Possible PDF encryption bug or documentation clarification needed

Aspose.PDF Product Family
1

There seems to be a bug in the Aspose.Pdf.Facades.PdfFileSecurity class or the documentation. According to the documentation, the code snippet below is supposed to encrypt the PDF document:

using Aspose.Pdf.Facades;

const string path = @“C:\path\to\test.pdf”;


using (var security = new PdfFileSecurity())

using (var stream = new MemoryStream(File.ReadAllBytes(path)))

{

security.BindPdf(stream);

security.EncryptFile(“password”, null, DocumentPrivilege.Print, KeySize.x256, Algorithm.AES);

security.Save(path);

}

The resulting PDF does not seem to have its contents encrypted (maybe just the metadata is encrypted?). Adobe Acrobat prompts for the password on open, but other viewers (most notably the viewer on iOS and some Android viewers) display the PDF without prompting for a password. However, if you use the Aspose.Pdf.Document class to encrypt the document, it does seem to encrypt the entire document: 

using Aspose.Pdf;

const string path = @“C:\path\to\test.pdf”;


var document = new Document(path);

document.Encrypt(“password”, null, Permissions.PrintDocument, CryptoAlgorithm.AESx256);

document.Save(path);

The resulting PDF does prompt for a password on all viewers we have tested with so far (or fails entirely on some mobile viewers that do not support PDF encryption). This seems like a pretty serious problem. PdfFileSecurity.EncryptFile() should encrypt the entire contents of the PDF. If not, at a minimum, the documentation should be updated to make it clear that it does not encrypt the actual contents of the file.

2

Hi John,


Thanks for contacting support.

I
have tested the scenario and I am able to reproduce the same problem that when using PdfFileSecurity class, the resultant file is being displayed without password prompt when trying to view it using default viewer on iOS device but when using Adobe Acrobat App on iOS, I can see the password prompt. Besdies this, when using Adobe Reader/Acrobat and Foxit Reader and Foxit Phantom over Windows 7(x64), I am getting password prompt when viewing the document. For the
sake of correction, I have logged it in our issue tracking system as PDFNEWNET-38959. We
will investigate this issue in details and will keep you updated on the status
of a correction.

We apologize for your inconvenience.

3

Was this issue ever resolved? We are using the PdfFileSecurity() method with Aspose.Pdf 11.4.0.0 today and are getting the same behavior described in this work item. Is there any plan to fix this for PdfFileSecurity() classes, or is it deprecated now possibly?

When trying to switch to the method, document.Encrypt(…) mentioned, we are trying to use this method signature - http://www.aspose.com/api/net/pdf/aspose.pdf.document/encrypt/methods/2

With this method, how can we determine correct value for “usePdf20” when trying to make sure it matches what the original document was when we decrypted it.

4

cjablonski76:
Was this issue ever resolved? We are using the PdfFileSecurity() method with Aspose.Pdf 11.4.0.0 today and are getting the same behavior described in this work item. Is there any plan to fix this for PdfFileSecurity() classes, or is it deprecated now possibly?
Hi Cody,

Thanks for using our API.

The earlier reported issue is not yet resolved as the product team has been busy fixing earlier reported issues. However as soon as we have some definite updates regarding its resolution, we will let you know.

Meanwhile we request you to please share your input file, so that we can test the scenario from your document perspective.

cjablonski76:
When trying to switch to the method, document.Encrypt(…) mentioned, we are trying to use this method signature - http://www.aspose.com/api/net/pdf/aspose.pdf.document/encrypt/methods/2
With this method, how can we determine correct value for “usePdf20” when trying to make sure it matches what the original document was when we decrypted it.
You may consider skipping the last parameter in Encrypt method and use following code snippet to encrypt the PDF file.

[C#]

Document doc = new
Document();<o:p></o:p>

doc.Encrypt("userpassword", "ownerpassword", Permissions.ModifyContent, CryptoAlgorithm.AESx256);

// save updated encrypted PDF file

doc.Save(“c:/pdftest/asposeExample_Converted.pdf”);

5

We considered using the Encrypt method like you described, but we are stuck using the Encrypt method that uses DocumentPrivilege as opposed to using the method that takes Permissions like the one you suggested.

We are using:
public void Encrypt(string userPassword, 
		string ownerPassword,

	DocumentPrivilege privileges,

	CryptoAlgorithm cryptoAlgorithm,

	bool usePdf20

	)

We are currently stuck using this method because of some legacy code that requires the DocumentPrivilege object.

So if there is a suggestion for how to properly set the usePdf20 variable that would be very helpful.

As for attaching the pdf we are using, I will have to request permission and attach it later.
6

Hi Cody,


Thanks for sharing the updates.

The usePdf20 argument offers the feature to support the revision 6 (extension 8) but if you do not want to use it, you may specify either value for this Boolean argument.

[C#]

// load input PDF file<o:p></o:p>

Document doc = new Document("c:/pdftest/pdffromxml.pdf");

doc.Encrypt("userpassword", "ownerpassword", DocumentPrivilege.ForbidAll, CryptoAlgorithm.AESx256,false);

// save updated encrypted PDF file

doc.Save(“c:/pdftest/pdffromxml_Encrypted.pdf”);

7

This issue is still present in the current version 19.11 of Aspose.PDF. However, if I set both the userpassword AND the ownerpassword the document appears to be encrypted fine; it prompts for the password when opened and a viewer which was previously able to view the document using libmupdf to render pages was then no longer able to do so. Just a “for info” …

8

@rozeboosje

This issue was OS specific thus can not be fixed by the API. It may be resolved by updating to latest OS. However, we value your contribution and shared workaround will certainly help other community members with similar situation.

1 Like