Get PDF document Restriction Summary

[Phil Harvey]

Hi Heinrich,

To me, the whole PDF security business is a joke.  It only prevents people who use "compliant" software from accessing the information.  With non-compliant software, it is easy to defeat the security/permissions restrictions in any PDF document (unless it is password encrypted and you don't know the password).

The specification is extremely complex and I still don't understand, but I have another PDF which is signed slightly differently that may shed some light on this.  Let's call your PDF "A", and my PDF "B".  Here are the permissions shown by Adobe Reader 8.1.1:

File	A	B
Printing	Allowed	Allowed
Document Assembly	Not Allowed	Not Allowed
Content Copying	Allowed	Allowed
Content Copying for Accessibilty	Allowed	Allowed
Page Extraction	Not Allowed	Allowed
Commenting	Not Allowed	Allowed
Filling of form fields	Allowed	Not Allowed
Signing	Allowed	Not Allowed
Creation of Template Pages	Not Allowed	Not Allowed

and here are the tags extracted by ExifTool:

File	A	B
Signing Authority	ARE Acrobat Product v8.0 P23 0002337	ARE Acrobat Product v8.0 P23 0002337
Document Usage Rights	FullSave	-
Form Usage Rights	Add, FillIn, Delete, SubmitStandalone	-
Signature Usage Rights	Modify	-
Annotation Usage Rights	-	Create, Delete, Modify, Copy, Import, Export

I have a meeting now, but I will get back to this later.

- Phil

[Phil Harvey]

Heinrich,

For the permissions which are different between files "A" and "B", here is what I observe:

Page Extraction - can't see anything about this in ExifTool output
Commenting - reflected by AnnotationUsageRights
Filling of form fields - reflected by FormUsageRights
Signing - reflected by SignatureUsageRights

So all of the differences between the 2 documents are reflected by tags extracted by ExifTool, with the exception that I don't see where the "Page Extraction" permission comes from.

Some experimenting with Adobe Acrobat Pro may help here.  The test will be to save the same signed document with and without page extraction permission.  If this is possible, then I will be able to analyze the difference in ExifTool (with the -v option) to determine how to ascertain this quantity.  My Acrobat Pro trial has expired, but I'll try to find another computer to generate these files.  If you can run Acrobat Pro, you could help here.

- Phil

[Phil Harvey]

Hi Heinrich,

Well, I've got a computer running Acrobat 9 Pro now, and I've spent about 3 more hours working on this, but have no real answers yet.

Through seemingly randomly-placed menu items in Acrobat 9 Pro I can enable "extended features in Adobe Acrobat Reader", which changes the permissions without requiring a password, but gives me no control over what permissions are changed.  Another menu option called "Enable for Commenting and Analysis in Adobe Reader" has a similar effect but only defines the AnnotationUsageRights and not the DocumentUsageRights, FormUsageRights or SignatureUsageRights.  But by hacking the PDF directly, I can change all of the permissions to exactly the same as your PDF document ("A"), except for the "Page Extraction" permission!

One interesting difference though, is that I get the following message for my files in the Acrobat Security Properties dialog:

* This document restricts some Acrobat features to allow for extended features in
   Adobe Reader.  To create a copy of the document that is not restricted (and has no
   extended features in Adobe Reader), choose File > Save a Copy.

while with the PDF you sent, it gives this message instead:

* This PDF form restricts some operations.

Both documents show "Security Method: No Security".  Also, I added form fields to my test document like yours, so this isn't the difference (as maybe implied by the difference in the quotes above).  I have hacked the permissions dictionaries of the documents to be virtually identical, which eliminates any differences due to these, and also eliminates differences due to an invalid signature since this hacking should invalidate both signatures.  And I've compared the rest of the PDF structure of these two files, and can find nothing else that looks like it could result in this permissions difference.

I've also gone over the PDF 1.7 specification with a fine-toothed comb, and can find no documentation about how to specifically disable page extraction.

