class HexaPDF::Encryption::StandardSecurityHandler


The password-based standard security handler of the PDF specification, identified by a /Filter value of /Standard.


The PDF specification defines one security handler that should be implemented by all conforming PDF libraries and applications. This standard security handler allows access permissions and a user password as well as an owner password to be set.

See StandardSecurityHandler::EncryptionOptions for all valid options that can be used with this security handler when encrypting a document. And see prepare_decryption for all allowed options when decrypting a document.

The access permissions (see StandardSecurityHandler::Permissions) can be used to restrict what a user is allowed to do with a PDF file.

When a user or owner password is specified, a PDF file can only be opened when the correct password is supplied. To open such an encrypted PDF file, the decryption_opts provided to needs to contain a :password key with the password.

See: PDF2.0 s7.6.4



The padding used for passwords with fewer than 32 bytes. Only used for revisions <= 4.

See: PDF2.0 s7.6.4.3

Public Instance Methods


Returns the type of password used for decrypting the PDF document.

The return value is one of the following:


No password was needed for decryption.


The provided user password was used for decryption.


The provided owner password was used for decryption.


The document was not decrypted, only encrypted.


Additionally checks that the document trailer’s ID has not changed.

See: SecurityHandler#encryption_key_valid?


Returns the permissions of the managed dictionary as array of symbol values.

See: Permissions