Skip to content

Commit

Permalink
DOC: Update notes on cryptography (#1938)
Browse files Browse the repository at this point in the history
Closes #1754
  • Loading branch information
MartinThoma authored Jul 2, 2023
1 parent 2b47d9a commit e5ec4f2
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 5 deletions.
14 changes: 10 additions & 4 deletions docs/user/encryption-decryption.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,10 @@
## Encrypt

> ⚠️ WARNING ⚠️: pypdf only implements [RC4 encryption](https://en.wikipedia.org/wiki/RC4).
> ⚠️ WARNING ⚠️: pypdf uses by default [RC4 encryption](https://en.wikipedia.org/wiki/RC4)
> if you ommit the "algorithm" parameter.
> This encryption algorithm is insecure. The more modern and secure AES
> encryption is not implemented. pypdf can only decrypt, but not encrypt with
> AES.
> encryption requires [`pycryptodome`](https://pypi.org/project/pycryptodome/) to be installed.
Add a password to a PDF (encrypt it):

Expand All @@ -23,13 +23,19 @@ for page in reader.pages:
writer.add_page(page)

# Add a password to the new PDF
writer.encrypt("my-secret-password")
writer.encrypt("my-secret-password", algorithm="AES-256")

# Save the new PDF to a file
with open("encrypted-pdf.pdf", "wb") as f:
writer.write(f)
```

We recommend using `AES-256-R5`:

* Using the [Advanced Encryption Standard](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encryption
* with a key size of 256 bit


## Decrypt

Remove the password from a PDF (decrypt it):
Expand Down
1 change: 0 additions & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,6 @@ ignore = [
"tests/*" = ["S101", "ANN001", "ANN201","D104", "S105", "S106", "D103", "B018", "B017"]
"sample-files/*" = ["D100", "INP001"]
"_encryption.py" = ["S324", "S311"]
"_security.py" = ["S324"]
"_writer.py" = ["S324"]
"make_changelog.py" = ["T201", "S603", "S607"]
"json_consistency.py" = ["T201"]
Expand Down

0 comments on commit e5ec4f2

Please sign in to comment.