Adobe Acrobat SDK
Syntax (Chapter 3 in PDF Reference)
Adobe® Supplement to the ISO 32000
3.5.1 General Encryption Algorithm 15
3.5.1 General Encryption Algorithm
On page 119, modify the paragraph that begins with “PDF’s standard encryption methods also make use…” as
well as the paragraph that follows as shown below. Unchanged content is shown in gray. One sentence is struck
out and replaced by another to include Encrypt version 5, introduced in extension level 3.
For Encrypt versions 1-4,
PDF’s standard encryption methods also make use of the MD5 message-digest
algorithm for key generation purposes (described in Internet RFC 1321, The MD5 Message-Digest
Algorithm; see the Bibliography).
Encrypt version 5 does not use MD5.
The encryption of data in a PDF file is based on the use of an encryption key computed by the security
handler. Different security handlers compute the encryption key using their own mechanisms.
Regardless
of how the key is computed, its use in the encryption of data is always the same (see Algorithm 3.1).
Because the RC4 algorithm and AES algorithms are symmetric, this same sequence of steps can be used
both to encrypt and to decrypt data. Encryption of data uses one of two algorithms. For Encrypt versions
1-4 (through PDF version 1.7), algorithm 3.1 is used. For Encrypt version 5 (extension level 3),
algorithm 3.1a is used. The difference is that algorithm 3.1a uses the starting key directly and does not
modify the key at all. Algorithm 3.1a is used only with the AES algorithm and 256-bit keys.
Following Algorithm 3.1, insert Algorithm 3.1a, to be used when the value of the
V
key is
5
.
StrF
name
(
Optional; meaningful only when the value of
V
is
4
,
or
5
for
ExtensionLevel 3
) The name of the crypt filter that is used when
decrypting all strings in the document. The name must be a key in the
CF dictionary or a standard crypt filter name specified in Table 3.23.
Default value: Identity.
EFF
name
(
Optional; meaningful only when the value of
V
is
4
,
or 5 for
ExtensionLevel 3
)
The name of the crypt filter that should be used by
default when encrypting embedded file streams; it must correspond to
a key in the
CF
dictionary or a standard crypt filter name specified in
Table 3.23.
This entry is provided by the security handler. (See implementation note
24 in Appendix H.) Applications should respect this value when
encrypting embedded files, except for embedded file streams that have
their own crypt filter specifier. If this entry is not present, and the
embedded file stream does not contain a crypt filter specifier, the
stream should be encrypted using the default stream crypt filter
specified by
StmF
TABLE 3.18 Entries common to all encryption dictionaries
KEY
TYPE
DESCRIPTION