-
Notifications
You must be signed in to change notification settings - Fork 246
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New feature: produce encrypted PDFs with fpdf2 #194
Comments
I want to work on this feature. Is it up for grabs? |
Yes, go for it! And feel free to ask all the questions you need 😉 |
Thanks @Lucas-C . On it ! |
I would like to work on the issue |
Hi @Brianrmendes I am already half-way into the task. We can team up to work on 2 different issues but with collaboration. What say? |
Is there any way I could reach you |
DM on discord @rjs#2013 |
Check DM |
I would like to work on this issue, is it still open? |
Please check #204 |
anyone can submit a pr and the best one will be merged |
that said, i see that the issue is assigned to @rjsu26, so you might want to check with them first; but we will review all PR's that are created. thanks, everyone, for the interest in contributing! |
Note for people interested in implementing this feature: |
Thanks for the guidelines @alexp1917 and @Lucas-C. After reading the review comments and the specification file, I still have a doubt that why can't we directly AES encrypt the whole pdf directly instead of leaving some of the fields in trailers or the Encrypt dictionary of the PDF file. The command line --decrypt "password" would still work. Due to this method, a pdf reader won't prompt for password as it won't be able to parse the input (the AES encrypted pdf) but as mentioned in the reviews, the server would anyways use the command line to decrypt the doc. I have a feeling that I am missing something trivial here and I would be grateful to get a clarification from you guys. |
Left some comments for #204. Let me know if they are relevant as I initially wanted to implement this feature. Although I have read docs on encryption and have acquainted myself with similar implementations, I do not have enough free time to implement this. |
also do not have enough time :) |
Hi @Lucas-C
As per discussion in this thread and PR, we need to avoid some fields like the trailer while encrypting. I can understand why, because it is used by readers like adobe and all. some must-do things
according to this, we need to add a new entry From the below para of the pdf specification, I assume I need to add only a filter inside the encrypt dictionary as other fields are optional what are the other things I must read from pdf spec to implement this? |
Thanks for writing this detailed comment. |
First, there is a general methodology I used frequently while adding features to
Now answering your questions:
Yes, I think you are on the right track!
Agreed. For reference, the content of this trailer dictionary is currently generated by FPDF._puttrailer().
Maybe... Regarding this, I'd really recommend checking the structure of encrypted PDFs generated by other sowftares. Comparing how 2 or 3 softwares generate encrypted PDFs would be ideal. If you check other code libraries, like PikePDF, you may simply look at their source code or reference PDF test files.
Having a basic understanding of PDF syntax will help you : object dictionaries ( Reading the PDF spec is not always very engaging. Depending on how you best learn things, you may want instead to check "pretty formatted" (using Note that there is a useful example of PDF syntax at the end of section 7.6, "Encryption", of the 1.7 PDF spec (just before the start of section 7.7), demonstrating a basic us of encryption in a PDF file. Good luck working on this! 💪 |
As it has been a few months now without any update, I guess this issue is up-for-grabs 😊 Anybody is welcome to give it a try! |
I'll give it a try |
My changes are progressing well. If you want to take a look how it's going it's all on my fork. This is an example : from fpdf import FPDF
from fpdf.encryption import EncryptionMethod
pdf = FPDF()
pdf.add_page()
pdf.title = 'test'
pdf.set_font('helvetica', size=12)
pdf.cell(txt="hello world")
#em = EncryptionMethod.AES_128
em = None
pdf.set_encryption(owner_password="123",
user_password=None,
encryption_method=em,
allow_print_lowres=False,
allow_modify=False,
allow_copy=False,
allow_annotation=False,
allow_fill_forms=False,
allow_copy_accessibility=False,
allow_assemble=False,
allow_print_highres=False)
pdf.output("hello_world.pdf")
print('complete') |
Wow, I checked your fork, you have already done some solid work! Congrats! Don't worry about linearization, it is not supported yet by Regarding the method API you suggested, it seems nice. pdf.set_encryption(owner_password="123", permissions=PrintLowres | Modify | FillForms) |
This has been implemented by @andersonhc in #609 - thank you! Documentation: https://pyfpdf.github.io/fpdf2/Encryption.html This will be released in version Closing this issue now |
A pdf file with a password set with EncryptionMethod.NO_ENCRYPTION option was opened without a password in google chrome on mac os. But a native pdf app asks password. Files with a password set in an app other than fpdf2 ask for a password in both cases. |
Did you try with another encryption method? Either rc4 or aes should require a password even on chrome |
Yes, those are working fine. But, those have another issue. When using none ascii font, characters are broken. password: 1113 |
Does it work if you don't encrypt the file? Can you provide a minimum reproducible example? |
I was able to reproduce the problem. The font content stream is not being encrypted and causing the problem. |
Hi! I want to report a problem when enabling encryption (RC4 and AES128 methods). After encryption, hyperlinks on objects are corrupted and turn into a link to the file itself. The link "http://google.com" turns into something like "file:///G|....path..../1.pdf" |
For information, this was fixed by @andersonhc in #655
Thank you for the report @SfinxV. I was able to reproduce this bug and opened this dedicated issue: #672 Everyone is welcome to have a look to fix this. |
@allcontributors please add @SfinxV for bug |
I've put up a pull request to add @SfinxV! 🎉 |
The scope of this feature is to add support to fpdf2 to produce encrypted PDFs.
More information about this PDF functionality & code samples can be found:
qpdf --decrypt --password=XXX
could be used to ensure that generated PDFs can be properly decryptedBy implementing this feature you, as a benevolent FLOSS developper, will provide access to the large community of fpdf2 users to a standard and useful PDF functionality.
You will also be added into the contributors list & map.
Moreover, by working on this feature, you will learn about PDFs encryption and the lifecycle & structure of a popular Python library.
In terms of API / library interface, this feature could be provided to fpdf2 users by introducing a new optional
password
parameter to theFPDF.output()
method.This is just a starting point though, and as a contributor you will be entirely free to design and craft this feature as you want.
This issue can count has part of hacktoberfest
The text was updated successfully, but these errors were encountered: