THotPDF.CryptKeyLength Property

 

THotPDF.CryptKeyLength

THotPDF

 

Вверх  Назад  Далее

Determines PDF file encryption method.

 

type

THPDFKeyType = ( k40,  k128,  aes128,  aes256 );

 

Delphi syntax:

property CryptKeyLength: THPDFKeyType;

 

C++ syntax:

__property THPDFKeyType CryptKeyLength;

 

Описание

Используйте CryptKeyLength, чтобы выбрать standard security handler revision и cipher при включенном ActivateProtection

 

Value                Meaning


k40                        Standard security handler V=1, R=2, RC4 with a 40-bit key (PDF 1.1+).

k128                        Standard security handler V=2, R=3, RC4 with a 128-bit key (PDF 1.4+).

aes128                  Standard security handler V=4, R=4 with crypt filter StdCF (CFM=AESV2). AES-128 in CBC mode with PKCS#7 padding and a 16-byte random initialization vector per ISO 32000-1 7.6.2 / 7.4.4.2 (PDF 1.6+). Since HotPDF v2.4.0 this option encrypts strings and streams with a real AES implementation; earlier builds emitted the AES dictionary but did not actually encrypt content.

aes256                  Standard security handler V=5 with crypt filter StdCF (CFM=AESV3). AES-256 in CBC mode with PKCS#7 padding and a 16-byte random initialization vector per Adobe Extension Level 3 / ISO 32000-2 7.6.4 (PDF 1.7+, accepted by Acrobat 9 and later, Foxit, Chrome and the Apple/macOS viewers). Available since HotPDF v2.17.0. The default revision is R=5 with SHA-256 password hashing. Set UseAES256R6 to true to switch to R=6 with the ISO 32000-2 algorithm 2.B "hash dance" (SHA-256 / SHA-384 / SHA-512 + AES-128 mixer); R=6 is required by Acrobat DC and PDF/A-4 validators. Available since HotPDF v2.22.0.

 

Public-Key Security Handler (PDF 1.7 7.6.5): THotPDF.EnablePubKeyEncryption(seed, KeyType, EncryptMetadata) + THotPDF.AddPubKeyRecipient(envelope) выводят encrypt dictionary /Filter /Adobe.PubSec. Caller предоставляет 20-byte random seed и один PKCS#7 envelopedData binary blob на каждого recipient, построенный внешне через Windows CryptoAPI, OpenSSL или pycryptodome. HotPDF выводит file encryption key по algorithm 9 и повторно использует стандартную per-object key derivation для AES-128 / RC4 streams. Доступно начиная с HotPDF v2.33.0

Для certificate-based encryption с одним документом и несколькими recipients вызовите EnablePubKeyEncryption(seed, KeyType, EncryptMetadata) вместо установки UserPassword / OwnerPassword. Те же значения CryptKeyLength применяются к symmetric cipher; caller должен построить один PKCS#7 envelopedData blob на каждого recipient и добавить его через AddPubKeyRecipient

 

Code Example

HPDF.OwnerPassword := 'password';          // Set owner password (required to change security settings)
HPDF.UserPassword := 'user';               // Set user password (required to open the document)
HPDF.ProtectOptions := [poEdit, poAnnot];  // Disallow editing and annotations
HPDF.ActivateProtection := true;           // Enable PDF security

 

См. также: ActivateProtection, OwnerPassword, ProtectOptions, UserPassword