LlosLab Software Development BlogTekniska anteckningar för utvecklare av PDF-, Delphi- och dokumentprogramvara.

Teknisk artikel

HotPDF: AES-256 encryption and permission policy in Delphi

HotPDF Component

HotPDF är ett nativt VCL PDF-bibliotek för Delphi- och C++Builder-program som behöver direkt PDF-skapande och redigering, formulär, annoteringar, kryptering, digitala signaturer, Unicode-teckensnitt, standardmedveten utdata och preflight-rapporter utan extern PDF-runtime.

Den här artikeln är skriven för teams that must generate protected PDF output without relying on a desktop PDF application. Den behandlar AES-256 encryption and permission policy som produktionsnära dokumentteknik, inte som ett isolerat komponentanrop.

Den praktiska risken är att a password-protected document is not automatically a governed document if permissions, metadata encryption, attachment handling, and password custody are undefined. Därför behöver flödet ett skrivet kontrakt, observerbar diagnostik och realistiska regressionsfiler.

Arkitekturbeslut

Separate document security from application authentication. owner password custody and rotation policy / user password delivery path and recovery procedure

  • owner password custody and rotation policy
  • user password delivery path and recovery procedure
  • print, copy, accessibility, annotation, and form-fill permissions
  • whether metadata, embedded files, and attachments must also be protected

Implementeringsflöde

Define the encryption profile before writing content. Ordningen nedan gör arbetsflödet granskbart för Delphi- och C++Builder-team.

  1. select an encryption profile from application policy rather than UI text
  2. validate that the requested permissions match the customer agreement
  3. write the document to a controlled temporary location before distribution
  4. open the output with a target viewer and verify the permissions dialog
  5. log password policy identifiers without logging secret values

Valideringsbevis

What a security audit should record. Behåll dessa fält tillsammans med utdata eller supportunderlaget.

  • encryption algorithm, permission bitmask, metadata policy, and attachment policy
  • profile version, operator identity, output hash, and distribution channel
  • viewer compatibility result for the supported customer environments
  • redacted failure reason when password generation or protected save fails

Permissions, metadata, and viewer compatibility

AES-256 output should be treated as a named policy. The policy controls owner and user passwords, print and copy permissions, metadata visibility, and compatibility expectations for the viewers that will open the file.

Support package design

Once HotPDF Component is deployed, the most valuable support package is the one that explains the input, profile, output, and exact stage that failed.

  • encryption algorithm, permission bitmask, metadata policy, and attachment policy
  • profile version, operator identity, output hash, and distribution channel
  • viewer compatibility result for the supported customer environments
  • redacted failure reason when password generation or protected save fails
  • terminology snapshot: AES-256, owner password, user password, permissions

Tekniska granskningsnoteringar för AES-256 encryption and permission policy

Använd dessa granskningsnoteringar för att säkerställa att funktionen har passerat demo-nivån och kan försvaras under leverans, support och kundeskalering.

  • Beslut: owner password custody and rotation policy. Implementeringspresspunkt: validate that the requested permissions match the customer agreement. Acceptansbevis: viewer compatibility result for the supported customer environments. Regressionsutlösare: encrypted attachments need the same retention and access policy as the main file
  • Beslut: user password delivery path and recovery procedure. Implementeringspresspunkt: write the document to a controlled temporary location before distribution. Acceptansbevis: redacted failure reason when password generation or protected save fails. Regressionsutlösare: legacy viewers may open a file but ignore or misreport newer permission flags
  • Beslut: print, copy, accessibility, annotation, and form-fill permissions. Implementeringspresspunkt: open the output with a target viewer and verify the permissions dialog. Acceptansbevis: encryption algorithm, permission bitmask, metadata policy, and attachment policy. Regressionsutlösare: metadata can leak business information if encryption settings omit it

Gränsfall

  • legacy viewers may open a file but ignore or misreport newer permission flags
  • metadata can leak business information if encryption settings omit it
  • support logs must never include owner passwords, user passwords, or password hints
  • encrypted attachments need the same retention and access policy as the main file

Delphi / C++Builder notes

HotPDF Component should sit behind a small service boundary that receives files, streams, profiles, and credentials, then returns output paths, warnings, metrics, and validation status. Important terms include AES-256, owner password, user password, permissions, encrypted metadata, protected save.

Delphi-kodexempel

Följande Delphi-skiss visar en praktisk servicegräns för detta ämne. Håll policykontroller, loggning och validering utanför det smala produktanropet så att arbetsflödet går att testa.

procedure SaveProtectedPdf(const OutputFile: string; const Profile: TPdfSecurityProfile);
var
  Pdf: THotPDF;
begin
  Pdf := THotPDF.Create(nil);
  try
    Pdf.FileName := OutputFile;
    Pdf.BeginDoc;
    WriteDocumentBody(Pdf);
    ApplyEncryptionProfile(Pdf, Profile);
    Pdf.EndDoc;
    VerifyPermissions(OutputFile, Profile.ExpectedPermissions);
  finally
    Pdf.Free;
  end;
end;

Produktionschecklista

  • Kör arbetsflödet på en tom fil, en normal kundfil och en värstafallfil
  • Öppna den genererade PDF-filen med rätt visare, validator, skrivare eller nedströmsapplikation
  • Logga produktversion, profilversion, inmatningshash, utdatasökväg, förfluten tid och antal varningar
  • Håll lösenord, certifikat, tillfälliga filer och kunddata under tydliga lagringsregler
  • Lägg till regressionsdokument när en kundfil avslöjar ett nytt gränsfall

Produktdokumentation

HotPDF Component

Fler kodexempel

Pdf.ActivateProtection := True;
Pdf.CryptKeyLength := aes256;
Pdf.UserPassword := '';                      // anyone can open the file
Pdf.OwnerPassword := 'rotate-me-quarterly';  // guards the permission set
Pdf.ProtectOptions := [prPrint, prPrint12bit, prExtractContent];
Pdf.BeginDoc;
// ... page content ...
Pdf.EndDoc;
var
  Pdf: THotPDF;
  PageCount: Integer;
begin
  Pdf := THotPDF.Create(nil);
  try
    PageCount := Pdf.LoadFromFile('encrypted.pdf', 'open-secret');
    if PageCount > 0 then
    begin
      Pdf.ActivateProtection := False;   // drop encryption on save
      Pdf.SaveLoadedDocument('plain.pdf');
    end;
  finally
    Pdf.Free;
  end;
end;