itext
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfDocument.java‎
Lines changed: 1 addition & 1 deletion b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfDocument.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfEncryption.java‎
Lines changed: 27 additions & 7 deletions b/‎kernel/src/main/java/com/itextpdf/kernel/pdf/PdfEncryption.java‎
Lines changed: 27 additions & 7 deletions
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/crypto/PdfEncryptionTest.java‎ renamed to ‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfEncryptionTest.java‎
Lines changed: 57 additions & 166 deletions b/‎kernel/src/test/java/com/itextpdf/kernel/crypto/PdfEncryptionTest.java‎ renamed to ‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfEncryptionTest.java‎
Lines changed: 57 additions & 166 deletions
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfEncryptionTestUtils.java‎
Lines changed: 91 additions & 0 deletions b/‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfEncryptionTestUtils.java‎
Lines changed: 91 additions & 0 deletions
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfPreserveEncryptionTest.java‎
Lines changed: 114 additions & 0 deletions b/‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/PdfPreserveEncryptionTest.java‎
Lines changed: 114 additions & 0 deletions
diff --git a/‎kernel/src/test/java/com/itextpdf/kernel/crypto/UnicodeBasedPasswordEncryptionTest.java‎ renamed to ‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/UnicodeBasedPasswordEncryptionTest.java‎
Lines changed: 9 additions & 7 deletions b/‎kernel/src/test/java/com/itextpdf/kernel/crypto/UnicodeBasedPasswordEncryptionTest.java‎ renamed to ‎kernel/src/test/java/com/itextpdf/kernel/crypto/pdfencryption/UnicodeBasedPasswordEncryptionTest.java‎
Lines changed: 9 additions & 7 deletions
@@ -1018,7 +1018,7 @@ public void close() {
                 // either writer properties, or in the writer init section on document open or from pdfreader. So we
                 // shouldn't worry about it being null next
                 PdfObject fileId = PdfEncryption.createInfoId(ByteUtils.getIsoBytes(originalDocumentId.getValue()),
-                        ByteUtils.getIsoBytes(modifiedDocumentId.getValue()));
+                        ByteUtils.getIsoBytes(modifiedDocumentId.getValue()), this.properties.preserveEncryption);
                 xref.writeXrefTableAndTrailer(this, fileId, crypto);
                 writer.flush();
                 if (writer.getOutputStream() instanceof CountOutputStream) {
 
@@ -23,6 +23,7 @@ This file is part of the iText (R) project.
 package com.itextpdf.kernel.pdf;
 
 import com.itextpdf.commons.utils.SystemUtil;
+import com.itextpdf.io.source.ByteBuffer;
 import com.itextpdf.kernel.crypto.IDecryptor;
 import com.itextpdf.kernel.crypto.OutputStreamEncryption;
 import com.itextpdf.kernel.crypto.securityhandler.PubKeySecurityHandler;
@@ -290,20 +291,39 @@ public static PdfObject createInfoId(byte[] id, boolean modified) {
      *
      * @param firstId the first id
      * @param secondId the second id
+     *
      * @return PdfObject containing the two entries.
+     * @deprecated Use {@link #createInfoId(byte[], byte[], boolean)} instead
      */
+    @Deprecated
     public static PdfObject createInfoId(byte[] firstId, byte[] secondId) {
-        if ( firstId.length < 16 ) {
-            firstId = padByteArrayTo16(firstId);
-        }
+        return createInfoId(firstId, secondId, false);
+    }
+
+    /**
+     * Creates a PdfLiteral that contains an array of two id entries. These entries are both hexadecimal
+     * strings containing up to 16 hex characters. The first entry is the original id, the second entry
+     * should be different from the first one if the document has changed.
+     *
+     * @param firstId the first id
+     * @param secondId the second id
+     * @param preserveEncryption the encryption preserve
+     *
+     * @return PdfObject containing the two entries.
+     */
+    public static PdfObject createInfoId(byte[] firstId, byte[] secondId, boolean preserveEncryption) {
+        if (!preserveEncryption) {
+            if (firstId.length < 16) {
+                firstId = padByteArrayTo16(firstId);
+            }
 
-        if ( secondId.length < 16 ) {
-            secondId = padByteArrayTo16(secondId);
+            if (secondId.length < 16) {
+                secondId = padByteArrayTo16(secondId);
+            }
         }
 
