PDFFileSecurity.decryptFile not indicating when bad ownerPassword is used

royerbj · September 20, 2011, 2:43pm

I am decrypting a set of PDF files with the decryptFile method

PdfFileSecurity fileSecurity = new PdfFileSecurity(pdfIn, pdfOut);

result = fileSecurity.decryptFile(ownerPassword);

If the password is correct, everything works fine. But when the password is not correct I don't get any error indication; result is true and no Exception is thrown. The document no longer needs a password to open it, but all the pages are blank.

If I attempt to change the password, it always throws an Exception, even when using the same password that succeeded with decyptFile. The Exception is an OIException: "Getting Owner Password is failed."

Any help with resolving or understanding this issue would be greatly appreciated. Any other work-arounds to determine if a password is good or bad would be good, as well.

Thanks!

shahzadlatif · September 21, 2011, 3:01am

Hi Burk,

Thank you very much for considering Aspose.

Please share the input PDF file along with the password with us so we could test the issue at our end. You’ll be updated with the results accordingly.

We’re sorry for the inconvenience.
Regards,

royerbj · September 21, 2011, 9:28am

Unfortunetly, the file has confidential data in it so I'm not allowed to give it to you.

Can you tell me what I should expect to see when I use a bad password with the decryptFile method?

royerbj · September 21, 2011, 11:44am

So I created an example PDF and decrypted it with a bad password. I got the same results.

user password: user

owner password: owner

decrypted with password : bad

As you can see the PDF decrypted with a bad password is just white pages. However, I'd like it to either return a false or cause an Exception, and not create a file at all.

Here is the code I used:

public static void removeFileSecurity(String inFile, String outFile, String ownerPassword) throws IOException, PdfKitException {

PdfFileSecurity fileSecurity = new PdfFileSecurity(inFile, outFile);

//Attempt to decrypt file

boolean result = fileSecurity.decryptFile(ownerPassword);

if(!result) {

System.err.println("PDF file not decrypted: " + inFile + " -- possibly an incorrect owner password!");

}

public static void main(String[] args) {

License license = new com.aspose.pdf.kit.License();

try {

license.setLicense("Aspose.Total.Java.lic");

} catch(Exception x) {

System.out.println(x.getMessage());

}

try {

removeFileSecurity("C:/example.pdf", "C:/example_decrypted_with_bad_password.pdf", "bad");

} catch (PdfKitException ioe) {

System.err.println("PDF Kit Ex file not decrypted because: " + ioe.getMessage());

} catch (IOException pke) {

System.err.println("IO EX PDF file not decrypted because: " + pke.getMessage());

}

royerbj · September 21, 2011, 3:39pm

I found a work-around. I used the PdfViewer.IsOwnerPassword() method which successfully returns false for a bad password. Not ideal, but an ok solution. I still think ideally the decryptFile method should return false when the password is not correct…

shahzadlatif · September 22, 2011, 4:36am

Hi Burk,

I have tested this issue at my end and noticed the same issue with the correct owner password as well. I have logged the issue as PDFKITJAVA-30781 in our issue tracking system. Our team will look into this issue and you’ll be updated via this forum thread once it is resolved. However, I’m glad to know that the workaround is working for you at the moment. I hope this can help you in the meanwhile.

We’re sorry for the inconvenience.
Regards,