hummusRecipe
hummusRecipe copied to clipboard
ownerPassword not set if userPassword if not provided
https://github.com/chunyenHuang/hummusRecipe/blob/54d334f00f8c0740952a8bb11034bde39d5cc42c/lib/encrypt.js#L91
I need to protect my PDF that has a watermark from being removed, while the PDF should not require a password when opened for read, I achieved that in HummusJS by setting ownerPassword with an empty userPassword like this :
hummus.recrypt('in.pdf', 'out.pdf', {
userPassword: '',
ownerPassword: 'secret',
userProtectionFlag: 4
});
Now with hummusRecipe, when I try the following code, the out.pdf is not protected in modification
recipe
.encrypt({
userPassword: '',
ownerPassword: 'secret',
userProtectionFlag: 4
})
.endPDF();
because 'userPassword' is not being provided to hummus in 'encryption_' in encrypt.js line 106 :
// At this stage : this.encryption_ = { password: 'secret', ownerPassword: 'secret', userProtectionFlag: 4 }
hummus.recrypt(tmp, this.output, this.encryption_);
and on documentation of HummusJS it is clearly mentionned that ownerPassword is only used when we pass userPassword:
/*
hummus.recrypt(
inOriginalPath/inOriginalStream,
inNewPath/inNewStream,
[options])
options =
{
password:
version:
compress:
log:
userPassword:
ownerPassword: // must pass userPassword!
userProtectionFlag: // must pass userPassword!
}
*/
A workaround is to pass the options as is to HummusJS and not use the _getEncryptOptions method
/**
* Encrypt the pdf
* @name encrypt
* @function
* @memberof Recipe
* @param {Object} options - The options
* @param {string} [options.password] - The permission password.
* @param {string} [options.ownerPassword] - The password for editing.
* @param {string} [options.userPassword] - The password for viewing & encryption.
* @param {number} [options.userProtectionFlag] - The flag for the security level.
*/
exports.encrypt = function encrypt(options = {}) {
this.needToEncrypt = true;
this.encryption_ = options; //this._getEncryptOptions(options); // THE WORKAROUND
return this;
};
Can you please fix. Thanks
Would you mimd put a PR for this since you already have investigated, thanks! @rafikhamid
Hi @chunyenHuang I did not want to create a PR for this because my fix is to completely remove the method _getEncryptOptions(options); and I am not sure about the purpose of it, so removing it might break something. If you want me to remove it I can create a PR for it.