Class PDFEncryption


  • public class PDFEncryption
    extends Object
    Encrypt/Decrypt a PDF.

    Notice that encryption is not only about pure encryption, it is also about setting the available features on the pdf: can print, copy, modify, ... (see PDFBox AccessPermission).

    To use this class and its encrypt()/removeEncryption() methods you must always use the appropriate setters first, to set the misc info (original owner password so an encrypted PDF can be handled, encryption key length, ...).

    Since:
    8.10
    • Constructor Detail

      • PDFEncryption

        public PDFEncryption​(Blob inBlob)
        Basic constructor.
        Parameters:
        inBlob - Input blob.
    • Method Detail

      • encryptReadOnly

        public Blob encryptReadOnly()
        Encrypts the PDF with readonly permission.

        WARNING: If you are familiar with PDFBox AccessPermission, notice our encryptReadOnly() method is not the same as AccessPermission.setReadOnly(). The latter just makes sure the code cannot call other setter later on.

        encryptReadOnly sets the following permissions on the document:

        • Can print: True
        • Can Modify: False
        • Can Extract Content: True
        • Can Add/Modify annotations: False
        • Can Fill Forms: False
        • Can Extract Info for Accessibility: True
        • Can Assemble: False
        • Can print degraded: True

        IMPORTANT

        It is required that the following setters are called before:
        Returns:
        A copy of the blob with the readonly permissions set.
      • encrypt

        public Blob encrypt​(org.apache.pdfbox.pdmodel.encryption.AccessPermission inPerm)
        Encrypts the PDF with the new permissions (see AccessPermission).

        IMPORTANT

        It is required that the following setters are called before:
        Parameters:
        inPerm - Input permissions.
        Returns:
        A copy of the blob with the new permissions set.
      • setKeyLength

        public void setKeyLength​(int keyLength)
                          throws NuxeoException
        Set the lentgh of the key to be used for encryption.

        Possible values are 40 and 128. Default value is 128 if keyLength is <= 0.

        Parameters:
        keyLength - Length of the encryption key.
        Throws:
        NuxeoException
      • setOriginalOwnerPwd

        public void setOriginalOwnerPwd​(String originalOwnerPwd)
        Set the password to use when opening a protected PDF. Must be called before encrypting the PDF.
        Parameters:
        originalOwnerPwd - Original owner password.
      • setOwnerPwd

        public void setOwnerPwd​(String ownerPwd)
        Set the owner password to use when encrypting PDF. Must be called before encrypting the PDF.

        Owners can do whatever they want to the PDF (modify, change protection, ...).

        Parameters:
        ownerPwd - Owner password.
      • setUserPwd

        public void setUserPwd​(String userPwd)
        Set the user password to use when encrypting PDF. Must be called before encrypting the PDF.

        Users can have less rights than owners (for example, not being able to remove protection).

        Parameters:
        userPwd - User password.