PDFEncrypt Class

Properties   Methods   Events   Config Settings   Errors  

The PDFEncrypt class encrypts PDF documents.

Class Name

SecurePDF_PDFEncrypt

Procedural Interface

 securepdf_pdfencrypt_open();
 securepdf_pdfencrypt_close($res);
 securepdf_pdfencrypt_register_callback($res, $id, $function);
 securepdf_pdfencrypt_get_last_error($res);
 securepdf_pdfencrypt_get_last_error_code($res);
 securepdf_pdfencrypt_set($res, $id, $index, $value);
 securepdf_pdfencrypt_get($res, $id, $index);
 securepdf_pdfencrypt_do_close($res);
 securepdf_pdfencrypt_do_config($res, $configurationstring);
 securepdf_pdfencrypt_do_encrypt($res);
 securepdf_pdfencrypt_do_encrypted($res);
 securepdf_pdfencrypt_do_open($res);
 securepdf_pdfencrypt_do_reset($res);

Remarks

As with signing, PDF encryption is part of the PDF format itself. It is used to prevent unauthorized access to documents and is performed using either an encryption password (known as password-based or symmetric encryption) or the intended document recipient's public X.509 certificate (known as certificate-based or asymmetric encryption). The PDFEncrypt class supports both encryption types.

The benefit of this encryption scheme as defined in the standard is that encrypted PDF documents are still valid PDF documents and can be handled by almost any PDF reader. Of course, this software will need to be able to decrypt such documents, but it can always reach the metadata (information about the document) and document structure.

Password-Based Encryption

In password-based encryption, the publishers and intended users of the document must know some secret key (a password), which is used both to protect the document and access the protected data. Once the document has been protected (encrypted), the password is required to get access to the document's contents. Although this method is straightforward and widely used for protecting PDF documents, the password must be passed from the publisher to the intended users, which presents a significant disadvantage.

The following code shows how to encrypt a PDF document with a user password: pdfencrypt.InputFile = "input.pdf"; pdfencrypt.OutputFile = "password_encrypted.pdf"; pdfencrypt.Password = "password"; pdfencrypt.Encrypt(); Owner passwords are also supported. Compared to user passwords, these passwords are used to protect the permissions (set via the Permissions property) that will be embedded into the document. For example, you may want to prevent the recipient from printing or editing the document. You can encrypt the document with an owner password by specifying the OwnerPassword configuration setting before calling the Encrypt method.

Certificate-Based Encryption

Certificate-based encryption uses X.509 digital certificates to encrypt data. This encryption type provides a higher level of security compared to password-based encryption, as it relies on cryptographic key pairs, making it more difficult for unauthorized users to gain access. It is often used in environments where secure and authenticated document exchange is critical. Encrypting with a certificate (as opposed to a password) ensures that only the intended recipient who possesses the corresponding private key can decrypt the PDF document.

The following code shows how to encrypt a PDF document with a certificate: pdfencrypt.InputFile = "input.pdf"; pdfencrypt.OutputFile = "cert_encrypted.pdf"; pdfencrypt.EncryptionCert = new Certificate(CertStoreTypes.cstPublicKeyFile, "C:/MyCerts/cert.cer", "", "*"); pdfencrypt.Encrypt(); When encrypting using either a password or certificate, set the EncryptionAlgorithm property to the desired encryption algorithm. As additional encryption options, you can also decide whether the document metadata will be encrypted and embed permissions into the document via the EncryptMetadata and Permissions properties respectively.

Property List

---

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

Method List

---

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

Event List

---

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

Config Settings

---

The following is a list of config settings for the class with short descriptions. Click on the links for further details.

EncryptionAlgorithm Property (SecurePDF_PDFEncrypt Class)

The encryption algorithm to encrypt the PDF document with.

Object Oriented Interface

public function getEncryptionAlgorithm();
public function setEncryptionAlgorithm($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 1 );
securepdf_pdfencrypt_set($res, 1, $value );

Default Value

'AES256'

Remarks

This property is used to specify the encryption algorithm to encrypt the document with.

