AES-GCM Encryption Support
Over the years, encryption in PDF has been strengthened again and again. With the release of iText 9.0, we’ve now added support for AES-GCM encryption which was specified in ISO-32003 as an extension for PDF 2.0.
The Galois/Counter Mode (GCM) is a block cipher mode of operation standardized for use with the Advanced Encryption Standard (AES). AES-GCM is a big improvement over the previous AES-CBC (Cipher-Block Chaining) methods introduced with PDF 1.6. Not only is it more secure, it also allows for higher-speed encryption and decryption.
First, here is an overview of the individual PDF versions and their corresponding encryption.
PDF and Acrobat version | encryption algorithm and key length | max. password length and password encoding | iText Encryption Constants |
PDF 1.1 - 1.3 (Acrobat 2-4) | RC4 40-bit (weak, should not be used) | 32 characters (Latin-1) | STANDARD_ENCRYPTION_40 |
PDF 1.4 (Acrobat 5) | RC4 128-bit (weak, should not be used) | 32 characters (Latin-1) | STANDARD_ENCRYPTION_128 |
PDF 1.5 (Acrobat 6) | same as PDF 1.4, but different application of encryption method (weak, should not be used) | 32 characters (Latin-1) | STANDARD_ENCRYPTION_128 |
PDF 1.6 (Acrobat 7) and PDF 1.7 = ISO 32000-1 (Acrobat 8) | AES-128 | 32 characters (Latin-1) | ENCRYPTION_AES_128 |
PDF 1.7 Adobe Extension Level 3 (Acrobat 9) | AES-256 with shortcomings in password handling (weak; deprecated in PDF 2.0) | 127 UTF-8 bytes (Unicode) | ENCRYPTION_AES_256 |
PDF 1.7 Adobe Extension Level 8 (Acrobat X/XI/DC) and PDF 2.0 = ISO 32000-2 | AES-256 with improved password handling | 127 UTF-8 bytes (Unicode) | ENCRYPTION_AES_256 |
ISO 32003 extension for PDF 2.0 | AES-256 in Galois Counter Mode (GCM) | 127 UTF-8 bytes (Unicode) | ENCRYPTION_AES_GCM |
Please note that many PDF consumers, such as Acrobat, do not currently support GCM encryption at the time of writing. ISO/TS 32003 is a very recent specification, and so is not yet widely-supported.
Here is a simple code snippet, which shows how you can setup the WriterProperties
(Java/.NET) to create a PDF file with the new encryption.
import java.security.Security;
import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
import com.itextpdf.kernel.pdf.EncryptionConstants;
import com.itextpdf.kernel.pdf.PdfDocument;
import com.itextpdf.kernel.pdf.PdfVersion;
import com.itextpdf.kernel.pdf.PdfWriter;
import com.itextpdf.kernel.pdf.WriterProperties;
...
Security.addProvider(BouncyCastleFactoryCreator.getFactory().getProvider());
WriterProperties writerProperties = new WriterProperties().setPdfVersion(PdfVersion.PDF_2_0).setStandardEncryption(
userpassword,
masterpassword,
0,
EncryptionConstants.ENCRYPTION_AES_GCM);
PdfWriter writer = new PdfWriter(filename , writerProperties);
using iText.Kernel.Pdf;
using System.Text;
...
WriterProperties writerProperties =
new WriterProperties().SetPdfVersion(PdfVersion.PDF_2_0).SetStandardEncryption(
userpassword,
masterpassword,
0,
EncryptionConstants.ENCRYPTION_AES_GCM);
PdfWriter writer = new PdfWriter(filename, writerProperties);