XFINIUM.PDF library can decrypt and encrypt PDF documents using RC4 and AES encryption, with 40 bit and 128 bit keys for RC4 and 128 bit and 256 bit keys for AES, including the latest PDF 2.0 draft. The library can create, load and save encrypted PDF files.
Loading an encrypted PDF file is as easy as providing a valid password in the PdfFixedDocument constructor.
PdfFixedDocument document = new PdfFixedDocument("encryptedfile.pdf", "password");
A PDF document can be encrypted using a security handler. For RC4 there is the PdfRc4SecurityHandler class, for AES there is the PdfAesSecurityHandler class. Both inherit from PdfStandardSecurityHandler class.
The standard security handler provides the common properties that are defined in the PDF specification:
- UserPassword – a password required to open the file for any kind of processing
- OwnerPassword – a password required to change existing security settings in a PDF file
- KeySize – the size of the encrpytion key, 40 to 128 for RCA, 128 or 256 for AES
- EncryptMetadata – flag to indicate whether the XMP metadata is encrypted or not
- EnablePrint – enable or disable printing
- HighQualityPrint – if printing is enabled, print at high or low resolution
- EnableDocumentChange – enable or disable the changing of document content. This does not apply to annotations and form fields and page insertion or removal
- EnableAnnotationsAndFieldsEdit – enable or disable the modification of annotations and form fields
- EnableFormsFill – enable or disable form filling even if EnableAnnotationsAndFieldsEdit is false
- EnableDocumentAssembly – if true then the user can assemble the document (insert, rotate, or delete pages and create bookmarks or thumbnail images), even property EnableDocumentChange is false
- EnableContentExtraction – enables or disables the content (text and images) extraction
- EnableContentExtractionForAccessibility – enables or disables the content extraction for accessibility purposes
A PDF document is encrypted by providing a security handler object as parameter to Save method.
// Create a new document
PdfFixedDocument doc = new PdfFixedDocument();
// or load an existing file
// PdfFixedDocument doc = new PdfFixedDocument("source.pdf");
// Add a new page at the end of the document to display the encryption mode
PdfPage page = doc.Pages.Add();
PdfStandardFont helvetica = new PdfStandardFont(PdfStandardFontFace.HelveticaBoldItalic, 16);
PdfBrush blackBrush = new PdfBrush();
string text = "Encryption: AES 256 bit with enhanced password validation (Acrobat X or later)";
page.Graphics.DrawString(text, helvetica, blackBrush, 50, 100);
// Setup the AES encryption handler
PdfAesSecurityHandler aes = new PdfAesSecurityHandler();
aes.EnableContentExtractionForAccessibility = false;
aes.EnableDocumentAssembly = false;
aes.EnableDocumentChange = false;
aes.EnableContentExtraction = false;
aes.EnableFormsFill = false;
aes.EnableAnnotationsAndFieldsEdit = false;
aes.EnablePrint = false;
aes.EncryptMetadata = true;
aes.KeySize = keySize;
aes.UserPassword = "user";
aes.OwnerPassword = "owner";
aes.KeySize = 256;
aes.UseEnhancedPasswordValidation = true; // PDF 2.0
// Save the document using AES 256 encryption
doc.Save("encrypted.pdf", aes);
' Create a new document
Dim doc As New PdfFixedDocument()
' or load an existing file
' PdfFixedDocument doc = new PdfFixedDocument("source.pdf");
' Add a new page at the end of the document to display the encryption mode
Dim page As PdfPage = doc.Pages.Add()
Dim helvetica As New PdfStandardFont(PdfStandardFontFace.HelveticaBoldItalic, 16)
Dim blackBrush As New PdfBrush()
Dim text As String = "Encryption: AES 256 bit with enhanced password validation (Acrobat X or later)"
page.Graphics.DrawString(text, helvetica, blackBrush, 50, 100)
' Setup the AES encryption handler
Dim aes As New PdfAesSecurityHandler()
aes.EnableContentExtractionForAccessibility = False
aes.EnableDocumentAssembly = False
aes.EnableDocumentChange = False
aes.EnableContentExtraction = False
aes.EnableFormsFill = False
aes.EnableAnnotationsAndFieldsEdit = False
aes.EnablePrint = False
aes.EncryptMetadata = True
aes.KeySize = keySize
aes.UserPassword = "user"
aes.OwnerPassword = "owner"
aes.KeySize = 256
aes.UseEnhancedPasswordValidation = True ' PDF 2.0
' Save the document using AES 256 encryption
doc.Save("encrypted.pdf", aes)
Because the PDF file is just a blob of data, the enforcement of these security properties depends on the application that processes the PDF file. If an application can decrypt a PDF file, it is up to the application to decide whether it honors the security properties or not.