certificate is on this CRL.
@param cert the certificate to check for.
@return true if the given certificate is on this CRL,
false otherwise.
The following extensions are listed in RFC 2459 as relevant to CRL Entries
ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
(critical)
Constructor for CRLEntries of indirect CRLs. If isIndirect
is false
{@link #getCertificateIssuer()} will always
return null
, previousCertificateIssuer
is
ignored. If this isIndirect
is specified and this CrlEntry
has no certificate issuer CRL entry extension
previousCertificateIssuer
is returned by
{@link #getCertificateIssuer()}.
@param c
TbsCertificateList.CrlEntry object.
@param isIndirect
true
if the corresponding CRL is a indirect
CRL.
@param previousCertificateIssuer
Certificate issuer of the previous CrlEntry.
Create loading data from byte array.
Create loading data from byte array.
Generates a certificate revocation list (CRL) object and initializes
it with the data read from the input stream inStream.
Returns a (possibly empty) collection view of the CRLs read from
the given input stream inStream.
The inStream may contain a sequence of DER-encoded CRLs, or
a PKCS#7 CRL set. This is a PKCS#7 SignedData object, with the
only significant field being crls. In particular the signature
and the contents are ignored.
Get non critical extensions.
A set of non critical extension oids.
Get any critical extensions.
A sorted list of critical entension.
Get the value of a given extension.
The object ID of the extension.
An Asn1OctetString object if that extension is found or null if not.
A holding class for constructing an X509 Key Usage extension.
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
Basic constructor.
@param usage - the bitwise OR of the Key Usage flags giving the
allowed uses for the key.
e.g. (X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment)
Return the digest algorithm using one of the standard JCA string
representations rather than the algorithm identifier (if possible).
Class to Generate X509V1 Certificates.
Default Constructor.
Reset the generator.
Set the certificate's serial number.
Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data.
You will be surprised how ugly a serial number collision can get.
The serial number.
Set the issuer distinguished name.
The issuer is the entity whose private key is used to sign the certificate.
The issuers DN.
Set the date that this certificate is to be valid from.
Set the date after which this certificate will no longer be valid.
Set the subject distinguished name.
The subject describes the entity associated with the public key.
Set the public key that this certificate identifies.
Set the signature algorithm that will be used to sign this certificate.
This can be either a name or an OID, names are treated as case insensitive.
string representation of the algorithm name
Generate a new X509Certificate.
The private key of the issuer used to sign this certificate.
An X509Certificate.
Generate a new X509Certificate specifying a SecureRandom instance that you would like to use.
The private key of the issuer used to sign this certificate.
The Secure Random you want to use.
An X509Certificate.
Generate a new X509Certificate using the passed in SignatureCalculator.
A signature calculator factory with the necessary algorithm details.
An X509Certificate.
Allows enumeration of the signature names supported by the generator.
An implementation of a version 2 X.509 Attribute Certificate.
Verify the certificate's signature using a verifier created using the passed in verifier provider.
An appropriate provider for verifying the certificate's signature.
True if the signature is valid.
If verifier provider is not appropriate or the certificate algorithm is invalid.
Class to produce an X.509 Version 2 AttributeCertificate.
Reset the generator
Set the Holder of this Attribute Certificate.
Set the issuer.
Set the serial number for the certificate.
Set the signature algorithm. This can be either a name or an OID, names
are treated as case insensitive.
The algorithm name.
Add an attribute.
Add a given extension field for the standard extensions tag.
Add a given extension field for the standard extensions tag.
The value parameter becomes the contents of the octet string associated
with the extension.
Generate an X509 certificate, based on the current issuer and subject.
Generate an X509 certificate, based on the current issuer and subject,
using the supplied source of randomness, if required.
Generate a new X.509 Attribute Certificate using the passed in SignatureCalculator.
A signature calculator factory with the necessary algorithm details.
An IX509AttributeCertificate.
Allows enumeration of the signature names supported by the generator.
class to produce an X.509 Version 2 CRL.
reset the generator
Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
certificate.
Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
or 0 if CrlReason is not to be used
Add a CRL entry with an Invalidity Date extension as well as a CrlReason extension.
Reason being as indicated by CrlReason, i.e. CrlReason.KeyCompromise
or 0 if CrlReason is not to be used
Add a CRL entry with extensions.
Add the CRLEntry objects contained in a previous CRL.
@param other the X509Crl to source the other entries from.
Set the signature algorithm that will be used to sign this CRL.
add a given extension field for the standard extensions tag (tag 0)
add a given extension field for the standard extensions tag (tag 0)
add a given extension field for the standard extensions tag (tag 0)
add a given extension field for the standard extensions tag (tag 0)
Generate an X.509 CRL, based on the current issuer and subject.
The private key of the issuer that is signing this certificate.
An X509Crl.
Generate an X.509 CRL, based on the current issuer and subject using the specified secure random.
The private key of the issuer that is signing this certificate.
Your Secure Random instance.
An X509Crl.
Generate a new X509Crl using the passed in SignatureCalculator.
A signature calculator factory with the necessary algorithm details.
An X509Crl.
Allows enumeration of the signature names supported by the generator.
A class to Generate Version 3 X509Certificates.
Reset the Generator.
Set the certificate's serial number.
Make serial numbers long, if you have no serial number policy make sure the number is at least 16 bytes of secure random data.
You will be surprised how ugly a serial number collision can Get.
The serial number.
Set the distinguished name of the issuer.
The issuer is the entity which is signing the certificate.
The issuer's DN.
Set the date that this certificate is to be valid from.
Set the date after which this certificate will no longer be valid.
Set the DN of the entity that this certificate is about.
Set the public key that this certificate identifies.
Set the signature algorithm that will be used to sign this certificate.
Set the subject unique ID - note: it is very rare that it is correct to do this.
Set the issuer unique ID - note: it is very rare that it is correct to do this.
Add a given extension field for the standard extensions tag (tag 3).
string containing a dotted decimal Object Identifier.
Is it critical.
The value.
Add an extension to this certificate.
Its Object Identifier.
Is it critical.
The value.
Add an extension using a string with a dotted decimal OID.
string containing a dotted decimal Object Identifier.
Is it critical.
byte[] containing the value of this extension.
Add an extension to this certificate.
Its Object Identifier.
Is it critical.
byte[] containing the value of this extension.
Add a given extension field for the standard extensions tag (tag 3),
copying the extension value from another certificate.
add a given extension field for the standard extensions tag (tag 3)
copying the extension value from another certificate.
@throws CertificateParsingException if the extension cannot be extracted.
Generate an X509Certificate.
The private key of the issuer that is signing this certificate.
An X509Certificate.
Generate an X509Certificate using your own SecureRandom.
The private key of the issuer that is signing this certificate.
You Secure Random instance.
An X509Certificate.
Generate a new X509Certificate using the passed in SignatureCalculator.
A signature calculator factory with the necessary algorithm details.
An X509Certificate.
Allows enumeration of the signature names supported by the generator.
Sign by adbe.pkcs7.detached.
x509 cert
signed content
The pkcs7 signedData
Verify pkcs7 signedData.
pkcs7 signedData
signed content
True,if the signedContent is consist of pkcs7SignedData.
False,otherwise.
Get encoded authenticatedAttributes from pkcs7 signedData.
pkcs7 signedData
signerInfo index
The encoded authenticatedAttributes.
build TimeStampToken unauthenticatedAttributes.
time stamp token, DER encoded signedData
TimeStampToken unauthenticatedAttributes
Pdf PKCS#7 signature generator.
Pdf signature.
CmsSignedData generator.
Constructor new instance.
Pdf signature.
Generate signature byte array.
signed content.
Pdf PKCS#7 signature byte array.
Build signature certificate chain.
signature certificate
Represents an additional collection of certificates that can be searched.
Certificate chain
Build certificate list.
certificate chain.
Certificate list.
Build certificate chain OCSP validation.
certificate chain.
Certificate chain OCSP validation.
SignInfo's "AuthenticatedAttribute" generator.
Pdf signature.
OCSP validation.
CRL validation.
Construct a new instance.
Pdf signature.
Add CRL validation.
CRL validation.
Add OCSP validation.
OCSP validation.
Generate signInfo's "AuthenticatedAttribute".
parameters.
signInfo's "AuthenticatedAttribute".
SignInfo's "UnauthenticatedAttribute" generator.
Pdf signature.
Construct a new instance.
Pdf signature.
Generate signInfo's "UnauthenticatedAttribute".
parameters.
signInfo's "UnauthenticatedAttribute".
Ocsp http client implementation using BouncyCastle.
Get an basic ocsp response byte array.
certificate to checked
certificate of the issuer
to get the verification. It it's null it will be taken
from the check cert or from other implementation specific source
an basic ocsp response byte array or null if the validation could not be obtained
Get an basic ocsp response byte array.
certificate to checked
certificate of the issuer
to get the verification. It it's null it will be taken
from the check cert or from other implementation specific source
an basic ocsp response byte array or null if the validation could not be obtained
Get basic ocsp response.
certificate to checked
certificate of the issuer
to get the verification. It it's null it will be taken
from the check cert or from other implementation specific source
an basic ocsp response
Get ocsp response using http method.
certificate to checked
certificate of the issuer
to get the verification. It it's null it will be taken
from the check cert or from other implementation specific source
an ocsp response
Generates an OCSP request using BouncyCastle.
certificate of the issuer
serial number of checked certificate
an OCSP request
This class contains a series of static methods that
allow you to retrieve information from a Certificate.
Get the crl url from the given certificate.
the certificate
the crl url or null
Get the ocsp url from the given certificate.
the certificate
the ocsp url or null
Get the tsa url from the given certificate.
the certificate
a tsa url or null
Get the extension value.
the certificate from which we need the ExtensionValue
the Object Identifier value for the extension
the extension value as an ASN1Primitive object
Gets a String from an ASN1Primitive
the ASN1Primitive
a human-readable String
Time Stamp http Client which must conform to RFC 3161.
URL of the Time Stamp Authority
TSA Username
TSA password
The default value for the hash algorithm
Estimate of the received time stamp token
The default value for the hash algorithm
Hash algorithm
Creates an instance of a TSAClient that will use BouncyCastle.
@param url String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
Creates an instance of a TSAClient that will use BouncyCastle.
@param url String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
@param username String - user(account) name
@param password String - password
Constructor.
Note the token size estimate is updated by each call, as the token
size is not likely to change (as long as we call the same TSA using
the same imprint length).
@param url String - Time Stamp Authority URL (i.e. "http://tsatest1.digistamp.com/TSA")
@param username String - user(account) name
@param password String - password
@param tokSzEstimate int - estimated size of received time stamp token (DER encoded)
Get the token size estimate.
Returned value reflects the result of the last succesfull call, padded
@return an estimate of the token size
Gets the digest algorithm to digest the data imprint
@return the digest algorithm name
Get RFC 3161 timeStampToken.
Method may return null indicating that timestamp should be skipped.
@param imprint data imprint to be time-stamped
@return encoded, TSA signed data of the timeStampToken
Get timestamp token - communications layer
@return - byte[] - TSA response, raw bytes (RFC 3161 encoded)
Represents the Certificate object.
Creates new PdfCertificate from PFX file.
The path to pfx file.
The password for pfx file.
Creates new PdfCertificate from PFX file.
The path to pfx file.
The password for pfx file.
X509KeyStorageFlags storageFlags
Signature data
The data to pfx file.
Signature data
The data to pfx file.
The password for pfx file.
Signature data
The data to pfx file.
The password for pfx file.
X509KeyStorageFlags storageFlags
Gets the certificates in all storages.
PdfCertificate array.
Finds the certificate by subject.
The store name.
The certificate subject.
The certificate.
Finds the certificate by issuer.
The store name.
The certificate issuer.
The certificate.
Represents a digital signature used for signing a PDF document.
Holds signature dictionary.
Holds pdf Loaded signature field.
Holds pdf certificate.
The sign image layout.
The DistinguishName label.
Reason of signing.
Page on which signature field is initialized.
The signature text alignment
The CPU host name or physical location of the signing.
Information provided by the signer to enable a recipient to contact
the signer to verify the signature; for example, a phone number.
Holds a value which indicates certefication of the document.
Permissions of the certificated document.
Holds timestamping server
Document that holds page and this signature. That document should be signed.
Indicates whether the signature corresponds to signature field or not.
Note : We draw appearance in the case of signature field.
Set signature info font
Set font color for the signature info
Signature datetime
Internal variable to store the signature name.
The name of the person or authority signing the document, usually called signer.
The signer label.
Digital Signature Distinguished name
Digital Signature Whether to display the label
Show Signature Configuer Text
Digital Signature Graphic Type
Digital Signature Configuer Graphic file Path
The Signature Image Source
Digital Signature Reason Label
Digital Signature Date
Digital Signature ContactInfo Label
Digital Signature LocationInfo Label
Get all certificates.
Gets the signature Appearance.
A object defines signature`s appearance.
Gets or sets signature location on the page.
Gets or sets bounds of signature.
Gets or sets information provided by the signer to enable a recipient to contact
the signer to verify the signature; for example, a phone number.
Gets or sets reason of signing.
Gets or sets the physical location of the signing.
Gets or sets a value indicating certificate document or not.
NOTE: Works only with Adobe Reader 7.0.8 or higher.
certificate document if true.
Gets or sets the permission for certificated document.
The document permission.
Gets signing certificate.
Sets the alignment of signature text
Gets a value indicating whether signature visible or not.
Signature can be set as invisible when its size is set to empty.
Gets pdf signature field.
Gets whether to draw signature appearance or not.
Get Signature Datetime
get/set pdf signature name
Document that holds page and this signature. That document should be signed.
Set the sign name font.
Note: This font applys to sign name when the GraphicMode is SignNameOnly or SignNameAndSignDetail.
if not set, the default font will be applied.
Set font color for the signature info
if not set, the default is black
Set the SignDetails font.
Note: if not set, the default font will be applied.
Set signature info font
The name of the person or authority signing the document, usually called signer.
Digital Signature Common name label
The name of the person or authority signing the document.
Name label
Signature Distinguished Name label
Digital Signature Distinguished name.
Notes: Assigning a stirng value to it directly is not recommended unless you know what is the Distinguish Name exactly.
One way suggested of value Assignment is using pdfSignature.Certificate.IssuerName.Name,in which, pdfSignature is an instance of PDFSignature class.
Flag determine whether to display the labels
Show Digital Signature,Configuer Text
The Grapphic render/display mode.
Digital Signature Graphic Type
Digital Signature Configuer Graphic file Path
Signature Image Source
Digital Signature Configuer Graphic is filled bounds.
Set or get the sign image layout.
Digital Signature Reason Label
Digital Signature Date Label
Digital Signature ContactInfo Label
Digital Signature LocationInfo Label
Initializes a new instance of the class.
The current pdf page where signature will be replaced.
The pdf certificate.
Name of the signature.
Initializes a new instance of the class.
The document, which has the page.
The page.
The certificate.
The name of the signature.
Initializes a new instance of the class.
The loaded document, which has the page.
The page.
The certificate.
The name of the signature.
The name of the loaded signature field
Initializes a new instance of the class.
The document or loaded document, which has the page.
The page.
The certificate.
The name of the signature.
Initializes a new instance of the class.
The loaded document, which has the page.
The page.
The certificate.
The name of the signature.
The name of the loaded signature field
Handles the BeginSave event of the catalog document.
NOTE: Needed for certifying pdf document.
The source of the event.
The instance containing the event data.
Handles the BeginSave event of the Dictionary control.
The source of the event.
The instance containing the event data.
Draws the appearance.
The template.
Draw Text Signature
Draw Signature information
Draw Picture Signature
DrawString
PdfCanvas g
PdfFont font
PdfSolidBrush solidBrush
PdfStringFormat PdfStrFormat
text
point x
point y
half - width
check thie validity of the signature
Check if the document was altered after signed. True if modified; otherwise false.
The handler which generate timestamp token.
The value of signature field within SignerInfo.
The value of messageImprint field within TimeStampToken shall be the hash of signature.
Refrence RFC 3161 APPENDIX A.
timestamp which must conform to RFC 3161
Configure timestamp which must conform to RFC 3161.
TSA url
Configure timestamp which must conform to RFC 3161.
the handler which generate timestamp token
Timestamp generator.
The handler which generate OCSP response.
certificate to checked
certificate of the issuer
OCSP response which must conform to RFC 2560
Configure OCSP which must conform to RFC 2560.
OCSP url. It it's null it will be taken from the checked cert.
Represents an additional collection of certificates that can be searched.
if null,only use windows cert store.
Configure OCSP which must conform to RFC 2560.
Represents an additional collection of certificates that can be searched
if null,only use windows cert store.
the handler which generate OCSP response.
OCSP response generator.
Authority Info Access.
Summary description for Prep.
RFC 3454, Appendix B.1
RFC 3454, Appendix B.2
RFC 3454, Appendix B.3
RFC 3454, Appendix C.1.1
RFC 3454, Appendix C.1.2
RFC 3454, Appendix C.2.1
RFC 3454, Appendix C.2.2
RFC 3454, Appendix C.3
RFC 3454, Appendix C.4
RFC 3454, Appendix C.5
RFC 3454, Appendix C.6
RFC 3454, Appendix C.7
RFC 3454, Appendix C.8
RFC 3454, Appendix C.9
RFC 3454, Section 4
RFC 3454, Section 6
RFC 3454, Section 7
Create a new profile, with the given steps.
The steps to perform
Prepare a string, according to the specified profile.
The string to prepare
The prepared string
Prepare a string, according to the specified profile, in place.
Not thread safe; make sure the input is locked, if appropriate.
(this is the canonical version, that should be overriden by
subclasses if necessary)
The string to prepare in place
RFC 4013, SASLprep - Stringprep Profile for User Names and Passwords http://tools.ietf.org/html/rfc4013
Create a SASLprep instance
There was a problem with the Bidirection nature of a string to be prepped.
Create a new BidiException
A stringprep profile step to check for Bidirectional correctness.
If the NO_BIDI flag is set, this is a no-op.
Create a new BidiStep.
Perform BiDi checks.
From RFC 3454, Section 6:
In any profile that specifies bidirectional character handling, all
three of the following requirements MUST be met:
- The characters in section 5.8 MUST be prohibited.
- If a string contains any RandALCat character, the string MUST NOT
contain any LCat character.
- If a string contains any RandALCat character, a RandALCat
character MUST be the first character of the string, and a
RandALCat character MUST be the last character of the string.
Result is modified in place.
A BiDi problem exists
A stringprep profile step to map one input character into 0 or
more output characters.
Map from one character to 0+
Perform mapping for each character of input.
Result is modified in place.
Perform Unicode Normalization Form KC.
Create an NFKC step.
Perform NFKC. General overview: Decompose, Reorder, Compose
Reorder characters in the given range into their correct cannonical ordering with
respect to combining class.
Buffer to reorder
Base class for steps in a stringprep profile.
Create a named profile step, with no flags.
The profile name
The name of the step.
This is the workhorse function, to be implemented in each subclass.
Result will be modified in place
A character that is forbidden by the current stringprep profile exists in the input.
The character that was invalid.
Create an instance.
In which step did this occur?
The offending character
A stringprep profile step that checks for prohibited characters
These characters are prohibited
Does this step prohibit the given character?
The character to check
True if the character is prohibited
Check all of the characters for prohbition.
String to check
If one of the characters is prohibited, returns the index of that character.
If all are allowed, returns -1.
Check for prohibited characters
No modifications
Invalid character detected.
Constants from RFC 3454, Stringprep.
A.1 Unassigned code points in Unicode 3.2
B.1 Commonly mapped to nothing
B.2 Mapping for case-folding used with NFKC
B.3 Mapping for case-folding used with no normalization
C.1.1 ASCII space characters
C.1.2 Non-ASCII space characters
///
C.2.1 ASCII control characters
C.2.2 Non-ASCII control characters
C.3 Private use
C.4 Non-character code points
C.5 Surrogate codes
C.6 Inappropriate for plain text
C.7 Inappropriate for canonical representation
C.8 Change display properties or are deprecated
C.9 Tagging characters
D.1 Characters with bidirectional property "R" or "AL"
D.2 Characters with bidirectional property "L"
Combining classes for Unicode characters.
What is the combining class for the given character?
Character to look up
Combining class for this character
Combining class lookup tables.
Combining classes for different pages. All pages
unspecified here will return combining class 0.
Offset into the Classes array for each page, since Classes
is sparse.
255 here means that all of the combining classes for that page
are 0.
Combine combining characters, where possible.
Note: this is still Black Magic, as far as I can tell.
Combine two characters together, if possible.
First character to combine
Second character to combine
The combined character, if method returns true. Otherwise, undefined.
True if combination occurred
Data for composition of characters. The algorithms here are still black box to me.
Where the first range of offsets from Data starts.
These are used for checking the first character
in a pair with a second character in Array.
Where the offsets of the range of characters where there is
only one match for the second character, with a given first character.
Where the offsets of the range of second characters that match a given first
character starts.
When there is only a single match to the left for these characters on the
right, the offsets for that chunk of characters starts here.
The offset into Array for each character. This array is compressed using
the Table table, which provides page offsets for the pages that are non-zero.
Page offsets into Data for each page of characters.
When the offset for the first character is in the range
[FIRST_SINGLE_START, SECOND_START), look up the corresponding
character here with the offset from Data to see if it is
the second character. If not, there is no combination.
When the offset for the second character is in the range
[SECOND_SINGLE_START...), look up the corresponding
character here with the offset from Data to see if it is
the first character. If not, there is no combination.
Array of composition pairs, indexed by offset (from Data) of first
character, and offset of second character.
Decomposition data for NFKC.
Look up the expansion, if any, for the given character.
The character to find
the expansion, or null if none found.
Decomposition data for NFKC.
Offset into the Expansion string for each decomposable character.
One way to make this faster might be to have this not be sparse, so that the lookup
could be direct rather than a binary search. That would add several hundred K to the
library size, though, or time at startup to initialize an array from this.
How to expand characters. Since multiple input characters
output the same string, this table is compressed to only
have one copy of each, and the Offsets table
gives offsets into this for each input.
Specifies length of the encryption key for encryption.
The key is 40 bit long.
The key is 128 bit long.
The key is 256 bit long.
Specifies the type of encryption algorithm used.
The encryption algorithm is RC4.
The encryption algorithm is AES.
Specifies the available permissions set for the signature.
Not all permissions
Default value is 2876. A common document contains all privileges
Print the document.
Edit content.
Copy content.
Add or modify text annotations, fill in interactive form fields.
Fill form fields. (Only for 128 bits key).
Copy accessibility content.
Assemble document permission. (Only for 128 bits key).
Full quality print.
The built-in password-based security handler.
Specifies the naming a system store.
A certificate store that holds certificates with associated private keys.
Root certificates.
Certification authority certificates.
Software Publisher Certificate.
Specifies the alignment type of signature text.
Specifies the signature text is aligned to Left.
Specifies the signature text is aligned to Center.
Specifies the signature text is aligned to Right.
Specifies the available permissions on certificated document.
Disallow any changes to the document.
Only allow form fill-in actions on this document.
Only allow commenting and form fill-in actions on this document.
Enumeration of signature flags.
No flags specified.
If set, the document contains at least one signature field. This flag allows a viewer
application to enable user interface items (such as menu items or pushbuttons) related
to signature processing without having to scan the entire document for the presence
of signature fields.
If set, the document contains signatures that may be invalidated if the file is saved
(written) in a way that alters its previous contents, as opposed to an incremental
update. Merely updating the file by appending new information to the end of the
previous version is safe. Viewer applications can use this flag to present
a user requesting a full save with an additional alert box warning that signatures
will be invalidated and requiring explicit confirmation before continuing with the operation.
Signature type
The layout determine how to display the sign image.
Default.
Sign image status without any modification.
Stretch the sign image.
Modes to determine what and how to dispay the signature infomation.
Default dispaly model.
Display signature details including signer,location,date,contact infomation and reason.
Only display the signature image.
Only display the sign name.
Diaply sign name and signature details.
Diaply signature image and signature details.
Signture Configuer Graphic type
No Show Picture Signature and Text Signature
draw Picture Signature
draw Text Signature
draw Picture Signature and Information
draw Text Signature and Information
draw Information and Picture Signature
Configuer Text,Show Sign content
The dictionary
The File ID
The cross table
Indicate weather the pdf was originally encrypted or not.
Gets or sets the dictionary
Gets or sets value indicating whether document had been originally encrypted or not.
Initializes a new instance of the class.
Creat a new File ID
Represents the security settings of the PDF document.
The original user password or owner password
The cross Table
Indicate the owner password is correct or not.
Indicate the user password is correct or not.
Gets or sets the owner password.
Gets or sets the user password.
Indicate whether this pdf document was encrypted originally or not.
To Encrypt the PDF document with open password.
Note:If set empty string value to open password, it indicates that the PDF document can be operated without providing corresponding password.
The open password
To Encrypt the PDF document with permission password and permissions.
Note:The Permission password can't be empty string.
The permission password
A set of flags specifying which operations are permitted when the document is opened with user access
To Encrypt the PDF document and set the encryption key size and permissions.
Note:If set empty string value to open password or permission password, it indicates that the PDF document can be operated without providing corresponding password.
The open password
The permission password
A set of flags specifying which operations are permitted when the document is opened with user access
The bit length of the encryption key
To Encrypt the PDF document with open password and permission password,and set the encryption key size and permissions.
Note:If set empty string value to open password or permission password, it indicates that the PDF document can be operated without providing corresponding password.
The open password
The permission password
A set of flags specifying which operations are permitted when the document is opened with user access
The bit length of the encryption key
The original permissionPassword of the document
Gets or sets the document's permission flags
Gets or sets the size of the key.
Gets file ID.
Initializes a new instance of the class.
Initializes a new instance of the class.
To verify the owner password of the PDF document is correct or not.
The owner password
The bool value to indicate the password is correct or not
To verify the user password of the PDF document is correct or not.
The user password
The bool value to indicate the password is cottect or not
Logically ORs flag and mask and return result.
The mask of set bit that should be set in the result.
The ORed value of flag and mask.
Logically ANDs flag and inverted mask and return result.
The mask of set bit that should be cleared in the result.
The ANDed value of flag and inverted mask.
Verify the user password or owner password is correct or not.
The user password or owner password
The key.
Encrypts the data.
The curr obj number.
The data.
Encrypted byte array.
Saves this instance.
Clones the specified document.
A new cloned encryptor.
Creat a new Fiel ID.
Check the given password is correct or not.
The given password
The boolean indicates the given password is correct or not
Returns true if the test consists of rtl chars
Text
Performs transformation of the string
Text
Digit shaping option: Replace European digits (U+0030...U+0039) by Arabic-Indic digits.
Digit shaping option: Replace Arabic-Indic digits by European digits (U+0030...U+0039).
Digit shaping option:
Replace European digits (U+0030...U+0039) by Arabic-Indic digits
if the most recent strongly directional character
is an Arabic letter (its Bidi direction value is RIGHT_TO_LEFT_ARABIC).
The initial state at the start of the text is assumed to be not an Arabic,
letter, so European digits at the start of the text will not change.
Compare to DIGITS_ALEN2AN_INIT_AL.
Digit shaping option:
Replace European digits (U+0030...U+0039) by Arabic-Indic digits
if the most recent strongly directional character
is an Arabic letter (its Bidi direction value is RIGHT_TO_LEFT_ARABIC).
The initial state at the start of the text is assumed to be an Arabic,
letter, so European digits at the start of the text will change.
Compare to DIGITS_ALEN2AN_INT_LR.
Not a valid option value.
Bit mask for digit shaping options.
Digit type option: Use Arabic-Indic digits (U+0660...U+0669).
Digit type option: Use Eastern (Extended) Arabic-Indic digits (U+06f0...U+06f9).
Bit mask for digit type options.
Left-to-right
Left-to-Right Embedding
Left-to-Right Override
Right-to-Left
Right-to-Left Arabic
Right-to-Left Embedding
Right-to-Left Override
Pop Directional Format
European Number
European Number Separator
European Number Terminator
Arabic Number
Common Number Separator
Non-Spacing Mark
Boundary Neutral
Paragraph Separator
Segment Separator
Whitespace
Other Neutrals
Minimum bidi type value.
Maximum bidi type value.
Initialize using an array of direction types. Types range from TYPE_MIN to TYPE_MAX inclusive
and represent the direction codes of the characters in the text.
@param types the types array
Initialize using an array of direction types and an externally supplied paragraph embedding level.
The embedding level may be -1, 0, or 1. -1 means to apply the default algorithm (rules P2 and P3),
0 is for LTR paragraphs, and 1 is for RTL paragraphs.
@param types the types array
@param paragraphEmbeddingLevel the externally supplied paragraph embedding level.
The algorithm.
Does not include line-based processing (Rules L1, L2).
These are applied later in the line-based phase of the algorithm.
Reinsert levels information for explicit codes.
This is for ease of relating the level information
to the original input data. Note that the levels
assigned to these codes are arbitrary, they're
chosen so as to avoid breaking level runs.
@param textLength the length of the data after compression
@return the length of the data (original length of
types array supplied to constructor)
2) determining explicit levels
Rules X1 - X8
The interaction of these rules makes handling them a bit complex.
This examines resultTypes but does not modify it. It returns embedding and
override information in the result array. The low 7 bits are the level, the high
bit is set if the level is an override, and clear if it is an embedding.
3) resolving weak types
Rules W1-W7.
Note that some weak types (EN, AN) remain after this processing is complete.
6) resolving neutral types
Rules N1-N2.
7) resolving implicit embedding levels
Rules I1, I2.
Return multiline reordering array for a given level array.
Reordering does not occur across a line break.
Return reordering array for a given level array. This reorders a single line.
The reordering is a visual to logical map. For example,
the leftmost char is string.CharAt(order[0]).
Rule L2.
Return the base level of the paragraph.
Return true if the type is considered a whitespace type for the line break rules.
Return the strong type (L or R) corresponding to the level.
Return the limit of the run starting at index that includes only resultTypes in validSet.
This checks the value at index, and will return index if that value is not in validSet.
Return the start of the run including index that includes only resultTypes in validSet.
This assumes the value at index is valid, and does not check it.
Set resultTypes from start up to (but not including) limit to newType.
Set resultLevels from start up to (but not including) limit to newLevel.
Throw exception if type array is invalid.
Throw exception if paragraph embedding level is invalid. Special allowance for -1 so that
default processing can still be performed when using this API.
Throw exception if line breaks array is invalid.
Checks if a character is vowel letter.
@param ch
the character that needs to be checked
@return true if the characters is a vowel letter
Checks if a character is vowel sign.
@param ch
the character that needs to be checked
@return true if the characters is a vowel sign
Checks if a character is consonant letter.
@param ch
the character that needs to be checked
@return true if the chracter is a consonant letter
Swaps two characters in a StringBuilder object
@param s
the StringBuilder
@param i
the index of one character
@param j
the index of the other character
Constructor for the IndicLigaturizer for Devanagari.
Exception of this type is raised when the document contains object which are not
supported by current document standard.
Initializes object with default error message.
Initializes object with default error message and inner
exception object.
The inner exception.
Initializes object by specified error message.
User defined error message.
Initializes object with specified error message and inner
exception object.
User defined error message.
The inner exception.
Exception of this type is raised when annotation object is used incorrectly.
Initializes object with default error message.
Initializes object with default error message and inner
exception object.
The inner exception.
Initializes object by specified error message.
User defined error message.
Initializes object with specified error message and inner
exception object.
User defined error message.
The inner exception.
General exception class.
Initializes object by default error message.
Initializes object by specified error message.
User defined error message.
Initializes object by specified error message and inner
exception object.
User defined error message.
The inner exception.
Base PDF document exception.
Initializes object by default error message.
Initializes object by default error message and inner
exception object.
The inner exception.
Initializes object by specified error message.
User defined error message.
Initializes object by specified error message and inner
exception object.
User defined error message.
The inner exception.
Cache data corresponding to primitive.
The primitive object.
The data object.
Get cached data corresponding to primitive.
The primitive object.
The data object.
Whether contain data corresponding to primitive.
The primitive object.
Return true,otherwise return false.
Destructor
Releases all resources used.
Specify whether to had released resources.
Releases all resources used.
True,Releases all resources;False,Releases unmanaged resources.
disposed is false ,Releases all resources
Represents base class for all action types.
Gets or sets the next action to be performed after the action represented by this instance.
Gets the element.
Represents collection of actions.
Gets the at the specified index.
Adds the specified action.
The action.
action
Inserts the action at the specified position.
The index.
The action.
Gets the index of the action.
The action.
action
Determines whether the action is contained within collection.
The action.
Value, indicating the presents of the action in collection.
Clears this collection.
Removes the specified action.
The action.
Removes the action at the specified position.
The index.
Initializes a new instance of the class.
Represents the form action base class.
Initializes a new instance of the class.
Gets or sets a value indicating whether fields contained in
collection will be included for resetting or submitting.
If Include property is true, only the fields in this collection will be reset or submitted.
If Include property is false, the fields in this collection are not reset or submitted
and only the remaining form fields are reset or submitted.
If the collection is null or empty, then all the form fields are reset
and the Include property is ignored.
true if include; otherwise, false.
Gets the fields.
The fields.
Represents an action which goes to a destination in the current document.
Initializes a new instance of the class.
The destination to jump to.
Initializes a new instance of the class.
The page to jump to.
Gets or sets the destination.
The destination.
Initializes a new instance of the class.
The destination to jump to.
Gets or sets the destination.
The destination.
Represents an action which performs java script action in pdf document.
Initializes a new instance of the class.
The java script code.
A string value representing valid javascript code to be executed.
Gets or sets the javascript code to be executed when this action is executed.
A string value representing valid javascript code to be executed.
The Adobe Built-in JavaScript
Get a AFNumber_Format string
The number of places after the decimal point
The integer denoting whether to use a separator or not. If sepStyle=0, use commas. If sepStyle=1, do not separate.
The formatting used for negative numbers: 0 = MinusBlack, 1 = Red, 2 = ParensBlack, 3 = ParensRed
The currency style - not used
The currency symbol
True to prepend the currency symbol; false to display on the end of the number
Get a AFNumber_Keystroke string
The number of places after the decimal point
The integer denoting whether to use a separator or not. If sepStyle=0, use commas. If sepStyle=1, do not separate.
The formatting used for negative numbers: 0 = MinusBlack, 1 = Red, 2 = ParensBlack, 3 = ParensRed
The currency style - not used
The currency symbol
True to prepend the currency symbol; false to display on the end of the number
Get a AFRange_Validate string
Indicate the use of the greater than comparison
The value to be used in the greater than comparison
Indicate the use of the less than comparison
The value to be used in the less than comparison
Get a AFPercent_Format string
The number of places after the decimal point
The integer denoting whether to use a separator or not. If sepStyle=0, use commas. If sepStyle=1, do not separate
Get a AFPercent_Keystroke string
The number of places after the decimal point
The integer denoting whether to use a separator or not. If sepStyle=0, use commas. If sepStyle=1, do not separate
Get a AFDate_FormatEx string
Must be one of: "m/d", "m/d/yy", "mm/dd/yy", "mm/yy", "d-mmm", "d-mmm-yy", "dd-mmm-yy", "yymm-dd", "mmm-yy", "mmmm-yy", "mmm d, yyyy", "mmmm d, yyyy", "m/d/yy h:MM tt", "m/d/yy HH:MM"
Get a AFDate_KeystrokeEx string
Must be one of: "m/d", "m/d/yy", "mm/dd/yy", "mm/yy", "d-mmm", "d-mmm-yy", "dd-mmm-yy", "yymm-dd", "mmm-yy", "mmmm-yy", "mmm d, yyyy", "mmmm d, yyyy", "m/d/yy h:MM tt", "m/d/yy HH:MM"
Get a AFTime_Format string
The time format: 0 = 24HR_MM [ 14:30 ], 1 = 12HR_MM [ 2:30 PM ], 2 = 24HR_MM_SS [ 14:30:15 ], 3 = 12HR_MM_SS [ 2:30:15 PM ]
Get a AFTime_Keystroke string
The time format: 0 = 24HR_MM [ 14:30 ], 1 = 12HR_MM [ 2:30 PM ], 2 = 24HR_MM_SS [ 14:30:15 ], 3 = 12HR_MM_SS [ 2:30:15 PM ]
Get a AFSpecial_Format string
The type of formatting to use:0 = zip code, 1 = zip + 4, 2 = phone, 3 = SSN
Get a AFSpecial_Format string
The type of formatting to use:0 = zip code, 1 = zip + 4, 2 = phone, 3 = SSN
Get a AFSimple_Calculate string
Must be one of "AVG", "SUM", "PRD", "MIN", "MAX"
The name list of the fields to use in the calculation
Represents an action which launches an application or opens or prints a document.
Initializes a new instance of the class.
Name of the file to be launched.
Initializes a new instance of the class.
Name of the file to be launched.
Name of the file to be launched.
Name of the path type.
Gets or sets file to be launched.
Represents an action which perfoms the named action.
Gets or sets the destination.
The object representing destination of an action.
Initializes a new instance of the class.
The object representing destination of an action.
Represents additional actions of the annotations.
Initializes a new instance of the class.
Gets or sets the action to be performed when the mouse button is pressed inside the
annotations active area.
The mouse down action.
Gets or sets the action to be performed when the mouse button is released
inside the annotations active area..
The mouse up action.
Gets or sets the action to be performed when the annotation receives the
input focus.
The got focus action.
Gets or sets the action to be performed when the annotation loses the
input focus.
The lost focus action.
Gets the element.
Represents an action for the document.
Gets or sets the action to execute when the document is opened.
A specifying the action to be executed when documents opens in the viewer.
Gets or sets the action to be performed before the document is closed.
A object specifying the action to be executed before the document is closed.
Gets or sets the java script action to be performed before the document is saved.
A object specifying the action to be executed before the document is saved.
Gets or sets the jave script action to be performed after the document is saved.
A object specifying the action to be executed after the document is saved.
Gets or sets the action to be performed before the document is printed.
A object specifying the action to be executed before the document is printed.
Gets or sets the action to be performed after the document is printed.
A object specifying the action to be executed after the document is printed. .
Gets the element.
Represents an embedded go-to action which allows jumping to or from a PDF file that is embedded in another PDF file.
Indicates the target document should be opened in a new window or not.
The target document name.
The destination in the target document to jump to.
Initialize a new instance of PdfEmbeddedGoToAction.
The target PDF file name to be opened.
The destination.
If true, the target PDF would be opened in a new window.Otherwise false.
Represents actions to be performed as response to field events.
Initializes a new instance of the class.
The annotation actions.
Gets or sets the JavaScript action to be performed when the user types a keystroke
into a text field or combo box or modifies the selection in a scrollable list box.
