加密与安全
PDF Oxide 支持使用行业标准算法为 PDF 设置密码和权限加密。你可以设置用户密码(打开文档时必需)、所有者密码(完全访问时必需),以及控制打印、复制和修改的细粒度权限。
快速开始:带加密保存
Python
from pdf_oxide import PdfDocument
doc = PdfDocument("input.pdf")
doc.set_title("Confidential Report")
# Encrypt with user and owner passwords
doc.save_encrypted("protected.pdf", "user123", "owner456")
WASM
import { WasmPdfDocument } from "pdf-oxide-wasm";
const doc = new WasmPdfDocument(bytes);
doc.setTitle("Confidential Report");
// Encrypt with user and owner passwords (all permissions enabled)
const output = doc.saveEncryptedToBytes(
"user123", "owner456", true, true, true, true
);
doc.free();
Rust
use pdf_oxide::api::Pdf;
let mut doc = Pdf::open("input.pdf")?;
// Simple encryption with user and owner passwords
doc.save_encrypted("protected.pdf", "user123", "owner456")?;
自定义权限加密
Python
save_encrypted 方法接受权限标志作为关键字参数。
from pdf_oxide import PdfDocument
doc = PdfDocument("input.pdf")
# View-only: no printing, copying, or modifying
doc.save_encrypted(
"readonly.pdf",
"viewpass",
"adminpass",
allow_print=False,
allow_copy=False,
allow_modify=False,
allow_annotate=False,
)
# Allow only printing
doc.save_encrypted(
"print-only.pdf",
"", # No open password required
"adminpass",
allow_print=True,
allow_copy=False,
allow_modify=False,
allow_annotate=False,
)
Python save_encrypted Parameters
| 参数 | 类型 | 默认值 | 描述 |
|---|---|---|---|
path |
str |
required | Output file path |
user_password |
str |
required | 打开密码(空 = 无打开密码) |
owner_password |
str |
None |
完全访问密码(默认为用户密码) |
allow_print |
bool |
True |
允许打印 |
allow_copy |
bool |
True |
允许复制文本/图形 |
allow_modify |
bool |
True |
允许修改文档 |
allow_annotate |
bool |
True |
允许添加注释 |
WASM
import { WasmPdfDocument } from "pdf-oxide-wasm";
const doc = new WasmPdfDocument(bytes);
// View-only: no printing, copying, or modifying
const readonly = doc.saveEncryptedToBytes(
"viewpass", "adminpass", false, false, false, false
);
// Allow only printing (empty user password = no open password)
const printOnly = doc.saveEncryptedToBytes(
"", "adminpass", true, false, false, false
);
doc.free();
Rust
如需完全控制加密设置,使用 加密Config 和 SaveOptions。
use pdf_oxide::api::Pdf;
use pdf_oxide::editor::{
加密Config, 加密Algorithm, Permissions, SaveOptions,
};
let mut doc = Pdf::open("input.pdf")?;
// Build permissions
let mut perms = Permissions::read_only();
perms.print = true; // Allow printing only
// Build encryption config
let config = 加密Config::new("user123", "owner456")
.with_algorithm(加密Algorithm::Aes256)
.with_permissions(perms);
// Save with encryption
doc.save_with_encryption("protected.pdf", config)?;
加密Config
加密Config 结构体控制所有加密参数。
use pdf_oxide::editor::{加密Config, 加密Algorithm, Permissions};
let config = 加密Config {
user_password: "user123".to_string(),
owner_password: "owner456".to_string(),
algorithm: 加密Algorithm::Aes256,
permissions: Permissions::all(),
};
或使用构建器模式:
let config = 加密Config::new("user123", "owner456")
.with_algorithm(加密Algorithm::Aes128)
.with_permissions(Permissions::read_only());
加密Config Fields
| 字段 | 类型 | 描述 |
|---|---|---|
user_password |
String |
打开文档所需的密码 |
owner_password |
String |
完全访问和更改安全设置的密码 |
algorithm |
加密Algorithm |
使用的加密算法 |
permissions |
Permissions |
访问控制标志 |
加密算法
| 算法 | 描述 |
|---|---|
加密Algorithm::Aes256 |
AES-256 (strongest, recommended) |
加密Algorithm::Aes128 |
AES-128 |
加密Algorithm::Rc4_128 |
RC4 128-bit (legacy compatibility) |
加密Algorithm::Rc4_40 |
RC4 40-bit (legacy, weak) |
在 Python 或 Pdf API 中使用 save_encrypted() 时默认使用 AES-256。
权限
Permissions 结构体控制使用用户密码打开文档时允许的操作。
use pdf_oxide::editor::Permissions;
// Allow everything
let all = Permissions::all();
// Restrict everything
let readonly = Permissions::read_only();
