I am using PDFSharp with a C# MVC3 application to generate a PDF for completing a survey. Everything was working fine until we recently migrated to a Windows Server 2008 environment with the setting "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" enabled.
Has anyone found a way to continue setting security settings on the PDF while in this type of environment? Here is the security setting block of code that if I remove everything will work:
PdfSecuritySettings securitySettings = pdfDocument.SecuritySettings;
securitySettings.OwnerPassword = "owner";
// Restrict some rights.
securitySettings.PermitAccessibilityExtractContent = false;
securitySettings.PermitAnnotations = false;
securitySettings.PermitAssembleDocument = false;
securitySettings.PermitExtractContent = false;
securitySettings.PermitFormsFill = false;
securitySettings.PermitModifyDocument = false;
securitySettings.PermitPrint = true;
securitySettings.PermitFullQualityPrint = true;
Any thoughts? I was thinking of pulling down the PDFSharp source and seeing if I could use a different algorithm because I believe the issue is with the MD5CryptoServiceProvider.
Take a look at my pull request here:
https://github.com/empira/PDFsharp/pull/115
Simply replacing the MD5CryptoServiceProvider with a SHA1CryptoServiceProvider fixed the issue entirely for me. I compiled dlls with those changes and they work like a charm on machines with "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" set to "Enabled".
If they do not merge my PR you could also build it from source from my fork. https://github.com/jaredglaser/PDFsharp/tree/FIPSCompliant