This action can check the keystroke for validity and reject or modify it.
A object specifying the action to be executed when the user types a keystroke.
Gets or sets the JavaScript action to be performed before the field is formatted
to display its current value.
A object specifying the action to be executed for formating the field value.
Gets or sets the JavaScript action to be performed
This action can check the new value for validity.
A object specifying the action to be executed for validating the field value.
Gets or sets the JavaScript action to be performed to recalculate the value
of this field when that of another field changes.
A object specifying the action to be executed for calculating the field value.
Gets or sets the action to be performed when the mouse button is released
inside the fields area.
A descendant specifying the action to be executed when the mouse button is released inside the field's area.
Gets or sets the action to be performed when the mouse button is pressed inside the
fields area.
A descendant specifying the action to be executed when the mouse button is pressed inside the field's area.
Gets or sets the action to be performed when the field receives the
input focus.
A descendant specifying the action to be executed when the field receives the input focus.
Gets or sets the action to be performed when the field loses the
input focus.
A descendant specifying the action to be executed when the field losts the input focus.
Gets the element.
Represents Pdf form's reset action.
This action allows a user to reset the form fields to their default values.
Initializes a new instance of the class.
Gets or sets a value indicating whether fields contained in Fields
collection will be included for resetting.
true if include; otherwise, false.
If Include property is true, only the fields in this collection will be reset.
If Include property is false, the fields in this collection are not reset
and only the remaining form fields are reset.
If the collection is null or empty, then all the form fields are reset
and the Include property is ignored.
Represents the sound action.
Initializes a new instance of the class.
Name of the sound file.
Gets or sets the volume at which to play the sound, in the range -1.0 to 1.0.
The volume of the sound.
The name of the sound file.
Gets or sets the sound.
represents the sound.
Gets or sets a value whether to play the sound synchronously or asynchronously.
If this flag is true, the viewer application retains control, allowing no further
user interaction other than canceling the sound, until the sound has been
completely played. Default value: false.
true if synchronous; otherwise, false.
Gets or sets a value indicating whether to repeat the sound indefinitely.
If this entry is present, the property is ignored. Default value: false.
true if repeat; otherwise, false.
Gets or sets a value indicating whether to mix this sound with any other
sound already playing. If this flag is false, any previously playing sound is
stopped before starting this sound; this can be used to stop a repeating
sound. Default value: false.
true if mix; otherwise, false.
Represents Pdf form's submit action.
This type of action allows a user to go to a resource on the Internet, tipically a hypertext link.
Initializes a new instance of the class.
The URL.
An string value specifying the full URI for the internet resource.
Gets or sets the HTTP method.
The HTTP method.
If set, any submitted field values representing dates are converted to the
standard format. The interpretation of a form field as a date is not specified
explicitly in the field itself but only in the JavaScript code that processes it.
true if use canonical date time format when submit data; otherwise, false.
Gets or sets a value indicating whether to submit mouse pointer coordinates. If set,
the coordinates of the mouse click that caused the submit-form action are transmitted
as part of the form data.
true if submit coordinates; otherwise, false.
Gets or sets a value indicating whether to submit fields without value.
If set, all fields designated by the Fields collection and the
flag are submitted, regardless of whether they have a value. For fields without a
value, only the field name is transmitted.
true if submit fields without value or the empty ones; otherwise, false.
Gets or sets a value indicating whether to submit form's incremental updates.
Meaningful only when the form is being submitted in Forms Data Format.
If set, the submitted FDF file includes the contents of all incremental
updates to the underlying PDF document. If clear, the incremental updates are
not included.
true if incremental updates should be submitted; otherwise, false.
Gets or sets a value indicating whether to submit annotations.
Meaningful only when the form is being submitted in Forms Data Format.
If set, the submitted FDF file includes all markup annotations in the
underlying PDF document. If clear, markup annotations are not included.
true if annotations should be submitted; otherwise, false.
Gets or sets a value indicating whether to exclude non user annotations form submit
data stream. Meaningful only when the form is being submitted in Forms Data Format
and the property is set to true.
true if non user annotations should be excluded; otherwise, false.
Gets or sets a value indicating whether to include form to submit data stream.
Meaningful only when the form is being submitted in Forms Data Format.
If set, the property is a file name containing an embedded file
stream representing the PDF file from which the FDF is being submitted.
true if form should be embedded to submit stream; otherwise, false.
Gets or sets the submit data format.
The submit data format.
Gets or sets a value indicating whether fields contained in Fields
collection will be included for submitting.
true if include; otherwise, false.
If Include property is true, only the fields in this collection will be submitted.
If Include property is false, the fields in this collection are not submitted
and only the remaining form fields are submitted.
If the collection is null or empty, then all the form fields are reset
and the Include property is ignored.
If the field has Export property set to false it will be not included for
submitting in any case.
Represents an action which resolves unique resource identifier.
Initializes a new instance of the class.
Initializes a new instance of the class.
The unique resource identifier.
Gets or sets the unique resource identifier.
The unique resource identifier.
Specifies the file path type.
Specifies the file location with out including the domain name.
Specifies the location, including the domain name.
Specifies the available named actions supported by the viewer.
Navigate to first page.
Navigate to last page.
Navigate to next page.
Navigate to previous page.
Specifies the available data formats for submitting the form data.
If clear, the Fields array specifies which fields to
include in the submission.
If set, all fields designated by the Fields array and the Include/
Exclude flag are submitted, regardless of whether they have a value.
For fields without a value, only the
field name is transmitted.
Meaningful only if the SubmitPDF and XFDF flags are clear. If set,
field names and values are submitted in HTML Form format. If
clear, they are submitted in Forms Data Format
If set, field names and values are submitted using an HTTP GET
request. If clear, they are submitted using a POST request. This flag
is meaningful only when the ExportFormat flag is set; if ExportFormat
is clear, this flag must also be clear.
If set, the coordinates of the mouse click that caused the submitform
action are transmitted as part of the form data.
Meaningful only if the SubmitPDF flags are clear. If set,
field names and values are submitted as XML Forms Data Format .
Meaningful only when the form is being submitted in
Forms Data Format (that is, when both the XFDF and ExportFormat
flags are clear). If set, the submitted FDF file includes the contents
of all incremental updates to the underlying PDF document,
as contained in the Differences entry in the FDF dictionary.
If clear, the incremental updates are not included.
Meaningful only when the form is being submitted in
Forms Data Format (that is, when both the XFDF and ExportFormat
flags are clear). If set, the submitted FDF file includes all markup
annotations in the underlying PDF document.
If clear, markup annotations are not included.
If set, the document is submitted as PDF, using the
MIME content type application/pdf (described in Internet RFC
2045, Multipurpose Internet Mail Extensions (MIME), Part One:
Format of Internet Message Bodies; see the Bibliography). If set, all
other flags are ignored except GetMethod.
If set, any submitted field values representing dates are
converted to the standard format described.
Meaningful only when the form is being submitted in
Forms Data Format (that is, when both the XFDF and
ExportFormat flags are clear) and the IncludeAnnotations flag is
set. If set, it includes only those markup annotations whose T entry
matches the name of the current user, as determined
by the remote server to which the form is being submitted.
Meaningful only when the form is being submitted in
Forms Data Format (that is, when both the XFDF and ExportFormat
flags are clear). If set, the submitted FDF excludes the F entry.
Meaningful only when the form is being submitted in
Forms Data Format (that is, when both the XFDF and ExportFormat
flags are clear). If set, the F entry of the submitted FDF is a file
specification containing an embedded file stream representing the
PDF file from which the FDF is being submitted.
Represents the activation states for the 3D annotation.
Gets or sets the activation mode for the annotation.
Gets or sets the deactivation mode for the annotation.
Gets or sets the activation state for the annotation.
Gets or sets the deactivation state for the annotation.
Gets or sets a value indicating whether the toolbar should be displayed when the annotation is activated or not.
If true, a toolbar should be displayed by default when the annotation is activated and given focus. If false, a toolbar should not be displayed by default.
Gets or sets a value indicating whether the UI for managing the 3D artwork should be displayed when the annotation is activated.
If true, the user interface should be made visible when the annotation is activated. If false, the user interface should not be made visible by default.
Initializes the new instance of class.
Gets the element.
Represents the lighting to apply for the 3D artwork.
Gets or sets the type of the animation.
Gets or sets the play count.
Gets or sets the rendering opacity.
A positive number specifying the time multiplier to be used when running the animation. A value greater than one shortens the time it takes to play the animation, or effectively speeds up the animation.
Initializes a new instance of the class.
Initializes a new instance of the class.
PDF 3D Animation Type.
Gets the element.
Represents the background appearance for 3D artwork.
Gets or sets the background color.
The object specifying the background color for the 3D artwork.
Gets or sets a value indicating how the background is applied.
True if the background is applied to entire annotation, false if the background is applied to annotation's 3D view box only.
Initializes a new instance of the class.
Initializes a new instance of the class.
The object specifying the background color for the 3D artwork.
Gets the element.
Represents the clipping portion of the 3D artwork for the purpose of showing artwork cross sections.
Initializes a new instance of the class.
Gets or sets the center of the cutting plane.
A three element array specifying the center of rotation on the cutting plane in world space coordinates.
Gets or sets the cutting plane color.
Gets or sets the intersection color.
Gets or sets a value indicating whether the intersection of cutting plane with 3D artwork is visible.
Gets or sets the cutting plane opacity.
The opacity is given in percents, 100 is full opacity, 0 is no opacity.
Gets or sets the orientation of the cutting plane.
A three-element array specifying the orientation of the cutting plane in world space, where each value represents the orientation in relation to the X, Y, and Z axes, respectively.
If the array has more than 3 elements, only the first 3 will be considered. Exactly one of the values must be null, indicating an initial state of the cutting plane that is perpendicular to the corresponding axis and clipping all geometry on the positive side of that axis. The other two values must be numbers indicating the rotation of the plane, in degrees, around their corresponding axes. The order in which these rotations are applied should match the order in which the values appear in the array.
Gets the element.
Represents the collection of objects.
Adds the specified value.
The value.
Determines whether [contains] [the specified value].
The value.
if it contains the specified value, set to true.
Indexes the of.
The value.
Inserts the specified index.
The index.
The value.
Removes the specified value.
The value.
Gets or sets the at the specified index.
Represents the lighting scheme for the 3D artwork.
Gets or sets the Lighting style of the 3D artwork.
Initializes a new instance of the class.
Initializes a new instance of the class.
The object specifies the style of the 3D artwork.
Gets the element.
Represents the particular areas of 3D artwork and the opacity and visibility with which individual nodes are displayed.
Gets or sets a value indicating whether the node is visible or not.
True if the node is visible.
Gets or sets the node name.
The name of the 3D node.
Gets or sets the cutting plane opacity.
A number indicating the opacity of the cutting plane using a standard additive blend mode.
The opacity is given in percents, 100 is full opacity, 0 is no opacity.
Gets or sets the 3D transformation matrix.
A 12-element 3D transformation matrix that specifies the position and orientation of this node, relative to its parent, in world coordinates.
If the array has more than 12 elements, only the first 12 will be considered.
Initializes a new instance of the class.
Gets the element.
Represents a collection of objects.
Adds the specified value.
The value.
Determines whether [contains] [the specified value].
The value.
if it contains the specified value, set to true.
Indexes the of.
The value.
Inserts the specified index.
The index.
The value.
Removes the specified value.
The value.
Gets or sets the at the specified index.
Represents the mapping of 3D camera co-ordinates onto the target coordinate system of the annotation.
Gets or sets the type of the projection.
Gets or sets the projection ClipStyle.
Gets or sets the scale mode for ortho graphic projections.
Gets or sets the far clipping distance.
Gets or sets the field of view.
Gets or sets the near clipping distance.
Gets or sets the projection scaling.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Pdf3D Projection Type.
Gets the element.
Represents the rendering mode of the 3D artwork.
Gets or sets the type of the projection.
Gets or sets the Auxiliary color.
Gets or sets the Face color.
Gets or sets the crease value.
The crease value is specified in degrees, from 0 to 360.
Gets or sets the rendering opacity.
The opacity is given in percents, 100 is full opacity, 0 is no opacity.
Initializes a new instance of the class.
Initializes a new instance of the class.
The object specifies the rendering style of the 3D artwork.
Gets the element.
Represents a attributes to be applied to the virtual camera associated with a 3D annotation.
Gets or sets the background for this view.
Gets or sets the 3D transformation matrix.
A 12-element 3D transformation matrix that specifies a position and orientation of the camera in world coordinates.
If the array has more than 12 elements, only the first 12 will be considered.
Gets or sets the center of orbit for 3D artwork.
A non-negative number indicating a distance in the camera coordinate system along the z axis to the center of orbit for this view.
If this value is negative, the viewer application must determine the center of orbit.
Gets the list of cross sections for this view.
A list of PDF3DCrossSection objects available for this view.
Gets or sets the view's external name.
The external name of the view, suitable for presentation in a user interface.
Gets or sets the Creates a new page and adds it as the last page of the document scheme for this view.
Gets the list of 3D nodes for this view.
A list of PDF3DNode objects available for this view.
Gets or sets the projection for this view.
Gets or sets the rendering mode for this view.
Gets or sets a value indicating whether nodes specified in the Nodes collection are returned to their original states (as specified in the 3D artwork) before applying transformation matrices and opacity settings specified in the node dictionaries.
Gets or sets the name of the view node.
The view node in the content stream defines all the properties for viewing the 3D artwork. If both ViewNodeName and CameraToWorldMatrix are specified, then ViewNodeName takes precedence.
Initializes a new instance of the class.
Gets the element.
Represents a collection of Pdf3DView objects.
Adds the specified value.
The value.
Pdf3DView
Determines whether [contains] [the specified value].
The value.
if it contains the specified value, set to true.
Indexes the of the Pdf3DView object.
The value.
Pdf3DView
Inserts the specified index.
The index.
The value.
Removes the specified value.
The Pdf3DView object.
Gets or sets the at the specified index.
Pdf3DView
Specifies an activation state of the 3D annotation.
Represents that the state in which the artwork has been read and a run-time instance of
the artwork has been created. In this state, it can be rendered but script-driven
real-time modifications (that is, animations) are disabled.
Represents that the artwork is instantiated, and it is being modified in real time to
achieve some animation effect. In the case of keyframe animation, the artwork is
live while it is playing and then reverts to an instantiated state when playing
completes or is stopped.
Specifies the available modes for activating a 3D annotation.
Represents that the annotation should be activated as soon as the page containing
the annotation is opened.
Represents that the annotation should be activated as soon as any part of the page
containing the annotation becomes visible.
Represents that the annotation should remain inactive until explicitly activated
by a script or user action.
Specifies the available modes for deactivating a 3D annotation.
Represents that the annotation should be deactivated as soon as the page is closed.
Represents that the annotation should be deactivated as soon as the page containing
the annotation becomes invisible.
Represents that the annotation should remain active until explicitly deactivated by a
script or user action.
Specifies the available states upon deactivating a 3D annotation.
Represents the initial state of the artwork before it has been used in any way.
Represents that the state in which the artwork has been read and a run-time instance of
the artwork has been created. In this state, it can be rendered but script-driven
real-time modifications (that is, animations) are disabled.
Represents that the artwork is instantiated, and it is being modified in real time to
achieve some animation effect. In the case of keyframe animation, the artwork is
live while it is playing and then reverts to an instantiated state when playing
completes or is stopped.
Specifies the available styles for applying light to 3D artwork.
The Lights as specified in the 3D artwork.
The lighting specified in the 3D artwork is ignored.
Three blue-grey infinite lights.
Three light-grey infinite lights.
One yellow, one aqua, and one blue infinite light.
Three grey infinite lights.
One red, one green, and one blue infinite light.
Three blue infinite lights.
Three red infinite lights.
Six grey infinite lights aligned with the major axes.
Three grey infinite lights and one light attached to the camera.
Single infinite light attached to the camera.
Specifies the available clipping style of the 3D annotation.
Represents the Clipping style.
Represents the Clipping style.
Specifies the available Ortho projection scaling mode of the 3D annotation.
Scale to fit the width of the annotation.
Scale to fit the height of the annotation.
Scale to fit the lesser of width or height of the annotation.
Scale to fit the greater of width or height of the annotation.
No scaling should occur due to binding.
Specifies the available projection type of the 3D annotation.
Represents Orthographic projection
Represents Perspective projection.
Specifies the available rendering style of the 3D artwork.
Displays textured and lit geometric shapes. In the case of artwork
that conforms to the Universal 3D File Format specification, these
shapes are triangles.
Displays textured and lit geometric shapes (triangles) with single
color edges on top of them.
Displays textured and lit geometric shapes (triangles) with an added
level of transparency.
Displays textured and lit geometric shapes (triangles) with an added
level of transparency, with single color opaque edges on top of it.
Displays the bounding box edges of each node, aligned with the axes
of the local coordinate space for that node.
Displays bounding boxes faces of each node, aligned with the axes of
the local coordinate space for that node, with an added level of transparency.
Displays bounding boxes edges and faces of each node, aligned with the axes of
the local coordinate space for that node, with an added level of transparency.
Displays only edges in a single color.
Displays only edges, though interpolates their color between their two vertices
and applies lighting.
Displays edges in a single color, though removes back-facing and obscured edges.
Displays only vertices in a single color.
Displays only vertices, though uses their vertex color and applies lighting.
Displays silhouette edges with surfaces, removes obscured lines.
Displays silhouette edges with lit and textured surfaces, removes obscured lines.
Displays silhouette edges with lit and textured surfaces and an additional emissive
term to remove poorly lit areas of the artwork.
Specifies the available animation style for rendering the 3D artwork.
Represents that the Keyframe animations should not be driven directly by
the viewer application. This value is used by documents that are intended
to drive animations through an alternate means, such as JavaScript.
Represents that the Keyframe animations are driven linearly from beginning to end.
This animation style results in a repetitive playthrough of the animation,
such as in a walking motion.
Represents that the Keyframe animations should oscillate along their time range.
This animation style results in a back-and-forth playing of the animation,
such as exploding or collapsing parts.
Represents the annotation with associated action.
Initializes a new instance of the class.
Bounds of the annotation.
The Pdf action.
Represents base class for link annotations with associated action.
Gets or sets the action for the link annotation.
The action to be executed when the link is activated.
Initializes a new instance of the class.
Bounds of the annotation.
Initializes a new instance of the class.
Bounds specifies the location of the drawn text.
The specifies an action to be executed when the link is activated.
Represents the states of an annotation's appearance.
Gets or sets the active state template.
The object specifies an active state template.
Gets or sets the inactive state.
The object specifies an inactive state template.
Gets or sets the mapping name of the active state.
String specifies the mapping name of the active state.
Gets or sets the mapping name of the inactive state.
String specifies the mapping name of the inactive state.
Initializes a new instance of the class.
Gets the element.
Represents the appearance of an annotation.
Gets or sets object which applied to annotation in normal state.
Gets or sets object which applied to the annotation on hovering the mouse.
Gets or sets object which applied to an annotation when mouse button is pressed.
Initializes a new instance of the class.
The object specifies the annotation.
Gets the element.
Represents extended appearance of the annotation. It has two states such as On state and Off state.
Gets the normal appearance of the annotation.
The object specifies the normal appearance of the annotation.
Gets the appearance when mouse is hovered.
The object specifies the annotation appearance when the mouse is hovered on it.
Gets the pressed state annotation.
The appearance in pressed state.
Initializes a new instance of the class.
Gets the element.
Represents a line annotation.
To specifying Caption Type
Gets or sets whether the line annotation caption should be displayed.
true if the line caption should be displayed, otherwise false.
Gets or sets Leader Line
Gets or sets Leader Line Extension
Gets or sets Border style of the Line Annotation.
A enumeration member specifying the border style for the line.
Gets or sets the style used for the beginning of the line.
A enumeration member specifying the begin style for the line.
Gets or sets the style used for the end of the line.
A enumeration member specifying the end style for the line.
Gets or sets the line caption text type.
A enumeration member specifying the line caption type.
Gets or sets LineIntent
Gets or sets Inner Color of the PdfLine
Gets or sets Background Color of the PdfLine
Initializes new instance of class.
The line points.
Initializes new instance of class.
The line points.
The line caption text.
Initializes new instance of class.
Bounds of the annotation.
Represents the border style of the Line annotation.
Gets or sets the width.
The line border width.
Gets or sets the border style.
The line border style.
Gets or sets the Line Dash
The line border dash array.
Initializes a new instance of the class.
Gets the element.
Represents the base class for link annotations.
Highlight mode of the annotation.
Initializes new instance of class.
Initializes new instance of class.
Bounds of the annotation.
Represents the 3D annotation for a PDF document.
Gets the list of available views for the current 3D artwork.
Gets or sets the default view.
The default view.
Gets or sets the code to execute when the 3D artwork is instantiated.
Javascript code to be executed when the 3D artwork is instantiated.
Gets or sets the activation options for the annotation.
Defines the times at which the annotation should be activated and deactivated and the state of the 3D artwork instance at those times.
Filename with Full path
Initializes a new instance of the class.
Bounds of the annotation.
Bounds of the annotation.
Name of the sound file.
Represents the polygon annotation.
The user who created the annotation.
The description of the annotation.
The vertice coordinates.
The date and time when the annotation was most recently modified.
The border effect.
Initialize a new instance of PdfPolygonAnnotation.
The page
The polygon vertices
Represents the Rubber Stamp annotation for a PDF document.
Gets or sets the annotation's icon.
A enumeration member specifying the icon for the annotation when it is displayed in closed state.
Gets or sets appearance of the annotation.
Initializes a new instance of the class.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
Text of the rubber stamp annotation.
Creates an widget annotation object.
Creates an widget annotation object.
The specified bound
Creates an widget annotation object.
The specified widget annotation dictionary
Gets or sets the button layout mode.
Gets or sets the text displayed when the mouse button is pressed within the annotation's active area.
Gets or sets the text displayed when the user rolls the cursor into the annotation's active area without pressing the mouse button.
Gets or sets the widget annotation's normal appearance displayed when it is not interacting with the user.
Gets or sets the widget annotation's rollover appearance displayed when the user rolls the cursor into its active area without pressing the mouse button.
Gets or sets the widget annotation's alternate appearance displayed when the mouse button is pressed within its active area.
Represents the class for text web link annotation.
Gets or sets the Url address.
Initializes a new instance of the class.
Draws a Text Web Link on the Page
The page where the annotation should be placed.
The location of the annotation.
Pdf Layout result
Draw a Text Web Link on the Graphics
The object specifies where annotation should be placed..
The location of the annotation.
Represents the text markup annotation.
Gets or sets TextMarkupAnnotationType .
Gets or sets text markup color.
Initializes new instance of class.
Initializes new instance of class.
The markup annotation title.
The string specifies the text of the annotation.
The string specifies the markup text of the annotation.
The location of the markup text annotation.
The specifies the text appearance of the markup text annotation.
Initializes new instance of class.
The title of the annotation.
The text of the annotation.
The bounds of the annotation.
The font of the annotation.
Initializes new instance of class.
The title of the annotation.
The text of the annotation.
The bounds of the annotation.
Initializes new instance of class.
The bounds of the annotation.
Represents the base class for loaded annotation classes.
Represents the Form field identifier
Gets and sets the Page.
Sets the name of the field.
New name of the field.
Represents the attachment annotation from the loaded document.
Gets or sets the icon of the annotation.
Gets the attachment file name of the annotation.
Represents the loaded document link annotation class.
Sets the destination of the annotation.
Represents the loaded file link annotation class.
Gets or sets the filename of the annotation.
Represents the free text annotation widget.
Gets or sets the date and time when the annotation was created.
Gets or sets the date and time when the annotation was most recently modified.
Gets a name describing the intent of the free text annotation.
Gets or sets the user who created the annotation.
Gets or sets the annotation's subject.
Gets the opcity value to be used.
Gets the border width.
Gets the border color
Gets the border style
Represents the loaded line annotation class.
Gets or sets the back color of the annotation.
Gets or sets the begin line style of the annotation.
Gets or sets the caption type of the annotation.
Gets or sets the end line style of the annotation.
Gets or sets the inner line color of the annotation.
Gets or sets the leader line of the annotation.
Gets the endpoint of the annotation, it's at the bottom left
The origin of coordinate system corresponds to the lower-left corner of page.The positive x axis extends horizontally to the right and the positive y axis vertically upward
Gets the startpoint of the annotation, it's at the bottom left
The origin of coordinate system corresponds to the lower-left corner of page.The positive x axis extends horizontally to the right and the positive y axis vertically upward
Gets or sets the leader ext of the annotation.
Gets the line border of the annotation.
Gets or sets the line caption of the annotation.
Gets or sets the line intent of the annotation.
Represents the loaded pop up annotation class.
Gets or sets the open option of the popup annotation.
Gets or sets the icon of the annotation.
Represents the loaded rubber stamp annotation class.
Gets or sets the icon of the annotation.
Represents the loaded sound annotation class.
Gets or sets the sound of the annotation.
Gets the filename of the annotation.
Gets or sets the icon of the annotation.
Represents the PdfLoadedStyledAnnotation.
Gets or sets the color.
The color.
Gets or sets the text.
The text.
Gets or sets the annotation's border.
Gets or sets the location.
Gets or sets the size.
Gets or sets the annotation flags.
The author of the annotation.
The state of the annotation.
The stateModel of the annotation.
Gets or sets the date and time when the annotation was created.
Gets the annotation's state.
Gets the annotation's stateModel.
Gets or sets the annotation's subject.
Gets the opacity value to be used.
Gets the iconname value to be used.
Gets the open option of the popup annotation.
Gets or sets annotation's author.
Represents the loaded text markup annotation class.
Gets or sets the annotation Type.
Gets or sets the color.
Sets the name of the field.
New name of the field.
Represents the loaded text web link annotation class.
Gets or sets the Url.
Represents the loaded unique resource identifier annotation class.
Gets or sets the unique resource identifier text of the annotation.
Represents the loaded web link annotation class.
Specifies the name of an icon to be used in displaying the sound annotation.
Speaker icon of sound link.
Microphone icon of sound link.
Specifies the type of icon to be used in displaying file attachment annotations.
Type of icon used in file attachment annotation.
Type of icon used in file attachment annotation.
Type of icon used in file attachment annotation.
Type of icon used in file attachment annotation.
Specifies the enumeration of the annotation flags.
Default value.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Annotation flag's key.
Specifies the enumeration of popup annotation icons.
Indicates note popup annotation.
Indicates comment popup annotation.
Indicates help popup annotation.
Indicates insert popup annotation.
Indicates key popup annotation.
Indicates new paragraph popup annotation.
Indicates paragraph popup annotation.
Specifies the enumeration of popup annotation icons.
Indicates note text annotation.
Indicates comment text annotation.
Indicates help text annotation.
Indicates insert text annotation.
Indicates key text annotation.
Indicates new paragraph text annotation.
Indicates paragraph text annotation.
Specifies the enumeration of rubber stamp annotation icons.
Indicates approved rubber stamp annotation
Indicates AaIs rubber stamp annotation
Indicates confidential rubber stamp annotation
Indicates departmental rubber stamp annotation
Indicates draft rubber stamp annotation
Indicates experimental rubber stamp annotation
Indicates expired rubber stamp annotation
Indicates final rubber stamp annotation
Indicates for comment rubber stamp annotation
Indicates for public release rubber stamp annotation
Indicates not approved rubber stamp annotation
Indicates not for public release rubber stamp annotation
Indicates sold rubber stamp annotation
Indicates topsecret rubber stamp annotation
Specifies the Line Ending Style to be used in the Line annotation.
Indicates Square
Indicates Circle
Indicates Diamond
Indicates OpenArrow
Indicates ClosedArrow
Indicates None
Indicates ROpenArrow
Indicates Butt
IdicaIndicatestes RClosedArrow
Indicates Slash
Specifies the Line Border Style is to be used in the Line annotation.
Indicates Solid
Indicates Dashed
Indicates Beveled
Indicates Inset
Indicates Underline
Specifies the Line Intent Style is to be used in the Line annotation.
Indicates Line Arrow as intent of the line annotation
Indicates LineDimension as intent of the line annotation
Specifies the Line Caption Type is to be used in the Line annotation.
Specifies the Style of the Text Markup Annotation
The Text Markup Annotation Type is Highlight.
The Text Markup Annotation Type is Underline.
The Text Markup Annotation Type is Squiggly.
The Text Markup Annotation Type is StrikeOut.
Specifies the annotation types.
Highlight type annotation.
Underline type annotation.
StrikeOut type annotation.
Squiggly type annotation.
AnnotationStates type.
TextAnnotation type.
LinkAnnotation type.
DocumentLinkAnnotation type.
FileLinkAnnotation type.
FreeTextAnnotation type.
LineAnnotation type.
SquareandCircleAnnotation type.
PolygonandPolylineAnnotation type.
TextMarkupAnnotation type.
CaretAnnotation type.
RubberStampAnnotation type.
LnkAnnotation type.
PopupAnnotation type.
FileAttachmentAnnotation type.
SoundAnnotation type.
MovieAnnotation type.
ScreenAnnotation type.
WidgetAnnotation type.
PrinterMarkAnnotation type.
TrapNetworkAnnotation type.
WatermarkAnnotation type.
TextWebLinkAnnotation type.
No annotation.
Represents the base class for annotation objects.
The name of the annotation.
The ModifiedDate of the annotation.
Gets or sets the background of the annotations icon when closed.
The title bar of the annotations pop-up window.
The border of a link annotation.
The color.
Gets annotation's modified date.
Gets or sets annotation's border.
Gets or sets location of the annotation.
Gets or sets the name of the annotation.
Note: The annotation name, a text string uniquely identifying it among all the annotations on its page.
Gets or sets size of the annotation.
Gets a page which this annotation is connected to.
Gets or sets content of the annotation.
Gets or sets annotation flags.
Creates new annotation object with the specified dictionary.
Annotation's dictionary
Gets the element.
Represents the appearance of an annotation's border.
Gets or sets a horizontal corner radius.
Gets or sets a vertical corner radius.
Gets or sets the width of annotation's border.
A float value specifying the width of the annotation's border.
Initializes a new instance of the class.
Initializes a new instance of the class.
A float value specifying the width of the annotation's border.
Initializes a new instance of the class.
A float value specifying the width of the annotation's border.
A float value specifying the horizontal corner radius value.
A float value specifying the vertical corner radius value.
Gets Pdf primitive representing this object.
Represents collection of objects.
Gets the object at the specified position.
The index value of the annotation in the collection.
Annotation object at the specified position.
Initializes a new instance of the class.
Creates new annotation collection for the specified page.
Page which collection is created for.
Adds a new annotation to collection.
The new annotation to be added to collection.
Position of the annotation in collection.
Cleares the collection.
Searches the collection for the specified annotation.
The annotation to search for.
True, if annotation is contained in collection. Otherwise - false.
Searches the collection for the specified annotation.
The Annotation to search.
Index of the element in the collection, if exists, or -1 if the element does not exist in the collection.
Inserts annotation to the collection at the specified index.
Index where to insert the element.
The annotation to insert in the collection.
Removes the element at the specified field.
The index of the element to remove.
Removes the element from the collection.
The element to remove.
Gets Pdf primitive representing this object.
Represents an attachment annotation.
Gets or Sets attachment's icon.
A enumeration member specifying the icon for the annotation when it is displayed in closed state.
A string value specifying the full path to the file to be embedded in the PDF file.
Bounds of the annotation.
A string value specifying the full path to the file to be embedded in the PDF file.
Bounds of the annotation.
A string value specifying the full path to the file to be embedded in the PDF file.
A byte array specifying the content of the annotation's embedded file.
If both FileName and FileContent are specified, the FileContent takes precedence.
The rectangle.
A string value specifying the full path to the file to be embedded in the PDF file.
The stream specifying the content of the annotation's embedded file.
If both FileName and FileContent are specified, the FileContent takes precedence.
Represents annotation object with holds link on another location within a document.
Gets or sets the destination of the annotation.
Initializes new instance.
Bounds of the annotation.
Initializes new instance.
Bounds of the annotation.
Destination of the annotation.
Represents a base class for file attachment annotation.
Gets or sets file name of the annotation.
Gets or sets appearance of the annotation.
Represents the annotation link to external file.
A string value specifying the full path to the file to be embedded.
Gets or sets the action.
The action to be executed when the annotation is activated.
Bounds of the annotation.
A string value specifying the full path to the file to be embedded.
Represents a Base class for popup annotation which can be either in open or closed state.
Gets or sets icon style.
Gets or sets value whether annotation is initially open or closed
Gets or sets appearance of the annotation.
Initializes a new instance of the class.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
The string specifies the annotation text.
Represents the sound annotation.
Gets or sets the icon to be used in displaying the annotation.
The enumeration member specifying the icon for the annotation.
Gets or sets the sound.
The object specified a sound for the annotation.
The string specifies the file name of the sound annotation.
RectangleF structure that specifies the bounds of the annotation.
The string specifies the file name of the sound annotation.
Represents the Uri annotation
Gets or sets the Uri address.
Gets or sets the action.
The object specifies the action of the annotation.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
Initializes a new instance of the class.
RectangleF structure that specifies the bounds of the annotation.
unique resource identifier path.
Represents a base class for all barcode types.
Initializes a new instance of the class.
Initializes a new instance of the class.
Set the barcode text.
Gets or sets the back color of the barcode.
Gets or sets the bar color of the barcode.
Gets or sets the text color of the barcode text.
Gets or sets the narrow bar width.
Gets or Sets the barcode text.
Gets or sets the location to render barcode in the PDF Document.
Gets or sets the empty area which is to be allocated around the barcode.
Gets or sets the bar height.
Gets the size of the barcode.
Gets or sets the rectangular area occupied by the barcode.
Represents the general barcode exception class.
Initializes a new instance of the class.
Initializes a new instance of the class.
User defined error message.
Initializes a new instance of the class.
User defined error message.
The inner exception.
Represents the Class for specifying Quiet zones around the barcode.
Gets or sets the quiet zones at the right side of the barcode.
Gets or sets the quiet zones at Top of the barcode.
Gets or sets the quiet zones at the left side of the barcode.
Gets or sets the quiet zones at bottom of the barcode.
Gets or sets the quiet zones around the bar code.
Check whether all the margin values are equal.
Represents a Codabar barcode.
This symbology allows the encoding of strings of up to 16 digits, 10 numeric digits (0 through 9) and
6 special non alpha characters ("+", "-", "$", "/", ":", ".").
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode Text.
Represents a Code11 barcode.
Only the following symbols are allowed in a Code 11 barcode: 0 1 2 3 4 5 6 7 8 9 -
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode Text.
The Barcode Text.
Represents a Code128A barcode.
Only the following symbols are allowed in a Code 128 A barcode: NUL (\x00) SOH (\x01) STX (\x02) ETX (\x03) EOT (\x04) ENQ (\x05) ACK (\x06) BEL (\x07) BS (\x08) HT (\x09) LF (\x0A) VT (\x0B) FF (\x0C) CR (\x0D) SO (\x0E) SI (\x0F) DLE (\x10) DC1 (\x11) DC2 (\x12) DC3 (\x13) DC4 (\x14) NAK (\x15) SYN (\x16) ETB (\x17) CAN (\x18) EM (\x19) SUB (\x1A) ESC (\x1B) FS (\x1C) GS (\x1D) RS (\x1E) US (\x1F) SPACE ! # $ % ' * + , - . 0 1 2 3 4 5 6 7 8 9 : ; ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ]^ _ FNC1 (\xF0) FNC2 (\xF1) FNC3 (\xF2) FNC4
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode Text.
Represents a Code128B Barcode.
Only the following symbols are allowed in a Code 128 B barcode:SPACE ! " # $ % ' ( ) * + , - . / 0 12 3 4 5 6 7 8 9 : ; ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ]^ _ ` a b c d e f g h i j k l m n o p q r s t u v w x y z { | } ~ DEL (\x7F) FNC1 (\xF0) FNC2 (\xF1) FNC3 (\xF2) FNC4 (\xF3) SHIFT (\xF4).
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents a Code128C barcode.
Only the following symbols are allowed in a Code 128C barcode: 0 1 2 3 4 5 6 7 8 9 FNC1 (\xF0). Code 128 C encodes only numeric symbols at double density, each pair of digits is encoded using a single symbol.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents a Code32 barcode.
Only the following symbols are allowed in a Code 32 barcode: 1 2 3 4 5 6 7 8 9 0. The barcode length is 9 digits (8 user defined digits + 1 check digit).
Code 32 barcodes are also known as Italian Pharmacode barcodes.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode Text.
Represents a Code39 barcode.
Only the following symbols are allowed in a Code 39 barcode:Only the following symbols are allowed in a Code 39 barcode: 1 2 3 4 5 6 7 8 9 0 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z - . $ / + % SPACE
All alphabetic characters are uppercase. If lowercase characters are required, then a Code 39 Extended barcode must be used.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents a Code39 Extended barcode.
Code 39 Extended is designed to encode 128 full ASCII characters.
All 128 ASCII characters can be encoded in an extended Code 39 barcode
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents a Code93 barcode.
Only the following symbols are allowed in a Code 93 barcode: 1 2 3 4 5 6 7 8 9 0 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z - . $ / + % SPACE
All alphabetic characters are uppercase. If lowercase characters are required, then a Code 93 Extended barcode must be used.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents a code93 extended barcode.
All 128 ASCII characters can be encoded in an extended Code 93 barcode.
Initializes a new instance of the class.
Initializes a new instance of the class.
The Barcode text.
Represents the Base class for all the Single dimensional barcodes
Initializes the new instance of
Gets or sets the Text font.
Gets or sets the text display location.
The Default value is false.
Gets or sets a value indicating whether to enable to check digit calculation in the generated barcode or not.
The Default value is True.
Gets or sets the gap between the barcode and the displayed text.
Gets or sets the alignment of the text displayed on the barcode.
Default value is Center.
Gets or sets a value indicating whether [encode start stop symbols].
true if [encode start stop symbols]; otherwise, false.
Draws the barcode on the at the specified region.
The pdf page.
The barcode region.
Draws the barcode on the at the specified location.
The pdf page.
The barcode location.
Draws the barcode on the at the specified location with the size.
The pdf page.
The barcode location.
The barcode size.
Exports the barcode as image.
The barcode image.
Specifies the barcode text display location.
Displays, no text.
Displays text, above the barcode.
Displays text, at the bottom of the barcode.
Specifies the barcode text alignment.
Displays the readable text on the left side of the barcode.
Displays the readable text at the center of the barcode.
Displays the readable text on the right side of the barcode.
Represents a calibrated gray color, based on a CalGray colorspace.