So I'm at a bit of a loss since I can't explain this difference and I haven't been able to generate a document myself which has page extraction disabled.

- Phil

Edit:  I noticed another interesting difference between the files.  When I try to enable commenting in your file, I get this message:

This form is interactive and has special features.  To save a copy of it that you can
treat as any other PDF file, choose File > Print and then choose the Adobe PDF
printer.  This creates a PDF file that does not have special features, so you can add
comments to it or send it out for review.

Looking more closely at the forms section of the PDF, your file contains an "XFA" entry that mine doesn't have.  From the documentation, this is an "XML Forms Architecture", which is used for a special type of interactive forms.  It could be that the the missing "page extraction" permission is simply an affectation of the XFA form.  If so, then simply checking for XFA would solve this problem.  Unfortunately I don't know how to generate an XFA form, so I can't test this theory.  But I am thinking about adding a HasXMLFormsArchitecture tag to ExifTool 8.72 to allow you to check for XFA forms, just in case.

Please let me know if any of this makes any sense, or if you know how to generate a PDF with either "page extraction" permission disabled or containing XFA forms.

[Phil Harvey]

With a bit of googling I was able to find more evidence to support my theory:

From http://forums.adobe.com/message/2162640 :

If you are trying to change the document with Acrobat Pro, you can't as the file is an XFA based PDF form created with Adobe LiveCycle Designer ES.

Probably not coincidentally, your PDF was also created by Adobe LiveCycle Designer.

So I will add a new tag called "HasXFA" to ExifTool 8.72 (a bit easier to type than the name "HasXMLFormsArchitecture" I mentioned earlier), allowing you to check for XFA forms.

- Phil

Edit:  I just noticed that there is a sample PDF attached to a post in the Adobe thread I referenced above.  This PDF has XFA, but is neither signed nor encrypted.  Nevertheless, Adobe Reader shows this:

Printing	Allowed
Document Assembly	Not Allowed
Content Copying	Allowed
Content Copying for Accessibilty	Allowed
Page Extraction	Not Allowed
Commenting	Not Allowed
Filling of form fields	Allowed
Signing	Not Allowed
Creation of Template Pages	Not Allowed

...which reinforces my theory, and shows that the page extraction permission is not related to the document signing.

[Phil Harvey]

Darn.  Back to square one.  All of the security settings I posted earlier were obtained using Adobe Reader 8.1.1.  If instead I use Acrobat Pro 9.0.0, the security settings show differently for the same file as in the "edit" section of my last post:

Printing	Allowed
Changing the Document	Not Allowed  (note: not shown by Reader 8.1.1)
Document Assembly	Not Allowed
Content Copying	Allowed
Content Copying for Accessibilty	Allowed
Page Extraction	Allowed *
Commenting	Allowed *
Filling of form fields	Allowed
Signing	Allowed *
Creation of Template Pages	Not Allowed

* = different with Adobe Reader 8.1.1

So there goes my theory.  Also, there goes any hope of reporting the same security settings as Adobe, because it depends on the version of the Adobe software that you are using.

- Phil

[hbuehler]

Hi Phil:

In the meantime I've spoken to the guys of Aspose.Pdf and they say:
"The testfile contains a dynamic XFA form and the pages/presentation are created when viewing the file in PDF viewer (i.e. /Root/NeedsRendering = true).
In Dynamic XFA form, only the set of instructions for final pages are defined rather than having already created final pages. Therefore Adobe Acrobat can't allow pages extraction, because document has dynamic (i.e. virtual) pages and the reason you see Page Extraction as Not Allowed, is not because of the fact that some security settings are applied."

Yours, Heinrich

[Phil Harvey]

Thanks Heinrich.  This is what I had suspected, but doesn't explain why this pdf with XFA shows up with page extraction allowed in Acrobat Pro 9.0.0.

At any rate, I have added a HasXFA tag that will appear in ExifTool 8.72 to allow this to be checked.

- Phil