How to use "-newencrypt" option in PDF Security and Signature software?

Dear sir or madam,

today I bought a copy of PDF security and Signature. The Help-option of the program shows an option "--newencrypt" for new encryption options. But neither in the accompanying help files nor on your homepage I can find any further details on that. Could you please tell me more?

Another question if I want to set more than one permission flag on a document (e.g. high quality printing and copy and paste) do I have to simply add the numbers like in unix chmod (-perm 2056 [2048+16 in my above example]), or do I have to give -perm and list all numbers (-perm 2048 8) or do I have to specify perm for each number (-perm 2048 -perm 8).

Thanks for a reply!


Thanks for your message, you can run following command lines to encrypt your PDF files,

pdfsecure.exe -openpwd 123 -ownerpwd 456 -perm 0 -keylen 128 -stringcrypt AES256 -streamcrypt AES256 -forceencrypt -linearize readme.pdf _readme_out_aes256.pdf

pdfsecure.exe -openpwd 123 -ownerpwd 456 -perm 0 -stringcrypt AES128 -streamcrypt AES128 readme.pdf _readme_out_aes128.pdf

pdfsecure.exe -openpwd 123 -ownerpwd 456 -perm 0 -keylen 128 -stringcrypt rc4 -streamcrypt rc4 -forceencrypt -linearize readme.pdf _readme_out_rc4.pdf

pdfsecure.exe -newencrypt "--encrypt 123 456 256 --force-R5 --print=full --modify=none" readme.pdf _readme_out_aes256_new_method.pdf

If you wish to set more permission together, you may add their values together,

  -perm <int>              : Set the permission flags
       -perm    4: Allow Printing
       -perm    8: Allow Changing the Document
       -perm   16: Allow Content Copying or Extraction
       -perm   32: Allow Commenting
       -perm  256: Allow Filling of form fields
       -perm  512: Allow Content Extraction for Accessibility
       -perm 1024: Allow Document Assembly
       -perm 2048: Allow High Quality Printing
       -perm 3900: Allow All Permissions
       -perm    0: Not Allow All (default)
       -perm   -1: No Encryption is used

For example, if you wish set "Allow high quality printing" and "Allow copy and paste" permissions to generated PDF file, you may use -perm 2056 [2048+16 in your example.

"-newencrypt" is an new encryption option, you may use it with following options,

Encryption Options for "-newencrypt" parameter.
To change the encryption parameters of a file, use the --encrypt flag. The syntax is

--encrypt user-password owner-password key-length [ restrictions ] --
Note that "--" terminates parsing of encryption flags and must be present even if no restrictions are present.

Either or both of the user password and the owner password may be empty strings.

The value for key-length may be 40, 128, or 256. The restriction flags are dependent upon key length. When no additional restrictions are given, the default is to be fully permissive.

If key-length is 40, the following restriction options are available:

Determines whether or not to allow printing.

Determines whether or not to allow document modification.

Determines whether or not to allow text/image extraction.

Determines whether or not to allow comments and form fill-in and signing.

If key-length is 128, the following restriction options are available:

Determines whether or not to allow accessibility to visually impaired. The VeryPDF library disregards this field when AES is used or when 256-bit encryption is used. You should really never disable accessibility, but VeryPDF lets you do it in case you need to configure a file this way for testing purposes. The PDF spec says that conforming readers should disregard this permission and always allow accessibility.

Determines whether or not to allow text/graphic extraction.

Determines whether document assembly (rotation and reordering of pages) is allowed.

Determines whether modifying annotations is allowed. This includes adding comments and filling in form fields. Also allows editing of form fields if --modify-other=y is given.

Determines whether filling form fields is allowed.

Allow all document editing except those controlled separately by the --assemble, --annotate, and --form options.

Controls printing access. print-opt may be one of the following:

* full: allow full printing
* low: allow low-resolution printing only
* none: disallow printing

Controls modify access. This way of controlling modify access has less granularity than new options added in VeryPDF 8.4. modify-opt may be one of the following:

* all: allow full document modification
* annotate: allow comment authoring, form operations, and document assembly
* form: allow form field fill-in and signing and document assembly
* assembly: allow document assembly only
* none: allow no modifications

Using the --modify option does not allow you to create certain combinations of permissions such as allowing form filling but not allowing document assembly. Starting with VeryPDF 8.4, you can either just use the other options to control fields individually, or you can use something like --modify=form --assembly=n to fine tune.

If specified, any metadata stream in the document will be left unencrypted even if the rest of the document is encrypted. This also forces the PDF version to be at least 1.5.

If --use-aes=y is specified, AES encryption will be used instead of RC4 encryption. This forces the PDF version to be at least 1.6.

Use of this option forces the /V and /R parameters in the document's encryption dictionary to be set to the value 4. As VeryPDF will automatically do this when required, there is no reason to ever use this option. It exists primarily for use in testing VeryPDF itself. This option also forces the PDF version to be at least 1.5.

If key-length is 256, the minimum PDF version is 1.7 with extension level 8, and the AES-based encryption format used is the PDF 2.0 encryption method supported by Acrobat X. the same options are available as with 128 bits with the following exceptions:

This option is not available with 256-bit keys. AES is always used with 256-bit encryption keys.

This option is not available with 256 keys.

If specified, VeryPDF sets the minimum version to 1.7 at extension level 3 and writes the deprecated encryption format used by Acrobat version IX. This option should not be used in practice to generate PDF files that will be in general use, but it can be useful to generate files if you are trying to test proper support in another application for PDF files encrypted in this way.

The default for each permission option is to be fully permissive.

for example,

pdfsecure.exe -newencrypt "--encrypt 123 456 256 --force-R5 --print=full --modify=none" readme.pdf _readme_out_aes256_new_method.pdf


VN:F [1.9.20_1166]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.20_1166]
Rating: 0 (from 0 votes)

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Verify Code   If you cannot see the CheckCode image,please refresh the page again!