Possible values are:

• RC4
• AES128
• AES256

Data Type

String

EncryptionCertEffectiveDate Property (SecurePDF_PDFEncrypt Class)

The date on which this certificate becomes valid.

Object Oriented Interface

public function getEncryptionCertEffectiveDate();

Procedural Interface

securepdf_pdfencrypt_get($res, 2 );

Default Value

''

Remarks

The date on which this certificate becomes valid. Before this date, it is not valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2000 15:00:00.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertExpirationDate Property (SecurePDF_PDFEncrypt Class)

The date on which the certificate expires.

Object Oriented Interface

public function getEncryptionCertExpirationDate();

Procedural Interface

securepdf_pdfencrypt_get($res, 3 );

Default Value

''

Remarks

The date on which the certificate expires. After this date, the certificate will no longer be valid. The date is localized to the system's time zone. The following example illustrates the format of an encoded date:

23-Jan-2001 15:00:00.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertExtendedKeyUsage Property (SecurePDF_PDFEncrypt Class)

A comma-delimited list of extended key usage identifiers.

Object Oriented Interface

public function getEncryptionCertExtendedKeyUsage();

Procedural Interface

securepdf_pdfencrypt_get($res, 4 );

Default Value

''

Remarks

A comma-delimited list of extended key usage identifiers. These are the same as ASN.1 object identifiers (OIDs).

This property is read-only and not available at design time.

Data Type

String

EncryptionCertFingerprint Property (SecurePDF_PDFEncrypt Class)

The hex-encoded, 16-byte MD5 fingerprint of the certificate.

Object Oriented Interface

public function getEncryptionCertFingerprint();

Procedural Interface

securepdf_pdfencrypt_get($res, 5 );

Default Value

''

Remarks

The hex-encoded, 16-byte MD5 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: bc:2a:72:af:fe:58:17:43:7a:5f:ba:5a:7c:90:f7:02

This property is read-only and not available at design time.

Data Type

String

EncryptionCertFingerprintSHA1 Property (SecurePDF_PDFEncrypt Class)

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate.

Object Oriented Interface

public function getEncryptionCertFingerprintSHA1();

Procedural Interface

securepdf_pdfencrypt_get($res, 6 );

Default Value

''

Remarks

The hex-encoded, 20-byte SHA-1 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 30:7b:fa:38:65:83:ff:da:b4:4e:07:3f:17:b8:a4:ed:80:be:ff:84

This property is read-only and not available at design time.

Data Type

String

EncryptionCertFingerprintSHA256 Property (SecurePDF_PDFEncrypt Class)

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate.

Object Oriented Interface

public function getEncryptionCertFingerprintSHA256();

Procedural Interface

securepdf_pdfencrypt_get($res, 7 );

Default Value

''

Remarks

The hex-encoded, 32-byte SHA-256 fingerprint of the certificate. This property is primarily used for keys which do not have a corresponding X.509 public certificate, such as PEM keys that only contain a private key. It is commonly used for SSH keys.

The following example illustrates the format: 6a:80:5c:33:a9:43:ea:b0:96:12:8a:64:96:30:ef:4a:8a:96:86:ce:f4:c7:be:10:24:8e:2b:60:9e:f3:59:53

This property is read-only and not available at design time.

Data Type

String

EncryptionCertIssuer Property (SecurePDF_PDFEncrypt Class)

The issuer of the certificate.

Object Oriented Interface

public function getEncryptionCertIssuer();

Procedural Interface

securepdf_pdfencrypt_get($res, 8 );

Default Value

''

Remarks

The issuer of the certificate. This property contains a string representation of the name of the issuing authority for the certificate.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertPrivateKey Property (SecurePDF_PDFEncrypt Class)

The private key of the certificate (if available).

