Click or drag to resize
Pdf Library for .NET

Advanced Security Settings

SelectPdf can be used to set advanced security settings on existing pdf files, manage different permissions and digitally sign the documents.

This can be done using PdfSecurityManager object. Using it, the following settings can be customized:

  • Owner Password

  • User Password

  • Encryption Algorithm (RC4 or AES)

  • Encryption Key Length (40, 128 or 256 bits)

  • Assemble Document permission

  • Copy Content permission

  • Edit Annotations permission

  • Edit Content permission

  • Fill Form Fields permission

  • Print permission (including Full Quality Print)

Digital signatures can be added to an existing PDF document using the PdfSecurityManager object. Adding a digital signature requires a PKCS#12 certificate (provided as a .pfx file).

Code Sample
Copy
// load the pdf document using the advanced security manager
PdfSecurityManager security = new PdfSecurityManager();
security.Load(file);

// encryption algorithm and key length
security.EncryptionAlgorithm = PdfEncryptionAlgorithm.AES;
security.EncryptionKeySize = PdfEncryptionKeySize.EncryptKey256Bit;

// set document passwords
security.OwnerPassword = "test1";
security.UserPassword = "test2";

//set document permissions
security.CanAssembleDocument = false;
security.CanCopyContent = true;
security.CanEditAnnotations = true;
security.CanEditContent = true;
security.CanFillFields = true;
security.CanPrint = true;

// add the digital signature
security.Sign(certFile, "password");

// save pdf document
security.Save("Sample.pdf");

// close pdf document
security.Close();
Digital Signature Overloads

PdfSecurityManager exposes five Sign(...) overloads. Each overload adds more signature metadata or a visible signature rectangle on top of the minimal one shown above:

  • Sign(certificateFileName, certificatePassword) - minimal invisible signature.

  • Sign(..., signatureName) - adds a named signature.

  • Sign(..., signatureName, reason, location, contactInfo) - adds signer metadata (reason for signing, location, and contact info).

  • Sign(..., signatureName, reason, location, contactInfo, pageIndex, bounds) - renders a visible signature box on the specified page (zero-based pageIndex), inside the supplied RectangleFbounds.

  • Sign(..., signatureName, reason, location, contactInfo, pageIndex, bounds, timeStampAuthority) - adds a trusted timestamp from the supplied TimeStampAuthority server.

The following sample signs a PDF with full metadata, a visible signature box on the first page, and a TSA-issued timestamp:

Copy
PdfSecurityManager security = new PdfSecurityManager();
security.Load("contract.pdf");

TimeStampAuthority tsa = new TimeStampAuthority(new Uri("https://tsa.example.com"));
security.Sign(
    "cert.pfx", "pfxpwd",
    "Counter-signed by Example Corp",
    "Contract approval",
    "Amsterdam, NL",
    "legal@example.com",
    0,
    new System.Drawing.RectangleF(400, 40, 150, 50),
    tsa);

security.Save("contract-signed.pdf");
security.Close();
See Also