SecurePDF

The command SecurePDF can be used to digitally sign, encrypt, and set access controls on PDF documents generated with the command DocToPDF. The digital signature is based on a cryptographic certificate and can be used to validate the authenticity of the PDF document. Any changes made to the PDF document after it has been signed will invalidate the signature. Encryption restricts access to the protected document to users who have the appropriate password. The access controls restrict the ways in which the content of the PDF document can be manipulated by the reader.

Note

The command SecurePDF may only be used if you accept the terms of the ELECTRONIC END USER LICENSE AGREEMENT FOR AMYUNI DOCUMENT CONVERTER PRODUCTS AS INTEGRATED IN AIA SOFTWARE'S ITP/DOCUMENT SERVICES PRODUCT. These license terms will be presented to you during installation of ITP/Document Services and will be installed in the same folder as this manual (Amyuni License Terms.txt). Note, that if you decline these terms, the installer will not install the Amyuni driver software.

Syntax

SecurePDF
        File(<text>)
        CertificateName(<text>)
        AllowPrint(<True or False>)
        AllowCopy(<True or False>)
        AllowChange(<True or False>)
        AllowFieldAuthoring(<True or False>)
        PermissionPassword(<text>)
        OpenPassword(<text>)
        Use40BitEncryption(<True or False>);

Parameters

File: Required.
The path and file name of the PDF file. This must be a PDF file on which none of the restrictions is set.

CertificateName: Optional (Default: the PDF file will be secured, but not signed).
The name of the stored certificate used for signing the PDF file. This is the name the certificate is issued to.

Note

The certificate must be installed in the Personal certificate store associated with the ITP/Server account.

AllowPrint: Optional (Default: False).
Specifies whether the file can be printed by users.

AllowCopy: Optional (Default: False).
Specifies whether the document content may be copied by users.

AllowChange: Optional (Default: False).
Specifies whether the document content can be changed by users.

AllowFieldAuthoring: Optional (Default: False (Users can still fill out the fields)).
Specifies whether Form Fields and comments may be added or changed.

PermissionPassword: Optional (Default: a random password, unknown to all).
Specifies the password that will be required to change access restrictions for the PDF file set with this command. If you do not specify a permission password, a random password will be used, that will be unknown to all.

Note

• If no permission password is specified, it will be impossible to change the permissions later via the Adobe Acrobat software, but it should not be regarded as a strong security measure. Refer to the note below for more information.
• The permission password alone should not be regarded as a strong security measure. Most common software e.g., Adobe Acrobat respects the PDF security settings. But it is possible to develop and obtain software tools that remove or ignore the access restrictions for PDF documents that do not have an Open Password. See below for more information on the parameter OpenPassword.
  Read also the section Security remarks below.

OpenPassword: Optional (Default: no password is needed to open the PDF).
If a non-empty string is given, this parameter is the password that must be used to open the document. If a password is set, ALL access to the document is prohibited without it.

The default is empty, which means that anyone can open the document (and at least view it).

Note

• If you specify an OpenPassword, and an empty (i.e. not absent) PermissionPassword there will be no access restrictions, once a user has opened the document with the open password.
• An OpenPassword should not be regarded as a strong security measure in combination with an empty PermissionPassword. SecurePDF reduces this risk by generating a random permission password by default. The Adobe software does not allow one to open a file without specifying the open password, but it is possible to develop/obtain software tools that remove/ignore the open password for PDF file that have an empty (= non-random) permission password.

Security remarks

• The parameter OpenPassword is used to encrypt the PDF document using the 128 bit RC4 stream cipher. Therefore, the longer the password the better a file is secured. For optimal safety, use non-obvious passwords of 32 characters. Passwords do not need to be longer than 32 characters. More than that will not add more security.
• The most secure file is achieved when the parameter OpenPassword is specified and the parameter PermissionPassword is not specified. The effect of the combination of these parameters is that users need a password to open the file and that the parameter PermissionPassword is unknown, so the security cannot be changed.
• The second most secure file is achieved with both the parameters PermissionPassword and OpenPassword set to (different) non-empty values. The effect of this combination is that users need a password to open the file, and that they need to know the PermissionPassword to change the security settings. If you use the same password for both opening and permissions, users will be able to change the security settings after providing the open password alone.
• Either specifying an empty PermissionPassword, or specifying an empty OpenPassword (or omitting it) will lead to a less secure file. The file will be encrypted and have access restrictions that are respected by the Adobe Acrobat software. In this case, these restrictions can be broken relatively easily by third party tools.
• The security level that can be reached with the parameter SecurePDF depends on the passwords set and on the 128 bit RC4 stream cipher standard and as such needs to be assessed for adequacy before use.
  

Use40BitEncryption: Optional (Default: False; 128-bit encryption is used).
When set to true 40-bit encryption is used. The 128-bit encryption is more secure, but incompatible with Acrobat 4 and earlier (PDF format version 1.3 and earlier).

Only set this parameter to True if users of the PDF file do not have access to Acrobat (Reader) 5 and up (or equivalent software).

Note

Starting from Amyuni PDF Converter version 4.0.0.8 (ITP/Server 3.5.7),this setting is no longer supported. Amyuni will always use the default, 128-bit encryption in that case.

Note

This command does not produce PDF/A-1b compliant documents, even when the input PDF document is PDF/A-1b compliant.