Initializes a new instance of the class.
The color space.
Gets or sets the gray level for this color.
The gray level of this color.
The acceptable range for this value is [0.0 1.0].
0.0 means the darkest color that can be achieved, and 1.0 means the lightest color.
Represents a CalGray colorspace.
Initializes a new instance of the class.
Gets or sets the black point.
An array of three numbers [XB YB ZB] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse black point. Default value: [ 0.0 0.0 0.0 ].
Gets or sets the gamma.
Gets or sets the white point.
An array of three numbers [XW YW ZW] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse white point. The numbers XW and ZW must be positive, and YW must be equal to 1.0.
Represents a calibrated RGB color, based on a CalRGB colorspace.
Initializes a new instance of the class.
The colorspace
Gets or sets the Blue value.
The blue level of this color.
The acceptable range for this value is [0.0 1.0]. 0.0 means the darkest color that can be achieved, and 1.0 means the lightest.
Gets or sets the green level for this color.
The green level of this color.
The acceptable range for this value is [0.0 1.0]. 0.0 means the darkest color that can be achieved, and 1.0 means the lightest color.
Gets or sets the red level for this color.
The red level of this color.
The acceptable range for this value is [0.0 1.0]. 0.0 means the darkest color that can be achieved, and 1.0 means the lightest color.
Representing a CalRGB colorspace.
Initializes a new instance of the class.
Gets or sets the black point.
An array of three numbers [XB YB ZB] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse black point.
Gets or sets the gamma.
An array of three numbers [GR GG GB] specifying the gamma for the red, green, and blue components of the color space.
Gets or sets the colorspace transformation matrix.
An array of nine numbers [XA YA ZA XB YB ZB XC YC ZC] specifying the linear interpretation of the decoded A, B, and C components of the color space with respect to the final XYZ representation.
Gets or sets the white point.
An array of three numbers [XW YW ZW] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse white point.
Represents the base class for all colorspaces.
Gets Pdf primitive representing the font.
Checks whether the object is similar to another object.
The object to compare witht ehcurrent object.
True - if the objects have equal internals and can share them, False otherwise.
Represents a device colorspace.
Initializes a new instance of the class.
The colorspace.
Gets or sets the DeviceColorSpaceType
Represents the extended color, based on a complex colorspace.
Initializes a new instance of the class.
The colorspace.
Gets the Colorspace
Represents an ICC color, based on an ICC colorspace.
Initializes a new instance of the class.
The colorspace.
Gets or sets the color components.
An array of values that describe the color in the ICC colorspace.
The length of this array must match the value of ColorComponents property on the underlying ICC colorspace.
Represents an ICC based colorspace..
Initializes a new instance of the class.
Gets or sets the alternate color space.
The alternate color space to be used in case the one specified in the stream data is not supported.
Gets or sets the color components.
The number of color components in the color space described by the ICC profile data.
This number must match the number of components actually in the ICC profile. As of PDF 1.4, this value must be 1, 3 or 4.
Gets or sets the profile data.
The ICC profile data.
Gets or sets the range for color components.
An array of 2 ColorComponents numbers [ min0 max0 min1 max1 ... ] specifying the minimum and maximum valid values of the corresponding color components. These values must match the information in the ICC profile.
Set the Color Profile.
ICC profile data.
Represents an indexed color, based on an indexed colorspace.
Initializes a new instance of the class.
The colorspace.
Gets or sets the color index
The index of the select color.
The acceptable range for this value is 0 - MaxColorIndex.
Represents an indexed colorspace.
Initializes a new instance of the class.
Gets or sets the base colorspace.
The color space in which the values in the color table are to be interpreted.
Gets or sets the index of the max color.
The maximum index that can be used to access the values in the color table.
Gets or sets the color table.
The table of color components.
The color table data must be m * (maxIndex + 1) bytes long, where m is the number of color components in the base color space. Each byte is an unsigned integer in the range 0 to 255 that is scaled to the range of the corresponding color component in the base color space; that is, 0 corresponds to the minimum value in the range for that component, and 255 corresponds to the maximum.
Gets the profile data.
The profile data.
Represents a calibrated Lab color, based on a Lab colorspace.
Initializes a new instance of the class.
The ColorSpace.
Gets or sets the a* component for this color.
The a* component of this color.
The range for this value is defined by the Range property of the underlying Lab colorspace.
Gets or sets the b* component for this color.
The b* component of this color.
The range for this value is defined by the Range property of the underlying Lab colorspace.
Gets or sets the l component for this color.
The l component of this color.
The acceptable range for this value is [0.0 100.0]. 0.0 means the darkest color that can be achieved, and 100.0 means the lightest color.
Represents a Lab colorspace
Initializes a new instance of the class.
Gets or sets BlackPoint
An array of three numbers [XB YB ZB] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse black point.
Gets or sets the Range
An array of three numbers [XB YB ZB] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse black point.
Gets or sets the white point
An array of three numbers [XW YW ZW] specifying the tristimulus value, in the CIE 1931 XYZ space, of the diffuse white point.
Represents a separation color, based on a separation colorspace.
Initializes a new instance of the class.
The colorspace.
The acceptable range for this value is [0.0 1.0]. 0.0 means the lightest color that can be achieved, and 1.0 means the darkest color.
The acceptable range for this value is [0.0 1.0]. 0.0 means the lightest color that can be achieved, and 1.0 means the darkest color.
Represents a separation colorspace
Initializes a new instance of the PdfSeparationColorSpace class.
The name of the colorant
The base color to be used
The base color to be used.
Gets or sets the alternate color spaces.
The alternate color space to be used when the destination device does not support separation colorspace.
The name of the colorant.
Gets or sets the tint transform function for the this colorspace.
Tint transform function for the colorspace.
Get the profile data.
The profile data
Represents attachments of the Pdf document.
Name of the file.
Name of the file.
The data to be attached as a file.
Name of the file.
The stream.
Represents a collection of the attachment objects.
Initializes a new instance of the class.
Gets attachment by its index in the collection.
Index of the attachment.
Attachment object by its index in the collection.
Adds the specified attachment.
The attachment.
Position of the inserted attachment.
Inserts the specified index.
The index.
The attachment.
Removes the specified attachment.
The attachment.
Removes attachment at the specified index.
The index.
Indexes the of attachment.
The attachment.
Determines whether
The attachment.
if it contains the specified attachment, set to true.
Clears the collection.
Gets the element.
Represents a fields which is calculated before the document saves.
Gets or sets the bounds of the field.
The bounds value.
Gets or sets the size of the field.
The size of the field.
Gets or sets the location of the field.
The location.
Gets or sets the font.
The font.
Gets or sets the brush.
The brush.
Gets or sets the pen.
The pen.
Gets or sets the string format.
The string format.
Draws an element on the Graphics.
Graphics context where the element should be printed.
X co-ordinate of the element.
Y co-ordinate of the element.
Represents class to display creation date of the document.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
Specifies the location and size of the field.
Gets or sets the format string.
The format string.
Represents date automated field.
Initializes a new instance of the class.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
A object that is used to fill the string.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
Specifies the location and size of the field.
Gets or sets the format string.
The format string.
Represents class which displays destination page's number.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
Specifies the location and size of the field.
Get and sets the PdfLoadedPage
Gets or sets the page.
The page.
Represent automatic field which contains document's author name.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field which value is dynamically evaluated.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents class which can concatenate multiple automatic fields into single string.
Initializes a new instance of the class.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
The wide-character string to be drawn.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
The wide-character string to be drawn.
A object that is used to fill the string.
Initializes a new instance of the class.
The wide-character string to be drawn.
The list of objects.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
The wide-character string to be drawn.
The list of objects.
Initializes a new instance of the class.
A object that specifies the font attributes (the family name, the size, and the style of the font) to use.
A object that is used to fill the string.
The wide-character string to be drawn.
The list of objects.
Gets or sets the text.
The wide-character string to be drawn.
Gets or sets the automatic fields.
The automatic fields.
Represents automatic field which has the same value within the
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Gets or sets the number style.
The number style.
Represents automatic field which has the same value within the
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents total page count automatic field.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Gets or sets the number style.
The number style.
Represents page number field.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field to display
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field to display number of pages in section.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field to display page number within a section.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field which has the same value
in the whole document.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Represents automatic field which value can be evaluated in the moment of creation.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The font.
The brush.
Initializes a new instance of the class.
The font.
The bounds.
Each instance of this class represents
an bookmark node in the bookmark tree.
Gets or sets the outline destination.
Gets or sets the outline title.
The outline title is the text,
which appears in the outline tree as a tree node.
Gets or sets the color.
Gets or sets the text style.
Gets or sets the Action for the Outline.
This class plays two roles: it's a base class for all bookmarks
and it's a root of a bookmarks tree.
Gets number of the elements in the collection.
Gets the at the specified index.
index
Creates and adds an outline.
The title of the new outline.
The outline created.
Determines whether the specified outline is a direct descendant of the outline base.
The outline.
true if the specified outline is a direct descendant of the outline base;
otherwise, false.
Removes the specified bookmark from the document.
The title of the outline.
Removes the specified bookmark from the document at the specified index.
The index.
Removes all the bookmark from the document.
Inserts a new outline at the specified index.
The index.
The title of the new outline.
The new outline.
Gets the element.
Allows to choose outline text style.
Regular text style.
Italic text style.
Bold text style.
Represents loaded bookmark class.
Gets or sets the outline destination.
Gets or sets the outline title.
The outline title is the text,
which appears in the outline tree as a tree node.
Gets or sets the color.
Gets or sets the text style.
Represents a booklet creator, which allows to create a booklet from a Pdf document.
The class can be used to set some options when do convert operation.
Gets or sets a value indicates whether to use the high qulity image when convert xps to pdf.
Gets or sets a value indicates whether to use invariant culture mode when convert pdf to xps.
Gets or sets a value indicates whether to use PS mode to convert pdf to xps, doc.
Gets or sets a value indicates whether to use the embedded svg in the result file when convert pdf to html.
Gets or sets a value indicates the count of page contents in one html file when convert pdf to html, works only when UseEmbeddedSvgMode property is set to false.
Gets or sets a value indicates whether to embed image data in the result file when convert pdf to html, works only when UseEmbeddedSvgMode property is set to false.
Gets or sets a value indicates the output svg's width in pixel unit, -1 means use the orignal width.
Gets or sets a value indicates the output svg's height in pixel unit, -1 means use the orignal width.
Set pdf to xps convert options.
Default usePsMode = true,useInvariantCulture = false,useHighQualityImg = false.
Set pdf to xps convert options.
Indicates whether to use PS mode.
Set pdf to xps convert options.
Indicates whether to use PS mode.
Indicates whether to use invariant culture.
Set pdf to xps convert options.
Indicates whether to use PS mode.
Indicates whether to use invariant culture.
Indicates whether to use the high qulity image.
Set pdf to doc convert options.
Default usePsMode = true.
Set pdf to doc convert options.
Indicates whether to use PS mode.
Set xps to pdf convert options.
Default useHighQualityImg = false.
Set xps to pdf convert options.
Indicates whether to use the high qulity image.
Set pdf to html convert options.
Default useEmbeddedSvg = true, useEmbeddedImg = false, maxPageOneFile = 500.
Set pdf to html convert options.
Indicates whether to use the embedded svg in html file.
Set pdf to html convert options.
Indicates whether to use the embedded svg in html file.
Indicates whether to embed image data in html file, works only when useEmbeddedSvg is set to false.
Set pdf to html convert options.
Indicates whether to use the embedded svg in html file.
Indicates whether to embed image data in html file, works only when useEmbeddedSvg is set to false.
Indicates the count of page contents in one html file, works only when useEmbeddedSvg is set to false.
Set pdf to svg options.
Default wPixel = -1f, hPixel = -1f, -1f means no change.
Set pdf to svg options.
The output svg's width in pixel unit, -1f means no change.
Set pdf to svg options.
The output svg's width in pixel unit, -1f means no change.
The output svg's height in pixel unit, -1f means no change.
Get or Set PdfDocument Print PageScaling
Indicates whether to use the high qulity image when convert document
Pdf to Html, Set Parameter
Get or Set Allow Create Form.
Indicates whether use invariant culture mode to convert pdf document.
Set some options when do convert operation.
Get or Set PdfDocument Print PageScaling
Get or Set Current PDF Document Print PageScaling
Set,Get Current active pdf object
Get document PdfConformanceLevel
Gets the collection of document attachments displayed on a PDF page.
Gets the bookmarks.
Gets or sets the color space for page that will be created.
Gets or sets document's information and properties.
Gets the additional document's actions.
Gets the loaded form.
Get and Set the PdfPageLabel.
Gets the pages.
Gets the fonts which are available in the PDF document.
Retruns the fonts which are used in the PDF document.
Gets or sets the desired level of stream compression.
All new objects should be compressed with this level of the compression.
Gets the security parameters of the document.
Gets or sets a viewer preferences object controlling the way the document is to be
presented on the screen or in print.
Gets or sets the action to execute when the document is opened.
Gets or sets the action to be performed after the document is printed.
A object specifying the action to be executed after the document is printed. .
Gets or sets the jave script action to be performed after the document is saved.
A object specifying the action to be executed after the document is saved.
Gets or sets the action to be performed before the document is closed.
A object specifying the action to be executed before the document is closed.
Gets or sets the action to be performed before the document is printed.
A object specifying the action to be executed before the document is printed.
Gets or sets the java script action to be performed before the document is saved.
A object specifying the action to be executed before the document is saved.
Gets the template of pdf document
Indicates whether enable font cache.
Indicates the document is encrypted or not.
Indicates the document is a PDF Portfolio or not.
Optional content properties
The path to source pdf file.
This constructor imports an existing pdf file into the document object. It automatically populates the Pages collection with the pages of the given document.
Initializes a new instance of the class.
The path to source PDF document.
The password (user or owner) of the encrypted document.
Setting up the Pdf docuement standard,but Pdf/A2A standards are not suppored
Initializes a new instance of the class.
The byte array with the file content.
Initializes a new instance of the class.
The byte array with the file content.
The password (user or owner) of the encrypted document.
Initializes a new instance of the class.
The stream with the file.
Initializes a new instance.
The stream with the file.
The password (user or owner) of the encrypted document.
Releases unmanaged resources and performs other cleanup operations before the
is reclaimed by garbage collection.
The path to source pdf file.
This constructor imports an existing pdf file into the document object. It automatically populates the Pages collection with the pages of the given document.
Initializes a new instance of the class.
The path to source PDF document.
The password (user or owner) of the encrypted document.
Load a xps bytes array.
the xps byte array
Load a xps file.
Load a xps stream.
Load Pdf from svg file.
A relative or absolute path for the svg file
Load pdf from svg stream.
A Svg file stream
Load file from disk file.
url address
Enable javascrpit
Enable hyperlink
Auto detect page break
Load file from disk file.
url address
Enable javascrpit
Enable hyperlink
Auto detect page break
paper size
PdfHtmlLayoutFormat layoutFormat
Load file from disk file.
url address
Enable javascrpit
Enable hyperlink
Auto detect page break
paper size
PdfHtmlLayoutFormat layoutFormat
Load file from disk file.
url address
Enable javascrpit
Enable hyperlink
Auto detect page break
paper size
PdfHtmlLayoutFormat layoutFormat
by default false, when load Html DOM timeout(PdfHtmlLayoutFormat.LoadHtmlTimeout),convert uncompleted Html DOM to pdf.
if true,until Html DOM load completed,then convert to pdf.
Load htmlSourceCode to Pdf
htmlSourceCode
Auto detect page break
PdfPageSettings setting
PdfHtmlLayoutFormat layoutFormat
Load htmlSourceCode to Pdf
htmlSourceCode
Auto detect page break
PdfPageSettings setting
PdfHtmlLayoutFormat layoutFormat
by default false, when load Html DOM timeout(PdfHtmlLayoutFormat.LoadHtmlTimeout),convert uncompleted Html DOM to pdf.
if true,until Html DOM load completed,then convert to pdf.
Initializes a new instance of the class.
The byte array with the file content.
Initializes a new instance of the class.
The stream with the file.
Initializes a new instance of the class.
The byte array with the file content.
The password (user or owner) of the encrypted document.
Initializes a new instance.
The stream with the file.
The password (user or owner) of the encrypted document.
Indicates whthere contains extended right.
Removes the extended right.
Closes the document.
if set to true the document should be disposed completely.
The document is disposed after calling the Close method. So, the document can not be saved if Close method was invoked.
Save the document to the specified stream.
The stream which default saved to the FileFormat.PDF format.
Convert the document to the format file which saved to streams.
The file format
The format file streams.
FileFormat.PDF:return only one stream(PDF support paging).
FileFormat.XPS:return only one stream(XPS support paging).
FileFormat.DOC:return only one stream(DOC support paging).
FileFormat.SVG:return multiple streams(SVG not support paging,one stream to one page).
FileFormat.HTML:return only one stream(HTML support paging).
FileFormat.DOCX:return only one stream(DOCX support paging).
Convert the specified range of the document pages to the format file which saved to streams.
FileFormat.PDF is not supported.
The start index.
The end index.
The file format
The format file streams.
FileFormat.PDF:not supported.
FileFormat.XPS:return only one stream(XPS support paging).
FileFormat.DOC:return only one stream(DOC support paging).
FileFormat.SVG:return multiple streams(SVG not support paging,one stream to one page).
FileFormat.HTML:return only one stream(HTML support paging).
FileFormat.DOCX:return only one stream(DOCX support paging).
Convert the document to the format file which saved to an stream.
The stream which saving the format file.
FileFormat.PDF,FileFormat.XPS,FileFormat.DOC,FileFormat.HTML,FileFormat.DOCX support paging,so be saved to one stream.
FileFormat.SVG:due to SVG file not support paging,so can't be saved to one stream,not supported.
The file format
Saves PDF document to file.
A relative or absolute path for the file
Saves PDF document to file.
A relative or absolute path for the file
File format for the file
Saves PDF document to other Format files.
Current only supports save PDF document to SVG
A relative or absolute path for the file
The start page index.The index starts at 0
The end page index.
File format for the file
Saves PDF document page as image
Page with page index to save as image
Returns page as Image
Saves PDF document page as image
Page with page index to save as image
Returns page as Image
Saves PDF document page as image,Set image Dpi
Page with page index to save as image
Pictures X resolution
Pictures Y resolution
Returns page as Image
Saves PDF document page as image
Page index
PdfImageType type
Returns page as Image
Saves PDF document page as image,Set PdfImageType and image Dpi
Page index
PdfImageType type
Pictures X resolution
Pictures Y resolution
Returns page as Image
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
The resulting clone must be of the same type as or a compatible type to the original instance.
Imports a page.
The loaded document.
The page.
The page in the target document.
Imports a page.
The loaded document.
Index of the page.
The page in the target document.
Imports a page range from a loaded document.
The loaded document.
The start page index.
The end page index.
The last created page in the target document.
Merges the specified source documents and return destination document.
The destination document, where the other documents are merged into.
If it's null a new document object will be created.
The source documents.
The document containing merged documents.
Merges the PDF documents specified by the Stream.
Merges the PDF documents specified by the paths.
A new PDF document containing all merged documents.
Splits a PDF file to many PDF files, each of them consists of one page from the source file.
Template for destination file names.
Each destination file will have 'destFileName{0***}' name,
where *** is an optional format string for the number of the
page inside of the source document.
Splits a PDF file to many PDF files, each of them consists of
one page from the source file.
Template for destination file
names.
The number that is use as a start
point for the page numbering.
Each destination file will have 'destFileName{0***}' name,
where *** is an optional format string for the number of the
page inside of the source document.
Get or Set PdfDocument pages Print Mode
Get or Set PdfDocument pages Print Mode
Gets or sets the pagenumber which you choose as the start page to printing
Gets or sets the pagenumber which you choose as the final page to printing.
Gets or sets the name of printer which is on printing PDF document
Gets or set a value indicating handle PageSettings Landscape.
Gets a value indicating the System.Drawing.Printing.PrintDocument
Print preview.
Print preview control
Seting Param
Begin Print Page
Print Page
Print Multi-page
Print settings.
Get the print settings.
Print document.
Represent common PdfDocumentBase classes.
specify whether to use high quality images
Pdf to Html, Set Parameter
Internal variable to store the private font collection.
Optional content properties
Gets the fonts which are available in the PDF document.
Retruns the fonts which are used in the PDF document.
Gets or sets a template that is applied to all pages in the document.
The specifying the default template for the document.
Gets the pages.
Gets the security parameters of the document.
Gets or sets document's information and properties.
Gets or sets a viewer preferences object controlling the way the document is to be
presented on the screen or in print.
Gets or sets the desired level of stream compression.
All new objects should be compressed with this level of the compression.
Gets or sets the internal structure of the PDF file.
Get the PDF file structure.
Gets the additional document's actions.
The specifying the document action.
Gets the bookmarks.
Gets the Private Font Collection
Optional content properties
Splits a PDF file to many PDF files, each of them consists of one page from the source file.
Template for destination file names.
Each destination file will have 'destFileName{0***}' name,
where *** is an optional format string for the number of the
page inside of the source document.
Splits a PDF file to many PDF files, each of them consists of
one page from the source file.
Template for destination file
names.
The number that is use as a start
point for the page numbering.
Each destination file will have 'destFileName{0***}' name,
where *** is an optional format string for the number of the
page inside of the source document.
Merges the specified source documents and return destination document.
The destination document, where the other documents are merged into.
If it's null a new document object will be created.
The source documents.
The document containing merged documents.
Merges the PDF documents specified by the paths.
The array of string paths.
documents password
A new PDF document containing all merged documents.
Adds an object to a collection of the objects that will be disposed during document closing.
The object that will be disposed during document closing.
A relative or absolute path for the file
The start page index.
The end page index.
Save a range page of the document to html stream.
The start index.
The end index.
The html stream.
Save the document to html stream.
The html stream.
Save a range page of the document to xps as stream.
The strart index.
The end index.
The xps stream.
Save the document to xps as stream.
The xps stream.
Saves PDF document page as image
Page with page index to save as image
Returns page as Image
Saves PDF document page as image
Page with page index to save as image
Returns page as Image
Saves PDF document page as image
Page with page index to save as image
Returns page as Image
Saves PDF document page as image,set Dpi
Page with page index to save as image
Pictures X resolution
Pictures Y resolution
Returns page as Image
Saves PDF document page as image
bool isWriteWarning
Page with page index to save as image
Returns page as Image
Saves PDF document page as image,set Dpi
bool isWriteWarning
Page with page index to save as image
Pictures X resolution
Pictures Y resolution
Returns page as Image
Saves PDF document page as image
Page index
PdfImageType type
Returns page as Image
Saves PDF document page as image,Set PdfImageType and image Dpi
Page index
PdfImageType type
Pictures X resolution
Pictures Y resolution
Returns page as Image
Saves document page as image, Pdf to Xps
MemoryStream obj
Page index
Returns page as Image
Save a range page of the document to svg as stream[].
The start index.
The end index.
Stream collection.
Save the document to svg as stream[].
Stream collection
Save a range page of the document to doc as stream[].
The start index.
The end index.
The doc stream.
Is doc or docx.
Save the document to doc as stream[].
The doc stream.
Is docs or doc.
Saves the document to the specified filename.
The filename.
Saves the document into a HTTP response stream.
The name of the document.
The HTTP response stream object.
The type of the reading document.
If a document containing digital signature needs to be saved then
the destination stream must support seeking, otherwise an exception will be raised.
Since the HTTP response stream does not support seeking please write the document to a memory stream first and then flush it to the destination stream to avoid raising an exception.
Saves the document into a HTTP response stream.
The stream.
The HTTP response stream object.
Closes the document. Releases all common resources.
Closes the document.
if set to true the document should close its stream as well.
Saves the document to the specified stream.
The stream object where PDF document will be saved.
Imports a page.
The loaded document.
The page.
The page in the target document.
Imports a page.
The loaded document.
Index of the page.
The page in the target document.
Imports a page range from a loaded document.
The loaded document.
The start page index.
The end page index.
The last created page in the target document.
Import Original Document Destinations to new Document Catalog->Names -> Dests.
Quote page to this document Catalog->Names -> Dests -> Names
Original Document
Merge OCProperties
Merge D Item
This class represents a set of the properties that define the internal structure of PDF file.
PDF Document object
read pdf file
Initializes a new instance of the class.
PDF Document object
read pdf file
Gets or sets the version of the PDF document.
The document version.
Gets or sets a value indicating whether [incremental update].
true if [incremental update]; otherwise, false.
Gets or sets the type of PDF cross-reference.
Please see the description of for more details.
Gets the value indicating whether the PDF document is tagged one or not.
If true PDF document is tagged, otherwise false.
Tagged PDF's standard structure types
A generic block-level element or group of elements
A generic inline portion of text having no particular inherent characteristics
An item of graphical content
Represents the document's structure tree root dictionary
Build struct tree root before saved.
Represents the structure element
The parent struct element
The parent tree root
Build struct element before saved.
Delegate for handling event when drawing page in a booklet.
The sender of the event.
The arguments of the event.
This event is raised when starting/finished drawing a page of the source file in a booklet.
Represents DrawPageInBooklet Event arguments.
Gets the page of the source file.
Gets the index of the source page, basing on 0.
Gets the page of the booklet.
Gets the index of the booklet page, basing on 0.
Specifies the type of file format.
Specifies plain PDF file format.
Specifies Linearized PDF file format.
Specifies the different way of presenting the document at the client browser.
Send the generated document to the client browser and will open document inside browser or using application associated with .pdf extension externally.
Send the generated document to the client browser and presents an option to save the document to disk or open inside the browser.
Specifies the available PDF versions to save a PDF document.
PDF version 1.0.
PDF version 1.1.
PDF version 1.2.
PDF version 1.3. Adobe Acrobat 4.
PDF version 1.4. Adobe Acrobat 5.
PDF version 1.5. Adobe Acrobat 6.
PDF version 1.6. Adobe Acrobat 7.
PDF version 1.7. Adobe Acrobat 8.
Specifies the type of the PDF cross-reference.
Default value is CrossReferenceStream
The cross-reference table contains information that permits random access to indirect objects within the file so that the entire file need not be read to locate any particular object. The structure is useful for incremental updates, since it allows a new cross-reference section to be added to the PDF file, containing entries only for objects that have been added or deleted. Cross-reference is represented by cross-reference table. The cross-reference table is the traditional way of representing reference type.
Cross-reference is represented by cross-reference stream. Cross-reference streams are stream objects, and contain a dictionary and a data stream.
This leads to more compact representation of the file data especially along with the compression enabled.
This format is supported by PDF 1.5 version and higher only.
Specifies the Pdf document's Conformance-level.
Specifies Default / No Conformance.
This PDF/A ISO standard [ISO 19005-1:2005] is based on Adobe PDF version 1.4
and This Level B conformance indicates minimal compliance to ensure that the
rendered visual appearance of a conforming file is preservable over the long term.
This PDF/X-1a:2001 ISO standard [ISO 15930-1] is based on Adobe PDF version 1.3
which uses only CMYK + Spot Color and this compliance to ensure that the
contents will be reliably reproduced in the repress environment.
PDF/A-1a ensures the preservation of a document's logical structure and con-tent text stream in natural reading order.
PDF/A-2a standard,Only check the standard from the pdfaid:part and pdfaid:conformance node,And only check
Specifies the different page scaling option that shall be selected when a print dialog is displayed for this document.
Default value is AppDefault.
Indicates the conforming readers default print scaling.
Indicates no page scaling.
Adds the document properties.
The doc properties.
This class provides support for converting PDF into an XPS Document.
Converts a range of the pdf document to word.
The pdf document.
The word stream.
The start index.
the end index.
Converts the specified pdf document to word.
The pdf document.
The word stream.
Creates the PDF document.
Adds the document properties.
The doc properties.
Draws to PDF.
The images.
The PdfNewDocument.
Pdf to Html, Set Parameter
Convert a range page of the document to svg.
The pdf document.
Main out file.
Is svg file header.
The start index.
The end index.
A list of byte.
Convert the document to svg.
The pdf document.
Main out file.
Is svg file header.
A list of byte.
This class provides support for converting PDF into an XPS Document.
Converts a range page of the PdfDocument to Xps.
The pdf document.
The xps stream.
The start index.
The end index.
Converts the specified PdfDocument to Xps.
The pdf document.
The xps stream.
Creates the PDF document.
Adds the document properties.
The doc properties.
Represents the utility class to store information about Images and its location.
The number of indirect objects.
The original stream object.
Gets the Image Boundary location.
Gets the Image.
Gets the Image index.
The number of indirect object.
The original stream object.
Pdf to html Set Parameter
In 1000 The Split Page
In 1000 The Split Page,default 1000
wheather embedded image
Pdf to Html, Set Parameter
Writes the doc Comment
Get file Folder
write doc comment
Save file Relative Path
Save file folder
write doc comment
Extracts the text from the page given
page from which text is extracted
font used in the text
text in the page to be decoded
decoded text
Collects all the fonts in the page in a dictionary
dictionary containing all the resources in the page
page in which text is to be extracted
dictionary containing font name and the font
Collects all the images in the pdf document
containing all the resources of the document
dictionary of images
Updates the resources in the page
Existing page resources
Dictionary items to the updated
Updated page resource
This extractor keeps track of the current Y position of each string. If it detectsthat the y position has changed, it inserts a line break into the output.If the PDF extractor text in a non-top-to-bottom fashion, this will result in the text not being a true representation of how it appears in the PDF.
The Extracted Text.
Represents the path data reader.
Gets a value indicating whether this is EOF.
true if EOF; otherwise, false.
Gets text length.
Gets or sets the position.
The position.
Initializes a new instance of the PathDataReader class.
Reads the symbols
Symbol
Gets the next symbol
Symbol
Updates the current position of the reader
Length of the path data
Reads the float value from the path data
float value
True if the next value is float
Reads the pint form the path data
Point value
True if the next parameter is point
Reads the position array from the path data
position array
True if the next parameter is position array
Reads the points from the path data
Points
Checks if the current character is symbol
True if the character is a symbol
Reads the Name of the element
XPS data
Reader position
Name
Reads the boolean value from the Data
XPS data
Reader position
True if the next value is boolean
Reads the float from the data.
XPS data
Reader position
float value
Reads the point from the data
XPS data
Reader position
point
Reads the matrix from the data
XPS data
Reader position
Matrix
Find item by searching in the .rels file
The index of item
Get item from alternate content
alternate content data
the type of item
the item
Enumerator representing the available XPS elements.
Bug897
Converts the alternateContent graphics to PDF graphics.
Converts the choice graphics to PDF graphics.
Converts the fallback graphics to PDF graphics.
Converts the baloo graphics to PDF graphics.
The index of the profile in the xps archive
The data of icc proifle
The number of color components
Initialize a new ICCProfile
The index of the profile in the xps archive
The data of icc proifle
The number of color components
Holds the font name associated with the text element
Holds the font style of the text to be decoded.
Represents the mapping table which contains the mapping value to the encoded text in the PDF document
Takes in the encoded text, identifies the type of encoding used, decodes the encoded text, returns the decoded text.
Encoded string from the PDF document.
Decoded string, human readable.
Decodes the octal text in the encoded text.
The text encoded from the PDF document
Decoded text with replaced octal texts
Decodes the HEX encoded string.
HEX encoded string.
Decoded string.
Extracts the font name associated with the string.
Font name.
Extracts the font style associated with the text string
Font style.
Builds the mapping table that is used to map the decoded text to get the expected text.
A dictionary with key as the encoded element and value as the value to be mapped to.
Builds the mapping table that is used to map the decoded text to get the expected text.
Takes in the decoded text and maps it with its corresponding entry in the CharacterMapTable
decoded text
Expected text string
Takes in the decoded text and maps it with its corresponding entry in the CharacterMapTable
encoded text
Expected text string
Method to remove the new line character
Text with new line character
Text without new line character
Gets or sets a value indicating whether this is editable.
true if editable; otherwise, false.
Gets or sets the first selected item in the list.
The index of the selected item.
Gets or sets the value of the first selected item in the list.
The selected value.
Gets the first selected item in the list.
The selected item.
Gets or sets the bounds.
The bounds.
Gets or sets the location.
The location.
Gets or sets the size.
The size.
Gets or sets the color of the border.
The color of the border.
Gets or sets the color of the background.
The color of the background.
Gets or sets the color of the text.
The color of the text.
Gets or sets the width of the border.
The width of the border.
Gets or sets the highlighting mode.
The highlighting mode.
Gets or sets the font.
The font.
Gets or sets the text alignment.
The text alignment.
This property is meaningful for fields containing variable text only.
Gets the actions of the field.
The actions.
Gets or sets the border style.
The border style.
Gets or sets a value indicating whether this is visible.
true if visible; otherwise, false.
Gets the name.
The name.
Gets the form.
The form.
Gets or sets the mapping name to be used when exporting interactive form
field data from the document.
The mapping name.
Gets or sets a value indicating whether this is export.
true if export; otherwise, false.
Gets or sets a value indicating whether [read only].
if the field is read only, set to true.
Gets or sets a value indicating whether this is required.
true if required; otherwise, false.
Gets or sets the tool tip.
The tool tip.
Gets the page.
The page.
Gets or sets a value indicating whether this is flatten.
Represents form's field with style parameters.
Initializes a new instance of the class.
The page where the field should be placed.
The name.
Gets or sets the bounds.
The bounds.
Gets or sets the location.
The location.
Gets or sets the size.
The size.
Gets or sets the color of the border.
The color of the border.
Gets or sets the color of the background.
The color of the background.
Gets or sets the width of the border.
The width of the border.
Gets or sets the highlighting mode.
The highlighting mode.
Gets the actions of the field.
The actions.
Gets or sets the border style.
The border style.
Gets or sets a value indicating whether this is visible.
true if visible; otherwise, false.
Draws a button.
The g.
The paint params.
The image.
The format.
Calculate the text position
the rectangle
the pdfStringFormat
the PdfFontBase
Represents form field with appearance custom support.
Gets the appearance.
The appearance.
Represents button field in the PDF form.
Initializes a new instance of the class.
The page where the fields should be placed.
The name of the button.
Gets or sets the caption text.
The caption text.
Gets or sets the button layout mode.
Gets or sets the text displayed when the mouse button is pressed within the annotation's active area, only available in Push mode.
Gets or sets the text displayed when the user rolls the cursor into the annotation's active area without pressing the mouse button, only available in Push mode.
Defining the icon layout.
Gets or sets the widget annotation's normal icon displayed when it is not interacting with the user.
Gets or sets the widget annotation's alternate icon displayed when the mouse button is pressed within its active area, only available in Push mode.
Gets or sets the widget annotation's rollover icon displayed when the user rolls the cursor into its active area without pressing the mouse button, only available in Push mode.
Adds Print action to current button field.
Clicking on the specified button will trigger the Print Dialog Box.
Represents the button icon layout options.
Gets or sets the circumstances under which the icon shall be scaled inside the annotation rectangle.
Gets or sets an array of two numbers between 0.0 and 1.0 indicating the fraction of leftover space to allocate at the left and bottom of the icon.
If true, indicates that the button appearance should be scaled to fit fully within the bounds of the annotation without taking into consideration the line width of the border.
Gets or sets the type of scaling to use.
Represents the type of scaling to use.
Scale the icon to fill the annotation rectangle exactly, without regard to its original aspect ratio.
Scale the icon to fit the width or height of the annotation rectangle while maintaining the icon's original aspect ratio.
Represents the button layout mode.
No icon; caption only.
No caption; icon only.
Caption below the icon.
Caption above the icon.
Caption to the right of the icon.
Caption to the left of the icon,
Caption overlaid directly on the icon.
Represtents the circumstances under which the icon shall be scaled inside the annotation rectangle.
Always scale.
Scale only when the icon is bigger than the annotation rectangele.
Scale only when the icon is smaller than the annotation rectangle.
Never scale.
Represents check box field in the PDF form.
Initializes a new instance of the class.
The page where the fields should be placed.
The name of the check box field.
Gets or sets a value indicating whether this is checked.
true if checked; otherwise, false.
Represents base class for field which can be in checked and unchecked states.
Initializes a new instance of the class.
The page where the fields should be placed.
The name of the check box field.
Gets or sets the style.
The object specifies the style of the check box field.
Represents combo box field in the PDF Form.
Initializes a new instance of the class.
Page the field to be placed on.
The name of the field.
Gets or sets a value indicating whether this is editable.
true if editable; otherwise, false.
Represents field of the Pdf document's interactive form.
Initializes a new instance of the class.
The page where the field should be placed.
The name.
Initializes a new instance of the class.
Field Dictionary
Gets the name.
The name.
Gets the form.
The form.
Gets or sets the mapping name to be used when exporting interactive form
field data from the document.
The mapping name.
Gets or sets a value indicating whether this is export.
true if export; otherwise, false.
Gets or sets a value indicating whether [read only].
if the field is read only, set to true.
Gets or sets a value indicating whether this is required.
true if required; otherwise, false.
Gets or sets the tool tip.
The tool tip.
Gets the page.
The page.
Gets or sets a value indicating whether this is flatten.
Gets the element.
Represents collection of the Pdf fields.
Initializes a new instance of the class.
Gets the at the specified index.
Gets the with thier field name.
Adds the specified field.
The field item which is added in the PDF form.
The field to be added on the page.
Inserts the the field at the specified index.
The index of the field.
The field which should be inserted at the specified index.
Determines whether field is contained within the collection.
Check whether object is present in the field collection or not.
true if field is present in the collection, otherwise, false.
Gets the index of the field.
The object whose index is requested.
Index of the field in collection.
Removes the specified field in the collection.
The object to be removed from collection.
Removes field at the specified position.
The index where to remove the item.
Clears the form field collection.
Gets the element.
Represents interactive form of the Pdf document.
Set a value to enabled form field highLight
pdfviewer fill,a form field needs to override ap
Initializes a new instance of the class.
Gets the fields.
The Form fields.
Gets or sets a value indicating whether this is flatten.
Gets or sets a value indicating whether the form is read only.
true if the form is read only; otherwise, false.
Gets or sets a value indicating whether [field auto naming].
Gets or sets a value indicating whether the viewer must generate appearances for fields.
true if viewer must generate appearance; otherwise, false.
Set a value to enabled form field highLight
pdfviewer fill,a form field needs to override ap
Gets the element.
Represents a collection of form fields.
Initializes a new instance of the class.
Represents list box field of the PDF form.
Initializes a new instance of the class.
Page the field to be placed on.
The name of the field.
Gets or sets a value indicating whether the field is multiselectable.
true if multiselectable; otherwise, false.
Represents base class form's list fields.
Internal variable to store CommitOnSelChange flag.
