Module pubsec 

Public-key security handler for PDFs that use /Filter /Adobe.PubSec.

Unlike the password-based StandardSecurityHandler, the file encryption key is not derived from a password hash. The producer wraps a 20-byte seed (plus 4-byte permission word) inside a CMS EnvelopedData blob using each authorized recipient’s RSA public key. Decryption requires the recipient’s X.509 certificate (to find the right blob) plus its RSA private key (to unwrap the seed).

The file encryption key is then derived from the unwrapped seed together with all recipient blobs concatenated:

• V=4 (/SubFilter /adbe.pkcs7.s4): SHA-1(seed[0..20] ‖ recipients_blobs ‖ permission_bytes) truncated to the 16-byte AES-128 key.
• V=5 (/SubFilter /adbe.pkcs7.s5): SHA-256(seed[0..20] ‖ recipients_blobs ‖ permission_bytes) truncated to the 32-byte AES-256 key.

Once the file key is derived the rest of the decryption pipeline (per-object key derivation for V=4, direct file-key use for V=5, AES-CBC-PKCS#7 unwrap) is identical to the Standard handler, so open_pubsec returns a StandardSecurityHandler built via StandardSecurityHandler::from_file_key.

Structs

PubSecCredential

Caller-supplied X.509 credential pair. Both buffers are DER-encoded: the certificate is a standard X.509 v3 cert; the private key is a PKCS#8 PrivateKeyInfo (or, less commonly, PKCS#1 RSAPrivateKey).

Functions

open_pubsec

Authenticates against the /Encrypt dictionary of an Adobe.PubSec PDF and returns a configured decryption handler. Returns PdfError::InvalidPassword when no recipient blob unwraps with the supplied private key (matches the Standard handler’s “credential did not authenticate” error semantics).