How do adobe reader get the content without knowing the password

478 views Asked by At

Recently, I'v got a PDF file from my friend, I opened it up with my Adobe Reader X, and I see a SECURED note on the title bar. I find the properties of this file, it says that the security method of this file is "Password Security" and the PDF version is 1.7 level 8. I can't edit it without knowing the password to this file.

Since the reader X opened the file without asking me a password, the content should not be encrypted, the reader X is just following a protocol which tell it not allow people to edit the file. So if someone write a program that did not follow the protocol, the password will be useless. Then I was confused about this problem, is it possible to write that program? If not, I must be wrong and the content of the pdf must be encrypted.

But another problem is: How do Adobe Reader get the content without knowing the password?

Thanks a lot.

PS: I found some PDF password remove program, and try them on this PDF file, none of them works, and that is why I put the version of the file format in the question. Plus, I can open this file with only Adobe Reader X and later. So I think Adobe has change the encrypt algorithm.

1

There are 1 answers

1
Jan Schejbal On BEST ANSWER

As you correctly pointed out, the document is not effectively encrypted - it's kind of a DRM, i.e. it is obfuscated/encrypted with a known key and they hope that every software able to read it will apply the restrictions. (Likely applying an army of lawyers to software that doesn't.)

That said, the iTextPDF library (download here) has a public static boolean called unethicalreadingwith the documentation stating "The iText developers are not responsible if you decide to change the value of this static parameter."

I'm not sure if iTextPDF supports PDF 1.7 (that's the reason your password removal programs don't work - they only support older formats), but if it does, the following software will parse an unprotected PDF file or one for which you provide a password, and write a new one. I am not responsible if you decide to change a certain assignment of a certain parameter in the first line of the main() method...

import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;

import com.itextpdf.text.DocumentException;
import com.itextpdf.text.pdf.PdfReader;
import com.itextpdf.text.pdf.PdfStamper;


public class PDFOpener {

    /**
     * @param args
     * @throws IOException 
     * @throws DocumentException 
     */
    public static void main(String[] args) throws IOException, DocumentException {
        PdfReader.unethicalreading = false;

        if (args.length == 0 || args.length > 3 || !args[0].endsWith(".pdf"))  {
            usage();
        }

        String infile = args[0];
        String outfile = args.length >= 2 ?
                args[1] : infile.substring(0, infile.length()-4) + ".open.pdf";

        System.err.println("Reading: " +infile);
        System.err.println("Writing: " +outfile);
        PdfReader reader = null;
        if (args.length == 3) {
            reader = new PdfReader(args[0], args[2].getBytes(Charset.forName("UTF-8")));
        } else {
            reader = new PdfReader(args[0]);
        }

        PdfStamper stamper = new PdfStamper(reader, new FileOutputStream(outfile));
        stamper.close();
    }

    private static void usage() {
        System.err.println("Usage: pdfopener infile.pdf [outfile.pdf] [password]");
        System.exit(1);
    }

}

You will need to download both iText and the "extra jars" and put them somewhere on your classpath.