Initializes a new instance of the class.
Page which the field to be placed on.
The name of the field.
Gets the items.
The items.
Gets or sets the first selected item in the list.
The index of the selected item.
Gets or sets the value of the first selected item in the list.
The selected value.
Gets the first selected item in the list.
The selected item.
Gets or sets the flag indicating if a new value selected is committed immediately without waiting to leave the field.
Represents an item of the list fields.
Initializes a new instance of the class.
Initializes a new instance of the class.
The item text, it is displayed in the list.
The item value, it is exported when form content is exported.
Gets or sets the text.
The text of the list item field.
Gets or sets the value.
The value of the list item field.
Gets the element.
The primitive.
Represents list field item collection.
Initializes a new instance of the class.
Gets the at the specified index.
The object.
Adds the specified item in the collection.
The object which to be added in the collection.
item
Inserts the list item field at the specified index.
The index where to insert the new item.
The object to be added to collection.
Removes the specified item.
The object which to be removed in the collection.
Removes the item at the specified position.
The index where to remove the item.
Determines whether the item is contained by the collection.
Check whether object is exists in the collection or not.
true if the item is contained within the collection; otherwise, false.
Gets the index of the specified item.
A object whose index is requested.
The index of the given item, -1 if the item does not exist.
Clears the collection.
Gets the element.
Represents radio button field in the PDF form.
Initializes a new instance of the class.
Page which the field to be placed on.
The name of the field.
Gets or sets the first selected item in the list.
The index of the selected item.
Gets or sets the value of the first selected item in the list.
The selected value of the list field.
Gets the first selected item in the list.
The selected item of the field.
Gets the items of the radio button field.
The radio button field item collection.
Represents an item of a radio button list.
Initializes a new instance of the class.
Initializes a new instance of the class.
The value.
Gets the form of the field.
The object of the field.
Gets or sets the bounds.
Gets or sets the value.
The value.
Gets the element.
Represents collection of radio buttons items.
Initializes a new instance of the class.
The field.
Adds the specified item.
The object to be added to collection.
The index of the added field.
Inserts an item at the specified index.
The index where to insert the new item..
A object to be added to collection.
Removes the specified item from the collection.
The object which is to be removed from the collection.
Removes the item at the specified position.
The index where to remove the item.
Gets the index of the item within the collection.
A object whose index is requested.
Index of the item with the collection.
Determines whether the collection contains the specified item.
Check whether object is exists in the collection or not.
true if collection contains specified item; otherwise, false.
Clears the item collection.
Gets the at the specified index.
Returns item at the specified position.
Gets the element.
Represents form field with appearance custom support.
Gets the appearance.
The appearance.
Represents signature field in the PDF Form.
Initializes a new instance of the class.
Page which the field to be placed on.
The name of the field.
a PdfSignature obj
Draws an image.
The image.
The x.
The y.
Draws an image.
The image.
The rectangle.
Draws an image.
The image.
The point.
The size.
Represents form's field with style parameters.
Initializes a new instance of the class.
The page where the field should be placed.
The name.
Gets or sets the bounds.
The bounds.
Gets or sets the location.
The location.
Gets or sets the size.
The size.
Gets or sets the color of the border.
The color of the border.
Gets or sets the color of the background.
The color of the background.
Gets or sets the color of the text.
The color of the text.
Gets or sets the width of the border.
The width of the border.
Gets or sets the highlighting mode.
The highlighting mode.
Gets or sets the font.
The font.
Gets or sets the text alignment.
The text alignment.
This property is meaningful for fields containing variable text only.
Gets the actions of the field.
The actions.
Gets or sets the border style.
The border style.
Gets or sets a value indicating whether this is visible.
true if visible; otherwise, false.
Represents text box field in the PDF form.
The password chrackter.
Gets or sets the text.
The text of the text box field.
Gets or sets the default value.
The default value of the text box field.
Gets or sets a value indicating whether to check spelling.
true if check spelling; otherwise, false.
Meaningful only if the MaxLength property is set and the Multiline, Password properties are false.
If set, the field is automatically divided into as many equally spaced positions, or combs,
as the value of MaxLength, and the text is laid out into those combs.
true if need to insert spaces; otherwise, false.
Gets or sets a value indicating whether this is multiline.
true if multiline; otherwise, false.
Gets or sets a value indicating whether this is password field.
true if password field; otherwise, false.
Gets or sets a value indicating whether this is scrollable.
true if scrollable; otherwise, false.
Gets or sets the maximum number of characters that can be entered in the text box.
An integer value specifying the maximum number of characters that can be entered in the text box.
Initializes a new instance of the class.
Page which the field to be placed on.
The name of the text box field.
Represents fields flags enum.
Default field flag.
If set, the user may not change the value of the field. Any associated widget annotations
will not interact with the user; that is, they will not respond to mouse clicks or
change their appearance in response to mouse motions. This flag is useful
for fields whose values are computed or imported from a database.
If set, the field must have a value at the time it is exported by a submit-form action.
If set, the field must not be exported by a submit-form action
If set, the field can contain multiple lines of text;
if clear, the fields text is restricted to a single line.
If set, the field is intended for entering a secure password that should not be
echoed visibly to the screen. Characters typed from the keyboard should instead
be echoed in some unreadable form, such as asterisks or bullet characters.
If set, the text entered in the field represents the pathname of a file whose
contents are to be submitted as the value of the field.
If set, text entered in the field is not spell-checked.
If set, the field does not scroll (horizontally for single-line fields, vertically
for multiple-line fields) to accommodate more text than fits within its annotation
rectangle. Once the field is full, no further text is accepted.
Meaningful only if the MaxLen entry is present in the text field dictionary and if
the Multiline, Password, and FileSelect flags are clear. If set, the field is
automatically divided into as many equally spaced positions, or combs, as the
value of MaxLen, and the text is laid out into those combs.
If set, the value of this field should be represented as a rich text string.
If the field has a value, the RVentry of the field dictionary specifies
the rich text string.
If set, exactly one radio button must be selected at all times; clicking
the currently selected button has no effect. If clear, clicking the selected
button reselects it, leaving no button selected.
If set, the field is a set of radio buttons; if clear, the field is a check box.
This flag is meaningful only if the Pushbutton flag is clear.
If set, the field is a pushbutton that does not retain a permanent value.
If set, a group of radio buttons within a radio button field that use the same value
for the on state will turn on and off in unison; that is if one is checked, they
are all checked. If clear, the buttons are mutually exclusive.
If set, the field is a combo box; if clear, the field is a list box.
If set, the combo box includes an editable text box as well as a drop-down
list; if clear, it includes only a drop-down list. This flag is meaningful only
if the Combo flag is set.
If set, the fields option items should be sorted alphabetically. This flag
is intended for use by form authoring tools, not by PDF viewer applications.
If set, more than one of the fields option items may be selected simultaneously;
if clear, no more than one item at a time may be selected.
If set, the new value is committed as soon as a selection is made with the pointing
device. This option enables applications to perform an action once a selection is
made, without requiring the user to exit the field. If clear, the new value is not
committed until the user exits the field.
Specifies the available styles for a field border.
Defaule value is Solid.
A solid rectangle surrounding the annotation.
A dashed rectangle surrounding the annotation.
A simulated embossed rectangle that appears to be raised above the surface
of the page.
A simulated engraved rectangle that appears to be recessed below the surface
of the page.
A single line along the bottom of the annotation rectangle.
Specifies the highlight mode for a field.
Defaule value is Invert.
No highlighting.
Invert the contents of the field rectangle.
Invert the field's border.
Pushed highlighting.
Specifies the style for a check box field.
The default value is Check.
A check mark is used for the checked state.
A circle is used for the checked state.
A cross is used for the checked state.
A diamond symbol is used for the checked state.
A square is used for the checked state.
A star is used for the checked state.
Specifies Http request method.
Data submitted using Http Get method.
Data submitted using Http Post method.
Specifies the enumeration of submit data formats.
Data should be transmitted as Html.
Data should be transmitted as Pdf.
Data should be transmitted as Forms Data Format.
Data should be transmitted as XML Forms Data Format .
Represents states of the check field.
Indicated unchecked/unpressed state.
Indicated checked unpressed state.
Indicated pressed unchecked state.
Indicated pressed checked state.
Represents XML Forms Architecture (XFA).
XFA Template.
XFA Datasets.
XFA Config.
XML Data Package
Gets of sets data node value.deprecated to use,instead use xfaField to set field value.
Returns XML node of field tempalte.
Added by Henry Zhou.
To get the xfaField through its name. Notes: the param 'name' is the name have been midified by codes instead of originals.
Implements routines for manipulation with loaded pages.
Represents the method that executes on a PdfNewDocument when a new page is created.
Get the Section Count.
Gets the at the specified index.
Gets the count.
Creates a new page and adds it to the collection.
The created page.
Creates a new page of the specified size and adds it to the collection.
The size of the new page.
The created page.
Creates a new page of the specified size and with the specified margins
and adds it to the collection.
The size of the new page.
The margins of the new page.
The created page.
Creates a new page of the specified size and with the specified margins
and adds it to the collection.
The size of the new page.
The margins of the new page.
The rotation of the new page.
The created page.
Creates a new page of the specified size and with the specified margins
and adds it to the collection.
The index.
The size of the page.
The margins of the page.
The rotation of the new page.
The orientation of the new page.
The created page.
Creates a new page and inserts it at the specified index.
The index.
The created page.
Creates a new page and inserts it at the specified index.
The index.
The size of the page.
The created page.
Creates a new page and inserts it at the specified index.
The index.
The size of the page.
The margins of the page.
The created page.
Creates a new page and inserts it at the specified index.
The index.
The size of the page.
The margins of the page.
The rotation of the new page.
The created page.
Removes the page at the given specified index.
Index of the page.
Removes the specified page.
The page to be remove.
Removes the specified page.
The page to be remove.
ReArrange the Pages in the Loaded Document.
The page sequence to arrange the pages.
Creates a new page and inserts it at the specified index.
The index.
The size of the page.
The margins of the page.
The rotation of the new page.
The orientation of the new page.
The created page.
Gets the index of the page in the document.
The current page.
Index of the page in the document if exists, -1 otherwise.
foreach Nodes,find page
Implements enumerator to the loaded page collection.
Initializes a new instance of the class.
The collection.
Gets the current element in the collection.
The current element in the collection.
The enumerator is positioned before the first element of the collection
or after the last element.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element;
false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position,
which is before the first element in the collection.
The collection was modified after the enumerator was created.
Represents the loaded annotation colllection.
Gets the at the specified index.
Represents the annotation with specified name.
The specified annotation name.
Gets or sets the page.
Adds annotation to collection.
Annotation to be added to collection.
Position of the annotation in collection.
Get or Set the background color of the field
A object specifying the background color of field.
Gets or Set the fore color of the field.
A object specifying the background color of field.
Get or Set the text alignment in a text box.
A enumeration member specifying the text alignment in a text box.
Get or Set the HighLightMode of the Field.
A enumeration member specifying the highlight mode in a text box.
Gets or Set value of the text box field.
A string value representing the value of the item.
Gets or set the default value of the field.
A string value representing the default value of the item.
Gets or sets a value indicating whether to check spelling.
True if the field content should be checked for spelling erorrs, false otherwise. Default is true.
Meaningful only if the MaxLength property is set and the Multiline, Password properties are false.
If set, the field is automatically divided into as many equally spaced positions, or combs,
as the value of MaxLength, and the text is laid out into those combs.
Gets or sets a value indicating whether this is multiline.
True if the field is multiline, false otherwise. Default is false.
Gets or sets a value indicating whether this is password field.
True if the field is a password field, false otherwise. Default is false.
Gets or sets a value indicating whether this is scrollable.
True if the field content can be scrolled, false otherwise. Default is true.
Gets or sets the maximum length of the field, in characters.
A positive integer value specifying the maximum number of characters that can be entered in the text edit field.
Gets the actions of the field.
The actions.
Gets or sets the bounds.
Gets or sets the location.
Gets or sets the size.
Gets or sets the color of the border.
The color of the border.
Gets or sets the color of the border.
The color of the border.
Gets or Sets the width of the border.
The width of the border.
Gets the font.
The font.
Gets a value indicating the visibility of the field.
Gets the name of the field.
A string value specifying the name of the field.
Gets or sets the mapping name to be used when exporting interactive form
field data from the document.
A string value specifying the mapping name of the field.
Gets or sets the tool tip.
Gets the page.
Gets or sets a value indicating whether [read only].
True if the field is read-only, false otherwise. Default is false.
Gets or sets a value indicating whether this is required.
True if the field is required, false otherwise. Default is false.
Gets or sets a value indicating whether this is export.
true if export; otherwise, false.
Gets or sets a value indicating whether this is flatten.
Represents a button field of an existing PDF document`s form.
Button background picture
Gets or sets Button background picture.
Gets or sets the caption text.
A string value specifying the caption of the button.
Gets the collection of button items.
need replace image
Adds Print action to current button field.
Clicking on the specified button will trigger the Print Dialog Box.
Represents button group item of an existing PDF document`s form.
Represents the base class for loaded state field.
Gets the items collection.
Represents the loaded state item.
Gets or sets a value indicating whether this is checked.
Represents collection of button item.
Gets the at the specified index.
Represents check box of an existing PDF document`s form.
Gets or sets a value indicating whether this is checked.
True if the check box is checked, false otherwise.
Gets the collection check box items.
Represents collection of text box group items.
Gets the at the specified index.
Represents loaded check box item.
Represents a choice field of an existing PDF document`s form.
Gets the collection of choice items.
Gets or sets the first selected item in the list.
Gets or sets the value of the first selected item in the list.
Gets the first selected item in the list.
Gets the first selected item in the list.
Gets or sets the flag indicating if a new value selected is committed immediately without waiting to leave the field.
Represents the combo box field of an existing item.
Gets or sets a value indicating whether this is editable.
True if the drop down list is editable, false otherwise. Default is false.
Gets the collection of combo box items.
Represents group for combo box field.
Represents collection of Combo box items.
Gets the at the specified index.
Represents state item collection.
Gets the at the specified index.
The index of specified item.
Represents base class for loaded fields.
Form field identifier
Gets the name of the field.
A string value specifying the name of the field.
Gets or sets the mapping name to be used when exporting interactive form
field data from the document.
A string value specifying the mapping name of the field.
Gets or sets the tool tip.
Gets the page.
Gets or sets a value indicating whether [read only].
True if the field is read-only, false otherwise. Default is false.
Gets or sets a value indicating whether this is required.
True if the field is required, false otherwise. Default is false.
Gets or sets a value indicating whether this is export.
true if export; otherwise, false.
Gets the form.
The form.
Sets the name of the field.
New name of the field.
Represents base class for field's group items.
Gets or sets the bounds.
Gets or sets the location.
Gets or sets the size.
Gets the page.
Represents Loaded form.
Gets the field collection.
Gets or sets a value indicating whether the form is read only.
True if the field is read-only, false otherwise. Default is false.
Gets XFA data of the form.
Gets or sets a value indicating whether need appearances.
Export the form data to a file.
Name of the document which is need to export.
The format of exported data.
The name of the PDF file the data is exported from.
Export the form data to a file.
The stream where form data will be exported.
The format of exported data
The name of the PDF file the data is exported from
Imports the data.
Name of the file.
The data format.
Imports the data.
Name of the file.
The data format.
if it is error flag, set to true.
Import form data from FDF file.
The FDF file stream
False if the import should stop on the first field that generates an error, or true if the import should ignore the error and continue with the next field.
Document form fields filled with data which are imported from FDF.
Sets/Resets the form field highlight option.
Called when [hex in string].
The test.
Imports XFDF Data
Extract Images from Signature
Represents field collection of loaded form.
Gets the at the specified index.
Returns field with specified name.
The specified field name.
Gets or sets the form.
Field Signature Names
Add field
Gets the field.
int index
The created field.
Get FieldName from FormWidget by exportValue
Get filedName from FiledWeiget
find exportValue from AP By exportValue
Get Fields from FormWidget by exportValue
Represents loaded list box field.
Gets or sets a value indicating whether the field is multiselectable..
Gets the items.
The collection of list box items.
Represents group item for list field.
Represents loaded item collection.
Gets the at the specified index.
Represents loaded list item.
Gets or sets the text.
A string value representing the display text of the item.
Gets or sets the value.
A string value representing the value of the item.
Initializes a new instance of the class.
The text.
The value.
Represents a collection of list box field items.
Gets the at the specified index.
Inserts an item at the end of the collection.
a object to be added to collection.
The index of item.
Inserts the list item at the specified index.
The index.
The item.
Removes the element at the specified index.
The index.
Throws IndexOutOfRange exception if the index is out of bounds.
Clears the item collection.
Represents collection of radio box group items.
Gets the at the specified index.
Returns object at the specified index.
Represents radio button field of an existing PDF document`s form.
Gets or sets the value.
The value of the radio button item.
Gets or sets a value indicating whether this is selected.
Represents radio button field of an existing PDF document`s form.
Gets the collection of radio button items.
A that represents the items within the list.
Gets or sets the index of the selected item in the list.
The lowest ordinal index of the selected items in the list. The default is -1, which indicates that nothing is selected.
Gets or sets the value of the first selected item in the list.
A string value specifying the value of the first selected item, null (Nothing in VB.NET) if there is no selected item.
Gets the selected item.
Return the item as PdfLoadedRadioButtonItem class
Gets or sets the value of specified item.
A string value representing the value of the item.
Represents the signature field of an existing PDF document`s form.
draw signature
Need to convert a date
convert a date
DateTime
Represents the collection of loaded state item.
Gets the at the specified index.
Represents loaded styled field.
Get DA for from annot
Gets the actions of the field.
The actions.
Gets or sets the action to be performed when the mouse button is released
inside the annotations active area..
The mouse up action.
Gets or sets the action to be performed when the mouse button is pressed inside the
annotations active area.
The mouse down action.
Gets or sets the action to be performed when the annotation receives the
input focus.
The got focus action.
Get or Set the background color of the field
A object specifying the background color of field.
Gets or sets the action to be performed when the annotation loses the
input focus.
The lost focus action.
Gets or sets the bounds.
Gets or sets the location.
Gets or sets the size.
Gets or sets the color of the border.
The color of the border.
Gets or sets the color of the border.
The color of the border.
Gets or Sets the width of the border.
The width of the border.
Gets the font.
The font.
Gets the default index.
Gets a value indicating the visibility of the field.
Initializes a new instance of the struct.
The field.
Initializes a new instance of the struct.
The item.
Represents an item in a text box field collection.
Represents the text box field of an existing PDF document`s form.
The password chrackter.
Gets or Set the fore color of the field.
A object specifying the background color of field.
Get or Set the text alignment in a text box.
A enumeration member specifying the text alignment in a text box.
Get or Set the HighLightMode of the Field.
A enumeration member specifying the highlight mode in a text box.
Gets or Set value of the text box field.
A string value representing the value of the item.
append ap content
Get the transform matrix from the MK entry in dictionary.
The annotation
The annotation's bound
The matrix
Gets or set the default value of the field.
A string value representing the default value of the item.
Gets or sets a value indicating whether to check spelling.
True if the field content should be checked for spelling erorrs, false otherwise. Default is true.
Meaningful only if the MaxLength property is set and the Multiline, Password properties are false.
If set, the field is automatically divided into as many equally spaced positions, or combs,
as the value of MaxLength, and the text is laid out into those combs.
Gets or sets a value indicating whether this is multiline.
True if the field is multiline, false otherwise. Default is false.
Gets or sets a value indicating whether this is password field.
True if the field is a password field, false otherwise. Default is false.
Gets or sets a value indicating whether this is scrollable.
True if the field content can be scrolled, false otherwise. Default is true.
Gets or sets the maximum length of the field, in characters.
A positive integer value specifying the maximum number of characters that can be entered in the text edit field.
Gets the collection of text box field items.
Represents collection of text box group items.
Gets the at the specified index.
Represents base class of XFDF.
Initializes a new instance of the class.
The filename.
Identify push button field.
Identify check box field.
Identify radio button field.
Identify text field.
Identify listbox field.
Identify combobox field.
Identify signature field.
Identify that field has no type.
Specifies the format of Export or Import data.
Specifies XML file format
Specifies Forms Data Format file format
Specifies XFDF file format.
Collection of loaded and created pages.
Gets the conformance level applied in the document.
Load from Stream ,And Used by PdfViewer-Asp
Load from Stream with password,And Used by PdfViewer-Asp
Verify PDF Document regarding signature.
Signature field name.
signature is validated return true,otherwise false
Check if the document was altered after signed. True if modified; otherwise false.
Signature field name.
signature is validated return false,otherwise true
Get PdfSignatureFieldWidget obj from form by signName
Remove Extended right.
Get next PdfSignatureFieldWidget obj from form by signName
Get PDF Document regarding CertificateData
Signature field name.
Get PDF Document regarding signature.
Signature field name.
Get the signature dictionary
Abstract base class for code point mapping classes (1-byte character encodings).
Code point that is used if no code point for a specific character has been found.
Unicode value indicating the the character is "not a character".
Main constructor.
@param name the name of the encoding
@param table the table ([code point, unicode scalar value]+) with the mapping
Extended constructor.
@param name the name of the encoding
@param table the table ([code point, unicode scalar value]+) with the mapping
@param charNameMap all character names in the encoding (a value of null will be converted
to ".notdef")
Builds the internal lookup structures based on a given table.
@param table the table ([code point, unicode scalar value]+) with the mapping
{@inheritDoc}
{@inheritDoc}
Returns the main Unicode value that is associated with the given code point in the encoding.
Note that multiple Unicode values can theoretically be mapped to one code point in the
encoding.
@param idx the code point in the encoding
@return the Unicode value (or \uFFFF (NOT A CHARACTER) if no Unicode value is at that point)
{@inheritDoc}
Returns the index of a character/glyph with the given name. Note that this
method is relatively slow and should only be used for fallback operations.
@param charName the character name
@return the index of the character in the encoding or -1 if it doesn't exist
{@inheritDoc}
{@inheritDoc}
The characters in WinAnsiEncoding
Return the glyphname from a string,
eg, glyphToString("\\") returns "backslash"
Return the string representation of a glyphname,
eg stringToGlyph("backslash") returns "\\"
Returns the encoding associated with the specified code page identifier.
The code page identifier of the preferred encoding.
The encoding that is associated with the specified code page.
Returns the encoding associated with the specified code page name.
The code page name of the preferred encoding.
The encoding that is associated with the specified code page.
Destructor
Clean up Memory
Loads fonts.
Destructor
Clean up Memory
Represents 10 byte series of numbers is used to describe the visual characteristics of a given typeface.
Get mPostscriptTtFontKey
Convert utf16 to ucs4.
utf16 code array.
utf16 code start index.
ucs4 code.
num of utf16 code in use.
Destructor
Clean up Memory
An identity transform is one in which the output coordinates are
always the same as the input coordinates.
If this transform is anything other than the identity transform,
the type will either be the constant GENERAL_TRANSFORM or a
combination of the appropriate flag bits for the various coordinate
conversions that this transform performs.
A translation moves the coordinates by a constant amount in x
and y without changing the length or angle of vectors.
A uniform scale multiplies the length of vectors by the same amount
in both the x and y directions without changing the angle between
vectors.
This flag bit is mutually exclusive with the TypeGeneralScale flag.
A general scale multiplies the length of vectors by different
amounts in the x and y directions without changing the angle
between perpendicular vectors.
This flag bit is mutually exclusive with the TypeUniformScale flag.
This constant is a bit mask for any of the scale flag bits.
This flag bit indicates that the transform defined by this object
performs a mirror image flip about some axis which changes the
normally right handed coordinate system into a left handed
system in addition to the conversions indicated by other flag bits.
A right handed coordinate system is one where the positive X
axis rotates counterclockwise to overlay the positive Y axis
similar to the direction that the fingers on your right hand
curl when you stare end on at your thumb.
A left handed coordinate system is one where the positive X
axis rotates clockwise to overlay the positive Y axis similar
to the direction that the fingers on your left hand curl.
There is no mathematical way to determine the angle of the
original flipping or mirroring transformation since all angles
of flip are identical given an appropriate adjusting rotation.
This flag bit indicates that the transform defined by this object
performs a quadrant rotation by some multiple of 90 degrees in
addition to the conversions indicated by other flag bits.
A rotation changes the angles of vectors by the same amount
regardless of the original direction of the vector and without
changing the length of the vector.
This flag bit is mutually exclusive with the TypeGeneralRotation flag.
This flag bit indicates that the transform defined by this object
performs a rotation by an arbitrary angle in addition to the
conversions indicated by other flag bits.
A rotation changes the angles of vectors by the same amount
regardless of the original direction of the vector and without
changing the length of the vector.
This flag bit is mutually exclusive with the
This constant is a bit mask for any of the rotation flag bits.
This constant indicates that the transform defined by this object
performs an arbitrary conversion of the input coordinates.
If this transform can be classified by any of the above constants,
the type will either be the constant TypeIdentity or a
combination of the appropriate flag bits for the various coordinate
conversions that this transform performs.
This constant is used for the internal state variable to indicate
that no calculations need to be performed and that the source
coordinates only need to be copied to their destinations to
complete the transformation equation of this transform.
This constant is used for the internal state variable to indicate
that the translation components of the matrix (m02 and m12) need
to be added to complete the transformation equation of this transform.
This constant is used for the internal state variable to indicate
that the scaling components of the matrix (m00 and m11) need
to be factored in to complete the transformation equation of
this transform. If the ApplyShear bit is also set then it
indicates that the scaling components are not both 0.0. If the
ApplyShear bit is not also set then it indicates that the
scaling components are not both 1.0. If neither the ApplyShear
nor the ApplyScale bits are set then the scaling components
are both 1.0, which means that the x and y components contribute
to the transformed coordinate, but they are not multiplied by
any scaling factor.
This constant is used for the internal state variable to indicate
that the shearing components of the matrix (m01 and m10) need
to be factored in to complete the transformation equation of this
transform. The presence of this bit in the state variable changes
the interpretation of the ApplyScale bit as indicated in its
documentation.
The X coordinate scaling element of the 3x3
affine transformation matrix.
The X coordinate shearing element of the 3x3
affine transformation matrix.
The X coordinate of the translation element of the
3x3 affine transformation matrix.
The Y coordinate shearing element of the 3x3
affine transformation matrix.
The Y coordinate scaling element of the 3x3
affine transformation matrix.
The Y coordinate of the translation element of the
3x3 affine transformation matrix.
This field keeps track of which components of the matrix need to
be applied when performing a transformation.
@see #ApplyIdentity
@see #ApplyTranslate
@see #ApplyScale
@see #ApplyShear
This field caches the current transformation type of the matrix.
@see #TypeIdentity
@see #TypeTranslation
@see #TypeUniformScale
@see #TypeGeneralScale
@see #TypeFlip
@see #TypeQuadrantRotation
@see #TypeGeneralRotation
@see #TypeGeneralTransform
@see #TypeUnknown
Manually recalculates the state of the transform when the matrix
changes too much to predict the effects on the state.
The following table specifies what the various settings of the
state field say about the values of the corresponding matrix
element fields.
Note that the rules governing the SCALE fields are slightly
different depending on whether the SHEAR flag is also set.
SCALE SHEAR TRANSLATE
m00/m11 m01/m10 m02/m12
IDENTITY 1.0 0.0 0.0
TRANSLATE (TR) 1.0 0.0 not both 0.0
SCALE (SC) not both 1.0 0.0 0.0
TR | SC not both 1.0 0.0 not both 0.0
SHEAR (SH) 0.0 not both 0.0 0.0
TR | SH 0.0 not both 0.0 not both 0.0
SC | SH not both 0.0 not both 0.0 0.0
TR | SC | SH not both 0.0 not both 0.0 not both 0.0
This constant is used for the internal state variable to indicate
that the translation components of the matrix (m03, m13, m23) need
to be added to complete the transformation equation of this transform.
This constant is used for the internal state variable to indicate
that the scaling components of the matrix (m00, m11, m22) need
to be factored in to complete the transformation equation of
this transform. If the ApplyShear bit is also set then it
indicates that the scaling components are not all 0.0. If the
ApplyShear bit is not also set then it indicates that the
scaling components are not all 1.0. If neither the ApplyShear
nor the ApplyScale bits are set then the scaling components
are both 1.0, which means that the x, y and z components contribute
to the transformed coordinate, but they are not multiplied by
any scaling factor.
This constant is used for the internal state variable to indicate
that the shearing components of the matrix (m01, m02, m10, m12, m20, m21)
need to be factored in to complete the transformation equation of this
transform. The presence of this bit in the state variable changes the
interpretation of the ApplyScale bit as indicated in its documentation.
This constant is used for the internal state variable to indicate
that the projection components of the matrix (m30, m31, m32) need
to be factored in to complete the transformation equation of this
transform.
This constant is used for the internal state variable to indicate
that the overall scaling component of the matrix (m33) need to be
factored in to complete the transformation equation of this transform.
The X coordinate scaling element of the 4x4
affine transformation matrix.
The YX coordinate shearing element of the 4x4
affine transformation matrix.
The XZ coordinate shearing element of the 4x4
affine transformation matrix.
The X coordinate of the translation element of the
4x4 affine transformation matrix.
The YX coordinate shearing element of the 4x4
affine transformation matrix.
The Y coordinate scaling element of the 4x4
affine transformation matrix.
The YZ coordinate shearing element of the 4x4
affine transformation matrix.
The Y coordinate of the translation element of the
4x4 affine transformation matrix.
The ZX coordinate shearing element of the 4x4
affine transformation matrix.
The ZY coordinate shearing element of the 4x4
affine transformation matrix.
The Z coordinate scaling element of the 4x4
affine transformation matrix.
The Z coordinate of the translation element of the
4x4 affine transformation matrix.
The X projection element of the 4x4
affine transformation matrix.
The Y projection element of the 4x4
affine transformation matrix.
The Z projection element of the 4x4
affine transformation matrix.
The overall scaling element of the 4x4
affine transformation matrix.
This field keeps track of which components of the matrix need to
be applied when performing a transformation.
@see #ApplyIdentity
@see #ApplyTranslate
@see #ApplyScale
@see #ApplyShear
@see #ApplyProjection
@see #ApplyOverallScale
Manually recalculates the state of the transform when the matrix
changes too much to predict the effects on the state.
Blend transparency whith background color.
background color
Get MacOS font folders.
The font strikeout.
Compares the floating number.
The value1.
The value2.
The accuracy.
return 0,val1 equal val2;return 1,val1 greater than val2;return -1,val1 less than val2;
Compares the double number.
The value1.
The value2.
The accuracy.
return 0,val1 equal val2;return 1,val1 greater than val2;return -1,val1 less than val2;
Converts an APS path or a clipping region into XPS Abbreviated Syntax.
The technique is the same as in PdfPathBuilder, but Syntax of path is different
This element represents a reference to a themed font.
Gets the context of path drawing.
Occurs when end page.
Represents the method that will handle an event that with event data.
The source of the event
args that contains event data
PdfRendererEndPageEventArgs is the class containg event data.
Represents the current Pdf documnet.
Represents the current Pdf page.
Reference Spire.Pdf.General.Paper.Drawing.Rendering.Ps.XmlDocumentBuilder,IsValidXmlChar(char c)
Reverse y position.
Creates a font, using font definition ( that contains font type and font files )
Creates a font, using font definition and ttfReader
Parses font from fontReader and fontDefinition
Parse for fontSource
Parse font form fontDefinitions and ttfReader
Parse for font
Parse for fontReader
Parse for font
Encodes table data to ASCII hexadecimal string.
Write font with PCL XL Font Formats.
PCL writer.
PCL font.
TTFont
Write font with PCL XL Font Formats.
PCL writer.
Constructor
Pcl document writer.
Write font with PCL XL Font Formats.
Write font with PCL XL Font Formats.
PCL only support point unit "Int16",but PsPath support point unit "Float".
1.When filling region is very small,overlap to line("Int16" to "Float").
If only fill(no stroke),PsPath disappear.
Bug_127/220/316/354/499,BaselineFile_8
2.Glyph position loss precison.
So,by scaling,advoid precison loss.
Font segment identifier.
Global TrueType Data
Null segment
Reference Spire.Pdf.General.Paper.Drawing.Rendering.Xps.ApsGlyphsIndicesToXpsReader
Reference Spire.Pdf.General.Paper.Drawing.Rendering.Ps.XmlDocumentBuilder,IsValidXmlChar(char c)
check character range
Encode the font name,Because the font has illegal characters, Postscript does not know
Writes text followed by new line characters.
The string must contain only 7 bit characters.
Edge softness.
Target image.
Width.
Height.
write embedFont tag
html Split Page Number
html write javascript
Represents sound embedded into pdf document.
Name of the file.
Gets or sets the sampling rate, in samples per second (in Hz).
Gets or sets the number of bits per sample value per channel.
Gets or sets the encoding format for the sample data.
Gets or sets the number of sound channels.
The name of the file.
Gets the element.
Provides color caching
Provides color caching of last color
Get PdfDictionary Split PdfString
PdfString value
PdfDictionary dic
fail (by default)
return something successfully read
@param fillOrder The fill order of the compressed data bytes.
@param w
@param h
Summary description for DeflaterOutputStream.
get the name of a glyph from its encoding value (NOT the character
Writes short value into the font stream
Short value to be written
Writes integer value into the font stream
Integer value to be written
Writes string value into the font stream
String value to be written
Write the bytes into the font stream
byte array to be written
Values for platformID
Values for platformSpecificID if platform is Mac
Values for platformSpecificID if platform is Unicode
Values for language ID if platform is Mac
Values for nameID
Get Cmap by MapName
Caluate how many bytes(byte) map(maps) one glyph
The number of bytes(byte) which map(maps) to glpyh
Decodes the input string,Encoding is GBK.
The input string.
Get the character id
the char byte
the character id
Description of Glyph.
Description of GlyphMatrix.
Max width value.
Description of IFont.
Description of Glyph.
Description of TrueTypeFont.
Get the outline glyph for glyph of a given character code and name.
Gets the path to determine wherther you need to move the point ,return results
character path
int startIndex
int endIndex
Recalculate line values
This outputs individual glyph index to character code mapping for each char.
If you are doing any work on CMap, you need to open the resulting file in Adobe Reader,
select and copy text, paste it to notepad and see if it was correctly mapped to characters.
It is especially important to do so for TestUnicode.doc.
Get the outline of a character given the character name or src char
Get a glyph outline by glyphId
Get a glyph outline by glyphId or name
a cache of glyphs indexed by character
Character Spacing width
Set Character Spacing width
specify image quality level
default quality
high quality
find text ignorecase
Set find text
find text color
draw border pen
draw page content and annot
draw page content and annot
Create Page iamge Buffer
create page image,draw content and annot
Create Page annot Buffer
bool isWriteWarning
float zoomFactor
bool eastAsianFont
bool isDrawPageAnnot
Create Page image Buffer,it's eastAsianFont
bool isWriteWarning
float zoomFactor
bool eastAsianFont
bool isDrawPageAnnot
Create Page iamge Buffer
bool isWriteWarning
float zoomFactor
int dpiX
int dpiY
Create Bitmap,set width,height and dpi
Bitmap width
Bitmap height
Bitmap dpiX
Bitmap dpiY
write Warning info
Provides image render events
Converts an angle in degrees to radians.
Double value of angle in degrees to convert.
The value of the angle in radians.
Converts an angle in radians to degrees.
Double value of angle in radians to convert.
The value of the angle in degrees.
Apply the mask when the mask format is PdfArray.
According to Path to determine whether it is a straight line. If All points of X or Y are equal, then is is a straight line
More than two offsets
string strOffset)
one offset
Destructor
Clean up Memory
read bi data
Parse an inline image. An inline image starts with BI (already
read, contains a dictionary until ID, and then image data until
EI.
Creates the I font.
Name of the font.
Match Font by fontName
Add fake font to private list.
Measure type 0 font string width
the encodeing
the font size
the text scale
the string width
Draw text of embed font to page
Render object
Function to save byte array to a file
File name to save byte array
Byte array to save to external file
Return true if byte array save successfully, if not return false
Get the number of bytes map to one glyph
The number of bytes which map to one glyph
Spilt string
The decode string
The strucure
An array of decode
Spirt string by opstr
Verify hex number.
The hex number.
Thue,if is hex number.False,Otherwise.
Parse and get the content behind the char of '\'
The text be Parse
The text be parsed
Character map table for embed font condition.
Remove eascape text.
Inidcates whether font is embed.
Collects all the Pattern elements in the pdf document
containing all the resources of the document
dictionary of Pattern elements
Handle the text annotation widget multiline
the anntation
the true type font
the rectangle
a text rectangle
Get opttion value from PdfArray
Bug654
get PdfRecordCollection from resources
Render inline image.
for Ap Resources
specify the quality level of decode image
specify the quality level of decode image
get columns from DecodeParms
get colors from DecodeParms
Gets Image mask.
Stream stream ,Bug_337
Get deviceGray image for Filter LZWDecode
Get Bitmap Stream from DeviceGray Color Space
PDFColorSpace colorspace
Stream data
int grayWidth
int grayHeight
bool mask
Get Bitmap Stream from DeviceGray Color Space
image Stream
bool mask
Get color space name
mapping Transform from user space to device space
clip rectangleF for form field
highLight color for form field
whether enabled HighLight for FormField
Determine whether there is Tj in front of Td,TD,cm,T* ,TL,Tw,Tc,Tz. if not ,you need to calculate the translation
Save the translation data
From BT,save the current Tm matrix
Text leading
horizontal scaling
word spacing
Current text element
Character spacing.
Colorspace table of page resource
Pattern table of page resource
set Box Rectangle,when dictionary FT=Tx
set FT type from form field
mapping Transform from user space to device space
Extract Signature As Images
Print Pdf Page to Image
PdfRecordCollection contentElements
PdfPageResources resources
Graphics g
Current Page
Whether new page
Pdf Print Page Scale type
Set page RotateAngle
Current Pdf Page
Set page RotateAngle
Current Pdf Page
Pdf Print Page Scale type
execute do command
whether enabled highLight for formField
Draw Type3Font
Get Rectangle from pdf command.
