Problems setting rights (SetEncryption) within pdf

Question

we run into problems using the product. It seems does some functions in iText 5.4.3 doesn’t working well? Please, can someone give us a hint how to solve that?

We modify src.pdf to dest.pdf as follows:

Function CreateFlattedPdf(ByRef originalPdf As Byte()) As Byte()
    Dim retValue As Byte() = Nothing
    Dim originalPdfReader As PdfReader = New PdfReader(originalPdf)
    Dim pdfKopie As MemoryStream = New MemoryStream()
    Dim pdfKopieStamper As PdfStamper = New PdfStamper(originalPdfReader, pdfKopie)

    pdfKopieStamper.SetEncryption(False, userPassword, ownerPassword, _
                                  PdfWriter.ALLOW_ASSEMBLY _
                                   Or PdfWriter.ALLOW_COPY _
                                   Or PdfWriter.ALLOW_DEGRADED_PRINTING _
                                   Or PdfWriter.ALLOW_FILL_IN _
                                   Or PdfWriter.ALLOW_MODIFY_ANNOTATIONS _
                                   Or PdfWriter.ALLOW_MODIFY_CONTENTS _
                                   Or PdfWriter.ALLOW_PRINTING _
                                   Or PdfWriter.ALLOW_SCREENREADERS _
                                )

    ' Entferne die Signaturinformationen aus dem original Pdf-Dokument
    pdfKopieStamper.FormFlattening = True
    pdfKopieStamper.Close()

    ' Schreibe den Inhalt der geflatteten Kopie in die Antwort
    retValue = pdfKopie.ToArray()

    ' Schließe die Bearbeitung des Dokumentes ab
    pdfKopie.Close()
    originalPdfReader.Close()

    Return retValue
End Function

Besides, we put all possible i text rights. As a result we get a PDF where page withdrawal (page-extraction) and document arrangement (document compilation) is not allowed?!

My questions are:

1. is this a misbehavior of iText, Or, can one change this setting with iText in generally? If so, how (code example)?
2. Can one the set these rights without any password too? Till present we have seen only functions for the setting rights always in conjunction with users and owners password.

Thanks for your help in advance!

Ingo

Answer 1

The observations

The permission tab as seen by the OP indeed shows some missing permissions:

Inspecting the permissions of the OP's result file using Adobe Acrobat, though, there is a different result:

Merely flattening the OP's source file (not encrypting it at all!) one gets this file for which Adobe Acrobat even shows these permissions:

The explanation

This is a behavior of Adobe Reader, the PDF viewer most likely used by the OP: The permissions tab seen by the OP does not only represent what has or has not been forbidden during encryption but also restrictions of the PDF viewer itself.

There seems to be the misconception by the OP that using encryption and setting permission bits one can add to the capabilities compared to un-encrypted files. Actually it is the other way around: Encryption allows you to remove permissions compared to what is allowed for an un-encrypted document. By means of not using certain ALLOW_* permission bits you withdraw permissions. You get the maximum number of permissions by simply not encrypting the document.

In addition to the permissions of the un-encrypted document a specific PDF viewing program might require additional usage rights which are viewer-specific. Such PDF viewers (foremost Acrobat Reader) generally are fairly inexpensive or free but they do not offer the full functionality unless the document in question carries the appropriate usage rights.

Usage rights can be added by means of usage rights signatures. To apply such usage rights signatures you usually need software or services provided by the manufacturer of the PDF viewer in question.

To add usage rights for Adobe Reader, e.g., you can use Adobe Acrobat or certain Adobe Lifecycle services.

Thus,

The answers

As a result we get a PDF where page withdrawal (page-extraction) and document arrangement (document compilation) is not allowed

No. As can be seen above, your dest.pdf only disallows page extraction, and as soon as you stop encrypting, even that is allowed.

1 is this a misbehavior of iText, Or, can one change this setting with iText in generally? If so, how (code example)?

It is no misbehavior of iText, it is a behavior of Adobe Reader. Adobe Reader limits its features in general and only lifts the limitations for documents with usage rights. Such usage rights can only be applied by Adobe software.

2 Can one the set these rights without any password too? Till present we have seen only functions for the setting rights always in conjunction with users and owners password.

Using encryption actually is counter-productive as it can only be used to remove permissions, not to add them.

Resources

Additional information on the issue taken from the parallel post on the itext-questions mailing list:

• a sample source file illustrating the issue src.pdf
• the corresponding result file generated by the OP's code dest.pdf
• a screen shot showing the OP's PDF viewer's permission tab for dest.pdf: