cpdf -encrypt <method> [-pw=]<owner> [-pw=]<user>
[-no-encrypt-metadata] <permissions> in.pdf -o out.pdf
cpdf -decrypt [-decrypt-force] in.pdf owner=<owner password> -o out.pdf
PDF files can be encrypted using various types of encryption and attaching various permissions describing what someone can do with a particular document (for instance, printing it or extracting content). There are two types of person:
There are five kinds of encryption:
All encryption supports these kinds of permissions:
In addition, 128-bit encryption (Acrobat 5 and above) and AES encryption supports these:
Add these options to the command line to prevent each operation.
Note: Adobe Acrobat and Adobe Reader may show slightly different permissions in info dialogues – this is a result of policy changes and not a bug in cpdf. You may need to experiment.
To encrypt a document, the owner and user passwords must be given (here, fred and charles respectively):
cpdf -encrypt 40bit fred charles -no-print in.pdf -o out.pdf
cpdf -encrypt 128bit fred charles -no-extract in.pdf -o out.pdf
cpdf -encrypt AES fred "" -no-edit -no-copy in.pdf -o out.pdf
cpdf -encrypt AES256ISO fred "" -no-forms in.pdf -o out.pdf
The optional -pw= preface may be given where a password might begin with a - and thus be confused with a command line option.
When using AES encryption, the option is available to refrain from encrypting the metadata. Add -no-encrypt-metadata to the command line.
To decrypt a document, the owner password is provided.
cpdf -decrypt in.pdf owner=fred -o out.pdf
When appropriate passwords are not available, the option -decrypt-force may be added to the command line to process the file regardless.