Permissions 字段
| Field | Type | 默认值 (all) | 默认值 (read_only) | 描述 |
|---|---|---|---|---|
print |
bool |
true |
false |
允许打印 |
print_high_quality |
bool |
true |
false |
允许高质量打印 |
modify |
bool |
true |
false |
允许修改内容 |
copy |
bool |
true |
false |
允许复制文本/图形 |
annotate |
bool |
true |
false |
允许添加注释 |
fill_forms |
bool |
true |
false |
允许填写表单字段 |
accessibility |
bool |
true |
true |
允许辅助功能提取 |
assemble |
bool |
true |
false |
Allow page assembly operations |
自定义权限
let mut perms = Permissions::read_only();
perms.print = true; // Allow printing
perms.fill_forms = true; // Allow filling forms
perms.accessibility = true; // Always allow for compliance
SaveOptions
使用 SaveOptions 完全控制文档的写入方式。
use pdf_oxide::editor::{SaveOptions, 加密Config};
// Full rewrite (default)
let opts = SaveOptions::full_rewrite();
// Incremental update (faster, preserves structure)
let opts = SaveOptions::incremental();
// With encryption
let config = 加密Config::new("user", "owner");
let opts = SaveOptions::with_encryption(config);
打开加密 PDF
Python
在打开文档时传入密码。
from pdf_oxide import PdfDocument
doc = PdfDocument("protected.pdf", password="user123")
text = doc.extract_text(0)
print(text)
Rust
use pdf_oxide::PdfDocument;
let doc = PdfDocument::open_with_password("protected.pdf", "user123")?;
let text = doc.extract_text(0)?;
println!("{}", text);
完整加密工作流
Python
from pdf_oxide import PdfDocument
# Open and modify
doc = PdfDocument("report.pdf")
doc.set_title("Confidential Report")
doc.set_author("Finance Team")
# Save with view-only restrictions
doc.save_encrypted(
"report-protected.pdf",
"", # No password to open
"admin2025", # 所有者密码 for full access
allow_print=True,
allow_copy=False,
allow_modify=False,
)
WASM
import { WasmPdfDocument } from "pdf-oxide-wasm";
const doc = new WasmPdfDocument(bytes);
doc.setTitle("Confidential Report");
doc.setAuthor("Finance Team");
// Save with view-only restrictions (no open password, print allowed)
const output = doc.saveEncryptedToBytes(
"", "admin2025", true, false, false, false
);
doc.free();
Rust
use pdf_oxide::api::Pdf;
use pdf_oxide::editor::{
DocumentEditor, EditableDocument,
加密Config, 加密Algorithm, Permissions, SaveOptions,
};
// Open and modify
let mut doc = Pdf::open("report.pdf")?;
{
let editor = doc.editor().unwrap();
editor.set_title("Confidential Report");
editor.set_author("Finance Team");
}
// Configure encryption
let permissions = Permissions {
print: true,
print_high_quality: true,
modify: false,
copy: false,
annotate: false,
fill_forms: true,
accessibility: true,
assemble: false,
};
let config = 加密Config::new("", "admin2025")
.with_algorithm(加密Algorithm::Aes256)
.with_permissions(permissions);
doc.save_with_encryption("report-protected.pdf", config)?;
使用不同设置重新加密
Rust
use pdf_oxide::editor::{DocumentEditor, EditableDocument, 加密Config, SaveOptions};
// Open with current password
let mut editor = DocumentEditor::open("old-protected.pdf")?;
// Save with new encryption
let config = 加密Config::new("newuser", "newowner");
let options = SaveOptions::with_encryption(config);
editor.save_with_options("re-encrypted.pdf", options)?;
完整 API 参考
Pdf 方法
| 方法 | 返回值 | 描述 |
|---|---|---|
save_encrypted(path, user_pw, owner_pw) |
Result<()> |
使用 AES-256 和完全权限保存 |
save_with_encryption(path, config) |
Result<()> |
使用自定义加密配置保存 |
DocumentEditor / EditableDocument 方法
| 方法 | 返回值 | 描述 |
|---|---|---|
save(path) |
Result<()> |
完整重写保存(无加密) |
save_with_options(path, options) |
Result<()> |
使用自定义选项保存 |
配置类型
| 类型 | 描述 |
|---|---|
加密Config |
用户/所有者密码、算法、权限 |
加密Algorithm |
Aes256, Aes128, Rc4_128, Rc4_40 |
Permissions |
细粒度访问控制标志 |
SaveOptions |
完整重写、增量更新或加密保存 |