Object Oriented Interface

public function getEncryptionCertPrivateKey();

Procedural Interface

securepdf_pdfencrypt_get($res, 9 );

Default Value

''

Remarks

The private key of the certificate (if available). The key is provided as PEM/Base64-encoded data.

Note: The EncryptionCertPrivateKey may be available but not exportable. In this case, EncryptionCertPrivateKey returns an empty string.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertPrivateKeyAvailable Property (SecurePDF_PDFEncrypt Class)

Whether a PrivateKey is available for the selected certificate.

Object Oriented Interface

public function getEncryptionCertPrivateKeyAvailable();

Procedural Interface

securepdf_pdfencrypt_get($res, 10 );

Default Value

false

Remarks

Whether a EncryptionCertPrivateKey is available for the selected certificate. If EncryptionCertPrivateKeyAvailable is True, the certificate may be used for authentication purposes (e.g., server authentication).

This property is read-only and not available at design time.

Data Type

Boolean

EncryptionCertPrivateKeyContainer Property (SecurePDF_PDFEncrypt Class)

The name of the PrivateKey container for the certificate (if available).

Object Oriented Interface

public function getEncryptionCertPrivateKeyContainer();

Procedural Interface

securepdf_pdfencrypt_get($res, 11 );

Default Value

''

Remarks

The name of the EncryptionCertPrivateKey container for the certificate (if available). This functionality is available only on Windows platforms.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertPublicKey Property (SecurePDF_PDFEncrypt Class)

The public key of the certificate.

Object Oriented Interface

public function getEncryptionCertPublicKey();

Procedural Interface

securepdf_pdfencrypt_get($res, 12 );

Default Value

''

Remarks

The public key of the certificate. The key is provided as PEM/Base64-encoded data.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertPublicKeyAlgorithm Property (SecurePDF_PDFEncrypt Class)

The textual description of the certificate's public key algorithm.

Object Oriented Interface

public function getEncryptionCertPublicKeyAlgorithm();

Procedural Interface

securepdf_pdfencrypt_get($res, 13 );

Default Value

''

Remarks

The textual description of the certificate's public key algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_DH") or an object identifier (OID) string representing the algorithm.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertPublicKeyLength Property (SecurePDF_PDFEncrypt Class)

The length of the certificate's public key (in bits).

Object Oriented Interface

public function getEncryptionCertPublicKeyLength();

Procedural Interface

securepdf_pdfencrypt_get($res, 14 );

Default Value

0

Remarks

The length of the certificate's public key (in bits). Common values are 512, 1024, and 2048.

This property is read-only and not available at design time.

Data Type

Integer

EncryptionCertSerialNumber Property (SecurePDF_PDFEncrypt Class)

The serial number of the certificate encoded as a string.

Object Oriented Interface

public function getEncryptionCertSerialNumber();

Procedural Interface

securepdf_pdfencrypt_get($res, 15 );

Default Value

''

Remarks

The serial number of the certificate encoded as a string. The number is encoded as a series of hexadecimal digits, with each pair representing a byte of the serial number.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertSignatureAlgorithm Property (SecurePDF_PDFEncrypt Class)

The text description of the certificate's signature algorithm.

Object Oriented Interface

public function getEncryptionCertSignatureAlgorithm();

Procedural Interface

securepdf_pdfencrypt_get($res, 16 );

Default Value

''

Remarks

The text description of the certificate's signature algorithm. The property contains either the name of the algorithm (e.g., "RSA" or "RSA_MD5RSA") or an object identifier (OID) string representing the algorithm.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertStore Property (SecurePDF_PDFEncrypt Class)

The name of the certificate store for the client certificate.

Object Oriented Interface

public function getEncryptionCertStore();
public function setEncryptionCertStore($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 17 );
securepdf_pdfencrypt_set($res, 17, $value );

Default Value

'MY'

Remarks

The name of the certificate store for the client certificate.

The EncryptionCertStoreType property denotes the type of the certificate store specified by EncryptionCertStore. If the store is password-protected, specify the password in EncryptionCertStorePassword.

