PSPDFAESCryptoDataProvider


@interface PSPDFAESCryptoDataProvider : NSObject <PSPDFDataProvider>

This class allows a transparent decryption of AES256 encrypted files using the RNCryptor file format https://github.com/rnapier/RNCryptor/wiki/Data-Format Legacy PSPDFKit old file format is also supported. Use the provided encryption tool to prepare your documents.

Ensure your passphrase/salt are also protected within the binary, or at least obfuscated. Encryption marginally slows down rendering, since everything is decrypted on the fly.

If saving annotations to a file managed by a PSPDFAESCryptoDataProvider, the whole file will be re-written.

Note

The initializers will return nil if the strong encryption feature is not enabled, or if you pass an invalid parameter configuration.
  • Designated initializer with the passphrase and salt. URL must be a file-based URL.

    Declaration

    Objective-C

    - (nullable instancetype)initWithURL:(nonnull NSURL *)URL
                      passphraseProvider:
                          (nonnull NSString *_Nonnull (^)(void))passphraseProvider
                                    salt:(nonnull NSString *)salt
                                  rounds:(NSUInteger)rounds;

    Swift

    init?(url URL: URL, passphraseProvider: @escaping () -> String, salt: String, rounds: UInt)
  • Initializer with the passphrase and salt as NSData rather than NSString. URL must be a file-based URL.

    Declaration

    Objective-C

    - (nullable instancetype)initWithURL:(nonnull NSURL *)URL
                  passphraseDataProvider:
                      (nonnull NSData *_Nonnull (^)(void))passphraseDataProvider
                                    salt:(nonnull NSData *)saltData
                                  rounds:(NSUInteger)rounds;

    Swift

    init?(url URL: URL, passphraseDataProvider: @escaping () -> Data, salt saltData: Data, rounds: UInt)
  • Designated initializer with the passphrase. Salt will be loaded from the header of the file format (see https://github.com/rnapier/RNCryptor/wiki/Data-Format ) The default PRF is kCCPRFHmacAlgSHA1. The number of iterations will be the new default PSPDFAESDefaultPBKDFNumberOfRounds (10000) URL must be a file-based URL.

    Declaration

    Objective-C

    - (nullable instancetype)initWithURL:(nonnull NSURL *)URL
                      passphraseProvider:
                          (nonnull NSString *_Nonnull (^)(void))passphraseProvider;

    Swift

    init?(url URL: URL, passphraseProvider: @escaping () -> String)
  • Designated initializer with the passphrase and legacy file format PRF kCCPRFHmacAlgSHA256 and 50000 rounds. Salt will be loaded from the header of the URL must be a file-based URL.

    Declaration

    Objective-C

    - (nullable instancetype)initWithLegacyFileFormatURL:(nonnull NSURL *)URL
                                      passphraseProvider:
                                          (nonnull NSString *_Nonnull (^)(void))
                                              passphraseProvider;

    Swift

    init?(legacyFileFormatURL URL: URL, passphraseProvider: @escaping () -> String)
  • Designated initializer with a prepared, stretched, binary key. Warning: only use this if the key is cryptographically random and of length kCCKeySizeAES256. The default PRF is kCCPRFHmacAlgSHA1. The default number of iterations is PSPDFAESDefaultPBKDFNumberOfRounds (10000). For legacy file format use kCCPRFHmacAlgSHA256 and 50000 rounds. URL must be a file-based URL.

    Declaration

    Objective-C

    - (nullable instancetype)initWithURL:(nonnull NSURL *)URL
                       binaryKeyProvider:
                           (nonnull NSData *_Nonnull (^)(void))binaryKeyProvider;

    Swift

    init?(url URL: URL, binaryKeyProvider: @escaping () -> Data)