-        com.itextpdf.io.source.ByteBuffer buf = new com.itextpdf.io.source.ByteBuffer(90);
+        ByteBuffer buf = new ByteBuffer(90);
         buf.append('[').append('<');
-
         for (int k = 0; k < firstId.length; ++k)
             buf.appendHex(firstId[k]);
         buf.append('>').append('<');
 
@@ -0,0 +1,91 @@
+package com.itextpdf.kernel.crypto.pdfencryption;
+
+import com.itextpdf.io.font.constants.StandardFonts;
+import com.itextpdf.kernel.font.PdfFontFactory;
+import com.itextpdf.kernel.pdf.*;
+import com.itextpdf.kernel.utils.CompareTool;
+import org.junit.Assert;
+
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+
+public class PdfEncryptionTestUtils {
+
+    private final String destinationFolder;
+
+    private final String sourceFolder;
+
+    public static final String PAGE_TEXT_CONTENT = "Hello world!";
+
+    public static final String CUSTOM_INFO_ENTRY_KEY = "Custom";
+
+    public static final String CUSTOM_INFO_ENTRY_VALUE = "String";
+
+    /**
+     * User password.
+     */
+    public static byte[] USER = "Hello".getBytes(StandardCharsets.ISO_8859_1);
+
+    /**
+     * Owner password.
+     */
+    public static byte[] OWNER = "World".getBytes(StandardCharsets.ISO_8859_1);
+
+
+    public PdfEncryptionTestUtils(String destinationFolder, String sourceFolder) {
+        this.destinationFolder = destinationFolder;
+        this.sourceFolder = sourceFolder;
+    }
+
+    public void compareEncryptedPdf(String filename) throws IOException, InterruptedException {
+        checkDecryptedWithPasswordContent(destinationFolder + filename, OWNER, PAGE_TEXT_CONTENT);
+        checkDecryptedWithPasswordContent(destinationFolder + filename, USER, PAGE_TEXT_CONTENT);
+
+        CompareTool compareTool = new CompareTool().enableEncryptionCompare();
+        String compareResult = compareTool.compareByContent(destinationFolder + filename,
+                sourceFolder + "cmp_" + filename, destinationFolder, "diff_", USER, USER);
+        if (compareResult != null) {
+            Assert.fail(compareResult);
+        }
+    }
+
+    public void checkDecryptedWithPasswordContent(String src, byte[] password, String pageContent)
+            throws IOException {
+        checkDecryptedWithPasswordContent(src, password, pageContent, false);
+    }
+
+    public void checkDecryptedWithPasswordContent(String src, byte[] password, String pageContent,
+                                                     boolean expectError) throws IOException {
+        PdfReader reader = CompareTool.createOutputReader(src, new ReaderProperties().setPassword(password));
+        PdfDocument document = new PdfDocument(reader);
+        PdfPage page = document.getPage(1);
+
+        boolean expectedContentFound = new String(page.getStreamBytes(0)).contains(pageContent);
+        String actualCustomInfoEntry = document.getTrailer().getAsDictionary(PdfName.Info)
+                .getAsString(new PdfName(CUSTOM_INFO_ENTRY_KEY)).toUnicodeString();
+
+        if (!expectError) {
+            Assert.assertTrue("Expected content: \n" + pageContent, expectedContentFound);
+            Assert.assertEquals("Encrypted custom", CUSTOM_INFO_ENTRY_VALUE, actualCustomInfoEntry);
+        } else {
+            Assert.assertFalse("Expected content: \n" + pageContent, expectedContentFound);
+            Assert.assertNotEquals("Encrypted custom", CUSTOM_INFO_ENTRY_VALUE, actualCustomInfoEntry);
+        }
+
+        document.close();
+    }
+
+    public static void writeTextBytesOnPageContent(PdfPage page, String text) throws IOException {
+        page.getFirstContentStream().getOutputStream().writeBytes(("q\n" +
+                "BT\n" +
+                "36 706 Td\n" +
+                "0 0 Td\n" +
+                "/F1 24 Tf\n" +
+                "(" + text + ")Tj\n" +
+                "0 0 Td\n" +
+                "ET\n" +
+                "Q ").getBytes(StandardCharsets.ISO_8859_1));
+        page.getResources().addFont(page.getDocument(), PdfFontFactory.createFont(StandardFonts.HELVETICA));
+    }
+
+}
@@ -0,0 +1,114 @@
+package com.itextpdf.kernel.crypto.pdfencryption;
+
+import com.itextpdf.kernel.logs.KernelLogMessageConstant;
+import com.itextpdf.kernel.pdf.*;
+import com.itextpdf.kernel.utils.CompareTool;
+import com.itextpdf.test.ExtendedITextTest;
+import com.itextpdf.test.annotations.LogMessage;
+import com.itextpdf.test.annotations.LogMessages;
+import com.itextpdf.test.annotations.type.IntegrationTest;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import java.io.IOException;
+
+
+
+@Category(IntegrationTest.class)
+public class PdfPreserveEncryptionTest extends ExtendedITextTest {
+
+    public static final String destinationFolder = "./target/test/com/itextpdf/kernel/crypto/pdfencryption/PdfPreserveEncryptionTest/";