EncryptionCertStore is used in conjunction with the EncryptionCertSubject property to specify client certificates. If EncryptionCertStore has a value, and EncryptionCertSubject or EncryptionCertEncoded is set, a search for a certificate is initiated. Please see the EncryptionCertSubject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:

When the certificate store type is cstPFXFile, this property must be set to the name of the file. When the type is cstPFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

This property is not available at design time.

Data Type

Binary String

EncryptionCertStorePassword Property (SecurePDF_PDFEncrypt Class)

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Object Oriented Interface

public function getEncryptionCertStorePassword();
public function setEncryptionCertStorePassword($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 18 );
securepdf_pdfencrypt_set($res, 18, $value );

Default Value

''

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

This property is not available at design time.

Data Type

String

EncryptionCertStoreType Property (SecurePDF_PDFEncrypt Class)

The type of certificate store for this certificate.

Object Oriented Interface

public function getEncryptionCertStoreType();
public function setEncryptionCertStoreType($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 19 );
securepdf_pdfencrypt_set($res, 19, $value );

Default Value

0

Remarks

The type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:

This property is not available at design time.

Data Type

Integer

EncryptionCertSubjectAltNames Property (SecurePDF_PDFEncrypt Class)

Comma-separated lists of alternative subject names for the certificate.

Object Oriented Interface

public function getEncryptionCertSubjectAltNames();

Procedural Interface

securepdf_pdfencrypt_get($res, 20 );

Default Value

''

Remarks

Comma-separated lists of alternative subject names for the certificate.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertThumbprintMD5 Property (SecurePDF_PDFEncrypt Class)

The MD5 hash of the certificate.

Object Oriented Interface

public function getEncryptionCertThumbprintMD5();

Procedural Interface

securepdf_pdfencrypt_get($res, 21 );

Default Value

''

Remarks

The MD5 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertThumbprintSHA1 Property (SecurePDF_PDFEncrypt Class)

The SHA-1 hash of the certificate.

Object Oriented Interface

public function getEncryptionCertThumbprintSHA1();

Procedural Interface

securepdf_pdfencrypt_get($res, 22 );

Default Value

''

Remarks

The SHA-1 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertThumbprintSHA256 Property (SecurePDF_PDFEncrypt Class)

The SHA-256 hash of the certificate.

Object Oriented Interface

public function getEncryptionCertThumbprintSHA256();

Procedural Interface

securepdf_pdfencrypt_get($res, 23 );

Default Value

''

Remarks

The SHA-256 hash of the certificate. It is primarily used for X.509 certificates. If the hash does not already exist, it is automatically computed.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertUsage Property (SecurePDF_PDFEncrypt Class)

The text description of UsageFlags .

Object Oriented Interface

public function getEncryptionCertUsage();

Procedural Interface

securepdf_pdfencrypt_get($res, 24 );

Default Value

''

Remarks

The text description of EncryptionCertUsageFlags.

This value will be one or more of the following strings and will be separated by commas:

• Digital Signature
• Non-Repudiation
• Key Encipherment
• Data Encipherment
• Key Agreement
• Certificate Signing
• CRL Signing
• Encipher Only

If the provider is OpenSSL, the value is a comma-separated list of X.509 certificate extension names.

This property is read-only and not available at design time.

Data Type

String

EncryptionCertUsageFlags Property (SecurePDF_PDFEncrypt Class)

The flags that show intended use for the certificate.

Object Oriented Interface

public function getEncryptionCertUsageFlags();

Procedural Interface

securepdf_pdfencrypt_get($res, 25 );

Default Value

0

Remarks

The flags that show intended use for the certificate. The value of EncryptionCertUsageFlags is a combination of the following flags:

Please see the EncryptionCertUsage property for a text representation of EncryptionCertUsageFlags.

This functionality currently is not available when the provider is OpenSSL.

This property is read-only and not available at design time.

