Table of Contents

Class PdfEncryption

Namespace
iText.Kernel.Pdf
Assembly
itext.kernel.dll
public class PdfEncryption : PdfObjectWrapper<PdfDictionary>
Inheritance
PdfEncryption
Inherited Members

Constructors

PdfEncryption(byte[], byte[], int, int, byte[], PdfVersion)

Creates the encryption.

public PdfEncryption(byte[] userPassword, byte[] ownerPassword, int permissions, int encryptionType, byte[] documentId, PdfVersion version)

Parameters

userPassword byte[]

the user password. Can be null or of zero length, which is equal to omitting the user password

ownerPassword byte[]

the owner password. If it's null or empty, iText will generate a random string to be used as the owner password

permissions int

the user permissions The open permissions for the document can be ALLOW_PRINTING , ALLOW_MODIFY_CONTENTS , ALLOW_COPY , ALLOW_MODIFY_ANNOTATIONS , ALLOW_FILL_IN , ALLOW_SCREENREADERS , ALLOW_ASSEMBLY and ALLOW_DEGRADED_PRINTING. The permissions can be combined by ORing them

encryptionType int

the type of encryption. It can be one of STANDARD_ENCRYPTION_40 , STANDARD_ENCRYPTION_128 , ENCRYPTION_AES_128 or ENCRYPTION_AES_256. Optionally DO_NOT_ENCRYPT_METADATA can be ORed to output the metadata in cleartext. EMBEDDED_FILES_ONLY can be ORed as well. Please be aware that the passed encryption types may override permissions: STANDARD_ENCRYPTION_40 implicitly sets DO_NOT_ENCRYPT_METADATA and EMBEDDED_FILES_ONLY as false; STANDARD_ENCRYPTION_128 implicitly sets EMBEDDED_FILES_ONLY as false;

documentId byte[]

document id which will be used for encryption

version PdfVersion

the PdfVersion of the target document for encryption

PdfEncryption(IX509Certificate[], int[], int, PdfVersion)

Creates the certificate encryption.

public PdfEncryption(IX509Certificate[] certs, int[] permissions, int encryptionType, PdfVersion version)

Parameters

certs IX509Certificate[]

the public certificates to be used for the encryption

permissions int[]

the user permissions for each of the certificates The open permissions for the document can be ALLOW_PRINTING , ALLOW_MODIFY_CONTENTS , ALLOW_COPY , ALLOW_MODIFY_ANNOTATIONS , ALLOW_FILL_IN , ALLOW_SCREENREADERS , ALLOW_ASSEMBLY and ALLOW_DEGRADED_PRINTING. The permissions can be combined by ORing them

encryptionType int

the type of encryption. It can be one of STANDARD_ENCRYPTION_40 , STANDARD_ENCRYPTION_128 , ENCRYPTION_AES_128 or ENCRYPTION_AES_256. Optionally DO_NOT_ENCRYPT_METADATA can be ORed to output the metadata in cleartext. EMBEDDED_FILES_ONLY can be ORed as well. Please be aware that the passed encryption types may override permissions: STANDARD_ENCRYPTION_40 implicitly sets DO_NOT_ENCRYPT_METADATA and EMBEDDED_FILES_ONLY as false; STANDARD_ENCRYPTION_128 implicitly sets EMBEDDED_FILES_ONLY as false;

version PdfVersion

the PdfVersion of the target document for encryption

Remarks

Creates the certificate encryption.

An array of one or more public certificates must be provided together with an array of the same size for the permissions for each certificate.

PdfEncryption(PdfDictionary, byte[], byte[]) 

public PdfEncryption(PdfDictionary pdfDict, byte[] password, byte[] documentId)

Parameters

pdfDict PdfDictionary
password byte[]
documentId byte[]

PdfEncryption(PdfDictionary, IPrivateKey, IX509Certificate) 

public PdfEncryption(PdfDictionary pdfDict, IPrivateKey certificateKey, IX509Certificate certificate)

Parameters

pdfDict PdfDictionary
certificateKey IPrivateKey
certificate IX509Certificate

Methods

ComputeUserPassword(byte[])

Computes user password if standard encryption handler is used with Standard40, Standard128 or AES128 algorithm.

public virtual byte[] ComputeUserPassword(byte[] ownerPassword)

Parameters

ownerPassword byte[]

owner password of the encrypted document.

