Sign an encrypted PDF-Document

Hello,

with reference to an older post from 2009 (https://forum.aspose.com/t/119198), I am trying to do sign and encrypt a document using the current version of Aspose.Pdf for .NET.

Is this still possible, and could you provide me with an example on how this can be done? When I have tried a modified version of the example in the older post, I manage to both encrypt and sign the document, but Adobe Reader displays an error "Certification by XXX is Invalid." (Se attached screenshot)

When I just adds a signature or just encrypts the file all seems to work as desired but not both features together. This is the code I have written to modify my Pdf:
private void ApplySecurityToPdfFile(byte[] originalPdfFile, out byte[] securedPdfFile, ISignature signatureSignature, IPrivileges privileges)
 {
     securedPdfFile = null;
 <span style="color:blue;">using</span> (<span style="color:blue;">var</span> l_originalPdfStream = <span style="color:blue;">new</span> <span style="color:#2b91af;">MemoryStream</span>(originalPdfFile))
 {
     <span style="color:blue;">using</span> (<span style="color:blue;">var</span> l_Originaldocument = <span style="color:blue;">new</span> Aspose.Pdf.<span style="color:#2b91af;">Document</span>(l_originalPdfStream))
     {

         <span style="color:blue;">using</span> (<span style="color:blue;">var</span> l_securedPdfStream = <span style="color:blue;">new</span> <span style="color:#2b91af;">MemoryStream</span>())
         {
             <span style="color:#2b91af;">PdfFileSecurity</span> l_fileSecurity = <span style="color:blue;">new</span> <span style="color:#2b91af;">PdfFileSecurity</span>(l_Originaldocument);

             <span style="color:blue;">var</span> l_documentPrivilege = Aspose.Pdf.Facades.<span style="color:#2b91af;">DocumentPrivilege</span>.AllowAll;
             l_documentPrivilege.AllowAssembly = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowCopy = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowDegradedPrinting = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowFillIn = <span style="color:blue;">true</span>;
             l_documentPrivilege.AllowModifyAnnotations = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowModifyContents = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowPrint = <span style="color:blue;">false</span>;
             l_documentPrivilege.AllowScreenReaders = <span style="color:blue;">false</span>;
             l_documentPrivilege.CopyAllowLevel = 0;
             l_documentPrivilege.PrintAllowLevel = 0;
             l_documentPrivilege.ChangeAllowLevel = 2;

             l_fileSecurity.EncryptFile(<span style="color:#a31515;">""</span>, <span style="color:#a31515;">"ownerpassword"</span>, l_documentPrivilege, <span style="color:#2b91af;">KeySize</span>.x128);

             l_fileSecurity.Save(l_securedPdfStream);


             <span style="color:blue;">using</span> (<span style="color:blue;">var</span> l_signedPdfStream = <span style="color:blue;">new</span> <span style="color:#2b91af;">MemoryStream</span>())
             {

                 <span style="color:blue;">using</span> (<span style="color:blue;">var</span> l_certificateStream = <span style="color:blue;">new</span> <span style="color:#2b91af;">MemoryStream</span>())
                 {
                     <span style="color:blue;">var</span> l_signatureData = signatureSignature <span style="color:blue;">as</span> <span style="color:#2b91af;">Signature</span>;

                     l_signatureData.SaveToStream(l_certificateStream);

                     l_certificateStream.Position = 0;

                     <span style="color:blue;">var</span> l_certificate = <span style="color:blue;">new</span> Aspose.Pdf.InteractiveFeatures.Forms.<span style="color:#2b91af;">PKCS7</span>(l_certificateStream,
                         l_signatureData.CertificatePassword);

                     <span style="color:blue;">var</span> l_signature = <span style="color:blue;">new</span> Aspose.Pdf.Facades.<span style="color:#2b91af;">PdfFileSignature</span>();

                     l_signature.BindPdf(l_securedPdfStream);

                     <span style="color:blue;">var</span> l_docMdpSignature =
                         <span style="color:blue;">new</span> Aspose.Pdf.InteractiveFeatures.Forms.<span style="color:#2b91af;">DocMDPSignature</span>(l_certificate,
                             <span style="color:#2b91af;">DocMDPAccessPermissions</span>.NoChanges);

                     l_signature.Certify(1, <span style="color:#a31515;">"Signature Reason"</span>, <span style="color:#a31515;">"Contact"</span>, <span style="color:#a31515;">"Location"</span>, <span style="color:blue;">false</span>, <span style="color:blue;">new</span> System.Drawing.<span style="color:#2b91af;">Rectangle</span>(100, 100, 200, 100), l_docMdpSignature);

                     l_signature.Save(l_signedPdfStream);

                     securedPdfFile = l_signedPdfStream.ToArray();
                 }

             }
         }
     }
 }

}



thanks,

Henrik


Hi Henrik,


Thanks
for using our API’s.
<o:p></o:p>

I
have tested the scenario and I am able to notice the same problem. For the sake
of correction, I have logged this problem as PDFNEWNET-39754 in
our issue tracking system. We will further look into the details of this
problem and will keep you updated on the status of correction. Please be
patient and spare us little time. We are sorry for this inconvenience.

Hello,

and thanks for looking into the case. Does the code seem to be correct or is there another way of solving the problem? As I did not find a working example of what I intended to solve I had to just try different approaches, so if you could provide me With a working example instead I would be grateful.

thanks, Henrik

Hi Henrik,


Thanks for contacting support. The code snippet is correct but we also noticed similar issues in past when using both approaches (encryption and digital signature) in PDF document. However the team will further look into this matter and as soon as we have some further updates, we will let you know.

PS, encryption prevents unauthorized access of information inside PDF file and digital signature prevents modification of file contents and ensures document integrity.
codewarior:
Hi Henrik,

Thanks for contacting support. The code snippet is correct but we also noticed similar issues in past when using both approaches (encryption and digital signature) in PDF document. However the team will further look into this matter and as soon as we have some further updates, we will let you know.

PS, encryption prevents unauthorized access of information inside PDF file and digital signature prevents modification of file contents and ensures document integrity.

Hello,

and thanks for looking into the case. My goal is to digitally sign the PDF but also to protect parts of the contents from being copied/extracted, so I thought from the documentation that encryption (using blank userpassword and a protected ownerpassword) would be the way to go..

thanks,

Henrik

Hi Henrik,


Thanks for sharing the details.

The issue is still pending for review but after thorough investigation, we will be in position to share if PDF specifications allow using both features simultaneously or not. As soon as we have some definite updates, we will let you know.
Hello,

and thanks for looking into the issue - I am waiting for your conclusion. When it comes to wether the functionality is supported, I would say it appears that way in the example in the post from 2009?

-Henrik

Hi Henrik,


Thanks for sharing the feedback. As soon as we have some definite updates, we will let you know. Please be patient and spare us little time.