Get Rectangle from pdf dictionary.
set BBox for Form object.
apply the line dash pattern
the pen
when the only one element in dash pattern is 0 the line should be unvisible .
the dash pattern
first element is zero return true or false
Get the dash pattern
Fixed zero of gaps for dash pattern,if the gap is zero,it will not be diaplayed in dash lines.
the dash pattern
the dash offset
Remove zero value of blank cap in dash pattern.
the dash pattern
the dashOffset
Set the property of pen
the pen
the dash pattern
the dash offset
Fixed zero of dashes for dash pattern.if the dash is zero,defalut value is one device pixel.
the dash pattern
the dash offset
the pen
Convert pdf dash pattern to .net dash pattern
the scaled pen width
the dash pattern
the pen width
Apply Color
Get Resources obj from Xobject
draw page content
draw page annot
Modify Bug1801,pdf to xps(false),font whether need dispose
get form field objcet
read ap content from Parent
NeedAppearances value
Parse the element in MK entry of annotation
The element in MK entry
Execute pdf command.
initialize annot state
Render text element
text elements
token type
Render text to pdf drawing context.
specify the quality level of render image
Determine whether there is Tj in front of Td,TD,cm,T* ,TL,Tw,Tc,Tz. if not ,you need to calculate the translation
Save the translation data
Text leading
horizontal scaling
word spacing
Current text element
Character spacing.
Colorspace table of page resource
Pattern table of page resource
specify the quality level of render image
AddBezierCurve2
Get Rectangle from pdf dictionary.
Apply Color Space,Bug-654
Get form Field Name
read ap content from Parent
Execute pdf command.
Render text element
text elements
token type
Render text to pdf drawing context.
Gets the presenter.
The presenter.
Graphic stats
Gets or sets current colorsapce.
Gets or sets Stroking colorsapce.
word spacing
Render text embed font or installed system font
Render text using installed system font.
word spacing
Dispose ImageBrush
used in pdf2xps when it has pattern
Create the brush
The byte array of image for PsTextureBrush
Image transform
The presenter type
Create the brush.
The hatch style.
The fore color.
The back color.
The presenter type.
Dispose ImageBrush
Initializes a new instance of the BrushLayer
The byte array of image for PsTextureBrush
Image Transform
Initializes a new instance of the BrushLayer.
A rectangular region that defines the starting and ending points of the gradient.
Start Color.
End Color.
Initializes a new instance of the BrushLayer
The hatch style.
The fore color.
The back color.
The interface defines a 1-byte character encoding (with 256 characters).
Returns the encoding's name.
@return the name of the encoding
Maps a Unicode character to a code point in the encoding.
@param c the Unicode character to map
@return the code point in the encoding or 0 (=.notdef) if not found
Returns the array of character names for this encoding.
@return the array of character names
(unmapped code points are represented by a ".notdef" value)
Returns a character array with Unicode scalar values which can be used to map encoding
code points to Unicode values. Note that this does not return all possible Unicode values
that the encoding maps.
@return a character array with Unicode scalar values
The encoding format for the sample data.
Unspecified or unsigned values in the range 0 to 2^B - 1.
Twos-complement values.
M-lawencoded samples.
A-lawencoded samples.
The number of sound channels.
One channel.
Two channels.
Enumeration that represents fit mode.
Display the page designated by page, with the coordinates (left, top) positioned
at the top-left corner of the window and the contents of the page magnified
by the factor zoom. A NULL value for any of the parameters left, top, or
zoom specifies that the current value of that parameter is to be retained unchanged.
A zoom value of 0 has the same meaning as a NULL value.
Display the page designated by page, with its contents magnified just enough
to fit the entire page within the window both horizontally and vertically. If
the required horizontal and vertical magnification factors are different, use
the smaller of the two, centering the page within the window in the other
dimension.
Display the page designated by page, with the vertical coordinate top positioned
at the top edge of the window and the contents of the page magnified
just enough to fit the entire width of the page within the window.
Pdf version 1-7 ,on page 675
The class representing a result of searching designated text from PDF page.
Gets search text of this System.String structure.
Gets match text of this System.String structure.
Gets text which is including the searched text of this System.String structure.
Gets all the text of the line where covers the searched text of this System.String structure .
Gets page which is including the searched text of this Spire.Pdf.PdfPageBase structure.
Gets index of page which is including the searched text of this System.Int32 structure.
Gets the position of the searched text of this System.Drawing.PointF structure.
Used by find text cross line
if the MatchText in more lines( >=2 ),the results can not contain by one Rectangle.
So we need a list to save data.
Gets the positions of the searched text of this System.Drawing.PointF structure.
if the MatchText in more lines( >=2 ),the results can not contain by one Rectangle.
So we need a list to save data.
Gets the size of the searched text of this System.Drawring SizeF structure.
Used by find text cross line
if the MatchText in more lines( >=2 ),the results can not contain by one Rectangle.
So we need a list to save data.
Gets the sizes of the searched text of this System.Drawring SizeF structure.
Gets the bounds of the searched text of this System.Drawring RectangleF structure.
Used by find text cross line
if the MatchText in more lines( >=2 ),the results can not contain by one Rectangle.
So we need a list to save data.
Gets the bounds of the searched text of this System.Drawring RectangleF structure.
apply hight light of the seached text
apply hight light of the seached text
apply hight light of the seached text,with unicode
apply hight light of the seached text
apply hight light of the seached text,with unicode
The class representing all the resuls of searching designated text from PDF page
Setting find text Parameters
Do not select any parameters.
Full word matching.
Ignore English character case.
Find text Cross line
The target text in one line or more(>=2) lines.
Represents an anchor in the document where bookmarks or annotations can direct when clicked.
The zero based page number.
Initializes a new instance of the class.
The page.
Initializes a new instance of the class.
The page.
The location.
Initializes a new instance of PdfDestination.
The zero based page number.
The location in the page based on the lower-left coordinate system.
The zoom factor.
Gets or sets zoom factor.
Gets or sets a page where the destination is situated.
Gets or sets mode of the destination.
Gets or sets a location of the destination.
Gets a value indicating whether this instance is valid.
true if this instance is valid; otherwise, false.
Gets pdf primitive representing this object.
Represents specification of embedded file.
file name
Name of the file.
The data.
Name of the file.
The stream.
Gets or sets the data.
The data.
Gets or sets the description.
The description.
Gets or sets the MIME type of the embedded file.
The MIME type of the embedded file.
Gets or sets creation date.
Creation date.
Gets or sets modification date.
Modification date.
Modify embeddedFile data
Represents base class for file specification objects.
Name of the file.
Gets or sets the name of the file.
The name of the file.
Gets the element.
Get cached item.
Cache group which all objects in group share the same data.
Any cached object,because all objects in group share the same data.
note this also indicates gif format BITFile. *
@param output destination for output data
@param blocks GIF LZW requires block counts for output data
codesize + Reserved Codes
each entry corresponds to a code and contains the length of data
that the code expands to when decoded.
Constructor allocate memory for string store data
@param index value of -1 indicates no predecessor [used in initialisation]
@param b the byte [character] to add to the string store which follows
the predecessor string specified the index.
@return 0xFFFF if no space in table left for addition of predecesor
index and byte b. Else return the code allocated for combination index + b.
@param index index to prefix string
@param b the character that follws the index prefix
@return b if param index is HASH_FREE. Else return the code
for this prefix and byte successor
@param codesize the size of code to be preallocated for the
string store.
If expanded data doesnt fit into array only what will fit is written
to buf and the return value indicates how much of the expanded code has
been written to the buf. The next call to ExpandCode() should be with
the same code and have the skip parameter set the negated value of the
previous return. Succesive negative return values should be negated and
added together for next skip parameter value with same code.
@param buf buffer to place expanded data into
@param offset offset to place expanded data
@param code the code to expand to the byte array it represents.
PRECONDITION This code must allready be in the LZSS
@param skipHead is the number of bytes at the start of the expanded code to
be skipped before data is written to buf. It is possible that skipHead is
equal to codeLen.
@return the length of data expanded into buf. If the expanded code is longer
than space left in buf then the value returned is a negative number which when
negated is equal to the number of bytes that were used of the code being expanded.
This negative value also indicates the buffer is full.
base underlying code size of data being compressed 8 for TIFF, 1 to 8 for GIF *
reserved clear code based on code size *
reserved end of data code based on code size *
current number bits output for each code *
limit at which current number of bits code size has to be increased *
the prefix code which represents the predecessor string to current input point *
output destination for bit codes *
general purpose LZW string table *
modify the limits of the code values in LZW encoding due to TIFF bug / feature *
@param outp destination for compressed data
@param codeSize the initial code size for the LZW compressor
@param TIFF flag indicating that TIFF lzw fudge needs to be applied
@exception IOException if underlying output stream error
@param buf data to be compressed to output stream
@exception IOException if underlying output stream error
Indicate to compressor that no more data to go so write outp
any remaining buffered data.
@exception IOException if underlying output stream error
Implements blend brush setting and functions.
Initializes a new instance of the class.
Initializes a new instance of the class.
The number of elements in the Factors and Positions arrays.
Gets or sets the factors array.
Represents the base class for PdfBlend and PdfColorBlend classes.
Implements basic routines needed by both classes.
Gets or sets the positions array.
Represents the collection of immutable default brushes.
Gets the AliceBlue brush.
Gets the antique white brush.
Gets the Aqua default brush.
Gets the Aquamarine default brush.
Gets the Azure default brush.
Gets the Beige default brush.
Gets the Bisque default brush.
Gets the Black default brush.
Gets the BlanchedAlmond default brush.
Gets the Blue default brush.
Gets the BlueViolet default brush.
Gets the Brown default brush.
Gets the BurlyWood default brush.
Gets the CadetBlue default brush.
Gets the Chartreuse default brush.
Gets the Chocolate default brush.
Gets the Coral default brush.
Gets the CornflowerBlue default brush.
Gets the Corn silk default brush.
Gets the Crimson default brush.
Gets the Cyan default brush.
Gets the DarkBlue default brush.
Gets the DarkCyan default brush.
Gets the DarkGoldenrod default brush.
Gets the DarkGray default brush.
Gets the DarkGreen default brush.
Gets the DarkKhaki default brush.
Gets the DarkMagenta default brush.
Gets the DarkOliveGreen default brush.
Gets the DarkOrange default brush.
Gets the DarkOrchid default brush.
Gets the DarkRed default brush.
Gets the DarkSalmon default brush.
Gets the DarkSeaGreen default brush.
Gets the DarkSlateBlue default brush.
Gets the DarkSlateGray default brush.
Gets the DarkTurquoise default brush.
Gets the DarkViolet default brush.
Gets the DeepPink default brush.
Gets the DeepSkyBlue default brush.
Gets the DimGray default brush.
Gets the DodgerBlue default brush.
Gets the Firebrick default brush.
Gets the FloralWhite default brush.
Gets the ForestGreen default brush.
Gets the Fuchsia default brush.
Gets the Gainsborough default brush.
Gets the GhostWhite default brush.
Gets the Gold default brush.
Gets the Goldenrod default brush.
Gets the Gray default brush.
Gets the Green default brush.
Gets the GreenYellow default brush.
Gets the Honeydew default brush.
Gets the HotPink default brush.
Gets the IndianRed default brush.
Gets the Indigo default brush.
Gets the Ivory default brush.
Gets the Khaki default brush.
Gets the Lavender default brush.
Gets the LavenderBlush default brush.
Gets the LawnGreen default brush.
Gets the LemonChiffon default brush.
Gets the LightBlue default brush.
Gets the LightCoral default brush.
Gets the LightCyan default brush.
Gets the LightGoldenrodYellow default brush.
Gets the LightGray default brush.
Gets the LightGreen default brush.
Gets the LightPink default brush.
Gets the LightSalmon default brush.
Gets the LightSeaGreen default brush.
Gets the LightSkyBlue default brush.
Gets the LightSlateGray default brush.
Gets the LightSteelBlue default brush.
Gets the LightYellow default brush.
Gets the Lime default brush.
Gets the LimeGreen default brush.
Gets the Linen default brush.
Gets the Magenta default brush.
Gets the Maroon default brush.
Gets the MediumAquamarine default brush.
Gets the MediumBlue default brush.
Gets the MediumOrchid default brush.
Gets the MediumPurple default brush.
Gets the MediumSeaGreen default brush.
Gets the MediumSlateBlue default brush.
Gets the MediumSpringGreen default brush.
Gets the MediumTurquoise default brush.
Gets the MediumVioletRed default brush.
Gets the MidnightBlue default brush.
Gets the MintCream default brush.
Gets the MistyRose default brush.
Gets the Moccasin default brush.
Gets the NavajoWhite default brush.
Gets the Navy default brush.
Gets the OldLace default brush.
Gets the Olive default brush.
Gets the OliveDrab default brush.
Gets the Orange default brush.
Gets the OrangeRed default brush.
Gets the Orchid default brush.
Gets the PaleGoldenrod default brush.
Gets the PaleGreen default brush.
Gets the PaleTurquoise default brush.
Gets the PaleVioletRed default brush.
Gets the PapayaWhip default brush.
Gets the PeachPuff default brush.
Gets the Peru default brush.
Gets the Pink default brush.
Gets the Plum default brush.
Gets the PowderBlue default brush.
Gets the Purple default brush.
Gets the Red default brush.
Gets the RosyBrown default brush.
Gets the RoyalBlue default brush.
Gets the SaddleBrown default brush.
Gets the Salmon default brush.
Gets the SandyBrown default brush.
Gets the SeaGreen default brush.
Gets the SeaShell default brush.
Gets the Sienna default brush.
Gets the Silver default brush.
Gets the SkyBlue default brush.
Gets the SlateBlue default brush.
Gets the SlateGray default brush.
Gets the Snow default brush.
Gets the SpringGreen default brush.
Gets the SteelBlue default brush.
Gets the Tan default brush.
Gets the Teal default brush.
Gets the Thistle default brush.
Gets the Tomato default brush.
Gets the Transparent default brush.
Gets the Turquoise default brush.
Gets the Violet default brush.
Gets the Wheat default brush.
Gets the White default brush.
Gets the WhiteSmoke default brush.
Gets the Yellow default brush.
Gets the YellowGreen default brush.
Represents the arrays of colors and positions used for
interpolating color blending in a multicolor gradient.
Initializes a new instance of the class.
Initializes a new instance of the class.
The count.
Gets or sets the colours array.
Specifies the gradient direction of the linear gradient brush.
Specifies a gradient from upper right to lower left.
Specifies a gradient from upper left to lower right.
Specifies a gradient from left to right.
Specifies a gradient from top to bottom.
Specifies the constant values specifying whether to extend the shading
beyond the starting and ending points of the axis.
Do not extend any point.
Extend start point.
Extend end point.
Extend both start and end points.
Function-based shading.
Axial shading.
Radial shading.
Free-form Gouraud-shaded triangle mesh
Lattice-form Gouraud-shaded triangle mesh.
Coons patch mesh.
Tensor-product patch mesh.
Describes a graphics element which can be drawn by a pen.
Gets or sets a pen that will be used to draw the element.
The actual bounds of the html view. It may larger than Bounds
Represents an element that could be drawn and/or filled.
Gets or sets the brush.
Represents a base class for all page graphics elements.
Draws an element on the Graphics.
Graphics context where the element should be printed.
Draws an element on the Graphics.
Graphics context where the element should be printed.
Location of the element in the Graphics' co-ordinate system.
Draws an element on the Graphics.
Graphics context where the element should be printed.
X co-ordinate of the element.
Y co-ordinate of the element.
Represents the base class for all elements that can be layout on the pages.
[System.Security.Permissions.PermissionSet(System.Security.Permissions.SecurityAction.Assert, Name = "FullTrust")]
Event. Raises after the element was printed on the page.
Event. Raises before the element should be printed on the page.
Draws the element on the page.
Current page where the element should be drawn.
Start location on the page.
Layouting result.
Draws the element on the page.
Current page where the element should be drawn.
X co-ordinate of the element on the page.
Y co-ordinate of the element on the page.
Lay outing result.
Draws the element on the page.
Current page where the element should be drawn.
RectangleF structure that specifies the bounds of the element.
Lay outing result.
Draws the element on the page.
Current page where the element should be drawn.
RectangleF structure that specifies the bounds of the element.
Lay outing result.
Draws the element on the page.
Current page where the element should be drawn.
Start location on the page.
Lay outing format.
Lay outing result.
Draws the element on the page.
Current page where the element should be drawn.
X co-ordinate of the element on the page.
Y co-ordinate of the element on the page.
Layout format.
Layout result.
Draws the element on the page.
Current page where the element should be drawn.
RectangleF structure that specifies the bounds of the element.
Layout format.
Layout result.
Gets or sets the path of the font.
Gets or set the font stream.
Gets or sets the private font collection.
Base class for the main shapes.
Gets the bounds.
rect
Class that represent HTML text area with the ability to span several pages.
Specifies how text in a is
horizontally aligned.
The text is aligned to the left.
The text is aligned to the right.
The text is aligned in the center.
The text is justified.
internal variable to store Size.
internal variable to store Mask.
internal variable to store Numbering.
internal variable to store Reserved.
internal variable to store Start Indent.
internal variable to store Right Indent.
internal variable to store Offset.
internal variable to store Alignment.
internal variable to store Tab Count.
internal variable to store rgxTabs.
internal variable to store Space Before.
internal variable to store Space After.
internal variable to store Line Spacing.
internal variable to store Style.
internal variable to store Line Spacing Rule.
internal variable to store Out line Level.
internal variable to store Shading Weight.
internal variable to store Shading Style.
internal variable to store Numbering Start.
internal variable to store Numbering Style.
internal variable to store Numbering Tab.
internal variable to store Border Space.
internal variable to store Border Width.
internal variable to store Borders.
internal variable to store size.
internal variable to store Mask.
internal variable to store Effects.
internal variable to store Height.
internal variable to store Offset.
internal variable to store Text Color.
internal variable to store CharSet.
internal variable to store Pitch And Family.
internal variable to store Weight.
internal variable to store Spacing.
internal variable to store BackColor.
internal variable to store lcid.
internal variable to store Reserved.
internal variable to store Style.
internal variable to store Kerning.
internal variable to store Under line Type.
internal variable to store Animation.
internal variable to store RevAuthor.
internal variable to store Reserved.
Represents the text area with the ability to span several pages.
Initializes a new instance of the class.
Initializes a new instance of the class.
The text.
Initializes a new instance of the class.
The text.
The font.
Initializes a new instance of the class.
The text.
The font.
The pen.
Initializes a new instance of the class.
The text.
The font.
The brush.
Initializes a new instance of the class.
The text.
The font.
The pen.
The brush.
The format.
Gets or sets a value indicating the text that should be printed.
Gets or sets a pen that will be used to draw the text.
Gets or sets the brush that will be used to draw the text.
Gets or sets a font that will be used to draw the text.
Gets or sets text settings that will be used to draw the text.
Draws the text on the page.
Current page where the text should be drawn.
Start location on the page.
Lay outing format.
Lay outing result.
Draws the text on the page.
Current page where the text should be drawn.
Start location on the page.
Width of the text bounds.
Lay outing format.
Lay outing result.
Draws the text on the page.
Current page where the text should be drawn.
RectangleF structure that specifies the bounds of the text.
Lay outing format.
Lay outing result.
Represents the data for a cancelable event.
Gets or sets a value indicating whether this is cancel.
true if cancel; otherwise, false.
Data for event before lay outing of the page.
Gets or sets value that indicates the lay outing bounds on the page.
Gets the page where the lay outing should start.
Initializes a new instance of the class.
The bounds.
The page.
Contains information about layout`s element .
Gets a result of the lay outing on the page.
Gets or sets a value indicating the next page where the element should be layout if the process is not finished or stopped.
The default value is null. In this case the element will be layout on the next page.
Initializes a new instance of the class.
The result.
Contains information about layout`s element .
Initializes a new instance of the class.
The result.
Gets a result of the lay outing on the page.
Delegate. Defines a type of the event before lay outing on the page.
Delegate. Defines a type of the event after lay outing on the page.
Delegate. Defines a type of the event after the text lay outing on the page.
Specifies type of paginating.
If the element exceeds the page, proceed it on the next page.
Draw the element on the one page only.
Specifies how the element should be contained on the page.
Fit the element according to the bounds specified or the page bounds.
If the element doesn't fit at the first page, don't draw it on this page.
Represents the used fonts in a PDF document.
Gets the name.
The name.
Gets the size.
The size.
Gets the style.
The style.
Gets the type.
The type.
Initializes a new instance of the class.
The font.
Replaces the specified new font.
The new font.
Replace the font size in the content.
The font size.
The font name in the resources.
Gets or sets ofset from beginning of TrueType font file.
Gets or sets length of this table.
Gets or sets table checksum.
Gets a value indicating whether this is empty.
true if empty; otherwise, false.
Typographic line gap.
Negative LineGap values are treated as DEF_TABLE_CHECKSUM.
Gets or sets contains CFF.
Gets or sets value indicating if Symbol font is used.
Gets or sets description font item.
Gets or sets description font item.
Gets a value indicating whether font is script.
Gets a value indicating whether font is serif.
Gets or sets description font item.
Gets or sets post-script font name.
Gets or sets font family name.
Gets or sets font name.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets description font item.
Gets or sets widths table for the font.
Regular: 0
Bold: 1
Italic: 2
Bold Italic: 3
Bit 0- bold (if set to 1)
Bit 1- italic (if set to 1)
Bits 2-15- reserved (set to 0).
NOTE:
Note that macStyle bits must agree with the 'OS/2' table fsSelection bits.
The fsSelection bits are used over the macStyle bits in Microsoft Windows.
The PANOSE values and 'post' table values are ignored for determining bold or italic fonts.
Subscript size factor.
Superscript size factor.
First char of the font.
Last char of the font.
Gets a value indicating whether this instance is italic.
true if this instance is italic; otherwise, false.
Gets a value indicating whether this instance is bold.
true if this instance is bold; otherwise, false.
Local variable to store Format Selector.
Local variable to store Records Count.
Local variable to store Offset.
Local variable to store Name Records.
The PlatformID.
The EncodingID.
The PlatformIDLanguageID
The NameID.
The Length.
The Offset.
The Name.
The cmap.
The glyf.
The head.
The hhea.
The cmap.
The loca.
The maxp.
The cmap.
The post.
The OS2.
The CFF.
The cvt.
The fpgm.
The prep.
Modified: International date (8-byte field).
Created: International date (8-byte field).
MagicNumber: Set to 0x5F0F3CF5.
CheckSumAdjustment: To compute: set it to 0, sum the entire font as ULONG,
then store 0xB1B0AFBA - sum.
FontRevision: Set by font manufacturer.
Table version number: 0x00010000 for version 1.0.
Minimum x for all glyph bounding boxes.
Minimum y for all glyph bounding boxes.
Valid range is from 16 to 16384.
Maximum y for all glyph bounding boxes.
Maximum x for all glyph bounding boxes.
Regular: 0
Bold: 1
Italic: 2
Bold Italic: 3
Bit 0 - bold (if set to 1)
Bit 1 - italic (if set to 1)
Bits 2-15 - reserved (set to 0)
NOTE:
Note that macStyle bits must agree with the 'OS/2' table fsSelection bits.
The fsSelection bits are used over the macStyle bits in Microsoft Windows.
The PANOSE values and 'post' table values are ignored for determining bold or italic fonts.
Bit 0 - baseline for font at y=0
Bit 1 - left SideBearing at x=0
Bit 2 - instructions may depend on point size
Bit 3 - force ppem to integer values for all private scaler math; may use fractional ppem sizes if this bit is clear
Bit 4 - instructions may alter advance width (the advance widths might not scale linearly)
Note: All other bits must be zero.
LowestRecPPEM: Smallest readable size in pixels.
FontDirectionHint:
0 Fully mixed directional glyphs
1 Only strongly left to right
2 Like 1 but also contains neutrals
-1 Only strongly right to left
-2 Like -1 but also contains neutrals.
0 for short offsets, 1 for long.
0 for current format.
Version.
Typographic ascent.
Maximum advance width value in HTML table.
Typographic descent.
Number of hMetric entries in HTML table;
may be smaller than the total number of glyphs in the font.
Typographic line gap. Negative LineGap values are treated as DEF_TABLE_CHECKSUM
in Windows 3.1, System 6, and System 7.
Minimum left SideBearing value in HTML table.
Minimum right SideBearing value; calculated as Min(aw - lsb - (xMax - xMin)).
Max(lsb + (xMax - xMin)).
Used to calculate the slope of the cursor (rise/run); 1 for vertical.
0 for vertical.
0 for current format.
Struct field.
The Average Character Width parameter specifies
the arithmetic average of the escapement (width)
of all of the 26 lowercase letters a through z of the Latin alphabet
and the space character. If any of the 26 lowercase letters are not present,
this parameter should equal the weighted average of all glyphs in the font.
For non-UGL (platform 3, encoding 0) fonts, use the unweighted average.
Indicates the visual weight (degree of blackness or thickness of strokes)
of the characters in the font.
Indicates a relative change from the normal aspect ratio (width to height ratio)
as specified by a font designer for the glyphs in a font.
Indicates font embedding licensing rights for the font.
Embeddable fonts may be stored in a document.
When a document with embedded fonts is opened on a system that does not have the font installed
(the remote system), the embedded font may be loaded for temporary (and in some cases, permanent)
use on that system by an embedding-aware application.
Embedding licensing rights are granted by the vendor of the font.
The recommended horizontal size in font design units for subscripts for this font.
The recommended vertical size in font design units for subscripts for this font.
The recommended horizontal offset in font design units for subscripts for this font.
The recommended vertical offset in font design units from the baseline for subscripts for this font.
The recommended horizontal size in font design units for superscripts for this font.
The recommended vertical size in font design units for superscripts for this font.
The recommended horizontal offset in font design units for superscripts for this font.
The recommended vertical offset in font design units from the baseline for superscripts for this font.
Width of the strikeout stroke in font design units.
The position of the strikeout stroke relative to the baseline in font design units.
This parameter is a classification of font-family design.
This 10 byte series of numbers are used to describe the visual characteristics
of a given typeface. These characteristics are then used to associate the font with
other fonts of similar appearance having different names. The variables for each digit are listed below.
The specifications for each variable can be obtained in the specification
PANOSE v2.0 Numerical Evaluation from Microsoft or Elseware Corporation.
Struct field.
Struct field.
Struct field.
Struct field.
The four character identifier for the vendor of the given type face.
Information concerning the nature of the font patterns.
The minimum Unicode index (character code) in this font,
according to the cmap subtable for platform ID 3 and encoding ID 0 or 1.
For most fonts supporting Win-ANSI or other character sets, this value would be 0x0020.
usLastCharIndex: The maximum Unicode index (character code) in this font,
according to the cmap subtable for platform ID 3 and encoding ID 0 or 1.
This value depends on which character sets the font supports.
The typographic ascender for this font.
Remember that this is not the same as the Ascender value in the 'hhea' table,
which Apple defines in a far different manner.
DEF_TABLE_OFFSET good source for usTypoAscender is the Ascender value from an AFM file.
The typographic descender for this font.
Remember that this is not the same as the Descender value in the 'hhea' table,
which Apple defines in a far different manner.
DEF_TABLE_OFFSET good source for usTypoDescender is the Descender value from an AFM file.
The typographic line gap for this font.
Remember that this is not the same as the LineGap value in the 'hhea' table,
which Apple defines in a far different manner.
The ascender metric for Windows.
This too is distinct from Apple's Ascender value and from the usTypoAscender values.
usWinAscent is computed as the yMax for all characters in the Windows ANSI character set.
usTypoAscent is used to compute the Windows font height and default line spacing.
For platform 3 encoding 0 fonts, it is the same as yMax.
The descender metric for Windows.
This too is distinct from Apple's Descender value and from the usTypoDescender values.
usWinDescent is computed as the -yMin for all characters in the Windows ANSI character set.
usTypoAscent is used to compute the Windows font height and default line spacing.
For platform 3 encoding 0 fonts, it is the same as -yMin.
This field is used to specify the code pages encompassed
by the font file in the 'cmap' subtable for platform 3, encoding ID 1 (Microsoft platform).
If the font file is encoding ID 0, then the Symbol Character Set bit should be set.
If the bit is set (1) then the code page is considered functional.
If the bit is clear (0) then the code page is not considered functional.
Each of the bits is treated as an independent flag and the bits can be set in any combination.
The determination of "functional" is left up to the font designer,
although character set selection should attempt to be functional by code pages if at all possible.
This field is used to specify the code pages encompassed
by the font file in the 'cmap' subtable for platform 3, encoding ID 1 (Microsoft platform).
If the font file is encoding ID 0, then the Symbol Character Set bit should be set.
If the bit is set (1) then the code page is considered functional.
If the bit is clear (0) then the code page is not considered functional.
Each of the bits is treated as an independent flag and the bits can be set in any combination.
The determination of "functional" is left up to the font designer,
although character set selection should attempt to be functional by code pages if at all possible.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Struct field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Holds glyph index.
Holds character's width.
Code of the char symbol.
Gets a value indicating whether this is empty.
true if empty; otherwise, false.
Compares two WidthDescriptor objects.
Another object for comparing.
A signed integer that indicates the relative order of this instance and value.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Structure field.
Represents the standard CJK fonts.
Initializes a new instance of the class.
The font family.
The size.
The style.
Initializes a new instance of the class.
The font family.
The size.
Initializes a new instance of the class.
The prototype.
The size.
Initializes a new instance of the class.
The prototype.
The size.
The style.
Gets the font family.
Represents the font.
Gets the name.
The name.
Gets the size.
The size.
Gets the height of the font in points.
Gets the descent of the font in points.
Gets the style information for this font.
Gets a value indicating whether this is bold.
true if bold; otherwise, false.
Gets a value indicating whether this is italic.
true if italic; otherwise, false.
Gets a value indicating whether this is strikeout.
true if strikeout; otherwise, false.
Gets a value indicating whether this is underline.
true if underline; otherwise, false.
Measures a string by using this font.
Text to be measured.
Size of the text.
Measures a string by using this font.
Text to be measured.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Size of the text.
Measures a string by using this font.
Text to be measured.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Number of characters in the string.
Number of text lines in the string.
Size of the text.
Measures a string by using this font.
Text to be measured.
Maximum width of the string in points.
Size of the text.
Measures a string by using this font.
Text to be measured.
Maximum width of the string in points.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Size of the text.
Measures a string by using this font.
Text to be measured.
Maximum width of the string in points.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Number of characters in the string.
Number of text lines in the string.
Size of the text.
Measures a string by using this font.
Text to be measured.
SizeF structure that specifies the maximum layout area for the text in points.
Size of the text.
Measures a string by using this font.
Text to be measured.
SizeF structure that specifies the maximum layout area for the text in points.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Size of the text.
Measures a string by using this font.
Text to be measured.
SizeF structure that specifies the maximum layout area for the text in points.
PdfStringFormat that represents formatting information, such as line spacing, for the string.
Number of characters in the string.
Number of text lines in the string.
Size of the text.
Gets Pdf primitive representing the font.
Checks whether the object is similar to another object.
The object to compare with the current object.
True - if the objects have equal internals and can share them, False otherwise.
Represents one of the 14 standard PDF fonts.
Initializes a new instance of the class.
The font family.
The size.
Initializes a new instance of the class.
The font family.
The size.
The style.
Initializes a new instance of the class.
The prototype.
The size.
Initializes a new instance of the class.
The prototype.
The size.
The style.
Gets the FontFamily.
Represents the text layout information.
Initializes a new instance of the class.
Initializes a new instance of the class.
The alignment.
Initializes a new instance of the class.
The column format.
Initializes a new instance of the class.
The alignment.
The vertical alignment.
Gets or sets the text alignment.
Gets or sets the vertical text alignment.
Gets or sets the value that indicates text direction mode.
Note, that this property doesn't change any alignment of the text.
property should be set manually to align the text. This property just enables or disables
support of right to left approach.
If the value is False, the text won't be checked for right to left symbols occurrence.
Gets or sets value that indicates a size among the characters in the text.
When the glyph for each character in the string is rendered, this value is
added to the the glyphs displacement.
Default value is 0.
Gets or sets value that indicates a size among the words in the text.
Word spacing works the same way as character spacing but applies only to the
space character, code 32.
Default value is 0.
Gets or sets value that indicates the vertical distance between the baselines of adjacent lines of text.
Default value is 0.
Gets or sets a value indicating whether the text
should be a part of the clipping path.
Gets or sets value indicating whether the text is in subscript or superscript mode.
Gets or sets the indent of the first line in the paragraph.
Only entire lines are laid out in the formatting rectangle.
By default layout continues until the end of the text,
or until no more lines are visible as a result of clipping, whichever comes first.
Note that the default settings allow the last line to be partially obscured by a formatting rectangle that is not a whole multiple of the line height.
To ensure that only whole lines are seen, specify this value and be careful to provide a formatting rectangle at least as tall as the height of one line.
true if [line limit]; otherwise, false.
Includes the trailing space at the end of each line.
By default the boundary rectangle returned by the MeasureString method of PdfFont excludes the space at the end of each line.
Set this flag to include that space in measurement.
true if [measure trailing spaces]; otherwise, false.
Overhanging parts of glyphs,
and unwrapped text reaching outside the formatting rectangle are allowed to show.
By default all text and glyph parts reaching outside the formatting rectangle are clipped.
true if [no clip]; otherwise, false.
Gets or sets value indicating type of the text wrapping.
Clones the object.
The new created object.
Represents TrueType font.
[System.Security.Permissions.PermissionSet( System.Security.Permissions.SecurityAction.Assert, Name = "FullTrust" )]
Class lay outing the text.
Initializes a new instance of the class.
Layouts the text.
String text.
Font for the text.
String format.
Bounds of the text.
Layout result.
Layouter result.
Gets the text which is not layouted
Gets the actual layouted text bounds
Gets layouted lines information.
Gets the height of the line.
Contains information about the line.
Gets width of the line text.
Gets line text.
Gets width of the line text.
Break type of the line.
Unknown type line.
The line has new line symbol.
layout break.
The line is the first in the paragraph.
The line is the last in the paragraph.
Is not a separator
Is a separator, but can not be the first char of a new line
Is a separator which can be the first char of a new line
Indicates that the character is an opening or initial quotation mark.
Letter, whoes code > 0x7ff
Check table name does not exist
set char Code for unicode char
unicodeString
charCode
Get CharCode
Specifies style information applied to text.
Normal text.
Bold text.
Italic text.
Represents the underline text.
Strikeout text.
Indicates type of standard PDF fonts.
Represents the Helvetica font.
Represents the Courier font.
Represents the Times Roman font.
Represents the Symbol font.
Represents the ZapfDingbats font.
Specifies the type of CJK font.
Represents the Hanyang Systems Gothic Medium font.
Represents the Hanyang Systems shin myeong Jo Medium font.
Represents the Heisei kaku GothicW5 font.
Represents the Heisei MinchoW3 font.
Represents the Monotype Hei Medium font.
Represents the monotype sung Light font.
Represents the sinotype song light font.
Specifies the type of the font.
Indicates the standard Adobe fonts.
Indicates the non-embedded TrueType fonts.
Indicates the Embedded TrueType fonts.
Specifies the types of text wrapping.
Text wrapping between lines when formatting within a rectangle is disabled.
Text is wrapped by words. If there is a word that is longer than bounds' width, this word is wrapped by characters.
Text is wrapped by words. If there is a word that is longer than bounds' width, it won't be wrapped at all
and the process will be finished.
Text is wrapped by characters. In this case the word at the end of the text line can be split.
Specifies type of the SubSuperScript.
Specifies no subscript or superscript.
Specifies superscript format.
Specifies subscript format.
Apple platform.
Macintosh platform.
Iso platform.
Microsoft platform.
The Copyright
The Font Family
The Font Sub Family
The Font Identifier
The Font Name
The Version
The PostScriptName
The Trademark
Unknown encoding.
When building a symbol font for Windows.
When building a Unicode font for Windows.
For font that will be used on a Macintosh.
Undefined encoding.
Unicode encoding.
Roman encoding.
Japanese encoding.
Chinese encoding.
This is the Apple standard character to glyph index mapping table.
This is the Microsoft standard character to glyph index mapping table.
Format 6: Trimmed table mapping.
ttf composite glyph flags.
The ARG_1_AND_2_ARE_WORDS.
The ARGS_ARE_XY_VALUES.
The ROUND_XY_TO_GRID.
The WE_HAVE_A_SCALE.
The RESERVED.
The MORE_COMPONENTS.
The WE_HAVE_AN_X_AND_Y_SCALE.
The WE_HAVE_A_TWO_BY_TWO.
The WE_HAVE_INSTRUCTIONS.
The USE_MY_METRICS.
Unknown encoding
Adobe standard Latin-text encoding
Mac OS standard encoding
An encoding for use with expert fonts
Windows Code Page 1252
Encoding for text strings in a PDF document outside the document's content streams.
The horizontal identity mapping for 2-byte CIDs; may be used with CIDFonts using any
Registry, Ordering, and Supplement values. It maps 2-byte character codes ranging from
0 to 65,535 to the same 2-byte CID value, interpreted high-order byte first.
All glyphs have the same width (as opposed to proportional or variable-pitch
fonts, which have different widths).
Glyphs have serifs, which are short strokes drawn at an angle on the top and
bottom of glyph stems (as opposed to sans serif fonts, which do not).
Font contains glyphs outside the Adobe standard Latin character set. The
flag and the nonsymbolic flag cannot both be set or both be clear.
Glyphs resemble cursive handwriting.
Font uses the Adobe standard Latin character set or a subset of it.
Glyphs have dominant vertical strokes that are slanted.
Bold font.
Represent pdf form XObject.
Form XObject pdf stream.
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance field m_bound to the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_matrix to the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_visibilityGroup to the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_resources to the pdf primitive.
The form XObject dictionary.
Synchronize the instance from the pdf primitive.
Synchronize the instance field m_bound from the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_matrix from the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_visibilityGroup from the pdf primitive.
The form XObject dictionary.
Synchronize the instance field m_resources from the pdf primitive.
The form XObject dictionary.
The count of bytes in the buffer.
The buffer where the bytes are stored.
If true
always output floating point numbers with 6 decimal digits.
If false
uses the faster, although less precise, representation.
Creates new ByteBuffer with capacity 128
Creates a byte buffer with a certain capacity.
@param size the initial capacity
You can fill the cache in advance if you want to.
@param decimals
Converts an double (multiplied by 100 and cast to an int) into an array of bytes.
@param i the int
@return a bytearray
Appends an int
. The size of the array will grow by one.
@param b the int to be appended
@return a reference to this ByteBuffer
object
Appends the subarray of the byte
array. The buffer will grow by
len
bytes.
@param b the array to be appended
@param off the offset to the start of the array
@param len the length of bytes to Append
@return a reference to this ByteBuffer
object
Appends an array of bytes.
@param b the array to be appended
@return a reference to this ByteBuffer
object
Appends a string
to the buffer. The string
is
converted according to the encoding ISO-8859-1.
@param str the string
to be appended
@return a reference to this ByteBuffer
object
Appends a char
to the buffer. The char
is
converted according to the encoding ISO-8859-1.
