org.nuxeo.ecm.platform.pdf

Class PDFEncryption

java.lang.Object

org.nuxeo.ecm.platform.pdf.PDFEncryption

public class PDFEncryption
extends Object

Encrypt/Decrypt a PDF.

Notice that encryption is not only about pure encryption, it is also about setting the available features on the pdf: can print, copy, modify, ... (see PDFBox AccessPermission).

To use this class and its encrypt()/removeEncryption() methods you must always use the appropriate setters first, to set the misc info (original owner password so an encrypted PDF can be handled, encryption key length, ...).

Since:

8.10

Constructor Summary

Constructors

Constructor and Description
PDFEncryption(Blob inBlob) Basic constructor.

Method Summary

Modifier and Type	Method and Description
Blob	encrypt(org.apache.pdfbox.pdmodel.encryption.AccessPermission inPerm) Encrypts the PDF with the new permissions (see AccessPermission).
Blob	encryptReadOnly() Encrypts the PDF with readonly permission.
Blob	removeEncryption() Removes all protection from the PDF, returns a copy of it.
void	setKeyLength(int keyLength) Set the lentgh of the key to be used for encryption.
void	setOriginalOwnerPwd(String originalOwnerPwd) Set the password to use when opening a protected PDF.
void	setOwnerPwd(String ownerPwd) Set the owner password to use when encrypting PDF.
void	setUserPwd(String userPwd) Set the user password to use when encrypting PDF.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PDFEncryption

public PDFEncryption(Blob inBlob)

Basic constructor.

Parameters:

inBlob - Input blob.

Method Detail

encryptReadOnly

public Blob encryptReadOnly()

Encrypts the PDF with readonly permission.

WARNING: If you are familiar with PDFBox AccessPermission, notice our encryptReadOnly() method is not the same as AccessPermission#AccessPermission#setReadOnly. The latter just makes sure the code cannot call other setter later on.

encryptReadOnly sets the following permissions on the document:

• Can print: True
• Can Modify: False
• Can Extract Content: True
• Can Add/Modify annotations: False
• Can Fill Forms: False
• Can Extract Info for Accessibility: True
• Can Assemble: False
• Can print degraded: True

IMPORTANT

It is required that the following setters are called before:

• setOriginalOwnerPwd(java.lang.String): Only if the original PDF already is encrypted. This password allows to open it for modification.
• setKeyLength(int): To set the length of the key.
• setOwnerPwd(java.lang.String): The password for the owner. If not called, originalOwnerPwd is used instead.
• setUserPwd(java.lang.String): The password for the user.

Returns:

A copy of the blob with the readonly permissions set.

encrypt

public Blob encrypt(org.apache.pdfbox.pdmodel.encryption.AccessPermission inPerm)

Encrypts the PDF with the new permissions (see AccessPermission).

IMPORTANT

It is required that the following setters are called before:

• setOriginalOwnerPwd(java.lang.String): Only if the original PDF already is encrypted. This password allows to open it for modification.
• setKeyLength(int): To set the length of the key.
• setOwnerPwd(java.lang.String): The password for the owner. If not called, originalOwnerPwd is used instead.
• setUserPwd(java.lang.String): The password for the user.

Parameters:

inPerm - Input permissions.

Returns:

A copy of the blob with the new permissions set.

removeEncryption

public Blob removeEncryption()

Removes all protection from the PDF, returns a copy of it. If the PDF was not encrypted, just returns a copy of it with no changes.

IMPORTANT

If the PDF is encrypted, it is required for setOriginalOwnerPwd(java.lang.String) to be called before to removeEncryption.

• setOriginalOwnerPwd(java.lang.String): Only if the original PDF already is encrypted. This password allows to open it for modification.
• setKeyLength(int): To set the length of the key.
• setOwnerPwd(java.lang.String): The password for the owner. If not called, originalOwnerPwd is used instead.
• setUserPwd(java.lang.String): The password for the user.

setKeyLength

public void setKeyLength(int keyLength)
                  throws NuxeoException

Set the lentgh of the key to be used for encryption.

Possible values are 40 and 128. Default value is 128 if keyLength is <= 0.

Parameters:

keyLength - Lenght of the encryption key.

Throws:

NuxeoException

setOriginalOwnerPwd

public void setOriginalOwnerPwd(String originalOwnerPwd)

Set the password to use when opening a protected PDF. Must be called before encrypting the PDF.

Parameters:

originalOwnerPwd - Original owner password.

setOwnerPwd

public void setOwnerPwd(String ownerPwd)

Set the owner password to use when encrypting PDF. Must be called before encrypting the PDF.

Owners can do whatever they want to the PDF (modify, change protection, ...).

Parameters:

ownerPwd - Owner password.

setUserPwd

public void setUserPwd(String userPwd)

Set the user password to use when encrypting PDF. Must be called before encrypting the PDF.

Users can have less rights than owners (for example, not being able to remove protection).

Parameters:

userPwd - User password.