Encrypt and decrypt PDF documents in .NET

XFINIUM.PDF library can decrypt and encrypt PDF documents using RC4 and AES encryption, with 40 bit and 128 bit keys for RC4 and 128 bit and 256 bit keys for AES, including the latest PDF 2.0 draft. The library can create, load and save encrypted PDF files.

Loading an encrypted PDF file is as easy as providing a valid password in the PdfFixedDocument constructor.

A PDF document can be encrypted using a security handler. For RC4 there is the PdfRc4SecurityHandler class, for AES there is the PdfAesSecurityHandler class. Both inherit from PdfStandardSecurityHandler class.
The standard security handler provides the common properties that are defined in the PDF specification:

  • UserPassword – a password required to open the file for any kind of processing
  • OwnerPassword – a password required to change existing security settings in a PDF file
  • KeySize – the size of the encrpytion key, 40 to 128 for RCA, 128 or 256 for AES
  • EncryptMetadata – flag to indicate whether the XMP metadata is encrypted or not
  • EnablePrint – enable or disable printing
  • HighQualityPrint – if printing is enabled, print at high or low resolution
  • EnableDocumentChange – enable or disable the changing of document content. This does not apply to annotations and form fields and page insertion or removal
  • EnableAnnotationsAndFieldsEdit – enable or disable the modification of annotations and form fields
  • EnableFormsFill – enable or disable form filling even if EnableAnnotationsAndFieldsEdit is false
  • EnableDocumentAssembly – if true then the user can assemble the document (insert, rotate, or delete pages and create bookmarks or thumbnail images), even property EnableDocumentChange is false
  • EnableContentExtraction – enables or disables the content (text and images) extraction
  • EnableContentExtractionForAccessibility – enables or disables the content extraction for accessibility purposes

A PDF document is encrypted by providing a security handler object as parameter to Save method.

Because the PDF file is just a blob of data, the enforcement of these security properties depends on the application that processes the PDF file. If an application can decrypt a PDF file, it is up to the application to decide whether it honors the security properties or not.

Leave a Reply