@param c the char
to be appended
@return a reference to this ByteBuffer
object
Appends another ByteBuffer
to this buffer.
@param buf the ByteBuffer
to be appended
@return a reference to this ByteBuffer
object
Appends the string representation of an int
.
@param i the int
to be appended
@return a reference to this ByteBuffer
object
Appends the string representation of a long
.
@param i the long
to be appended
@return a reference to this ByteBuffer
object
Appends a string representation of a float
according
to the Pdf conventions.
@param i the float
to be appended
@return a reference to this ByteBuffer
object
Appends a string representation of a double
according
to the Pdf conventions.
@param d the double
to be appended
@return a reference to this ByteBuffer
object
Outputs a double
into a format suitable for the PDF.
@param d a double
@return the string
representation of the double
Outputs a double
into a format suitable for the PDF.
@param d a double
@param buf a ByteBuffer
@return the String
representation of the double
if
buf
is null
. If buf
is not null
,
then the double is appended directly to the buffer and this methods returns null
.
Sets the size to zero.
Creates a newly allocated byte array. Its size is the current
size of this output stream and the valid contents of the buffer
have been copied into it.
@return the current contents of this output stream, as a byte array.
Returns the current size of the buffer.
@return the value of the count
field, which is the number of valid bytes in this byte buffer.
Converts the buffer's contents into a string, translating bytes into
characters according to the platform's default character encoding.
@return string translated from the buffer's contents.
Writes the complete contents of this byte buffer output to
the specified output stream argument, as if by calling the output
stream's write method using out.Write(buf, 0, count)
.
@param out the output stream to which to write the data.
@exception IOException if an I/O error occurs.
Reads an inverted short from the Stream.
the Stream
an int
Default Quantizer Quality.
A 64 byte array which corresponds to a JPEG Luminance Quantization table.
A 64 byte array which corresponds to a JPEG Chromiance Quantization table.
Encodes a provided ImageBuffer[,,] to a JPG Image.
The ImageBuffer containing the pixel data.
Dimension of the original image. This value is written to the image header.
Dimension on which the Encoder works. As the Encoder works in 8*8 blocks, if the image size is not divisible by 8 the remaining blocks are set to '0' (in this implementation)
Stream to which the JPEG data is to be written.
Required quantizer quality; Default: 50 , Lower value higher quality.
Interface for updating Progress.
Interface for updating CurrentOperation.
Encodes a provided Image to a JPG Image.
The Image to be encoded.
Stream to which the JPEG data is to be written.
Required quantizer quality; Default: 50 , Lower value higher quality.
Interface for updating Progress.
Interface for updating CurrentOperation.
Generates Y, Cb, Cr, R, G and B values from given RGB_Buffer
Defines the different possible channel types.
Generates Y, Cb, Cr, R, G and B values from given RGB_Buffer
The input RGB_Buffer.
Draw in grayscale.
Width of the image.
Height of the image.
Enum specifying the channel type required.
Interface for updating progress.
Interface for updating current operation.
3D array of the specified channel type.
The CreateCompatibleDC function creates a memory device context (DC) compatible with the specified device.
[in] Handle to an existing DC. If this handle is NULL, the function creates a memory DC compatible with the application's current screen.
If the function succeeds, the return value is the handle to a memory DC.
If the function fails, the return value is NULL.
The SelectObject function selects an object into the specified device context (DC).
The new object replaces the previous object of the same type.
[in] Handle to the DC.
[in] Handle to the object to be selected. The specified object must have been created by using one of the following functions.
The SetStretchBltMode function sets the bitmap stretching mode in the specified device context.
[in] Handle to the device context.
[in] Specifies the stretching mode. This parameter can be one of the values from StretchBltModes enum.
If the function succeeds, the return value is the previous stretching mode.
If the function fails, the return value is zero.
The GetObject function retrieves information for the specified graphics object.
[in] Handle to the graphics object of interest. This can be a handle to one of the following: a logical bitmap, a brush, a font, a palette, a pen, or a device independent bitmap created by calling the CreateDIBSection function.
[in] Specifies the number of bytes of information to be written to the buffer.
[out] Pointer to a buffer that receives the information about the specified graphics object.
If the function succeeds, and lpvObject is a valid pointer, the return value is the number of bytes stored into the buffer.
If the function succeeds, and lpvObject is NULL, the return value is the number of bytes required to hold the information the function would store into the buffer.
If the function fails, the return value is zero.
The StretchBlt function copies a bitmap from a source rectangle into a destination
rectangle, stretching or compressing the bitmap to fit the dimensions of the destination
rectangle, if necessary. The system stretches or compresses the bitmap according to
the stretching mode currently set in the destination device context.
[in] Handle to the destination device context.
[in] Specifies the x-coordinate, in logical units, of the upper-left corner of the destination rectangle.
[in] Specifies the y-coordinate, in logical units, of the upper-left corner of the destination rectangle.
[in] Specifies the width, in logical units, of the destination rectangle.
[in] Specifies the height, in logical units, of the destination rectangle.
[in] Handle to the source device context.
[in] Specifies the x-coordinate, in logical units, of the upper-left corner of the source rectangle.
[in] Specifies the y-coordinate, in logical units, of the upper-left corner of the source rectangle.
[in] Specifies the width, in logical units, of the source rectangle.
[in] Specifies the height, in logical units, of the source rectangle.
[in] Specifies the raster operation to be performed. Raster operation codes define how the system combines colors in output operations that involve a brush, a source bitmap, and a destination bitmap.
If the function succeeds, the return value is nonzero.
If the function fails, the return value is zero.
The CreateCompatibleBitmap function creates a bitmap compatible with the device that is associated with the specified device context.
[in] Handle to a device context.
[in] Specifies the bitmap width, in pixels.
[in] Specifies the bitmap height, in pixels.
If the function succeeds, the return value is a handle to the compatible bitmap (DDB).
If the function fails, the return value is NULL.
The GetDIBits function retrieves the bits of the specified compatible bitmap
and copies them into a buffer as a DIB using the specified format.
[in] Handle to the device context.
[in] Handle to the bitmap. This must be a compatible bitmap (DDB).
[in] Specifies the first scan line to retrieve.
[in] Specifies the number of scan lines to retrieve.
[out] Pointer to a buffer to receive the bitmap data. If this parameter is NULL, the function passes the dimensions and format of the bitmap to the BITMAPINFOHEADER structure pointed to by the lpbi parameter.
[in/out] Pointer to a BITMAPINFOHEADER structure that specifies the desired format for the DIB data.
[in] Specifies the format of the bmiColors member of the BITMAPINFOHEADER structure.
If the lpvBits parameter is non-NULL and the function succeeds, the return value is the number of scan lines copied from the bitmap.
The SetDIBits function sets the pixels in a compatible bitmap (DDB)
using the color data found in the specified DIB .
[in] Handle to a device context.
[in] Handle to the compatible bitmap (DDB) that is to be altered using the color data from the specified DIB.
[in] Specifies the starting scan line for the device-independent color data in the array pointed to by the lpvBits parameter.
[in] Specifies the number of scan lines found in the array containing device-independent color data.
[in] Pointer to the DIB color data, stored as an array of bytes. The format of the bitmap values depends on the biBitCount member of the BITMAPINFO structure pointed to by the lpbmi parameter.
[in] Pointer to a BITMAPINFOHEADER structure that contains information about the DIB.
[in] Specifies whether the bmiColors member of the BITMAPINFO structure was provided and, if so, whether bmiColors contains explicit red, green, blue (RGB) values or palette indexes.
If the function succeeds, the return value is the number of scan lines copied.
The GetDC function retrieves a handle to a display device context (DC)
for the client area of a specified window or for the entire screen.
[in] Handle to the window whose DC is to be retrieved. If this value is NULL, GetDC retrieves the DC for the entire screen.
If the function succeeds, the return value is a handle to the DC for the specified window's client area. I
If the function fails, the return value is NULL.
The GetClientRect function retrieves the coordinates of a window's client area.
The client coordinates specify the upper-left and lower-right corners of the client area.
[in] Handle to the window whose client coordinates are to be retrieved.
[out] Pointer to a RECT structure that receives the client coordinates.
If the function succeeds, the return value is nonzero.
Performs a bit-block transfer of the color data corresponding to a
rectangle of pixels from the specified source device context into
a destination device context.
Handle to the destination device context.
The leftmost x-coordinate of the destination rectangle (in pixels).
The topmost y-coordinate of the destination rectangle (in pixels).
The width of the source and destination rectangles (in pixels).
The height of the source and the destination rectangles (in pixels).
Handle to the source device context.
The leftmost x-coordinate of the source rectangle (in pixels).
The topmost y-coordinate of the source rectangle (in pixels).
A raster-operation code.
true if the operation succeeded, false otherwise.
The DeleteObject function deletes a logical pen, brush, font, bitmap, region, or palette,
freeing all system resources associated with the object. After the object is deleted,
the specified handle is no longer valid.
[in] Handle to a logical pen, brush, font, bitmap, region, or palette.
If the function succeeds, the return value is nonzero.
The ReleaseDC function releases a device context (DC), freeing it for use by other applications.
The effect of the ReleaseDC function depends on the type of DC.
[in] Handle to the window whose DC is to be released.
[in] Handle to the DC to be released.
The return value indicates whether the DC was released.
If the DC was released, the return value is 1.
If the DC was not released, the return value is zero.
The SetPixel function sets the pixel at the specified coordinates to the specified color.
[in] Handle to the device context.
[in] Specifies the x-coordinate, in logical units, of the point to be set.
[in] Specifies the y-coordinate, in logical units, of the point to be set.
[in] Specifies the color to be used to paint the point.
If the function succeeds, the return value is the RGB value that the function sets the pixel to.
This value may differ from the color specified by crColor; that occurs when an exact match for the
specified color cannot be found.
Specifies a raster-operation code. These codes define how the color data for the
source rectangle is to be combined with the color data for the destination
rectangle to achieve the final color.
dest = source
dest = source OR dest
dest = source AND dest
dest = source XOR dest
dest = source AND (NOT dest)
dest = (NOT source)
dest = (NOT src) AND (NOT dest)
dest = (source AND pattern)
dest = (NOT source) OR dest
dest = pattern
dest = DPSnoo
dest = pattern XOR dest
dest = (NOT dest)
dest = BLACK
dest = WHITE
Get Font registry key.
Get font name key of teh registry.
Draws extra line between the last and first points.
The pen.
The points.
If true, connects last and first points.
Darw the multiple Line
Invalid object type.
Brush object.
Pen object.
Path object.
Region object.
Image object.
Font object.
String format object.
Image attributes object.
Custom line cap object.
Default value.
Hatch brush.
Texture brush.
Path gradient brush.
Linear gradient brush.
Flags for a linear gradient brush.
Minimal data are present.
The brush applies a transformation matrix to the source image.
The brush contains a ColorBlend object for use with its InterpolationColors property.
The brush contains a Blend object for use with its Blend property.
The brush has a non-default value for the FocusScales property.
The brush uses gamma correction.
Represents pen flags.
Pen just with color set.
Transformation set. (20-... - float )
StartCap set. ( 20 - int )
EndCap set. ( 20 - int )
LineJoin set. ( 20 - int )
MiterLimit set. ( 20 - float )
Pen has DashStyle defined.
DashCap set. ( 20 - int )
DashOffset is defined. (20 - float)
DashPattern is defined. (20 - int: numArray; 24-... - float: DashPattern )
Alignment set. (20 - int )
CompoundArray set. (20 - int: numArray; 24-... - float: compoundArray )
The pen uses a custom start cap.
The pen uses a custom end cap.
Unknown format.
Bitmap image.
Metafile image.
Region is from rectangle.
Region is from graphics path.
Region is empty.
Region is infinity.
Represents the bmp image object.
Gets the width of the image in pixels.
Gets the height of the image in pixels.
Gets the horizontal resolution, in pixels per inch, of this Image.
Gets the vertical resolution, in pixels per inch, of this Image.
Initialize a new instance of PdfBmpImage from stream.
Initialize a new instance of PdfBmpImage from path.
Initialize a new instance of PdfBmpImage from byte array.
Initialize a new instance of PdfGifImage from path.
Initialize a new instance of PdfGifImage from byte array.
Initialize a new instance of PdfGifImage from stream.
Get the count of frame in gif.
Get or set the current frame index.
Get the width of the image in pixels.
Get the height of the image in pixels.
Get the horizontal resolution, in pixels per inch, of this Image.
Gets the vertical resolution, in pixels per inch, of this Image.
Gets the [x,y] position of the frame in reference to the
logical screen.
@param frame the frame
@return the [x,y] position of the frame
Reads GIF file header information.
Reads Logical Screen Descriptor
Reads next 16-bit value, LSB first
Reads next variable length block from input.
@return number of bytes stored in "buffer"
Reads next frame image
Resets frame state for reading next image.
Reads Graphics Control Extension values
Skips variable length blocks up to and including
next zero length block.
Represents the jpeg2000 image object.
This is the scaled width of the image taking rotation into account.
This is the original height of the image taking rotation into account.
this is the bits per component of the raw image. It also flags a CCITT image.
Gets the width of the image in pixels.
Gets the height of the image in pixels.
Gets the horizontal resolution, in pixels per inch, of this Image.
Gets the vertical resolution, in pixels per inch, of this Image.
Initialize a new instance of PdfBmpImage from path.
Initialize a new instance of PdfBmpImage from byte array.
Initialize a new instance of PdfBmpImage from stream.
This method checks if the image is a valid JPEG and processes some parameters.
@throws BadElementException
@throws IOException
@return true
if the image is JP2, false
if a codestream.
Represents the jb2 image object.
Get the width of the image in pixel unit.
Get the height of the image in pixel unit.
Get the horizontal resoulution of the image in pixel unit.
Get the vertical resolution of the image in pixel unit.
Initialize a new instance of PdfJb2Image from file path.
Initialize a new instance of PdfJb2Image from byte array.
Initialize a new instance of PdfJb2Image from stream.
Inner class that holds information about a JBIG2 segment.
@since 2.1.5
Inner class that holds information about a JBIG2 page.
@since 2.1.5
return as a single byte array the header-data for each segment in segment number
order, EMBEDDED organization, but i am putting the needed segments in SEQUENTIAL organization.
if for_embedding, skip the segment types that are known to be not for acrobat.
@param for_embedding
@return a byte array
@throws IOException
Represents the jpeg image object.
this is a kind of image Element.
this is a kind of image Element.
this is a kind of image Element.
this is a kind of image Element.
this is a kind of image Element.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
This represents a coordinate in the transformation matrix.
type of image
type of image
type of image
type of image
type of image
type of image
type of image
type of image
type of image
@since 2.1.5
Image color inversion
The alignment of the Image.
Text that can be shown instead of the image.
This is the absolute X-position of the image.
This is the absolute Y-position of the image.
This is the width of the image without rotation.
This is the width of the image without rotation.
This is the scaled width of the image taking rotation into account.
This is the original height of the image taking rotation into account.
The compression level of the content streams.
@since 2.1.3
This is the rotation of the image.
this is the colorspace of a jpeg-image.
this is the bits per component of the raw image. It also flags a CCITT image.
this is the transparency information of the raw image
the indentation to the left.
the indentation to the right.
Holds value of property dpiX.
Holds value of property dpiY.
Holds value of property interpolation.
ICC Profile attached
Holds value of property deflated.
Holds value of property smask.
Holds value of property XYRatio.
Holds value of property originalData.
The spacing before the image.
The spacing after the image.
Holds value of property widthPercentage.
Holds value of property initialRotation.
This is a type of marker.
Acceptable Jpeg markers.
This is a type of marker.
Unsupported Jpeg markers.
This is a type of marker.
Jpeg markers without additional parameters.
Marker value for Photoshop IRB
sequence preceding Photoshop resolution data
Initialize a new instance of PdfJpegImage from path.
The file path
Initialize a new instance of PdfJpegImage from byte array.
The data array
Initialize a new instance of PdfJpegImage from stream.
The data stream
Gets the horizontal resolution, in pixels per inch, of this Image.
Gets the vertical resolution, in pixels per inch, of this Image.
Gets the width of the image in pixels.
Gets the height of the image in pixels.
Represents the png object.
Some PNG specific values.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
A PNG marker.
Get the width of the image in pixels.
Gets the height of the image in pixels.
Get the horizontal resolution, in pixels per inch, of this Image.
Get the vertical resolution, in pixels per inch, of this Image.
Initialize a new instance of PdfPngImage from file path.
the file path
Initialize a new instance of PdfPngImage from byte array.
byte array
Initialize a new instance of PdfPngImage from stream.
stream
Gets an int
from an Stream
.
@param is an Stream
@return the value of an int
Gets a word
from an Stream
.
@param is an Stream
@return the value of an int
Gets a String
from an Stream
.
@param is an Stream
@return the value of an int
Represents the tiff image object.
Represent pdf optional content group(or optional content membership).
Visible of optional content.
The intent of using optional group
Which is intended to represent a document designer's
structural organization of artwork.
Which is intended for interactive use by document consumers.
Represent pdf optional content group.
Content typically belongs to a single optional content group.
Optional content group dictionary
Optional content group Name
Optional group used Intent
Optional content configuration.
Optional content group reference.
Get or set pdf layer name.
Notice:
Name may be is not unique.
Get or set pdf layer visible.
Get whether the layer shows on user interface or not.
Get reference of the layer.
Construct an instance
The pdf layer name
The optional content configuration.
The pdf cross Table
Construct an instance with the optional content group dictionary
The optional content group dictionary
The optional content configuration.
The pdf cross Table
Construct an instance with the optional content group dictionary
The optional content group dictionary
The optional content configuration.
The pdf cross Table
The reference of the layer
Create the layer graphics.
The pdf layer container's graphics.
eg: PdfPageBase.Canvas ...
The pdf layer graphics.
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance field m_name to the pdf primitive.
The optional content group dictionary
Synchronize the instance field m_intent to the pdf primitive.
The optional content group dictionary
Synchronize the instance from the pdf primitive.
Synchronize the instance field m_name from the pdf primitive.
The optional content group dictionary
Synchronize the instance field m_intent from the pdf primitive.
The optional content group dictionary
Represent pdf layer collection.
The PdfDocumentBase.
Optional content properties dictionary.
Optional content groups.
Default viewing optional content configuration.
Get the pdf layer of the index.
Pdf layer index
Pdf layer
Get the pdf layer of name.
Notice:
Pdf layer name may be is not unique.
If exist duplication of name,return first pdf layer of name.
If not exist pdf layer of name,return null;
Pdf layer name
Pdf layer
Gets the number of pdf layers contained.
Construct an instance
The PdfDocumentBase.
The pdf cross table
Construct an instance with the optional content properties dictionary
The optional content properties dictionary
The PdfDocumentBase.
The pdf cross table
Create a new empty pdf layer outline.
Pdf layer outline.
Add a new pdf layer.
Pdf layer name.
Pdf layer.
Add a new pdf layer.
Pdf layer name.
Pdf layer's visibility.
Pdf layer.
Remove the pdf layer.
The pdf layer.
True if item is successfully removed; otherwise, false. This method also
returns false if item was not found
Remove the pdf layer.
The pdf layer.
If true,remove content with the pdf layer.Otherwise,false.
True if item is successfully removed; otherwise, false. This method also
returns false if item was not found
Remove layer from Ocgs array.
Remove the pdf layer.
Notice: Pdf layer name may be is not unique.
If exist duplication of name,will remove all pdf layers of name.
Pdf layer name.
True if item is successfully removed; otherwise, false. This method also
returns false if item was not found
Remove the pdf layer.
Notice: Pdf layer name may be is not unique.
If exist duplication of name,will remove all pdf layers of name.
Pdf layer name.
If true,remove content with the pdf layer.Otherwise,false.
True if item is successfully removed; otherwise, false. This method also
returns false if item was not found
Find pdf layers of name.
Pdf layer name.
Pdf layers of name.
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance field m_defaultViewConfig,m_otherConfigs to the pdf primitive.
The optional content properties dictionary
Synchronize the instance field m_layers to the pdf primitive.
The optional content properties dictionary
Synchronize the instance from the pdf primitive.
Synchronize the instance field m_defaultViewConfig,m_otherConfigs from the pdf primitive.
The optional content properties dictionary
Synchronize the instance field m_layers from the pdf primitive.
The optional content properties dictionary
Represent pdf optional content configuration
Optional content configuration dictionary
A name for the configuration.
Used to initialize the states of all optional content groups's visibility.
An array of optional content groups whose state should be set to
ON when this configuration is applied.
An array of optional content groups whose state should be set to
OFF when this configuration is applied.
Used to determine which optional group's states to consider and ignore
in calculating the visibility of content.
An array specifying the recommended order for presentation of optional content
groups in user interface.
Construct an instance
A name for the configuration.
The pdf cross table
Construct an instance with the optional content configuration dictionary
The optional content configuration dictionary
The pdf cross table
Create a new empty pdf layer outline.
Pdf layer outline.
Configure a layer at top level.
The pdf layer.
The layer's visibility.
Remove a layer's configs.
The pdf layer.
Get layer's visibility.
The pdf layer.
The pdf layer's visibility.
Set layer's visibility.
The pdf layer.
The pdf layer's visibility.
Return layer shows on ui or not.
The layer
Get layer's visibility.
The pdf Layer dictionary.
The pdf layer's visibility.
Add pdf layer visibility settings.
The list of pdf Layer dictionary.
Visibility of the pdf layer.
Add pdf layer visibility settings.
The pdf Layer dictionary.
Visibility of the pdf layer.
Remove pdf layer visibility settings.
The list of pdf Layer dictionary.
Remove pdf layer visibility settings.
The pdf Layer dictionary.
Add pdf layer visibility settings.
The pdf Layer.
Visibility of the pdf layer.
Remove pdf layer visibility settings.
The pdf Layer.
Return the layer shows on ui or not.
The layer
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance field m_name to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_baseState to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_on to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_off to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_intent to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_layerOutline to the pdf primitive.
The optional content configuration dictionary
Synchronize the instance from the pdf primitive.
Synchronize the instance field m_name from the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_baseState from the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_intent from the pdf primitive.
The optional content configuration dictionary.
Synchronize the instance field m_on from the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_off from the pdf primitive.
The optional content configuration dictionary
Synchronize the instance field m_layerOutline from the pdf primitive.
The optional content configuration dictionary.
Represent pdf optional content membership.
To express more complex visibility policies,content should declare itself not
to belong directly an optional content group but rather to an optional content
membership.
Optional content membership dictionary
Optional content group whose visibility determine the visibility of
this optional content membership.
Visibility policy.
Visibility expression.
All optional content groups in document,not all related this membership.
Pdf layer membership Visibility.
Construct a instance.
all optional content groups.
The pdf cross table.
Construct an instance with the optional content membership dictionary.
The optional content membership dictionary.
all optional content groups.
The pdf cross table.
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance field m_relatedLayers to the pdf primitive.
The optional content membership dictionary
Synchronize the instance field m_visibilityPolicy to the pdf primitive.
The optional content membership dictionary
Synchronize the instance field m_visibilityExpression to the pdf primitive.
The optional content membership dictionary
Synchronize the instance from the pdf primitive.
Synchronize the instance field m_relatedLayers from the pdf primitive.
The optional content membership dictionary
Synchronize the instance field m_visibilityPolicy from the pdf primitive.
The optional content membership dictionary
Synchronize the instance field m_visibilityExpression from the pdf primitive.
The optional content membership dictionary
Represent the recommended order for presentation of optional content
groups in user interface.
Refrence "Optional content configuration dictionary's entry order".
Optional content configuration dictionary's entry order
Construct an instance.
The pdf cross table.
Construct an instance with .
The pdf cross table
Add a sub group outline.
Group name.
Sub group outline.
Add a outline entry of the pdf layer with a sub group outline.
Pdf layer
Sub group outline.
Add a outline entry of the pdf layer.
Pdf layer
Remove an entry of the layer,inclued sub enties.
The layer.
Remove an entry with the layer,inclued sub enties..
Refrence "Optional content configuration dictionary's entry order".
The layer.
The array include outline entries.
True,if has succeed.Otherwise,false.
Gets the wrapped element.
Remove layer content in the page.
The layer.
The page.
The pdfCrossTable
Represent the visibility of optional content group(or optional content membership).
Specify the visibility expression for optional content belonging to PdfLayerMembership.
An array specifying a visibility expression
Visible of optional content.
Construct an instance
The pdf cross table.
Construct an instance with the visibility expression array.
The visibility expression array.
The pdf cross table.
Trigger when pdf wrappered element saving.
The source of event.
The arguments of event.
Gets the wrapped element.
Synchronize the instance to the pdf primitive.
Synchronize the instance from the pdf primitive.
Specify the visibility policy for content belonging to PdfLayerMembership.
Not Specifying the visibility policy.
Visible if any of layer are On.
Visible only if all of layers are On.
Visible if any of layer are Off.
Visible only if all of layers are Off.
Represent the matrix
Gets the x translation value (the dx value, or the element in the third row and first column).
Gets the x translation value (the dx value, or the element in the third row and second column).
Gets an array of floating-point values that represents the elements.
Construct a instance as the identity matrix.
Construct a instance as the identity matrix.
The value in the first row and first column.
The value in the first row and second column.
The value in the second row and first column.
The value in the second row and second column.
The value in the third row and first column.
The value in the third row and second column.
Construct a instance to the geometric transform defined by the specified rectangle and array of points.
A System.Drawing.Rectangle structure that represents the rectangle.
An array of three System.Drawing.Point structures that represents the points
of a parallelogram to which the upper-left, upper-right, and lower-left corners
of the rectangle is to be transformed. The lower-right corner of the parallelogram
is implied by the first three corners.
Construct a instance to the geometric transform defined by the specified rectangle and array of points.
A System.Drawing.RectangleF structure that represents the rectangle.
An array of three System.Drawing.PointF structures that represents the points
of a parallelogram to which the upper-left, upper-right, and lower-left corners
of the rectangle is to be transformed. The lower-right corner of the parallelogram
is implied by the first three corners.
Prepend the specified matrix.
Matrix is to be multiplied.
Apply the specified matrix by the specified order.
Matrix is to be multiplied.
Represent the applying order.
Prepend the specified translation vector (offsetX and offsetY).
The x value by which to translate.
The y value by which to translate.
Apply the specified translation vector (offsetX and offsetY) by the specified order.
The x value by which to translate.
The y value by which to translate.
Represent the applying order.
Prepend the specified scale vector (scaleX and scaleY).
The value by which to scale in the x-axis direction.
The value by which to scale in the y-axis direction.
Apply the specified scale vector (scaleX and scaleY) by the specified order.
The value by which to scale in the x-axis direction.
The value by which to scale in the y-axis direction.
Represent the applying order.
Prepend a clockwise rotation(angle) around the origin.
The angle of the rotation, in degrees.
Apply a clockwise rotation(angle) around the origin by the specified order.
The angle of the rotation, in degrees.
Represent the applying order.
Prepend the specified skew angles(angleX angleY).
The horizontal skew angle, in degrees.
The vertical skew angle, in degrees.
Prepend the specified skew angles(angleX angleY) by the specified order.
The horizontal skew angle, in degrees.
The vertical skew angle, in degrees.
Represent the applying order.
Prepend the specified Shear vector (shearX and shearY).
The horizontal shear factor.
The vertical shear factor.
Apply the specified Shear vector (shearX and shearY) by the specified order.
The horizontal shear factor.
The vertical shear factor.
Represent the applying order.
Applies the geometric transform to a specified array of points.
An array of points to transform.
The transformed points.
Matrix1 multiply matrix2 to this.
first matrix.
second matrix.
Converts degree to radian.
The degree
The radian
Converts radian to degree.
The radian
The degree
Calculate 3 simple equation
Calculate 3 simple equation
Represent the applying order to matrix.
The new operation is applied before the old operation.
The new operation is applied after the old operation.
The collection of the default pens.
Gets the AliceBlue pen.
Gets the antique white pen.
Gets the Aqua default pen.
Gets the Aquamarine default pen.
Gets the Azure default pen.
Gets the Beige default pen.
Gets the Bisque default pen.
Gets the Black default pen.
Gets the BlanchedAlmond default pen.
Gets the Blue default pen.
Gets the BlueViolet default pen.
Gets the Brown default pen.
Gets the BurlyWood default pen.
Gets the CadetBlue default pen.
Gets the Chartreuse default pen.
Gets the Chocolate default pen.
Gets the Coral default pen.
Gets the CornflowerBlue default pen.
Gets the Corn silk default pen.
Gets the Crimson default pen.
Gets the Cyan default pen.
Gets the DarkBlue default pen.
Gets the DarkCyan default pen.
Gets the DarkGoldenrod default pen.
Gets the DarkGray default pen.
Gets the DarkGreen default pen.
Gets the DarkKhaki default pen.
Gets the DarkMagenta default pen.
Gets the DarkOliveGreen default pen.
Gets the DarkOrange default pen.
Gets the DarkOrchid default pen.
Gets the DarkRed default pen.
Gets the DarkSalmon default pen.
Gets the DarkSeaGreen default pen.
Gets the DarkSlateBlue default pen.
Gets the DarkSlateGray default pen.
Gets the DarkTurquoise default pen.
Gets the DarkViolet default pen.
Gets the DeepPink default pen.
Gets the DeepSkyBlue default pen.
Gets the DimGray default pen.
Gets the DodgerBlue default pen.
Gets the Firebrick default pen.
Gets the FloralWhite default pen.
Gets the ForestGreen default pen.
Gets the Fuchsia default pen.
Gets the Gainsborough default pen.
Gets the GhostWhite default pen.
Gets the Gold default pen.
Gets the Goldenrod default pen.
Gets the Gray default pen.
Gets the Green default pen.
Gets the GreenYellow default pen.
Gets the Honeydew default pen.
Gets the HotPink default pen.
Gets the IndianRed default pen.
Gets the Indigo default pen.
Gets the Ivory default pen.
Gets the Khaki default pen.
Gets the Lavender default pen.
Gets the LavenderBlush default pen.
Gets the LawnGreen default pen.
Gets the LemonChiffon default pen.
Gets the LightBlue default pen.
Gets the LightCoral default pen.
Gets the LightCyan default pen.
Gets the LightGoldenrodYellow default pen.
Gets the LightGray default pen.
Gets the LightGreen default pen.
Gets the LightPink default pen.
Gets the LightSalmon default pen.
Gets the LightSeaGreen default pen.
Gets the LightSkyBlue default pen.
Gets the LightSlateGray default pen.
Gets the LightSteelBlue default pen.
Gets the LightYellow default pen.
Gets the Lime default pen.
Gets the LimeGreen default pen.
Gets the Linen default pen.
Gets the Magenta default pen.
Gets the Maroon default pen.
Gets the MediumAquamarine default pen.
Gets the MediumBlue default pen.
Gets the MediumOrchid default pen.
Gets the MediumPurple default pen.
Gets the MediumSeaGreen default pen.
Gets the MediumSlateBlue default pen.
Gets the MediumSpringGreen default pen.
Gets the MediumTurquoise default pen.
Gets the MediumVioletRed default pen.
Gets the MidnightBlue default pen.
Gets the MintCream default pen.
Gets the MistyRose default pen.
Gets the Moccasin default pen.
Gets the NavajoWhite default pen.
Gets the Navy default pen.
Gets the OldLace default pen.
Gets the Olive default pen.
Gets the OliveDrab default pen.
Gets the Orange default pen.
Gets the OrangeRed default pen.
Gets the Orchid default pen.
Gets the PaleGoldenrod default pen.
Gets the PaleGreen default pen.
Gets the PaleTurquoise default pen.
Gets the PaleVioletRed default pen.
Gets the PapayaWhip default pen.
Gets the PeachPuff default pen.
Gets the Peru default pen.
Gets the Pink default pen.
Gets the Plum default pen.
Gets the PowderBlue default pen.
Gets the Purple default pen.
Gets the Red default pen.
Gets the RosyBrown default pen.
Gets the RoyalBlue default pen.
Gets the SaddleBrown default pen.
Gets the Salmon default pen.
Gets the SandyBrown default pen.
Gets the SeaGreen default pen.
Gets the SeaShell default pen.
Gets the Sienna default pen.
Gets the Silver default pen.
Gets the SkyBlue default pen.
Gets the SlateBlue default pen.
Gets the SlateGray default pen.
Gets the Snow default pen.
Gets the SpringGreen default pen.
Gets the SteelBlue default pen.
Gets the Tan default pen.
Gets the Teal default pen.
Gets the Thistle default pen.
Gets the Tomato default pen.
Gets the Transparent default pen.
Gets the Turquoise default pen.
Gets the Violet default pen.
Gets the Wheat default pen.
Gets the White default pen.
Gets the WhiteSmoke default pen.
Gets the Yellow default pen.
Gets the YellowGreen default pen.
Specifies the type of Horizontal alignment.
Specifies the element is aligned to Left.
Specifies the element is aligned to Center.
Specifies the element is aligned to Right.
Specifies the type of Vertical alignment.
Specifies the element is aligned to Top.
Specifies the element is aligned to Middle.
Specifies the element is aligned to Bottom.
Specifies the type of horizontal text alignment.
Specifies the text is aligned to Left.
Specifies the text is aligned to Center.
Specifies the text is aligned to Right.
Specifies the text as Justified text.
Specifies the text rendering mode.
Fill text.
Stroke text.
Fill, then stroke text.
Neither fill nor stroke text (invisible).
Fill text and add to path for clipping (see above)..
Stroke text and add to path for clipping (see above).
Stroke fill text and add to path for clipping.
Add text to path for clipping.
Specifies the corner style of the shapes.
The outer edges for the two segments are extended
until they meet at an angle.
An arc of a circle with a diameter equal to the line width is drawn
around the point where the two segments meet, connecting the outer edges for the two segments.
The two segments are finished with caps
and the resulting notch beyond the ends of the segments is filled
with a triangle.
Specifies the line cap style to be used at the ends of the lines.
The stroke is squared off at the endpoint of the path. There is no
projection beyond the end of the path.
A semicircular arc with a diameter equal to the line width is
drawn around the endpoint and filled in.
The stroke continues beyond the endpoint of the path
for a distance equal to half the line width and is squared off.
Possible dash styles of the pen.
Solid line.
Dashed line.
Dotted line.
Dash-dot line.
Dash-dot-dot line.
User defined dash style.
Specifies how the shapes are filled.
Nonzero winding number rule of determining "insideness"
of point.
Even odd rule of determining "insideness" of point.
Defines set of color spaces.
RGB color space.
CMYK color space.
GrayScale color space.
Indexed color space used internally.
Colors are represented solely with respect to the light source;
no correction is made for the output mediums white point
(such as the color of unprinted paper).
Colors are represented with respect to the combination of
the light source and the output mediums white point
(such as the color of unprinted paper).
Colors are represented in a manner that preserves
or emphasizes saturation.
Colors are represented in a manner that provides a pleasing
perceptual appearance.
Specifies the blend mode for transparency.
Selects the source color, ignoring the backdrop.
Multiplies the backdrop and source color values.
The result color is always at least as dark as either
of the two constituent colors. Multiplying
any color with black produces black; multiplying
with white leaves the original color unchanged.
Painting successive overlapping objects with a color
other than black or white produces progressively darker colors.
Multiplies the complements of the backdrop and source
color values, then complements the result. The result
color is always at least as light as either of the two
constituent colors. Screening any color with white
produces white; screening with black leaves the original
color unchanged. The effect is similar to projecting
multiple photographic slides simultaneously onto a single screen.
Multiplies or screens the colors, depending on
the backdrop color value. Source colors overlay
the backdrop while preserving its highlights and
shadows. The backdrop color is not replaced but
is mixed with the source color to reflect the
lightness or darkness of the backdrop.
Selects the darker of the backdrop and source colors.
The backdrop is replaced with the source where the source
is darker; otherwise, it is left unchanged.
Selects the lighter of the backdrop and source colors.
The backdrop is replaced with the source where the source
is lighter; otherwise, it is left unchanged.
Brightens the backdrop color to reflect the source color.
Painting with black produces no changes.
Darkens the backdrop color to reflect the source color.
Painting with white produces no change.
Multiplies or screens the colors, depending on the source color value.
The effect is similar to shining a harsh spotlight on the backdrop.
Darkens or lightens the colors, depending on the source color value.
The effect is similar to shining a diffused spotlight on the backdrop.
Subtracts the darker of the two constituent colors from the lighter color.
Painting with white inverts the backdrop color; painting with black produces no change.
Produces an effect similar to that of the Difference mode
but lower in contrast. Painting with white inverts
the backdrop color; painting with black produces no change.
Creates a color with the hue of the source color and
the saturation and luminosity of the backdrop color.
Creates a color with the saturation of the source color
and the hue and luminosity of the backdrop color. Painting
with this mode in an area of the backdrop that is a pure
gray (no saturation) produces no change.
Creates a color with the hue and saturation of
the source color and the luminosity of the backdrop
color. This preserves the gray levels of the backdrop
and is useful for coloring monochrome images or tinting color images.
Creates a color with the luminosity of the source color
and the hue and saturation of the backdrop color. This
produces an inverse effect to that of the Color mode.
Specifies the type of the PdfImage.
Specifies the image is bitmap.
Specifies the image is metafile.
Specifies the types of the page's logical units.
Specifies the Measurement is in centimeters.
Specifies the Measurement is in picas. A pica represents 12 points.
Specifies the unit of measurement is 1 pixel.
Pixel unit is device dependent unit. The result depends on the default Dpi on the machine.
Specifies a printer's point (1/72 inch) as the unit of measure.
Specifies the inch as the unit of measure.
Specifies the document unit (1/300 inch) as the unit of measure.
Specifies the Measurement is in millimeters.
Implements structures and routines working with color.
Gets a null color.
The empty.
Gets whether the PDFColor is Empty or not.
true if this instance is empty; otherwise, false.
Gets or sets Blue channel value.
The B.
Gets the blue.
Gets or sets Cyan channel value.
The C.
Gets or sets Green channel value.
The G.
Gets the green.
The green.
Gets or sets Gray channel value.
The gray.
Gets or sets Black channel value.
The K.
Gets or sets Magenta channel value.
The M.
Gets or sets Red channel value.
The R.
Gets the red.
Gets or sets Yellow channel value.
The Y.
Initializes a new instance of the class.
Source color object.
Initializes a new instance of the class.
Source color object.
Initializes a new instance of the class.
Gray value.
Initializes a new instance of the class.
Red channel value.
Green channel value.
Blue channel value.
Initializes a new instance of the class.
Cyan channel value.
Magenta channel value.
Yellow channel value.
Black channel value.
Creates the Alpha ,Red ,Green, and Blue value of this PDFColor structure.