Data Type

Integer

EncryptionCertVersion Property (SecurePDF_PDFEncrypt Class)

The certificate's version number.

Object Oriented Interface

public function getEncryptionCertVersion();

Procedural Interface

securepdf_pdfencrypt_get($res, 26 );

Default Value

''

Remarks

The certificate's version number. The possible values are the strings "V1", "V2", and "V3".

This property is read-only and not available at design time.

Data Type

String

EncryptionCertSubject Property (SecurePDF_PDFEncrypt Class)

The subject of the certificate used for client authentication.

Object Oriented Interface

public function getEncryptionCertSubject();
public function setEncryptionCertSubject($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 27 );
securepdf_pdfencrypt_set($res, 27, $value );

Default Value

''

Remarks

The subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:

If a field value contains a comma, it must be quoted.

This property is not available at design time.

Data Type

String

EncryptionCertEncoded Property (SecurePDF_PDFEncrypt Class)

The certificate (PEM/Base64 encoded).

Object Oriented Interface

public function getEncryptionCertEncoded();
public function setEncryptionCertEncoded($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 28 );
securepdf_pdfencrypt_set($res, 28, $value );

Default Value

''

Remarks

The certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The EncryptionCertStore and EncryptionCertSubject properties also may be used to specify a certificate.

When EncryptionCertEncoded is set, a search is initiated in the current EncryptionCertStore for the private key of the certificate. If the key is found, EncryptionCertSubject is updated to reflect the full subject of the selected certificate; otherwise, EncryptionCertSubject is set to an empty string.

This property is not available at design time.

Data Type

Binary String

EncryptMetadata Property (SecurePDF_PDFEncrypt Class)

Whether to encrypt the document metadata.

Object Oriented Interface

public function getEncryptMetadata();
public function setEncryptMetadata($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 29 );
securepdf_pdfencrypt_set($res, 29, $value );

Default Value

true

Remarks

This property indicates whether the document metadata will be encrypted when the Encrypt method is called. Metadata contains additional information about the document, such as its name and author.

Data Type

Boolean

InputData Property (SecurePDF_PDFEncrypt Class)

A byte array containing the PDF document to process.

Object Oriented Interface

public function getInputData();
public function setInputData($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 30 );
securepdf_pdfencrypt_set($res, 30, $value );

Remarks

This property is used to assign a byte array containing the PDF document to be processed.

This property is not available at design time.

Data Type

Byte Array

InputFile Property (SecurePDF_PDFEncrypt Class)

The PDF file to process.

Object Oriented Interface

public function getInputFile();
public function setInputFile($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 31 );
securepdf_pdfencrypt_set($res, 31, $value );

Default Value

''

Remarks

This property is used to provide a path to the PDF document to be processed.

Data Type

String

OutputData Property (SecurePDF_PDFEncrypt Class)

A byte array containing the PDF document after processing.

Object Oriented Interface

public function getOutputData();

Procedural Interface

securepdf_pdfencrypt_get($res, 32 );

Remarks

This property is used to read the byte array containing the produced output after the operation has completed. It will only be set if an output file and output stream have not been assigned via OutputFile and SetOutputStream respectively.

This property is read-only and not available at design time.

Data Type

Byte Array

OutputFile Property (SecurePDF_PDFEncrypt Class)

The path to a local file where the output will be written.

Object Oriented Interface

public function getOutputFile();
public function setOutputFile($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 33 );
securepdf_pdfencrypt_set($res, 33, $value );

Default Value

''

Remarks

This property is used to provide a path where the resulting PDF document will be saved after the operation has completed.

Data Type

String

Overwrite Property (SecurePDF_PDFEncrypt Class)

Whether or not the class should overwrite files.

Object Oriented Interface

public function getOverwrite();
public function setOverwrite($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 34 );
securepdf_pdfencrypt_set($res, 34, $value );

Default Value

false

Remarks

This property indicates whether or not the class will overwrite OutputFile, OutputData, or the stream set in SetOutputStream. If set to false, an error will be thrown whenever OutputFile, OutputData, or the stream set in SetOutputStream exists before an operation.