+
+    public static final String sourceFolder = "./src/test/resources/com/itextpdf/kernel/crypto/pdfencryption/PdfPreserveEncryptionTest/";
+
+    public PdfEncryptionTestUtils encryptionUtil = new PdfEncryptionTestUtils(destinationFolder, sourceFolder);
+
+    @BeforeClass
+    public static void beforeClass() {
+        createOrClearDestinationFolder(destinationFolder);
+    }
+
+    @AfterClass
+    public static void afterClass() {
+        CompareTool.cleanup(destinationFolder);
+    }
+
+    @Test
+    @LogMessages(messages = {
+            @LogMessage(messageTemplate = KernelLogMessageConstant.MD5_IS_NOT_FIPS_COMPLIANT, ignore = true),
+            @LogMessage(messageTemplate = VersionConforming.DEPRECATED_ENCRYPTION_ALGORITHMS)})
+    public void stampAndUpdateVersionPreserveStandard40() throws InterruptedException, IOException {
+        String filename = "stampAndUpdateVersionPreserveStandard40.pdf";
+        PdfDocument doc = new PdfDocument(
+                new PdfReader(sourceFolder + "encryptedWithPasswordStandard40.pdf",
+                        new ReaderProperties().setPassword(PdfEncryptionTestUtils.OWNER)),
+                CompareTool.createTestPdfWriter(destinationFolder + filename,
+                        new WriterProperties().setPdfVersion(PdfVersion.PDF_2_0)),
+                new StampingProperties().preserveEncryption());
+        doc.close();
+
+        encryptionUtil.compareEncryptedPdf(filename);
+    }
+
+    @Test
+    @LogMessages(messages = {
+            @LogMessage(messageTemplate = KernelLogMessageConstant.MD5_IS_NOT_FIPS_COMPLIANT, ignore = true),
+            @LogMessage(messageTemplate = VersionConforming.DEPRECATED_AES256_REVISION)})
+    public void stampAndUpdateVersionPreserveAes256() throws InterruptedException, IOException {
+        String filename = "stampAndUpdateVersionPreserveAes256.pdf";
+        PdfDocument doc = new PdfDocument(
+                new PdfReader(sourceFolder + "encryptedWithPasswordAes256.pdf",
+                        new ReaderProperties().setPassword(PdfEncryptionTestUtils.OWNER)),
+                CompareTool.createTestPdfWriter(destinationFolder + filename,
+                        new WriterProperties().setPdfVersion(PdfVersion.PDF_2_0)),
+                new StampingProperties().preserveEncryption());
+        doc.close();
+        encryptionUtil.compareEncryptedPdf(filename);
+    }
+
+    @Test
+    @LogMessages(messages = @LogMessage(messageTemplate = KernelLogMessageConstant.MD5_IS_NOT_FIPS_COMPLIANT,
+            ignore = true))
+    public void encryptAes256EncryptedStampingPreserve() throws InterruptedException, IOException {
+        String filename = "encryptAes256EncryptedStampingPreserve.pdf";
+        String src = sourceFolder + "encryptedWithPlainMetadata.pdf";
+        String out = destinationFolder + filename;
+
+        PdfDocument pdfDoc = new PdfDocument(
+                new PdfReader(src, new ReaderProperties().setPassword(PdfEncryptionTestUtils.OWNER)),
+                CompareTool.createTestPdfWriter(out, new WriterProperties()),
+                new StampingProperties().preserveEncryption());
+
+        pdfDoc.close();
+
+        CompareTool compareTool = new CompareTool().enableEncryptionCompare();
+        String compareResult = compareTool.compareByContent(out, sourceFolder + "cmp_" + filename, destinationFolder,
+                "diff_", PdfEncryptionTestUtils.USER, PdfEncryptionTestUtils.USER);
+        if (compareResult != null) {
+            Assert.fail(compareResult);
+        }
+    }
+
+    @Test
+    public void preserveEncryptionShorterDocumentId() throws IOException, InterruptedException {
+        String filename = "preserveEncryptionWithShortId.pdf";
+        String src = sourceFolder + "encryptedWithShortId.pdf";
+        String out = destinationFolder + filename;
+
+        PdfDocument pdfDoc = new PdfDocument(
+                new PdfReader(src, new ReaderProperties().setPassword(PdfEncryptionTestUtils.OWNER)),
+                new PdfWriter(out, new WriterProperties()),
+                new StampingProperties().preserveEncryption());
+
+        pdfDoc.close();
+        CompareTool compareTool = new CompareTool().enableEncryptionCompare();
+        String compareResult = compareTool.compareByContent(out, sourceFolder + "cmp_" + filename, destinationFolder,
+                "diff_", null, null);
+        if (compareResult != null) {
+            Assert.fail(compareResult);
+        }
+    }
+}
@@ -20,7 +20,7 @@ This file is part of the iText (R) project.
     You should have received a copy of the GNU Affero General Public License
     along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
-package com.itextpdf.kernel.crypto;
+package com.itextpdf.kernel.crypto.pdfencryption;
 