ARGB value.
Implicit operator.
System.Drawing.Color.
PDFColor.
Implicit operator.
System.Drawing.Color.
PDFColor.
Operator ==.
The color 1.
The color 2.
True if color 1 is equal to color 2; otherwise False.
Operator !=.
The color 1.
The color 2.
True if color 1 is not equal to color 2; otherwise False.
Determines whether the specified
is equal to the current .
The to
compare with the current .
True if the specified is equal
to the current ; otherwise -
False.
Determines if the specified color is equal to this one.
The color.
True if the color is equal; otherwise - False.
Serves as a hash function for a particular type, suitable for
use in hashing algorithms and data structures like a hash
table.
A hash code for the current .
Compares colors.
The color 1.
The color 2.
True if colors are identical; otherwise - False.
The class representing a graphics context of the objects.
It's used for performing simple graphics operations.
Gets the size of the canvas.
Usually, this value is equal to the size of the object this graphics belongs to.
Gets the size of the canvas reduced by margins and page templates.
It indicates a size of the canvas reduced by margins and template dimensions.
This value doesn't change when any custom clip is set.
Gets or sets the current color space.
The value change of this property has impact on the objects
which will be drawn after the change.
Draws a line.
The pen.
The point1.
The point2.
Draws a line.
The pen.
The x1.
The y1.
The x2.
The y2.
Draws a rectangle.
The pen.
The rectangle.
Draws a rectangle.
The pen.
The x.
The y.
The width.
The height.
Draws a rectangle.
The brush.
The rectangle.
Draws a rectangle.
The brush.
The x.
The y.
The width.
The height.
Draws a rectangle.
The pen.
The brush.
The rectangle.
Draws a rectangle.
The pen.
The brush.
The x.
The y.
The width.
The height.
Draws an ellipse.
The pen.
The rectangle.
Draws an ellipse.
The pen.
The x.
The y.
The width.
The height.
Draws an ellipse.
The brush.
The rectangle.
Draws an ellipse.
The brush.
The x.
The y.
The width.
The height.
Draws an ellipse.
The pen.
The brush.
The rectangle.
Draws an ellipse.
The pen.
The brush.
The x.
The y.
The width.
The height.
Draws an arc.
The pen.
The rectangle.
The start angle.
The sweep angle.
Draws an arc.
The pen.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Draws a pie.
The pen.
The rectangle.
The start angle.
The sweep angle.
Draws a pie.
The pen.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Draws a pie.
The brush.
The rectangle.
The start angle.
The sweep angle.
Draws a pie.
The brush.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Draws a pie.
The pen.
The brush.
The rectangle.
The start angle.
The sweep angle.
Draws a pie.
The pen.
The brush.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Draws a polygon.
The pen.
The points.
Draws a polygon.
The brush.
The points.
Draws a polygon.
The pen.
The brush.
The points.
Draws a bezier curve.
The pen.
The start point.
The first control point.
The second control point.
The end point.
Draws a bezier curve.
The pen.
The start point X.
The start point Y.
The first control point X.
The first control point Y.
The second control point X.
The second control point Y.
The end point X.
The end point Y.
Draws a path.
The pen.
The path.
Draws a path.
The brush.
The path.
Draws a path.
The pen.
The brush.
The path.
Draws an image.
The image.
The point.
Draws an image.
The image.
The x.
The y.
Draws an image.
The image.
The rectangle.
Draws an image.
The image.
The point.
The size.
Draws an image,recommending monochrome image.
The image.
The image compresson quality.
The point.
The size.
Draws an image.
The image.
The x.
The y.
The width.
The height.
Draws an image,recommending monochrome image
The image.
The image compresson quality.
The x.
The y.
The width.
The height.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The location point.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The point.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The x.
The y.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The x.
The y.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The location point.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The point.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The x.
The y.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The x.
The y.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The location point.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The point.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The x.
The y.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The x.
The y.
Draws the specified text string at the specified location and size
with the specified Brush and Font objects.
The text string.
The font.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
Draws the specified text string at the specified location and size
with the specified Brush and Font objects.
The text string.
The font.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
Draws the specified text string at the specified location and size
with the specified Pen and Font objects.
The text string.
The font.
The pen.
RectangleF structure that specifies the bounds of the drawn text.
Draws the specified text string at the specified location and size
with the specified Pen and Font objects.
The text string.
The font.
The pen.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
Draws the specified text string at the specified location and size
with the specified Pen, Brush and Font objects.
The text string.
The font.
The pen.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
Draws the specified text string at the specified location and size
with the specified Pen, Brush and Font objects.
The text string.
The font.
The pen.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The location point.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The point.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The x.
The y.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The brush.
The x.
The y.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The location point.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The point.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The x.
The y.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The x.
The y.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The location point.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The point.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The x.
The y.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location
with the specified Brush and Font objects.
The text string.
The font.
The pen.
The brush.
The x.
The y.
whether the parsing of HTML tags
Draws the specified text string at the specified location and size
with the specified Brush and Font objects.
The text string.
The font.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
whether the parsing of HTML tags
Draws the specified text string at the specified location and size
with the specified Brush and Font objects.
The text string.
The font.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location and size
with the specified Pen and Font objects.
The text string.
The font.
The pen.
RectangleF structure that specifies the bounds of the drawn text.
whether the parsing of HTML tags
Draws the specified text string at the specified location and size
with the specified Pen and Font objects.
The text string.
The font.
The pen.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
whether the parsing of HTML tags
Draws the specified text string at the specified location and size
with the specified Pen, Brush and Font objects.
The text string.
The font.
The pen.
The brush.
RectangleF structure that specifies the bounds of the drawn text.
The text string format.
whether the parsing of HTML tags
Translates the coordinates by specified coordinates.
The X value by which to translate
coordinate system.
The Y value by which to translate
coordinate system.
Scales the coordinates by specified coordinates.
The value by which to scale coordinate
system in the X axis direction.
The value by which to scale coordinate
system in the Y axis direction.
Rotates the coordinate system in clockwise direction around specified point.
The angle of the rotation (in degrees).
A System.Drawing.PointF that represents the center of the rotation.
Rotates the coordinate system in clockwise direction.
The angle of the rotation (in degrees).
Skews the coordinate system axes.
Skews the X axis by this angle (in
degrees).
Skews the Y axis by this angle (in
degrees).
Draws a template using its original size, at the specified location.
object.
Location of the template.
Draws a template at the specified location and size.
object.
Location of the template.
Size of the template.
Flashes this instance.
Saves the current state of this Graphics and identifies the saved state with a GraphicsState.
This method returns a GraphicsState that represents the saved state of this Graphics.
This method works similar to method.
Restores the last state of this Graphics.
Restores the state of this Graphics to the state represented by a GraphicsState.
GraphicsState that represents the state to which to restore this Graphics.
This method works similar to method.
Modifying the current clipping path by intersecting it with the current path.
Clip rectangle.
Modifying the current clipping path by intersecting it with the current path.
Clip rectangle.
The fill mode to determine which regions lie inside the clipping path.
Modifying the current clipping path by intersecting it with the current path.
Clip path.
Modifying the current clipping path by intersecting it with the current path.
Clip path.
The fill mode to determine which regions lie inside the clipping path.
Sets the transparency.
The alpha value for both pen
and brush operations.
Sets the transparency.
The alpha value for pen operations.
The alpha value for brush operations.
Sets the transparency.
The alpha value for pen operations.
The alpha value for brush operations.
The blend mode.
Indicates whether this instance and a specified object are equal.
Another object to compare to.
true if obj and this instance are the same type and
represent the same value; otherwise, false.
Returns the hash code for this instance.
A 32-bit signed integer that is the hash code for this instance.
Represents the state of a Graphics object.
A class representing page margins.
Gets or sets the left margin size.
Gets or sets the top margin size.
Gets or sets the right margin size.
Gets or sets the bottom margin size.
Sets margin of each side.
Margin of each side.
Initializes a new instance of the class.
Create and initialize margin.
The margin size.
Create and initialize margin.
The left right.
The top bottom.
Create and initialize margin.
The left.
The top.
The right.
The bottom.
Clones the object.
The cloned object.
A class defining settings for drawing operations.
Gets or sets the brush, which specifies the pen behaviour.
If the brush is set, the color values are ignored,
except for PdfSolidBrush.
Gets or sets the color of the pen.
Gets or sets the dash offset of the pen.
Gets or sets the dash pattern of the pen.
Gets or sets the dash style of the pen.
Gets or sets the line cap of the pen.
Gets or sets the line join style of the pen.
The line join.
Gets or sets the width of the pen.
Gets or sets the miter limit.
Initializes a new instance of the class.
The color.
Initializes a new instance of the class.
Color of the pen.
Width of the pen's line.
Initializes a new instance of the class.
The brush.
Initializes a new instance of the class.
The brush.
Width of the pen's line.
Initializes a new instance of the class.
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
Clones this instance.
A new pen with the same properties.
Class allowing to convert different unit metrics. Converting is
based on Graphics object DPI settings that is why for differ
graphics settings must be created new instance. For example:
printers often has 300 and greater dpi resolution, for compare
default display screen dpi is 96.
Represents the abstract brush, which containing a basic functionality of a brush.
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
Creates a new copy of a brush.
A new instance of the Brush class.
Implements gradient brush capabilities.
Gets or sets the background color of the brush.
This value is optional. If null is assigned to it,
the associated entry is removed from the appropriate dictionary.
Gets or sets a value indicating whether use anti aliasing algorithm.
Gets the wrapped element.
Implements linear gradient brush by using PDF axial shading pattern.
Initializes a new instance of the class.
The starting point of the gradient.
The end point of the gradient.
The starting color of the gradient.
The end color of the gradient.
Initializes a new instance of the class.
A RectangleF structure that specifies the bounds of the linear gradient.
The starting color for the gradient.
The ending color for the gradient.
The mode.
Initializes a new instance of the class.
A RectangleF structure that specifies the bounds of the linear gradient.
The starting color for the gradient.
The ending color for the gradient.
The angle, measured in degrees clockwise from the x-axis,
of the gradient's orientation line.
Gets or sets a PdfBlend that specifies positions
and factors that define a custom falloff for the gradient.
Gets or sets a ColorBlend that defines a multicolor linear gradient.
Gets or sets the starting and ending colors of the gradient.
Gets a rectangular region that defines
the boundaries of the gradient.
Gets or sets the value indicating whether the gradient
should extend starting and ending points.
Creates a new copy of a brush.
A new instance of the Brush class.
Represent radial gradient brush.
Initializes a new instance of the class.
The start centre.
The start radius.
The end centre.
The end radius.
The start color.
The end color.
Gets or sets a PdfBlend that specifies positions
and factors that define a custom falloff for the gradient.
Gets or sets a ColorBlend that defines a multicolor linear gradient.
Gets or sets the starting and ending colors of the gradient.
Gets or sets the rectangle.
The rectangle.
Gets or sets the value indicating whether the gradient
should extend starting and ending points.
Creates a new copy of a brush.
A new instance of the Brush class.
Represents a brush that fills any object with a solid colour.
Initializes a new instance of the class.
The color.
Initializes a new instance of the class.
color
Gets or sets the color of the brush.
Creates a new copy of a brush.
A new instance of the Brush class.
Implements a colored tiling brush.
Initializes a new instance of the class.
The boundaries of the smallest brush cell.
Initializes a new instance of the class.
The boundaries of the smallest brush cell.
The Current Page Object.
Initializes a new instance of the class.
The size of the smallest brush cell.
Initializes a new instance of the class.
The size of the smallest brush cell.
The Current Page Object.
Gets the boundary box of the smallest brush cell.
Gets the size of the smallest brush cell.
Gets Graphics context of the brush.
Creates a new copy of a brush.
A new instance of the Brush class.
Gets the element.
Represents an arc shape.
It ignores brush setting.
Initializes a new instance of the class.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The rectangle.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The rectangle.
The start angle.
The sweep angle.
Implements Bezier curve shape.
Initializes a new instance of the class.
The start point.
The first control point.
The second control point.
The end point.
Initializes a new instance of the class.
The start point X.
The start point Y.
The first control point X.
The first control point Y.
The second control point X.
The second control point Y.
The end point X.
The end point Y.
Initializes a new instance of the class.
The pen.
The start point.
The first control point.
The second control point.
The end point.
Initializes a new instance of the class.
The pen.
The start point X.
The start point Y.
The first control point X.
The first control point Y.
The second control point X.
The second control point Y.
The end point X.
The end point Y.
Gets or sets the start point.
Gets or sets the first control point.
Gets or sets the second control point.
Gets or sets the end point.
Describes an ellipse shape.
Initializes a new instance of the class.
The width.
The height.
Initializes a new instance of the class.
The pen.
The width.
The height.
Initializes a new instance of the class.
The brush.
The width.
The height.
Initializes a new instance of the class.
The pen.
The brush.
The width.
The height.
Initializes a new instance of the class.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The rectangle.
Initializes a new instance of the class.
The pen.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The pen.
The rectangle.
Initializes a new instance of the class.
The brush.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The brush.
The rectangle.
Initializes a new instance of the class.
The pen.
The brush.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The pen.
The brush.
The rectangle.
Gets the radius X.
Gets the radius Y.
Gets the center point.
The base class of arc and pie shapes.
Gets or sets the start angle.
Gets or sets the sweep angle.
Represents a line shape.
Initializes a new instance of the class.
The x1.
The y1.
The x2.
The y2.
Initializes a new instance of the class.
The point1.
The point2.
Initializes a new instance of the class.
The pen.
The x1.
The y1.
The x2.
The y2.
Initializes a new instance of the class.
The pen.
The point1.
The point2.
Gets or sets the x coordinate of the start point.
Gets or sets the y coordinate of the start point.
Gets or sets the x coordinate of the end point.
Gets or sets the y coordinate of the end point.
Implements graphics path, which is a sequence of primitive graphics elements.
Initializes a new instance of the class.
Initializes a new instance of the class.
The points.
The path types.
Initializes a new instance of the class.
The pen.
Initializes a new instance of the class.
The brush.
Initializes a new instance of the class.
The brush.
The fill mode.
Initializes a new instance of the class.
The pen.
The points.
The path types.
Initializes a new instance of the class.
The brush.
The fill mode.
The points.
The path types.
Initializes a new instance of the class.
The pen.
The brush.
The fill mode.
Gets or sets the fill mode.
Gets the path points.
Gets the path point types.
Gets the point count.
Gets the last point.
Adds an arc.
The boundaries of the arc.
The start angle.
The sweep angle.
Adds an arc.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Adds a bezier curve.
The start point.
The first control point.
The second control point.
The end point.
Adds a bezier curve.
The start point X.
The start point Y.
The first control point X.
The first control point Y.
The second control point X.
The second control point Y.
The end point X.
The end point Y.
Adds an ellipse.
The boundaries of the ellipse.
Adds an ellipse.
The x.
The y.
The width.
The height.
Adds a line.
The point1.
The point2.
Adds a line.
The x1.
The y1.
The x2.
The y2.
Appends the path specified to this one.
The path, which should be appended.
Appends the path specified by the points and their types to this one.
The points.
The path point types.
Appends the pie to this path.
The rectangle.
The start angle.
The sweep angle.
Appends the pie to this path.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Append the closed polygon to this path.
The points of the polygon.
Appends the rectangle to this path.
The rectangle.
Appends the rectangle to this path.
The x.
The y.
The width.
The height.
Starts a new figure.
The next added primitive will start a new figure.
Closes the last figure.
Closes all non-closed figures.
Gets the last point.
The last point.
Calc Point w/h
get this path's bound.
return this path's bound
Represents Pdf Template object.
the origin location of the template
Initializes a new instance of the class.
The size.
Initializes a new instance of the class.
Initializes a new instance of the class.
The width.
The height.
Initializes a new instance of the class.
The width.
The height.
Indicates if the template is used for PdfAppearance.
Initializes a new instance of the class.
RectangleF cropBox
Initializes a new instance of the class.
RectangleF cropBox
RectangleF mediaBox
Gets graphics context of the template.
It will return null, if the template is read-only.
Gets the size of the template.
Gets the width of the template.
Gets the height of the template.
Gets a value indicating whether the template is read-only.
true if the template is read-only; otherwise, false.
Read-only templates does not expose graphics. They just return null.
Resets the template and sets the specified size.
The size.
Resets an instance.
Gets the wrapped element.
Represents a pie shape.
Initializes a new instance of the class.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The brush.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The brush.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The rectangle.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The rectangle.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The brush.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The brush.
The rectangle.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The brush.
The x.
The y.
The width.
The height.
The start angle.
The sweep angle.
Initializes a new instance of the class.
The pen.
The brush.
The rectangle.
The start angle.
The sweep angle.
Represents a set of points connected with lines, could be drawn and filled.
Initializes a new instance of the class.
The points.
Initializes a new instance of the class.
The pen.
The points.
Initializes a new instance of the class.
The brush.
The points.
Initializes a new instance of the class.
The pen.
The brush.
The points.
Gets or sets the points of the polygon.
Gets a number of the points in the polygon.
Adds a point to the polygon.
The last point of the polygon.
Represents a simple rectangle that could be drawn and/or filled.
Initializes a new instance of the class.
The width.
The height.
Initializes a new instance of the class.
The pen.
The width.
The height.
Initializes a new instance of the class.
The brush.
The width.
The height.
Initializes a new instance of the class.
The pen.
The brush.
The width.
The height.
Initializes a new instance of the class.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The rectangle.
Initializes a new instance of the class.
The pen.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The pen.
The rectangle.
Initializes a new instance of the class.
The brush.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The brush.
The rectangle.
Initializes a new instance of the class.
The pen.
The brush.
The x.
The y.
The width.
The height.
Initializes a new instance of the class.
The pen.
The brush.
The rectangle.
Represents an area bound by a rectangle.
Gets or sets the X co-ordinate of the upper-left corner of this the element.
Gets or sets the Y co-ordinate of the upper-left corner of this the element.
Gets or sets the width of this element.
Gets or sets the height of this element.
Gets or sets the size of this element.
Gets or sets bounds of this element.
Represents the bitmap images.
When replacing the picture,use this property
Gets or sets the active frame of the bitmap.
The active frame index.
Gets the number of frames in the bitmap.
The frame count.
Gets or sets the mask of bitmap.
New PdfMask.
Gets or sets the quality.
When the image is stored into PDF not as a mask,
you may reduce its quality, which saves the disk space.
When replacing the picture,use this property
Creates new PdfBitmap instance.
The image.
Creates new PdfBitmap instance.
The image path.
Creates new PdfBitmap instance.
The stream.
Releases unmanaged resources and performs other cleanup operations before the
is reclaimed by garbage collection.
Performs application-defined tasks associated with freeing,
releasing, or resetting unmanaged resources.
define method "SaveAsRawImageForIndexedFormat" supported IndexedFormat
save indexed bitmap to raw image
support PixelFormat: Format1bppIndexed Format4bppIndexed Format8bppIndexed
Represents the color mask for bitmaps.
Gets or sets the start color.
The start color.
Gets or sets the end color.
The end color.
Creates new PdfColorMask object.
The start color.
The end color.
Represents the base class for images.
Gets the height of the image in pixels.
The height.
If True, png direct convert to Jpx and no mask.
Gets the width of the image in pixels.
The width.
Gets the horizontal resolution, in pixels per inch, of this Image.
The horizontal resolution.
Gets the vertical resolution, in pixels per inch, of this Image.
The vertical resolution.
Returns the size of the image in points.
This property uses HorizontalResolution and VerticalResolution for calculating the size in points.
Gets or sets the active frame of the image.
Gets the number of frames in the image.
Creates PdfImage from a file.
Path to a file.
Returns a created PdfImage object.
Creates PdfImage from stream.
The stream.
Returns a created PdfImage object.
Converts a object into a PDF image.
The image.
Returns a created PdfImage object.
Creates a new image instance from RTF text.
RTF text data.
Width of the image in points.
Type of the image that should be created.
The text string format.
PdfImage containing RTF text.
Creates a new image instance from RTF text.
RTF text data.
Width of the image in points.
Type of the image that should be created.
PdfImage containing RTF text.
Creates a new image instance from RTF text.
RTF text data.
Width of the image in points.
Height of the image in points.
Type of the image that should be created.
PdfImage containing RTF text.
Creates a new image instance from RTF text.
RTF text data.
Width of the image in points.
Height of the image in points.
Type of the image that should be created.
The text string format.
PdfImage containing RTF text.
Gets the wrapped element.
Represents the image mask object for bitmaps.
Gets the image mask.
The image mask.
Gets the mask type.
true if soft mask; otherwise, hard mask false.
Creates new PdfImageMask object.
The image mask.
Base class for bitmap masking objects.
Class representing metafiles.
load URL time out
load URL whether Waiting
WebBrowser load Complete
Gets or sets page settings of the section.
Get html page start time
load URL whether Waiting
webBrowser load html whether Waiting time in milliseconds.
load ScouceCode or URL
WebBrowser load Complete
Gets or sets page settings of the section.
Options of converting html to pdf
Not clip
Clips width
Clips height
Clips width and height
load from content type
load from ulr or file
load html SourceCode
default 30 s
load URL whether Waiting
load ScouceCode or URL
WebBrowser load Complete
Gets or sets layout type of the element.
If html view is larger than pdf page, zooms out it to fit pdf page.
But if html view is smaller than, will not zoom in it.
If html view is larger than page, resize pdf page to fit html view.
But if html view is smaller than, will not resize pdf page.
If html view is smaller than page, trim pdf page to fit html view.
The maximum time in milliseconds to wait the completion of loading html.
Default is 30000.
webBrowser load html whether Waiting
webBrowser load html whether Waiting time in milliseconds.
load ScouceCode or URL
WebBrowser load Complete
None -> 0
Width -> 1
Height -> 2
Both -> 4
float
float
float
float
Size
Size
Margins
PdfLayoutType
Clip
Clip
Clip
int
float
float
float
float
FRect
int
FRect
Pointer to DebugLog.CLogInfo, C module uses it to write log message.
Pointer to HTMLConverter.dll
Pointer to ConvertToHTML method.
Path of dll folder, which contains HTMLConverter.dll
Sets the path of the folder which cantains the HTMLConverter.dll
and other dll files required for conversion.
Convert an html page to a pdf file. The Qt html engine plugin is required.
During conversion, JavaScript is enabled, default timeout is 30 seconds.
The page size of output pdf file is A4 and margin is 90 (left-right) and 72 (top-bottom).
Url address of the html page.
The output pdf file name.
[Obsolete("This method may be removed in the future.")]
Convert an html page to a pdf file. The Qt html engine plugin is required.
During conversion, JavaScript is enabled, default timeout is 30 seconds.
The page size of output pdf file is A4 and margin is 90 (left-right) and 72 (top-bottom).
Url address of the html page.
The output pdf Stream.
[Obsolete("This method may be removed in the future.")]
Convert an html page to a pdf file. The Qt html engine plugin is required.
During conversion, JavaScript is enabled, default timeout is 30 seconds.
The page size of output pdf file is A4 and margin is 90 (left-right) and 72 (top-bottom).
Url address of the html page.
The output pdf file name.
the load htmlcode or url
Convert an html page to a pdf stream. The Qt html engine plugin is required.
During conversion, JavaScript is enabled, default timeout is 30 seconds.
The page size of output pdf file is A4 and margin is 90 (left-right) and 72 (top-bottom).
Url address of the html page.
The output pdf stream.
the load htmlcode or url
Convert an html page to a pdf file. The Qt html engine plugin is required.
Url address of the html page.
The output pdf file name.
Indicates whether enable JavaScript.
The timeout of loading html.
The page size of output pdf file.
The margins of output pdf file.
[Obsolete("This method may be removed in the future.")]
Convert an html page to a pdf stream. The Qt html engine plugin is required.
Url address of the html page.
The output pdf stream.
Indicates whether enable JavaScript.
The timeout of loading html.
The page size of output pdf file.
The margins of output pdf file.
[Obsolete("This method may be removed in the future.")]
init HTML2PDFOption param
Url address of the html page.
Indicates whether enable JavaScript.
The timeout of loading html.
The page size of output pdf file.
The margins of output pdf file.
Convert an html page to a pdf file. The Qt html engine plugin is required.
Url address of the html page.
The output pdf file name.
Indicates whether enable JavaScript.
The timeout of loading html.
The page size of output pdf file.
The margins of output pdf file.
url or htmlcontent
Convert an html page to a pdf file. The Qt html engine plugin is required.
Url address of the html page.
The output pdf stream.
Indicates whether enable JavaScript.
The timeout of loading html.
The page size of output pdf file.
The margins of output pdf file.
url or htmlcontent
Represents the layout parameters.
Gets or sets the starting layout page.
Gets or sets the lay outing bounds.
Gets or sets the vertical offsets.
The vertical offsets.
Gets or sets the lay outing settings.
HTML tags
parsing html tags
html content
drawing font
parsing html tags
html content
set html type
set text font
set font style
Represents the result of html to pdf conversion.
Initializes a new instance of the class.
The image.
The page breaks.
The anchors.
Gets the rendered image.
The rendered image.
Draws the HtmlToPdfResults on to the document.
The Pdf Page.
The Metafile layout format.
Performs application-defined tasks associated with releasing, or resetting unmanaged resources.
Specfies the status of the IPdfPrmitive.
The information of cross-reference store in a cross-referebnce stream
The current load state
The load state
Check whether the entry of cross reference stream is in correct place
if correct return true ,otherwise false
Check whether the entry of cross reference table is in correct place
If correct return true ,otherwise false
Check whether the entry`s offset that in cross reference table or cross reference stream is
in correct place
If correct return true ,otherwise false
add the document info to the pdfObjects
Fixed TokenType.UnicodeString mismatch.
Begin an inline image object.
Begin the image data for an inline image object.
End an inline image object.
Get Holds all integers that have been read ahead.
Check whether the indirect object`s position in file are same as the offset
The indirect object`offset
The object number
If correct return true ,otherwise return false
Convert string to a byte array.
String data
Byte array.
1 G ,Pen Color
1 g ,Pen Color
Retrieves character type info
Retrieves bi-directional layout info
Retrieves text processing info
Uppercase
Lowercase
Decimal digits
Space characters
Punctuation
Control characters
Blank characters
Hexadecimal digits
Any linguistic character: alphabetic, syllabary, or ideographic
Left to right
Right to left
European number, European digit
European numeric separator
European numeric terminator
Arabic number
Common numeric separator
Block separator
Segment separator
White space
Other neutrals
No implicit directionality (for example, control codes)
Diacritic nonspacing mark
Vowel nonspacing mark
Symbol
Katakana character
Hiragana character
Half-width (narrow) character
Full-width (wide) character
Ideographic character
Arabic Kashida character
Punctuation which is counted as part of the word
(Kashida, hyphen, feminine/masculine ordinal indicators, equal sign, and so forth)
All linguistic characters (alphabetical, syllabary, and ideographic)
Not applicable
Native enum.
Record of Emf metafile.
New miter limit.
Record of Emf metafile.
The XFORM structure specifies a world-space to page-space transformation.
Specifies scaling/rotation/reflection
Specified shear/rotation
Specified shear/rotation
Specifies scaling/rotation/reflection
Specifies the horizontal translation component, in logical units.
Specifies the vertical translation component, in logical units.
Record of Emf metafile.
Record of Emf metafile.
Point creation from lParam's data.
lParam's data for initialing point structure.
Performs an implicit conversion from to .
The p.
The result of the conversion.
Performs an implicit conversion from to .
The p.
The result of the conversion.
Performs an implicit conversion from to .
The p.
The result of the conversion.
Windows structure.
Windows structure.
Windows structure.
ABC structure.
Structure for 32 bit images saving.
Value of Blue chanel.
Value of Green chanel.
Value of Red chanel.
Value of Alpha chanel.
Structure for 24 bit images saving.
Value of Blue chanel.
Value of Green chanel.
Value of Red chanel.
Structure for 24 bit images saving.
Value of Blue chanel.
Value of Green chanel.
Value of Red chanel.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Windows structure.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Record of Emf metafile.
Represents the method that executes on a PdfNewDocument when a new page is created.
The source of the event.
A that contains the event data.
Provides data for PageAdded event.
This event raised on adding the pages.
Gets the newly added page.
a object representing the page which is added in the document.
Initializes a new instance of the class.
a object representing the page which is added in the document.
Encapsulates a page template for all the pages in the document.
Gets or sets a left page template.
Gets or sets a top page template.
Gets or sets a right page template.
Gets or sets a bottom page template.
Gets or sets a left page template using on the even pages.
Gets or sets a top page template using on the even pages.
Gets or sets a right page template using on the even pages.
Gets or sets a bottom page template using on the even pages.
Gets or sets a left page template using on the odd pages.
Gets or sets a top page template using on the odd pages.
Gets or sets a right page template using on the odd pages.
Gets or sets a bottom page template using on the odd pages.
Gets a collection of stamp elements.
Initializes a new instance of the class.
This class allows to manipulate with page
labels of one of the sections.
Gets the count.
The count.
Gets the at the specified index.
Add the Page Label.
Gets the element.
The base class for all pages.
Returns page is blank flag for page's content.
Returns the visible region of the page.
Returns page region after clipping.
Returns page region mediabox.
Returns page region after trimming.
Returns page region containing content.
Gets the field collection.
Get picture information and location
Gets the information about the extracted image.
Gets the graphics of the .
Gets the parent section of the page.
Gets the collection of the page's layers.
add 'q','Q'
Gets or sets index of the default layer.
Gets the default layer of the page.
Gets the size of the page.
Gets the actual size of the page.
Gets or sets page's background image.
Gets or sets page's background color.
The position and size of the background
Get the page label.
Returns a page size reduced by page margins and page template dimensions.
It's the actual size of the page where some output can be performed.
Returns a page size reduced by page margins and page template dimensions.
Replace the Image at index's Position.
index of an image
The New Replace image
Creates a template from page content and all annotation appearances.
The created template.
Text search result
Find text
find text
The text intends to search.
Indicate the expected result is the whole word or not, which means, if it is true, only the word is exactly the same with the
searching word will be found;if it is false, any word including the searching word will be found. For instance,the text is "is this a pen?"
and the target is "is", if true, one result will be returned; if false, two results will be returned.
find text
string searchPatternText
find text
Find all text and position.
All text find in the page.
Sort text position
Find text in page
The text which is to be searched
The result which has already been searched
Find text in page
The text which is to be searched
The result which has already been searched
Apply Color
find text from XObject
string[] xobjectElement
Spire.Pdf.Exporting.PdfPageResources m_pageResources
Extracts text from the given PDF Page by SimpleTextExtractionStrategy.
The Extracted Text.
Extracts text in the range of rectangle from the given PDF Page.
The unit is Point,1/72 inch default.
the coordinate origin is top left corner of the page.
Provide a rangle to extract text.
The Extracted Text.
Extracts text in the range of rectangle from the given PDF page by SimpleTextExtractionStrategy.
the coordinate origin is top left corner of the page.
Provide a rangle to extract text.
Provide simple text extraction policy
The Extracted Text.
Process text table.when the number of char in text is bigger one, split into multiple text.
the old text table
the new text table
Extracts text from the given PDF Page.
The Extracted Text.
Get the descent of current font
the descent
Get the space character distance
the text
the text inner distance
the space character distance
Get the totall word space
The text
The totall word space
Get the totall character space
The text
The totall character space
Extracts text from the given PDF Page.
The Extracted Text.
foreach font from Dictionary
pagedic
Extracts images from the given PDF Page.
The name of a image in the resources save in the Tag attribute of the iamge.
Returns the extracted image as Image[].
Extracts images from the given PDF Page. and image is not processed.
The name of a image in the resources save in the Tag attribute of the iamge.
Returns the extracted image as Image[].
Delete an image.
The value of the image's Tag attribute is the name of the image in the resources.
If the value of Tag is null,the sample image is an inline image type.
The image to the delete.
Delete an image in a page.
The image's name.
Delete an image by index in a page.
The image index.
Try to compress images(except inline image).
The image index
If success, return true; otherwise false.
Gets the wrapped element.
Insert rich text to page
rich text
width
IsSplitLine
Insert rich text to page
rich text
width
IsSplitLine
Draw text x,y point
Insert rich text to page
rich text
width
IsSplitLine
Insert rich text to page
rich text
width
IsSplitLine
Draw text x,y point
Raises before the page saves.
This class allows to manipulate with page
labels of one of the sections.
Gets or sets the numbering style.
Gets or sets the first page's index in a labeling range.
Gets or sets the prefix.
Gets or sets the start number.
Initializes a new instance of the class.
Gets the element.
Represents parameters how to display the page in the presentation mode.
Gets or sets the transition style to use when moving to this page from another
during a presentation.
The style.
Gets or sets the duration of the transition effect, in seconds.
The transition duration.
Gets or sets the dimension in which the specified transition effect occurs.
The dimension.
Gets or sets the the direction of motion for the specified transition effect.
The motion.
The direction in which the specified transition effect moves, expressed in degrees counter
clockwise starting from a left-to-right direction. (This differs from the page objects
Rotate property, which is measured clockwise from the top.)
Gets or sets the starting or ending scale at which the changes are drawn.
If Motion property specifies an inward transition, the scale of the changes drawn progresses
from Scale to 1.0 over the course of the transition. If Motion specifies an outward
transition, the scale of the changes drawn progresses from 1.0 to Scale over the course
of the transition.
This property has effect for Fly transition style only.
The scale.
Gets or sets The pages display duration (also called its advance timing): the maximum
length of time, in seconds, that the page is displayed during presentations before
the viewer application automatically advances to the next page. By default,
the viewer does not advance automatically.
The page duration.
Initializes a new instance of the class.
Gets the element.
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
Manipulates pages within a section.
Gets the at the specified index.
Gets the count of the pages.
Creates a new page and adds it into the collection.
The new page.
Adds a page into collection.
The page.
Inserts a page at the specified index.
The index.
The page.
Returns the index of the specified page.
The page.
The index of the page.
Determines whether the specified page is within the collection.
The page.
true if the collection contains the specified page; otherwise, false.
Removes the specified page.
The page.
Removes a page at the index specified.
The index.
Clears this collection.
Encapsulates a page template for all the pages in the section.
Gets or sets value indicating whether parent Left page template should be used or not.
Gets or sets value indicating whether parent Top page template should be used or not.
Gets or sets value indicating whether parent Right page template should be used or not.
Gets or sets value indicating whether parent Bottom page template should be used or not.
Gets or sets value indicating whether
the parent stamp elements should be used or not.
Creates a new object.
A collection of stamps that are applied to the page templates.
Gets a stamp element by its index.
Creates a new stamp collection.
Adds a stamp element to the collection.
The stamp element.
The index of the stamp element.
Creates a stamp element and adds it to the collection.
X co-ordinate of the stamp.
Y co-ordinate of the stamp.
Width of the stamp.
Height of the stamp.
The created stamp element.
Checks whether the stamp element exists in the collection.
Stamp element.
True - if stamp element exists in the collection, False otherwise.
Inserts a stamp element to the collection at the specified position.
The index of the stamp in the collection.
The stamp element.
Removes the stamp element from the collection.
The stamp element.
Removes a stamp element from the specified position in the collection.
The index of the stamp in the collection.
Cleares the collection.
Gets the current section.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element;
false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Value of the element.By Bug735
Image Format
Gets the readable string .
The readable string.
Gets or sets the integer value of the specified object.
Multi pages to one paper layout.
Multiple pages order in paper layout.
A value indicating whether the pages has the page border.
The number of rows for the paper layout.
The number of columns for the paper layout.
The spacing between pages and pages,measured in hundredths of an inch.
Get or set the number of columns for paper layout.
Get or set the number of rows for paper layout.
Get or set a value indicating whether the pages has the page border.
Get or set the order of pages in the paper layout.
Initializes a new instance of the PdfMultiPageLayout class.
Get the page content bounds in paper content bound.
The paper content bound.
The page content bound in paper content bound.
Get the page bounds in horizontal layout.
the paper content bound
The page bounds.
Get the page bounds in horizontal reverse layout.
The paper content bound.
The page bounds.
Get the page bounds in vertical layout.
The paper content bound.
The page bounds.
Get the page bounds in vertical reverse layout.
The paper content bound.
The page bounds.
Get the page content bounds in paper bound.
The page bounds.
The page content bounds.
Multi pages order in the Paper layout.
Horizontal and from left to right
Horizontal and from right to left
Vertical and from left to right
Vertical and from right to left
Split one page to multi papers layout.
Initializes a new instance of the PdfSplitPageLayout class
Get page bounds.
The page bound.
The paper content bound.
A List collection abount the page bounds.
One page to one paper layout.
Page scaling mode,default value FitSize.
Custom scaling(unit:percent),default value 100f.
A value indicating whether automatic portrait and landscape.
Default value false.
Get or set page scaling mode,default value FitSize.
Get or set custom scaling(unit:percent),default value 100f.
Get or set a value indicating whether automatic portrait and landscape.
Default value false.
Initializes a new instance of the PdfSinglePageLayout class
Get page content bound in paper content bound.
The paper printable content bound.
The paper content bound.
The page bound.
The page content bound.
Get page content bound when scaling mode is FitSize.
The paper content bound.
The page content bound.
Get page content bound when scaling mode is ActualSize.
The paper content bound.
The page bound.
The page content bound.
Get page content bound when scaling mode is CustomSacle.
The paper content bound.
The page bound.
The page content bound.
Get page content bound when scaling mode is ShrinkOverSized.
The paper content bound.
The page bound.
The page content bound.
Pdf Print Page Scale type
Adaptive content size.
The actual size of the content.
Shrink oversized pages.
Custom scale.
Represents information about page size.
The PaperSize's width and height,unit:in hundredths of an inch.
Letter format.
Note format.
Legal format.
A0 format.
A1 format.
A2 format.
A3 format.
A4 format.
A5 format.
A6 format.
A7 format.
A8 format.
A9 format.
A10 format.
B0 format.
B1 format.
B2 format.
B3 format.
B4 format.
B5 format.
ArchE format.
ArchD format.
ArchC format.
ArchB format.
ArchA format.
The American Foolscap format.
HalfLetter format.
11x17 format.
Ledger format.
The page print to paper.
Pdf document printSetting.
Pdf document object.
The current pages array index in m_pages.
The printed pages array, it's elements value is document page index.
Initializes a new instance of the PdfPrinter class.
Pdf document printSetting.
Pdf document object.
Print Preview.
Print document.
Begin print page.
Query page setting.
Print Page.
End print.
Begin print page for one page to one paper.
Query page setting for one page to one paper.
Print one page to one paper.
Begin print page for multiple pages to one paper.
Query page setting for multiple pages to one paper.
Print multiple pages to one paper.
Current page image.