Data Type

Boolean

Password Property (SecurePDF_PDFEncrypt Class)

The password to encrypt the document with.

Object Oriented Interface

public function getPassword();
public function setPassword($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 35 );
securepdf_pdfencrypt_set($res, 35, $value );

Default Value

''

Remarks

This property is used to provide the user password for encryption. Though it may be different from OwnerPassword, most implementations use the same value for both.

Data Type

String

Permissions Property (SecurePDF_PDFEncrypt Class)

The document permissions associated with the encryption.

Object Oriented Interface

public function getPermissions();
public function setPermissions($value);

Procedural Interface

securepdf_pdfencrypt_get($res, 36 );
securepdf_pdfencrypt_set($res, 36, $value );

Default Value

0

Remarks

This property is used to specify the permissions protected by this encryption. The PDF specification expects applications to comply with these permissions when handling encrypted documents, but note that it is a policy-like requirement rather than an enforcement.

Its value should be provided as a bitmask of the following flags:

This property is not available at design time.

Data Type

Integer

Close Method (SecurePDF_PDFEncrypt Class)

Closes an opened PDF document.

Object Oriented Interface

public function doClose();

Procedural Interface

securepdf_pdfencrypt_do_close($res);

Remarks

This method is used to close the previously opened document specified in InputFile, InputData, or SetInputStream. It should always be preceded by a call to the Open method.

Example: component.InputFile = "input.pdf"; component.Open(); // Some operation component.Close();

If any changes are made to the document, they will be saved automatically to OutputFile, OutputData, or the stream set in SetOutputStream when this method is called. To configure this saving behavior, set the SaveChanges configuration setting.

Config Method (SecurePDF_PDFEncrypt Class)

Sets or retrieves a configuration setting.

Object Oriented Interface

public function doConfig($configurationstring);

Procedural Interface

securepdf_pdfencrypt_do_config($res, $configurationstring);

Remarks

Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

Encrypt Method (SecurePDF_PDFEncrypt Class)

Encrypts a PDF document.

Object Oriented Interface

public function doEncrypt();

Procedural Interface

securepdf_pdfencrypt_do_encrypt($res);

Remarks

This method is used to encrypt the PDF document specified in InputFile, InputData, or SetInputStream. The document will be encrypted using EncryptionAlgorithm and either Password (for password-based encryption) or EncryptionCert (for certificate-based encryption), then saved in OutputFile, OutputData, or the stream set in SetOutputStream.

Example: pdfencrypt.InputFile = "input.pdf"; pdfencrypt.OutputFile = "encrypted.pdf"; pdfencrypt.Password = "password"; pdfencrypt.EncryptionAlgorithm = "AES256"; pdfencrypt.Encrypt(); Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Encrypted Method (SecurePDF_PDFEncrypt Class)

Checks whether a PDF document is encrypted.

Object Oriented Interface

public function doEncrypted();

Procedural Interface

securepdf_pdfencrypt_do_encrypted($res);

Remarks

This method is used to determine whether or not the document specified in InputFile, InputData, or SetInputStream is encrypted. It will return false if the document is pseudo-encrypted with an empty password.

Example: pdfencrypt.InputFile = "input.pdf"; if (!pdfencrypt.Encrypted()) { pdfencrypt.OutputFile = "encrypted.pdf"; // Set Password or EncryptionCert pdfencrypt.Encrypt(); } Note: If the document is not already opened, this method will open it, perform the operation, then close it.

Open Method (SecurePDF_PDFEncrypt Class)

Opens a PDF document for processing.

Object Oriented Interface

public function doOpen();

Procedural Interface

securepdf_pdfencrypt_do_open($res);

Remarks

This method is used to open the document specified in InputFile, InputData, or SetInputStream before performing some operation on it, such as encryption. When finished, call Close to complete or discard the operation.