Returns

byte[]

user password, or null if not a standard encryption handler was used.

CreateInfoId(byte[], bool)

Creates a PdfLiteral that contains an array of two id entries.

public static PdfObject CreateInfoId(byte[] id, bool modified)

Parameters

id byte[]

the first id

modified bool

whether the document has been changed or not

Returns

PdfObject

PdfObject containing the two entries.

Remarks

Creates a PdfLiteral that contains an array of two id entries. These entries are both hexadecimal strings containing 16 hex characters. The first entry is the original id, the second entry should be different from the first one if the document has changed.

CreateInfoId(byte[], byte[])

Creates a PdfLiteral that contains an array of two id entries.

[Obsolete("Use CreateInfoId(byte[], byte[], bool) instead")]
public static PdfObject CreateInfoId(byte[] firstId, byte[] secondId)

Parameters

firstId byte[]

the first id

secondId byte[]

the second id

Returns

PdfObject

PdfObject containing the two entries.

Remarks

Creates a PdfLiteral that contains an array of two id entries. These entries are both hexadecimal strings containing 16 hex characters. The first entry is the original id, the second entry should be different from the first one if the document has changed.

CreateInfoId(byte[], byte[], bool)

Creates a PdfLiteral that contains an array of two id entries.

public static PdfObject CreateInfoId(byte[] firstId, byte[] secondId, bool preserveEncryption)

Parameters

firstId byte[]

the first id

secondId byte[]

the second id

preserveEncryption bool

the encryption preserve

Returns

PdfObject

PdfObject containing the two entries.

Remarks

Creates a PdfLiteral that contains an array of two id entries. These entries are both hexadecimal strings containing up to 16 hex characters. The first entry is the original id, the second entry should be different from the first one if the document has changed.

DecryptByteArray(byte[]) 

public virtual byte[] DecryptByteArray(byte[] b)

Parameters

b byte[]

Returns

byte[]

EncryptByteArray(byte[]) 

public virtual byte[] EncryptByteArray(byte[] b)

Parameters

b byte[]

Returns

byte[]

Flush()

To manually flush a PdfObject behind this wrapper, you have to ensure that this object is added to the document, i.e. it has an indirect reference.

public override void Flush()

Remarks

To manually flush a PdfObject behind this wrapper, you have to ensure that this object is added to the document, i.e. it has an indirect reference. Basically this means that before flushing you need to explicitly call MakeIndirect(PdfDocument). For example: wrapperInstance.makeIndirect(document).flush(); Note that not every wrapper require this, only those that have such warning in documentation.

GenerateNewDocumentId() 

public static byte[] GenerateNewDocumentId()

Returns

byte[]

GetCryptoMode()

Gets encryption algorithm and access permissions.

public virtual int GetCryptoMode()

Returns

int

the crypto mode value

See Also

GetDocumentId() 

public virtual byte[] GetDocumentId()

Returns

byte[]

document id which was used for encryption. Could be null, if encryption doesn't rely on document id.

GetEncryptionStream(Stream) 

public virtual OutputStreamEncryption GetEncryptionStream(Stream os)

Parameters

os Stream

Returns

OutputStreamEncryption

GetPermissions()

Gets the encryption permissions.

public virtual long? GetPermissions()

Returns

long?

the encryption permissions, an unsigned 32-bit quantity.

Remarks

Gets the encryption permissions. It can be used directly in SetStandardEncryption(byte[], byte[], int, int). See ISO 32000-1, Table 22 for more details.

IsEmbeddedFilesOnly() 

public virtual bool IsEmbeddedFilesOnly()

Returns

bool

IsMetadataEncrypted() 

public virtual bool IsMetadataEncrypted()

Returns

bool

IsOpenedWithFullPermission() 

public virtual bool IsOpenedWithFullPermission()

Returns

bool

IsWrappedObjectMustBeIndirect() 

protected override bool IsWrappedObjectMustBeIndirect()

Returns

bool

SetHashKeyForNextObject(int, int) 

public virtual void SetHashKeyForNextObject(int objNumber, int objGeneration)

Parameters

objNumber int
objGeneration int