Current page bound.
Split bounds of current page.
Split bound index of current page.
Paper content bound.
Begin print page for one page to multiple papers.
Query page setting for one page to multiple papers.
Print one page to multiple papers.
Write Warning info
Initialize print.
Get page metafile.
Document page index.
Page Image.
Get paper margin bound which according paperSettings. the paperSettings
is the attribute of PrintPageEventArgs.PageSettings. (Unit: hundredths of an inch)
PrinterUnit.Display is hundredths of an inch.
Paper set.
Is consider hard margin.
If the considerHardXY is true,get the paper content bound arrcording to the printable area.
Otherwise the considerHardXY is false,get the paper content bound according to the whole piece of paper.
Paper content bound(Unit:hundredths of an inch).
Get page bound.
Page bound(Unit:PrinterUnit.Display).
Print the pdf page to the paper's bound using uniform mode.
Provides data for the print page event.
The pdf page.
The paper's bound(Unit:PrinterUnit.Display).
Print the page bound of pdf page image to the paper's bound using fill mode.
Provides data for the print page event.
The pdf page image.
The pdf page bound(Unit:PrinterUnit.Display).
The pdf page split bound(Unit:PrinterUnit.Display).
The paper's bound(Unit:PrinterUnit.Display).
Destructor
Releases all resources used.
Specify whether to had released resources.
Releases all resources used.
True,Releases all resources;False,Releases unmanaged resources.
Provides data for paper setting event.
Get current paper index,from 1.
Gets the paper source trays that are available on the printer.
Get or set current paper source on the printer.
Initializes a new instance.
Current paper index.
paper source trays that are available on the printer.
Current paper source on the printer.
Represents the method that handles paper setting event.
The source of the event.
The event data
The page print settings.
Defines a reusable object that sends output to a printer.
Page layout mode.
One page to one paper layout.
Multi-page to one paper layout.
One page to multi-paper layout.
The user has specified print pages save in the array.
Defines a reusable object that sends output to a printer.
Get or set the name of printer which is on printing pdf document.
Get or set the document name to display (for example, in a print status dialog box or printer queue) while printing the document.
Get or set the size of a piece of paper.
Get or set the number of copies of the document to print.
Get or set a value indicating whether the page should be printed in color.
true if the page should be printed in color; otherwise, false. The default
is determined by the printer.
Get or set a value indicating whether the printed document is collated.
Get or set a value indicating whether the page is printed in landscape or portrait orientation.
Returns:
True if the page should be printed in landscape orientation; otherwise, false.
Get or set the print controller that guides the printing process.
Get a value indicating whether the printer supports double-sided printing.
Get or set the printer setting for double-sided printing.
Get the pagenumber which you choose as the start page to printing.
Get the pagenumber which you choose as the final page to printing.
Get the user has specified print pages.
Get or set page layout mode.
Get one page to one paper layout.
Get multi-page to one paper layout.
Get one page to multi-paper layout.
Occurs immediately before print each paper.
Occurs when the Spire.pdf.PdfDocument.Print() method is called
and before the first page of the document prints.
Occurs when the last page of the document has printed.
Occurs when the output to print for the current page is needed.
Occurs immediately before each Spire.pdf.PdfDocument.PrintSettings.PrintPage
event.
Initializes a new instance of the PdfPrintSetting class.
Set print page range.
From page.
To page.
Set print some pages.
Selection pages.
Select one page to one paper layout.
Default pageScalingMode = PdfSinglePageScalingMode.FitSize, autoPortraitOrLandscape = true, customScaling = 100f.
Select one page to one paper layout.
Page scaling mode.
Select one page to one paper layout.
Page scaling mode.
Indicating whether automatic portrait and landscape.
Select one page to one paper layout.
Page scaling mode.
Indicating whether automatic portrait and landscape.
Custom scaling(unit:percent),default value 100f.Valid only if pageScalingMode== PdfSinglePageScalingMode.CustomScale.
Select muti page to one paper layout.
Default rows = 2, columns = 2, hasPageBorder = false, pageOrder = PdfMultiPageOrder.Horizontal.
Select muti page to one paper layout.
The number of rows for the paper layout.
Select muti page to one paper layout.
The number of rows for the paper layout.
The number of columns for the paper layout.
Select muti page to one paper layout.
The number of rows for the paper layout.
The number of columns for the paper layout.
A value indicating whether the pages has the page border.
Select muti page to one paper layout.
The number of rows for the paper layout.
The number of columns for the paper layout.
A value indicating whether the pages has the page border.
Multiple pages order.
Select split page to muti paper layout.
Set paper margins,measured in hundredths of an inch.
Paper margin top(unit:hundredths of an inch).
Paper margin bottom(unit:hundredths of an inch).
Paper margin left(unit:hundredths of an inch).
Paper margin right(unit:hundredths of an inch).
Set printing to file.
File name.
Trig before each System.Drawing.Printing.PrintDocument.PrintPage.
The source of the event.
A System.Drawing.Printing.QueryPageSettingsEventArgs that contains the event data.
User set event in begin print.
The source of the event.
A System.Drawing.Printing.PrintEventArgs that contains the event data.
User set event when the last page of the document has printed.
The source of the event.
A System.Drawing.Printing.PrintEventArgs that contains the event data.
User set event in print page.
The source of the event.
A System.Drawing.Printing.PrintPageEventArgs that contains the event data.
User set event in query page setting.
The source of the event.
A System.Drawing.Printing.QueryPageSettingsEventArgs that contains the event data.
Destructor
Releases all resources used.
Specify whether to had released resources.
Releases all resources used.
True,Releases all resources;False,Releases unmanaged resources.
Pdf print pages layout mode.
One page to one paper.
Multiple pages to one paper.
One page to multiple papers.
Defines data compression level.
Pack without compression.
Use high speed compression, reduce of data size is low.
Something middle between normal and BestSpeed compressions.
Use normal compression, middle between speed and size.
Pack better but require a little more time.
Use best compression, slow enough.
No compression.
Compresses data using the zlib or deflate compression method,
reproducing the original text or binary data.
Compresses data using the LZW compression method, reproducing
the original text or binary data.
Compresses data using the ASCII85 compression method, reproducing
the original text or binary data.
Decompresses data encoded using a DCT (discrete cosine transform)
technique based on the JPEG standard, reproducing image sample
data that approximates the original data.
Decompresses data encoded using the zlib / deflate
compression method, reproducing the original text or binary
data.
PdfDocumentBase Object
Represents a logic to create Pdf document.
Layer OCProperties info
Initializes a new instance of the class.
Initializes a new instance of the class.
The conformance level.
Not Supported under Medium Trust environment.
set conformance value.
The Conformance level.
Delegate for the event.
The sender.
The arguments.
Occurs when the document is being saved.
This event raised on saving the document. It will keep track of the save progress of the document.
Layer OCProperties info
Gets the root of the bookmark tree in the document.
A object specifying the document's bookmarks.
Creates an bookmark root instance
if it's called for first time.
Gets the attachments of the document.
The object contains list of files which are attached in the PDF document.
Gets the interactive form of the document.
The object contains the list of form elements of the document.
Gets or sets the color space of the document.
This property has impact on the new created pages only.
If a page was created it remains its colour space obliviously
to this property changes.
The of the document.
Indicates the document is a merged document or not, defalut value: false.
Gets or Sets the Pdf Conformance level.
Supported : PDF/A-1b - Level B compliance in Part 1
Saves the document to the specified stream.
The stream object where PDF document will be saved.
Closes the document.
if set to true the document should be disposed completely.
The document is disposed after calling the Close method. So, the document can not be saved if Close method was invoked.
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
The resulting clone must be of the same type as or a compatible type to the original instance.
Shows the saving progress.
Gets the total number of the elements (pages) that need to be saved.
Gets the current element (page) index that just was saved.
The index value increases constantly from 0 to Total.
Gets the progress.
Progress constantly increases from 0.0 to 1.0.
1.0 value means that entire document has been saved.
A class containing the information about the document.
Gets or sets the creation date.
The creation date.
Gets or sets the modification date.
The modification date.
Gets or sets the title.
The title.
Gets or sets the author.
The author of the document.
Gets or sets the subject.
The subject.
Gets or sets the keywords.
The keywords.
Gets or sets the creator.
The creator.
If the document was converted to PDF from another format,
the name of the application (for example, Acrobat Distiller)
that converted it to PDF.
The producer of the document.
Gets the element.
Defines the way the document is to be presented on the screen or in print.
A flag specifying whether to position the documents window in the center of the screen.
Set Expand or Collapse
Find Node Tree
iterates Bookmark,Set Expand or Collapse
Find the click node
Set Expand or Collapse
A flag specifying whether the windows title bar should display the document title taken
from the Title entry of the document information dictionary. If false, the title bar
should instead display the name of the Pdf file containing the document.
A flag specifying whether to resize the documents window to fit the size of the first
displayed page.
A flag specifying whether to hide the viewer applications menu bar when the
document is active.
A flag specifying whether to hide the viewer applications tool bars when the document is active.
A flag specifying whether to hide user interface elements in the documents window
(such as scroll bars and navigation controls), leaving only the documents contents displayed.
A name object specifying how the document should be displayed when opened.
A name object specifying the page layout to be used when the document is opened.
Gets or Set the page scaling option to be selected
when a print dialog is displayed for this document.
Gets the element.
Base collection of the pdf objects.
Initializes a new instance of the class.
Gets number of the elements in the collection.
The total number of elements in the collection.
Gets internal list of the collection.
Returns an enumerator that iterates through a collection.
Returns an enumerator that iterates through a collection.
Implements PDF Exponential Interpolation Function.
Initializes a new instance of the class.
init
Gets or sets the function result when x = 0.
Gets or sets the function result when x = 1.
Gets or sets the Exponent.
Implements the base class for all functions.
Gets the element.
Get a resource.
The resource name.
The resource type.
A resource.return null if not exist.
Get the resource.
The resource name.
The resource type.
The resource.Return null,if not contain a resource with the name.
Add a resource.
The resource.
The resource type.
Remove a resource.
The resource name.
The resource type.
Whether to contain the resource.
The resource.
The resource type.
True,if contain the resource;False,otherwise.
Get the resources.
The resource type.
The resources dictionary of the resource type.
Enumerator that implements page orientations.
Portrait orientation.
Landscape orientation.
The number of degrees by which the page should be rotated clockwise when displayed or printed.
The page is rotated as 0 angle.
The page is rotated as 90 angle.
The page is rotated as 180 angle.
The page is rotated as 270 angle.
Specifies numbering style of page labels.
No numbering at all.
Decimal arabic numerals.
Lowercase letters a-z.
Lowercase roman numerals.
Uppercase letters A-Z.
Uppercase roman numerals.
Specifies the docking style of the page template.
This enumeration is used in class.
The page template is not docked.
The page template edge is docked to the bottom page's side.
The page template edge is docked to the top page's side.
The page template edge is docked to the left page's side.
The page template edge is docked to the right page's side.
The page template stretch on full page.
Specifies how the page template is aligned relative to the template area.
This enumeration is used in class.
Specifies no alignment.
The template is top left aligned.
The template is top center aligned.
The template is top right aligned.
The template is middle left aligned.
The template is middle center aligned.
The template is middle right aligned.
The template is bottom left aligned.
The template is bottom center aligned.
The template is bottom right aligned.
A name object specifying the page layout to be used when the
document is opened.
Default Value. Display one page at a time.
Display the pages in one column.
Display the pages in two columns, with odd numbered
pages on the left.
Display the pages in two columns, with odd numbered
pages on the right.
Display the pages two at a time, with odd-numbered pages on the left
Display the pages two at a time, with odd-numbered pages on the right
Represents mode of document displaying.
Default value. Neither document outline nor thumbnail images visible.
Document outline visible.
Thumbnail images visible.
Full-screen mode, with no menu bar, window
controls, or any other window visible.
Optional content group panel visible.
Attachments are visible.
Page template is not used as header.
Page template is used as Top.
Page template is used as Bottom.
Page template is used as Left.
Page template is used as Right.
Enumeration of possible transition styles when moving to the page from another
during a presentation
Two lines sweep across the screen, revealing the new page. The lines may be either
horizontal or vertical and may move inward from the edges of the page or outward
from the center.
Multiple lines, evenly spaced across the screen, synchronously sweep in the same
direction to reveal the new page. The lines may be either horizontal or vertical.
Horizontal lines move downward; vertical lines move to the right.
A rectangular box sweeps inward from the edges of the page or outward from the center,
revealing the new page.
A single line sweeps across the screen from one edge to the other, revealing the new page.
The old page dissolves gradually to reveal the new one.
Similar to Dissolve, except that the effect sweeps across the page in a wide band moving from
one side of the screen to the other.
The new page simply replaces the old one with no special transition effect.
Changes are flown out or in, to or from a location that is offscreen.
The old page slides off the screen while the new page slides in, pushing the old page out.
The new page slides on to the screen, covering the old page.
The old page slides off the screen, uncovering the new page.
The new page gradually becomes visible through the old one.
Enumeration of transition dimensions.
Horizontal effect.
Vertical effect.
Enumeration of transition motions.
Inward motion from the edges of the page to center..
Outward motion from the center of the page to edges.
Enumeration of transition directions.
Left to Right direction.
Bottom to Top direction.
Right to Left direction.
Top to Bottom direction.
TopLeft to BottomRight direction.
Pdf Print Page Scale type
Adaptive content size
The actual size of the content
Shrink oversized pages
Custom Scale
Pdf Print Page Mode
Normal Print
Multi-Page Print
Represents information about page size.
Letter format.
Note format.
Legal format.
A0 format.
A1 format.
A2 format.
A3 format.
A4 format.
A5 format.
A6 format.
A7 format.
A8 format.
A9 format.
A10 format.
B0 format.
B1 format.
B2 format.
B3 format.
B4 format.
B5 format.
ArchE format.
ArchD format.
ArchC format.
ArchB format.
ArchA format.
The American Foolscap format.
HalfLetter format.
11x17 format.
Ledger format.
Represents a page loaded from a document.
Gets the size of the page.
Get the visible region of the page.
Gets the document.
Raises before the page saves.
Gets the text size of a specified font.
Font key
Returns the text size of the specified font
Represents a single PDF page.
Gets the size of the page.
Gets a collection of the annotations of the page.
Initializes a new instance of the class.
Implements a virtual collection of all pages in the document.
Gets the total number of the pages.
Gets a page by its index in the document.
Represents the method that executes on a PdfNewDocument when a new page is created.
Creates a page and adds it to the last section in the document.
Created page object.
Inserts a page at the specified index to the last section in the document.
The index of the page in the section.
The page.
Gets the index of the page in the document.
The current page.
Index of the page in the document if exists, -1 otherwise.
Gets the current section.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element;
false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Describes layer of the page.
Gets parent page of the layer.
Gets Graphics context of the layer.
Creates new layer.
Parent page of the layer.
Gets the wrapped element.
Collection of the pages layers.
Gets or sets element by its index.
The layers belonging to the same page can be added to the collection only.
Creates new collection.
Parent page for the layers in the collection.
Creates a new layer and adds it to the end of the collection.
Created layer.
Creates a new layer and adds it to the end of the collection.
Layer Name.
Layer Visibility.
Created layer.
Creates a new layer and adds it to the collection.
Layer Name.
Created layer.
Creates a new layer and adds it to the end of the collection.
Layer Name.
Layer Id.
Layer Visibility.
Created layer.
You can only delete the layer that exists in the source document
Layer Name.
You can only delete the layer that exists in the source document
Layer Name.
Is delete all content include in this layer.
Is remove layerdefine in doc properties..
delete layer message.
Adds layer to the collection.
Layer object.
The layers belonging to the same page can be added to the collection only.
Inserts layer into collection.
Index of the layer.
Layer object.
The layers belonging to the same page can be added to the collection only.
Removes layer from the collection. Only the currently created layer can be deleted
Layer object.
Removes layer by its index. Only the currently created layer can be deleted
Index of the layer.
Checks whether collection contains layer.
Layer object.
True - if collection contains layer, False otherwise.
Returns index of the layer in the collection if exists, -1 otherwise.
Layer object.
Returns index of the layer in the collection if exists, -1 otherwise.
Cleares the collection.
Represent class with setting of page.
Gets or sets the page orientation.
Gets or sets the size of the page.
Gets or sets the width of the page.
Gets or sets the height of the page.
Gets or sets the margins of the page.
Gets or sets the number of degrees by which the page should be rotated clockwise when displayed or printed.
Gets or sets the transition.
The transition.
Initializes a new instance of the class.
Initializes a new instance of the class.
The size.
Initializes a new instance of the class.
The page orientation.
Initializes a new instance of the class.
The size.
The page orientation.
Initializes a new instance of the class.
The margins.
Initializes a new instance of the class.
The left margin.
The top margin.
The right margin.
The bottom margin.
Initializes a new instance of the class.
The size.
The margins.
Initializes a new instance of the class.
The size.
The left margin.
The top margin.
The right margin.
The bottom margin.
Initializes a new instance of the class.
The size.
The page orientation.
The margins.
Initializes a new instance of the class.
The size.
The page orientation.
The left margin.
The top margin.
The right margin.
The bottom margin.
Sets the margins.
The margins.
Sets the margins.
The left right.
The top bottom.
Sets the margins.
The left.
The top.
The right.
The bottom.
Creates a clone of the object.
Cloned object.
Specifies the paper tray when the document is printed.
Gets or sets the page number (non zero-based) of the first page to print.
Gets or sets the page number (non zero-based) of the last page to print.
Specifies the paper tray from which the printer gets paper.
Describes a page template object that can be used as header/footer, watermark or stamp.
Gets or sets the dock style of the page template element.
Gets or sets alignment of the page template element.
Indicates whether the page template is located in front of
the page layers or behind of it.
Indicates whether the page template is located behind of
the page layers or in front of it.
Gets or sets location of the page template element.
Gets or sets X co-ordinate of the template element on the page.
Gets or sets Y co-ordinate of the template element on the page.
Gets or sets size of the page template element.
Gets or sets width of the page template element.
Gets or sets height of the page template element.
Gets or sets bounds of the page template element.
Gets graphics context of the page template element.
Creates a new page template.
Bounds of the template.
Initializes a new instance of the class.
The bounds.
The page.
Creates a new page template.
Location of the template.
Size of the template.
Initializes a new instance of the class.
The location.
The size.
The page.
Creates new page template object.
Size of the template.
Creates a new page template.
Width of the template.
Height of the template.
Creates a new page template.
Width of the template.
Height of the template.
The Current Page object.
Creates a new page template.
X co-ordinate of the template.
Y co-ordinate of the template.
Width of the template.
Height of the template.
Creates a new page template.
X co-ordinate of the template.
Y co-ordinate of the template.
Width of the template.
Height of the template.
The Current Page object.
Represents a section entity. A section it's a set of the pages with similar page settings.
Gets the pages.
Gets or sets the page label.
Gets or sets page settings of the section.
Gets or sets a template for the pages in the section.
Gets the owner document.
The document.
Event rises when the new page has been added
Gets the wrapped element.
Resize the canvas of page according to html view size.
Return the new size of canvas.
set PdfHtmlLayoutFormat
PdfHtmlLayoutFormat layoutFormat
bool autoDetectPageBreak
Draws HTML to PDF
Url address
Enable javascrpit
Enable hyperlink
Layouts html view format
Draws HTML to PDF
url address or socuce code
Enable javascrpit
Enable hyperlink
Enable autoDetectPageBreak
Layouts html view format
Split by page height image
Scan image data
Gets the current.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position,
which is before the first element in the collection.
The collection was modified after the enumerator was created.
The collection of the sections.
Gets the at the specified index.
Gets the count.
The count.
Creates a section and adds it to the collection.
Created section object.
Determines the index of the section.
The section.
The index of the section.
Inserts the section at the specified index.
The index.
The section.
Checks whether the collection contains the section.
The section object.
True - if the sections belongs to the collection, False otherwise.
Gets the wrapped element.
Gets the current section.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element;
false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Gets the headers.
The headers.
Gets the rows.
The rows.
Gets or sets the data source.
The data source.
Gets or sets the data member.
The data member.
Gets or sets the style.
The style.
Gets the columns.
The columns.
Gets or sets a value indicating whether [repeat header].
true if [repeat header]; otherwise, false.
Gets or sets whether to cross a page.
Initializes a new instance of the class.
Draws the specified graphics.
The graphics.
The location.
The width.
Draws the specified graphics.
The graphics.
The x.
The y.
The width.
Draws the specified graphics.
The graphics.
The bounds.
Draws the specified page.
The page.
The location.
Draws the specified page.
The page.
The location.
The format.
Draws the specified page.
The page.
The bounds.
Draws the specified page.
The page.
The bounds.
The format.
Draws the specified page.
The page.
The x.
The y.
Draws the specified page.
The page.
The x.
The y.
The format.
Draws the specified page.
The page.
The x.
The y.
The width.
Draws the specified page.
The page.
The x.
The y.
The width.
The format.
Gets or sets the width.
The width.
Gets the height.
The height.
Gets or sets the row span.
The row span.
Gets or sets the column span.
The column span.
Gets or sets the cell style.
The cell style.
Gets or sets the value.
The value.
Gets or sets the string format.
The string format.
Initializes a new instance of the class.
Initializes a new instance of the class.
The row.
Gets the at the specified index.
Gets the count.
The count.
Returns the index of a particular cell in the collection.
The cell.
Gets the current.
The current.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Gets the width.
The width.
Gets or sets the format.
The format.
Gets the grid.
The grid.
Initializes a new instance of the class.
The grid.
Gets the at the specified index.
Gets the count.
The count.
Adds this instance.
Adds the specified count.
The count.
Adds the specified column.
The column.
Removes the first occurrence of a specific object from the PdfGridColumnCollection.
The object to remove from the PdfGridColumnCollection.
true if item is successfully removed; otherwise, false
Removes the element at the specified index of the PdfGridColumnCollection.
The zero-based index of the element to remove.
Gets the current.
The current.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Gets the cells.
The cells.
Gets or sets the row style.
The row style.
Gets or sets the height.
The height.
Initializes a new instance of the class.
The parent grid.
Applies the cell style to all the cells present in a row.
The cell style.
Adds this instance.
Sets the span.
Index of the row.
Index of the cell.
The row span.
The col span.
Applies the style.
The style.
Gets the at the specified index.
Gets the count.
The count.
Adds the specified count.
The count.
Clears this instance.
Applies the style.
The style.
Gets the current.
The current.
Advances the enumerator to the next element of the collection.
true if the enumerator was successfully advanced to the next element; false if the enumerator has passed the end of the collection.
The collection was modified after the enumerator was created.
Sets the enumerator to its initial position, which is before the first element in the collection.
The collection was modified after the enumerator was created.
Gets or sets the background brush.
The background brush.
Gets or sets the text brush.
The text brush.
Gets or sets the text pen.
The text pen.
Gets or sets the font.
The font.
Creates a new object that is a copy of the current instance.
A new object that is a copy of this instance.
Gets or sets the cell spacing.
The cell spacing.
Gets or sets the cell padding.
The cell padding.
Gets or sets the border overlap style.
The border overlap style.
Gets or sets a value indicating whether to allow horizontal overflow.
true if [allow horizontal overflow]; otherwise, false.
Gets or sets the type of the horizontal overflow.
The type of the horizontal overflow.
Initializes a new instance of the class.
Initializes a new instance of the class.
Gets the string format.
The string format.
Gets or sets the border.
The border.
Gets or sets the background image.
The background image.
Initializes a new instance of the class.
Represents the content that can be written in a grid cell.
Set the image's location in a grid cell.
It is a collection of PdfGridCellContent classes
Arguments of BeginPageLayoutEvent.
Gets the start row.
The start row.
Arguments of EndPageLayoutEvent.
Gets or sets the left.
The left.
Gets or sets the right.
The right.
Gets or sets the top.
The top.
Gets or sets the bottom.
The bottom.
Sets all.
All.
Gets the default.
The default.
Gets or sets the left.
The left.
Gets or sets the right.
The right.
Gets or sets the top.
The top.
Gets or sets the bottom.
The bottom.
Sets all.
All.
Initializes a new instance of the class.
Initializes a new instance of the class.
The left.
The right.
The top.
The bottom.
Gets or sets the left.
The left.
Gets or sets the right.
The right.
Gets or sets the top.
The top.
Gets or sets the bottom.
The bottom.
Sets all.
All.
Initializes a new instance of the class.
Initializes a new instance of the class.
The left.
The right.
The top.
The bottom.
Represents base class for markers.
Gets or sets marker font.
Gets or sets marker brush.
Gets or sets marker pen.
Gets or sets the format.
The format.
Gets or sets a value indicating whether the marker is
situated at the left of the list or at the right of the list.
Represents marker for ordered list.
Gets or sets the list numbering style.
Gets ar sets start number for ordered list. Default value is 1.
Gets or sets the delimiter.
Gets or sets the suffix of the marker.
Initializes a new instance of the class.
Number style of marker.
Number delimiter of marker.
Number suffix of marker.
Number font of marker.
Initializes a new instance of the class.
Number style of marker.
Number suffix of the marker.
Number font of marker.
Initializes a new instance of the class.
Number style of marker.
Number font of marker.
Represents bullet for the list.
Gets or sets template of the marker.
Gets or sets image of the marker.
Gets or sets marker text.
Gets or sets the style.
Initializes a new instance of the class.
The text of the marker.
Marker font.
Initializes a new instance of the class.
The style of the marker.
Initializes a new instance of the class.
The image of the marker.
Initializes a new instance of the class.
Template of the marker.
Specifies the marker style.
Marker have no style.
Marker is like a disk.
Marker is like a square.
Marker is like a Asterisk.
Marker is like a circle.
Marker is custom string.
Marker is custom image.
Marker is custom template.
Represents marker alignment.
Left alignment for marker.
Right alignment for marker.
Represents base class for lists.
Gets items of the list.
Gets or sets tabulation for the list.
Gets or sets the indent from the marker to the list item text.
Gets or sets the list font.
Gets or sets list brush.
Gets or sets list pen.
Gets or sets the format of the list.
The format.
Event that rises when item begin layout.
Event that rises when item end layout.
Draws an list on the Graphics.
Graphics context where the list should be printed.
X co-ordinate of the list.
Y co-ordinate of the list.
Represents the list item of the list.
Gets or sets item font.
Gets or sets item text.
Gets or sets item string format.
Gets or sets list item pen.
Gets or sets list item brush.
Gets or sets sublist for item.
Gets or sets indent for item.
Creates new empty pdf list item.
Creates new pdf list item with default settings.
Initializes a new instance of the class.
The text of item.
The font of item.
Initializes a new instance of the class.
The text of item.
The font of item.
The string format.
Creates new list item.
The item text.
The item font.
The string format of item.
The item pen.
The item brush.
Represents collection of list items.
Gets the PdfListItem from collection at the specified index.
Initializes a new instance of the class.
Initializes a new instance of the class.
A string array that contains items separated by the new line character.
Adds the specified item.
The item.
The item index in collection.
Adds the specified item.
The item.
The item indent.
Adds the item with a specified text.
The text.
Adds the specified text.
The text.
The item indent.
List item.
Adds the specified text.
The text.
The font.
The item index in collection.
Adds the specified text.
The text.
The font.
The item indent.
List item.
Inserts item at the specified index.
The specified index.
The item.
The item index
Inserts the specified index.
The index.
The item.
The item indent.
Removes the specified item from the list.
The specified item.
Removes the item at the specified index from the list.
he specified index.
Determines the index of a specific item in the list.
The item to locate in the list.
The index of item if found in the list; otherwise, -1.
Clears collection.
Represents the ordered list.
Gets or sets marker of the list items.
True if user want to use numbering hierarchy, otherwise false.
Creates ordered list.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The style.
Creates ordered list using items.
Items for a list.
Initializes a new instance of the class.
The marker for the list.
Initializes a new instance of the class.
The item collection.
The marker for the list.
Initializes a new instance of the class.
The formatted text.
Initializes a new instance of the class
from formatted text that is splitted by new lines.
The formatted text.
The marker.
Represents unordered list.
Gets or sets the marker.
Initializes a new instance of the class.
Creates unordered list using items.
Items for a list.
Initializes a new instance of the class.
The font.
Initializes a new instance of the class.
The marker for the list.
Initializes a new instance of the class.
The items collection.
The marker for the list.
Initializes a new instance of the class.
The formatted text.
Initializes a new instance of the class
from formatted text that is splitted by new lines.
The formatted text.
The marker.
Delegate for handling BeginItemLayoutEvent.
The item that begin layout.
Begin Item Layout arguments.
Delegate for handling EndItemLayoutEvent.
The item that end layout.
End Item Layout arguments.
Represents begin layout event arguments.
Gets the item.
The item that layout.
Gets the page.
The page in which item start layout.
Represents end layout event arguments.
Gets the item that layout.
The item that layout.
Gets the page in which item ended layout.
The page in which item ended layout.
Gets the widths.
The total width
An array containing widths.
Zoom in or out the width.
The width
The zoom factor
Represents fast table with few features.
Gets the columns.
The table column collection
Gets the rows.
Gets or sets the data source.
Gets or sets the data member.
The data member.
Gets or sets the datasource type of the PdfTable
Gets or sets the properties.
Gets or sets a value indicating whether
PdfTable should ignore sorting in data table.
Gets a value Indicates whether can cross a page.
The event raised on starting row lay outing.
The event raised on having finished row lay outing.
The event raised on starting cell lay outing.
The event raised on having finished cell layout.
The event raised when the next row data is requested.
The event raised when the column number is requested.
The event raised when the row number is requested.
Draws an element on the Graphics.
Graphics context where the element should be printed.
The location of the element.
The width of the table.
Draws an element on the Graphics.
Graphics context where the element should be printed.
X co-ordinate of the element.
Y co-ordinate of the element.
The width of the table.
Draws an element on the Graphics.
Graphics context where the element should be printed.
The bounds.
Draws the table starting from the specified page.
The page.
The location.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The location.
The format.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The bounds.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The bounds.
The format.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The x coordinate.
The y coordinate.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The x coordinate.
The y coordinate.
The format.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The x coordinate.
The y coordinate.
The width.
The results of the lay outing.
Draws the table starting from the specified page.
The page.
The x coordinate.
The y coordinate.
The width.
The format.
The results of the lay outing.
Draws an element on the Graphics.
Graphics context where the element should be printed.
X co-ordinate of the element.
Y co-ordinate of the element.
Represents parameters of PdfTable.
Specifies whehther the table populates the entire page
get or set the value of fitWidth.
Gets or sets the default cell style.
Gets or sets the alternate style, which is the style of the odd rows.
Gets or sets a value indicating whether
to use rows or column captions for forming header.
Gets or sets the header rows count.
Gets or sets the header cell style.
Gets or sets a value indicating whether to repeat header on each page.
Gets or sets a value indicating whether the header is visible.
If the header is made up with ordinary rows they aren't visible
while this property is set to false.
Gets or sets the cell spacing.
Gets or sets the cell padding.
Gets or sets a value indicating whether the cell borders
should overlap its neighbour's borders or be drawn in the cell interior.
Please, use this property with caution,
because it might cause unexpected results if borders
are not the same width and colour.
Gets or sets the pen of the table border.
Initializes a new instance of the class.
Represents information about cell style.
Gets or sets the font.
Gets or sets the string format of the cell text.
Gets or sets the font which will be used to draw text outlines.
It should be null for default text representation.
Gets or sets the brush which will be used to draw font.
This brush will be used to fill glyphs interior, which is the default.
Gets or sets the pen with which the border will be drawn.
Gets or sets the brush with which the background will be drawn.
It's null by default.
Initializes a new instance of the class.
Initializes a new instance of the class.
The font.
The font brush.
The border pen.
Represents the collection of the columns.
Gets the at the specified index.
Adds the specified column.
The column.
Gets the widths of the columns.
The start column.
The end column.
An array containing widths.
Represents a single column of the table.
Gets or sets the string format.
The string format.
Gets or sets the width of the column.
Gets or sets the column name.
Initializes a new instance of the class.
Initializes a new instance of the class.
Name of the column.
Represents a single column of the table.
The array of values that are used to create the new row.
Represents the collection of the columns.
Gets the at the specified index.
Adds the specified row.
The row.
The array of values that are used to create the new row.
Represents as a message deliverer from PdfTable class to the user.
Represents the parameters for Light Table layout.
Gets or sets the start column index.
Gets or sets the end column index.
Initializes a new instance of the class.
Initializes a new instance of the class.
The base format.
Delegate for handling StartRowLayoutEvent.
The sender of the event.
The arguments of the event.
This event is raised when starting a row in a layout.
Delegate for handling EndRowLayoutEvent.
The sender of the event.
The arguments of the event.
This event is raised when you are finished laying out a row on a page.
Delegate for handling StartCellLayoutEvent.
The sender of the event.
The arguments of the event.
This event is raised when laying out a cell on a page.
Delegate for handling EndCellLayoutEvent.
The sender of the event.
The arguments of the event.
This event is raised when you have finished laying out a page.
Delegate for handling NextRowEvent.
The sender of the event.
The arguments of the event.
Delegate for handling GettingColumnNumber Event.
The sender of the event.
The arguments of the event.
Delegate for handling GettingRowNumber Event.
The sender of the event.
The arguments of the event.
Represents StartRowLayout Event arguments.
Gets the index of the row.
Gets or sets the cell style.
Gets or sets the span map.
Gets or sets a value indicating whether table drawing should stop.
Gets or sets a value indicating whether this row should be ignored.
Gets or sets a value indicating whether column string format should be ignored.
Sets the minimal height of the row.
Represents arguments of EndRowLayoutEvent.
Gets the index of the row.
Gets a value indicating whether the row was drawn completely
(nothing should be printed on the next page).
Gets or sets a value indicating whether this row should be the last one printed.
Gets or sets the row bounds.
The base class for cell layout arguments.
Gets the index of the row.
Gets the index of the cell.
Gets the value.
The value might be null or an empty string,
which means that either no text were acquired or all
text was on the previous page.
Gets the bounds of the cell.
Gets the graphics, on which the cell should be drawn.
Represents arguments of StartCellLayout Event.
Gets or sets a value indicating whether the value of this cell should be skipped.
Represents arguments of EndCellLayout Event.
Represents arguments of the NextRow Event.
Gets or sets the row data.
Gets the column count.
Gets the index of the row.
The arguments of the GettingColumnNumber Event.
Gets or sets the column number.
The arguments of the GettingRowNumber Event.
Gets or sets the column number.
Specifies values specifying where the header should formed from.
The header is formed from column captions' values.
The header is formed from rows.
Specifies type for table width.
Use the fit page width
each width of columns will zoom in or out
using the ratio of totall width of the table to the width of page
use the Coustom width
takes the totall width of the set column as the width of the table,no zoom.
notes:if set this type but does not set the column width it will use default column width
Specifies the datasource type.
Specifies that the PdfTable has been binded to an external datasource.
Specifies that the values are directly binded to the PdfTable.
Specifies values of the border overlap style.
Cell borders overlap (are drawn using the same coordinates).
Cell borders are drawns in the cell's interior.
Represents custom Metadata.
Sets the xmp property.
Gets type of the schema.
Initializes a new instance of the class.
Parent XmpMetadata.
The XML namespace.
The namespace URI.
Enumerates types of the xmp structure.
A structure containing dimensions for a drawn object.
A structure containing the characteristics of a font used in a document.
A structure containing the characteristics of a Coloring (swatch) used in a document.
A thumbnail image for a file.
Job structure.
Enumerates types of the xmp schema.
Dublin Core Schema.
Basic Schema.
Rights Management Schema.
Basic Job Ticket Schema.
Paged Text Schema.
Adobe PDF Schema.
Custom schema.
Types of the xmp arrays.
Unknown array type.
Unordered array.
Ordered array.
Alternative array.
Base class for the xmp entities.
Gets Xml data of the entity.
Represents XMP metadata of the document.
Gets XMP data in XML format.
Gets namespace manager of the Xmp metadata.
Initializes a new instance of the class.
Initializes a new instance of the class.
The XMP.
Loads XMP from the XML.
XMP data in XMLDocument.
If there was any data in this XMP, it will be replaced by the data from the XML.
Adds schema to the XMP in XML format.
XMP schema in XML format.
If XMP already contains such schema - there will be two equal schemas at the xmp.
Return title if exists; otherwise return null
Return subject if exists; otherwise return null
Return author if exists; otherwise return null
Return producer if exists; otherwise return null
return keywords if exists; otherwise return null
Return specified custom field value if exists; otherwise return null
Return all custom properties if exsit; otherwise return empty Dictionary
Return create date if exists; otherwise return default DateTime
Return creator if exists; otherwise return null
Return modify date if exists; otherwise return default DateTime
Set title to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set subject to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set subject to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set producer to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set keywords to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set custom property to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set title to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set Creator to xmpmeta; if value is null, remove the node; if the node is null, create the node
Set ModifyDates to xmpmeta; if value is null, remove the node; if the node is null, create the node
Gets the element.
Checks whether the object is similar to another object.
The object to compare with the current object.
True - if the objects have equal internals and can share them, False otherwise.
Gets a value indicating whether this is changed.
true if changed; otherwise, false.
Freezes the changes.
The freezer.
Gets the compressor type.
Gets the compressor name in PDF format.
Compresses bytes data.
Bytes data.
Compressed bytes data.
Compresses string data.
String data.
Compressed string data.
Compresses stream data.
Stream data.
Compressed streams data.
Decompresses string data.
String data.
Decompressed bytes data.
Decompresses bytes data.
Bytes data.
Decompressed bytes data.
Decompresses stream data.
Stream data.
Decompressed stream data.
Gets a value indicating whether [was encrypted].
true if [was encrypted]; otherwise, false.
Gets a value indicating whether this is decrypted.
true if decrypted; otherwise, false.
Decrypts the specified encryptor.
The encryptor.
The curr obj number.
Saves the object using the specified writer.
The writer.
Gets the element.
Gets or sets the current position within the stream.
Stream length.
The document required for saving process.
Writes the specified PDF object.
The PDF object.
Writes the specified number.
The number.
Writes the specified number.
The number.
Writes the specified text.
The text.
Writes the specified text.
The text.
Writes the specified data.
The data.
Gets system font.
Gets size of the font.
Gets font metrics.
Get the ttf metrics.
Checks whether fonts are equals.
Font to compare.
True if fonts are equal, False ofhtrwise.
Returns width of the char symbol.
Char symbol.
Width of the char symbol in universal units.
Returns width of the text line.
String line.
Width of the char symbol in universal units.
Releases all resources.
Size of end of central record (excluding variable fields)
Signature for Zip64 central directory locator
Signature for Zip64 central file header
Returns m_dicItems