Certificate-based encryption can be removed from a PDF
document so that users can open the PDF document in Adobe Reader
or Acrobat. To remove encryption from a PDF document that is encrypted
with a certificate, a public key must be referenced. After encryption
is removed from a PDF document, it is no longer secure.
Summary of steps
To remove certificate-based encryption from a PDF document, perform
the following steps:
-
Include project files.
-
Create an encryption service client.
-
Get the encrypted PDF document.
-
Remove encryption.
-
Save the PDF document as a PDF file.
Include project files
Include necessary files into your development
project. If you are creating a client application using Java, include
the necessary JAR files. If you are using web services, ensure that
you include the proxy files.
The following JAR files must
be added to your project’s class path:
-
adobe-livecycle-client.jar
-
adobe-usermanager-client.jar
-
adobe-encryption-client.jar
-
adobe-utilities.jar (required if LiveCycle is deployed
on JBoss Application Server)
-
jbossall-client.jar (required if LiveCycle is deployed
on JBoss Application Server)
Create an encryption service client
To programmatically perform
an Encryption service operation, you must create an Encryption service
client. If you are using the Java Encryption Service API, create
an
EncrytionServiceClient
object. If you are using
the web service Encryption Service API, create an
EncryptionServiceService
object.
Get the encrypted PDF document
You must obtain an encrypted
PDF document to remove certificate-based encryption. If you attempt
to remove encryption from a PDF document that is not encrypted,
an exception is thrown. Likewise, if you attempt to remove certificate-based
encryption from a password-encrypted document, an exception is thrown.
Remove encryption
To remove certificate-based encryption from
an encrypted PDF document, you require both an encrypted PDF document
and the private key that corresponds to the key that was used to
encrypt the PDF document. The alias value of the private key is
specified when removing certificate-based encryption from an encrypted
PDF document. For information about the public key, see
Encrypting PDF Documents with Certificates
.
Note:
A
private key is stored in the LiveCycle Trust Store. When a certificate
is placed there, an alias value is specified.
Save the PDF document
After certificate-based encryption is
removed from an encrypted PDF document, you can save the PDF document
as a PDF file. Users can open the PDF document in Adobe Reader or
Acrobat.
Remove certificate-based encryption using the Java API
Remove certificate-based encryption from a PDF document
by using the Encryption API (Java):
-
Include project files.
Include client JAR files,
such as adobe-encryption-client.jar, in your Java project’s class
path.
-
Create an encryption service client.
-
Get the encrypted PDF document.
-
Create a
java.io.FileInputStream
object
that represents the encrypted PDF document by using its constructor
and passing a string value that specifies the location of the encrypted
PDF document.
-
Create a
com.adobe.idp.Document
object by
using its constructor and passing the
java.io.FileInputStream
object.
-
Remove encryption.
Remove certificate-based encryption
from the PDF document by invoking the
EncryptionServiceClient
object’s
removePDFCertificateSecurity
method
and passing the following values:
-
The
com.adobe.idp.Document
object
that contains the encrypted PDF document.
-
A string value that specifies the alias name of the private
key that corresponds to the key used to encrypt the PDf document.
The
removePDFCertificateSecurity
method
returns a
com.adobe.idp.Document
object that contains
an unsecured PDF document.
-
Save the PDF document.
-
Create a
java.io.File
object
and ensure that the file extension is .pdf.
-
Invoke the
com.adobe.idp.Document
object’s
copyToFile
method
to copy the contents of the
Document
object to
the file. Ensure that you use the
com.adobe.idp.Document
object
that was returned by the
removePDFCredentialSecurity
method.
Remove certificate-based encryption using the web service API
Remove certificate-based encryption by using the Encryption
API (web service):
-
Include project files.
Create a Microsoft .NET
project that uses MTOM. Ensure that you use the following WSDL definition:
http://localhost:8080/soap/services/EncryptionService?WSDL&lc_version=9.0.1
.
Note:
Replace
localhost
with the IP
address of the server hosting LiveCycle.
-
Create an encryption service client.
-
Create
an
EncryptionServiceClient
object by using its default
constructor.
-
Create an
EncryptionServiceClient.Endpoint.Address
object
by using the
System.ServiceModel.EndpointAddress
constructor.
Pass a string value that specifies the WSDL to the LiveCycle service (for example,
http://localhost:8080/soap/services/EncryptionService?WSDL
.)
You do not need to use the
lc_version
attribute.
This attribute is used when you create a service reference.)
-
Create a
System.ServiceModel.BasicHttpBinding
object
by getting the value of the
EncryptionServiceClient.Endpoint.Binding
field.
Cast the return value to
BasicHttpBinding
.
-
Set the
System.ServiceModel.BasicHttpBinding
object’s
MessageEncoding
field
to
WSMessageEncoding.Mtom
. This value ensures that
MTOM is used.
-
Enable basic HTTP authentication by performing the following tasks:
-
Assign the AEM forms user name to the field
EncryptionServiceClient.ClientCredentials.UserName.UserName
.
-
Assign the corresponding password value to the field
EncryptionServiceClient.ClientCredentials.UserName.Password
.
-
Assign the constant value
HttpClientCredentialType.Basic
to
the field
BasicHttpBindingSecurity.Transport.ClientCredentialType
.
-
Assign the constant value
BasicHttpSecurityMode.TransportCredentialOnly
to
the field
BasicHttpBindingSecurity.Security.Mode
.
-
Get the encrypted PDF document.
-
Create a
BLOB
object
by using its constructor. The
BLOB
object is used
to store the encrypted PDF document.
-
Create a
System.IO.FileStream
object by
invoking its constructor and passing a string value that represents the
file location of the encrypted PDF document and the mode in which
to open the file.
-
Create a byte array that stores the content of the
System.IO.FileStream
object.
You can determine the size of the byte array by getting the
System.IO.FileStream
object’s
Length
property.
-
Populate the byte array with stream data by invoking the
System.IO.FileStream
object’s
Read
method
and passing the byte array, the starting position, and the stream
length to read.
-
Populate the
BLOB
object by assigning the contents
of the byte array to the
BLOB
object’s
MTOM
data
member.
-
Remove encryption.
Invoke the
EncryptionServiceClient
object’s
removePDFCertificateSecurity
method
and pass the following values:
-
The
BLOB
object
that contains file stream data that represents an encrypted PDF
document.
-
A string value that specifies the alias name of the public
key that corresponds to the private key used to encrypt the PDf
document.
The
removePDFCredentialSecurity
method
returns a
BLOB
object that contains an unsecured
PDF document.
-
Save the PDF document.
-
Create a
System.IO.FileStream
object
by invoking its constructor and passing a string value that represents the
file location of the unsecured PDF document.
-
Create a byte array that stores the content of the
BLOB
object
that was returned by the
removePDFPasswordSecurity
method. Populate
the byte array by getting the value of the
BLOB
object’s
MTOM
data member.
-
Create a
System.IO.BinaryWriter
object by
invoking its constructor and passing the
System.IO.FileStream
object.
-
Write the contents of the byte array to a PDF file by invoking
the
System.IO.BinaryWriter
object’s
Write
method
and passing the byte array.
|
|
|