dump_encryption
Print PDF encryption details and user permissions
Usage
pdftl
<input>dump_encryption[json][output<output>]
Details
Extracts the document’s security handlers, encryption algorithm, and user access permissions, printing them to the console (or a specified file).
If the input document is encrypted with a user password, you must provide it using the input_pw option to read the permissions.
By default, the output is a plain text, line-based format containing key-value pairs designed to mirror pdftk’s stanza style. Passing the json parameter will produce a structured JSON output instead.
Output Format Details
Text / Stanza Output
The default output starts with IsEncrypted: <true|false>. If the input document is encrypted, an
EncryptionBegin stanza is next with the following fields:
EncryptionAlgorithm: <algorithm_name>EncryptionFilter: <security_handler_name>EncryptionParameterV: <integer>EncryptionParameterR: <integer>KeyLengthBits: <integer>RawPermissionsFlag: <integer>
Permission Fields in the following PermissionBegin stanza correspond
directly to the arguments used by the allow option. Values will be
either true (permission allowed) or false (permission denied).
PermissionPrintingPermissionDegradedPrintingPermissionModifyContentsPermissionAssemblyPermissionCopyContentsPermissionScreenReadersPermissionModifyAnnotationsPermissionFillIn
JSON Output
When the json flag is provided, the data is structured hierarchically.
Encryption is a dictionary containing the algorithm details, and
Permissions is a dictionary mapping each permission to a boolean.
Examples
Print encryption info for secure.pdf in text format
pdftl in.pdf dump_encryption
Print encryption info for a password-protected file in JSON format
pdftl in.pdf input_pw "secret" dump_encryption json
Tags: security, encryption, info
Source: pdftl.operations.dump_encryption
Read online: https://pdftl.readthedocs.io/en/stable/operations/dump_encryption.html
Type: Operation