|< Day Day Up >|
Restrict who can view your PDF and how they can use it .
You can use PDF encryption to lock a file's content behind a password, but more often it is used to enforce lighter restrictions imposed by the author. For example, the author might permit printing pages but prohibit making changes to the document. Here, we continue from [Hack #2] and explain how pdftk [Hack #79] can encrypt and decrypt PDF documents. We'll begin by describing the Acrobat Standard Security model (called Password Security in Acrobat 6) and the permissions you can grant or revoke.
5.3.1 PDF Passwords
Acrobat Standard Security enables you to set two passwords on a PDF: the user password and the owner password. In Acrobat 6, these are also called the Open password and the Permissions password, respectively.
The user password, if set, is necessary for viewing the document pages. The PDF encryption key is derived from the user password, so it really is required. When a PDF viewer tries to open a PDF that was secured with a user password, it will prompt the reader to supply the correct password.
The owner password, if set, is necessary for changing the document security settings. A PDF with both its user and owner passwords set can be opened with either password, so you should choose both with equal care.
An owner password by itself does not provide any real PDF security. The content is encrypted, but the key, which is derived from the (empty) user password, is known. By itself, an owner password is a polite but firm request to respect the author's wishes. A rogue program could strip this security in a second. See [Hack #66] for additional rights management options.
5.3.2 Standard Security Encryption Strength
If your PDF must be compatible with Acrobat 3 or 4, you must use the weaker, 40-bit encryption strength. Otherwise, use the stronger, 128-bit strength. In both cases, the encryption key is created from the user password, so a good, long, random password helps improve your security against brute force attacks. The longest possible PDF password is 32 characters .
5.3.3 Standard Security Permissions
Set the user password if you don't want people to see your PDF. If they don't have the user password, it simply won't open.
You also have some control over what people can do with your document once they have it open. The permissions associated with 128-bit security (Acrobat 5 and 6) are more precise than those associated with 40-bit security (Acrobat 3 and 4). Tables Table 5-1 and Table 5-2 list all available permissions for each security model, and Figure 5-2 shows the permissions as seen through Acrobat. The tables also show the corresponding pdftk flags to use.
Table 5-1. Permissions available under 40-bit security
Table 5-2. Permissions available under 128-bit security
Figure 5-2. PDF Standard Security features, which help you control how readers use your document
Comparing these two tables, you can see that Assembly is a weaker version ofModifyContents and FillIn is a weaker version of ModifyAnnotations.
DegradedPrinting sends pages to the printer as rasterized images, whereas Printing sends pages as PostScript. A PostScript stream can be intercepted and turned back into (unsecured) PDF, so the Printing permission is a security risk. However, DegradedPrinting reduces the clarity of printed pages, so you should test your document to make sure DegradedPrinting yields acceptable, printed pages.
After setting these permissions and/or a user password, changing them requires the owner password, if it is set.
5.3.4 pdftk and Encrypted Input
When using pdftk on encrypted PDF documents, the owner password must be supplied. If an encrypted PDF has no owner password, the user password must be given instead. If an encrypted PDF has neither password set, no password should be associated with this document when calling pdftk.
Input PDF passwords are listed right after the input filenames, like so:
pdftk <input PDF files> input_pw <input file passwords> ...
The file handles assigned in <input PDF files> are used to associate files with passwords in <input file passwords> like so:
<input PDF handle> = <input PDF password>
Adding this parameter to our example in [Hack #51] produces:
pdftk A=in1.pdf B=in2.pdf C=in3.pdf \ input_pw A=foopass cat A1 B1-end C5 output out.pdf
5.3.5 Use pdftk to Encrypt Output
You can encrypt any PDF created with pdftk by simply adding encryption parameters after the output filename, like so:
... output <output filename> \ [encrypt_40bit encrypt_128bit] [allow <permissions> ] \ [owner_pw <owner password> ] [user_pw <user password> ]
Here are the details:
Adding these parameters to our example in [Hack #51] yields this:
pdftk A=in1.pdf B=in2.pdf C=in3.pdf \ cat A1 B1-end C5 output out.pdf \ encrypt_128bit allow CopyContents Printing \ owner_pw ownpass
5.3.6 Simply Encrypting or Decrypting a File
The previous examples were in the context of [Hack #51] . Here are examples of simply adding or removing encryption from a single file:
|< Day Day Up >|