Overview
Security can be added to a Document using one of four encryption algorithms. All encryption algorithms are contained in the ceTe.DynamicPDF.Cryptography namespace.
In general, adding security to a PDF will involve the following:
- Selecting an encryption algorithm to use
- Setting user and/or owner passwords
- Specifying user access permissions
Encryption Algorithms
The supported encryption algorithms are detailed in the following chart:
| Encryption Algorithm | Class | Compatibility |
|---|---|---|
|
40-bit RC4 Encryption |
RC440Security |
PDF 1.1 (Acrobat 3 or later) |
|
128-bit RC4 Encryption |
RC4128Security |
PDF 1.4 (Acrobat 5 or later)* |
|
128-bit AES Encryption |
Aes128Security |
PDF 1.5 (Acrobat 7 or later) |
|
256-bit AES Encryption |
Aes256Security |
PDF 1.5 (Acrobat 10 or later) |
*PDF 1.5 (Acrobat 6 or later) if the UseCryptFilter is set to True (it is false by default)
Document Passwords
When applying security to a PDF using one of these algorithms, an owner and/or password can be specified. When a user password is specified, the PDF viewer will require this password to be specified prior to opening the PDF document. Leaving the user password blank (by specifying an empty string) will not require a password to open the PDF document. Whether a user password is defined or blank (empty string) the access permissions set on the document will still be applied. When an owner password is specified, the PDF viewer will require this password to be specified if someone attempts to modify the PDF file.
Security Options
The RC4 40-bit encryption supports 4 security options:
Restrict document printing
Restrict document Modification
Restrict copying text or graphics from the document
Restrict updating or adding text annotations or form fields
The RC4 128-bit encryption supports the 4 security options above along with the following:
Restrict fill in existing form fields
Restrict extract text and graphics for accessibility programs
Restrict document assembly
Restrict high Resolution Printing
Encrypt all document contents except metadata (Acrobat 6 and later compatible)
AES 128-bit and AES 256-bit encryption supports the 9 security options above along with the following:
Encrypting only file attachments
Security Example (using 128-bit RC4)
The below example demonstrates how to secure a Document using RC4 128-bit encryption, set the Document to not allow copying of content and to not encrypt the files metadata information.
[Java]
// Create a 128 bit encryption security object that prevents text copying.
RC4128Security security = new RC4128Security("owner", "user");
security.setUseCryptFilter(true); security.setEncryptMetadata(false); // Add the security object to the document
document.setSecurity(security);
AES Encryption Document Components
With AES encryption (both 128-bit and 256-bit) there are three Document Component options for encrypting the PDF and those options are handled by the DocumentComponents property of the respective AES encryption class. AES encryption can apply to the following:
Entire Document (EncryptDocumentComponents.All) - This will encrypt the document, its metadata and any file attachments.
Entire Document except the metadata (EncryptDocumentComponents.AllExceptMetadata) - This will encrypt the document, any file attachments but not any of the document’s metadata. This option could be useful when it is still of value for a search engine to access the metadata of the PDF without needing to decrypt it.
Only the Document’s file attachments (EncryptDocumentComponents.OnlyFileAttachments) - This will encrypt only the document’s file attachments only. None of the actual PDF document or metadata will be encrypted. It is important to note here that setting this EncryptDocumentComponents to OnlyFileAttachments will take precedence over any user permissions and cause them to be ignored.