I am using PDFSharp with a C# MVC3 application to generate a PDF for completing a survey. Everything was working fine until we recently migrated to a Windows Server 2008 environment with the setting "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" enabled.

Has anyone found a way to continue setting security settings on the PDF while in this type of environment? Here is the security setting block of code that if I remove everything will work:

PdfSecuritySettings securitySettings = pdfDocument.SecuritySettings;
securitySettings.OwnerPassword = "owner";

// Restrict some rights.
securitySettings.PermitAccessibilityExtractContent = false;
securitySettings.PermitAnnotations = false;
securitySettings.PermitAssembleDocument = false;
securitySettings.PermitExtractContent = false;
securitySettings.PermitFormsFill = false;
securitySettings.PermitModifyDocument = false;
securitySettings.PermitPrint = true;
securitySettings.PermitFullQualityPrint = true;

Any thoughts? I was thinking of pulling down the PDFSharp source and seeing if I could use a different algorithm because I believe the issue is with the MD5CryptoServiceProvider.

1

There are 1 answers

0
Jared Glaser On BEST ANSWER

Take a look at my pull request here:

https://github.com/empira/PDFsharp/pull/115

Simply replacing the MD5CryptoServiceProvider with a SHA1CryptoServiceProvider fixed the issue entirely for me. I compiled dlls with those changes and they work like a charm on machines with "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" set to "Enabled".

If they do not merge my PR you could also build it from source from my fork. https://github.com/jaredglaser/PDFsharp/tree/FIPSCompliant