It is recommended to use this method (alongside Close) when performing multiple operations on the document at once.

Automatic Decryption Functionality

If this method is called on an encrypted document, the Password or RecipientInfo event will fire (depending on the encryption type) as a notification that the document must be decrypted before processing can continue.

Once the correct decryption material is supplied, the class will then attempt to decrypt the document automatically within this method. When this occurs, the decrypted content is kept in memory so that the document's encrypted status is preserved when it is saved later. Use the Decrypt method to save a decrypted copy of the document instead.

Reset Method (SecurePDF_PDFEncrypt Class)

Resets the class.

Object Oriented Interface

public function doReset();

Procedural Interface

securepdf_pdfencrypt_do_reset($res);

Remarks

This method is used to reset the class's properties and configuration settings to their default values.

Error Event (SecurePDF_PDFEncrypt Class)

Fired when information is available about errors during data delivery.

Object Oriented Interface

public function fireError($param);

Procedural Interface

securepdf_pdfencrypt_register_callback($res, 1, array($this, 'fireError'));

Parameter List

 'errorcode'
 'description'

Remarks

The Error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

Log Event (SecurePDF_PDFEncrypt Class)

Fired once for each log message.

Object Oriented Interface

public function fireLog($param);

Procedural Interface

securepdf_pdfencrypt_register_callback($res, 2, array($this, 'fireLog'));

Parameter List

 'loglevel'
 'message'
 'logtype'

Remarks

This event is fired once for each log message generated by the class. The verbosity is controlled by the LogLevel configuration setting.

The LogLevel parameter indicates the detail level of the message. Possible values are:

The Message parameter is the log message.

The LogType parameter identifies the type of log entry. Possible values are:

• CertValidator
• Font
• HTTP
• PDFInvalidSignature
• PDFRevocationInfo
• Timestamp
• TSL

Password Event (SecurePDF_PDFEncrypt Class)

Fired when the class detects that the PDF document is encrypted with a password.

Object Oriented Interface

public function firePassword($param);

Procedural Interface

securepdf_pdfencrypt_register_callback($res, 3, array($this, 'firePassword'));

Parameter List

 'available'
 'cancel'

Remarks

This event is fired during document processing to report that the document is encrypted with a password. It may be used to supply the correct decryption password to the Password property.

The Available parameter indicates whether the decryption password is already available to the class or still needs to be set. If this parameter is set to false, the correct password must be provided for the decryption attempt to succeed.

The Cancel parameter determines whether the class will stop firing this event to request a password.

RecipientInfo Event (SecurePDF_PDFEncrypt Class)

Fired for each recipient certificate of the encrypted PDF document.

Object Oriented Interface

public function fireRecipientInfo($param);

Procedural Interface

securepdf_pdfencrypt_register_callback($res, 4, array($this, 'fireRecipientInfo'));

Parameter List

 'issuer'
 'serialnumber'
 'subjectkeyidentifier'
 'available'
 'cancel'

Remarks

This event is fired during document processing for each recipient certificate that the document has been encrypted for (if applicable). It may be used to identify the certificate(s) to load and supply to the DecryptionCert property.

The Issuer parameter specifies the subject of the issuer certificate.

The SerialNumber parameter specifies the serial number of the encryption certificate.

The SubjectKeyIdentifier parameter specifies the X.509 subjectKeyIdentifier extension value of the encryption certificate, encoded as a hex string.

The Available parameter indicates whether the decryption certificate is already available to the class or still needs to be set. If this parameter is set to false, the correct certificate must be provided for the decryption attempt to succeed.

The Cancel parameter determines whether the class will stop firing this event to request a certificate.

Note: The document may be encrypted with more than one certificate (or have "more than one recipient"), in which case each certificate will cause its own invocation of this event.

Config Settings (PDFEncrypt Class)

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.

PDFEncrypt Config Settings

Base Config Settings

Trappable Errors (PDFEncrypt Class)

PDFEncrypt Errors

PDF Errors

Parsing Errors