 import com.itextpdf.kernel.logs.KernelLogMessageConstant;
 import com.itextpdf.kernel.pdf.EncryptionConstants;
@@ -50,11 +50,13 @@ This file is part of the iText (R) project.
 @Category(BouncyCastleIntegrationTest.class)
 public class UnicodeBasedPasswordEncryptionTest extends ExtendedITextTest {
 
-    public static final String destinationFolder = "./target/test/com/itextpdf/kernel/crypto/UnicodeBasedPasswordEncryptionTest/";
-    public static final String sourceFolder = "./src/test/resources/com/itextpdf/kernel/crypto/UnicodeBasedPasswordEncryptionTest/";
+    public static final String destinationFolder = "./target/test/com/itextpdf/kernel/crypto/pdfencryption/UnicodeBasedPasswordEncryptionTest/";
+    public static final String sourceFolder = "./src/test/resources/com/itextpdf/kernel/crypto/pdfencryption/UnicodeBasedPasswordEncryptionTest/";
 
     private static Map<String, SaslPreparedString> nameToSaslPrepared;
 
+    PdfEncryptionTestUtils encryptionUtil = new PdfEncryptionTestUtils(destinationFolder,sourceFolder);
+
     static {
         // values are calculated with com.ibm.icu.text.StringPrep class in icu4j v58.2 lib
         nameToSaslPrepared = new LinkedHashMap<>();
@@ -200,18 +202,18 @@ public void aes256EncryptedPdfWithUnicodeBasedPassword() throws IOException, Int
     private void encryptAes256AndCheck(String filename, byte[] ownerPassword) throws IOException, InterruptedException {
         int permissions = EncryptionConstants.ALLOW_SCREENREADERS;
         WriterProperties writerProperties = new WriterProperties()
-                .setStandardEncryption(PdfEncryptionTest.USER, ownerPassword, permissions, EncryptionConstants.ENCRYPTION_AES_256)
+                .setStandardEncryption(PdfEncryptionTestUtils.USER, ownerPassword, permissions, EncryptionConstants.ENCRYPTION_AES_256)
                 .setPdfVersion(PdfVersion.PDF_2_0);
         PdfWriter writer = CompareTool.createTestPdfWriter(destinationFolder + filename, writerProperties.addXmpMetadata());
         PdfDocument document = new PdfDocument(writer);
-        document.getDocumentInfo().setMoreInfo(PdfEncryptionTest.customInfoEntryKey, PdfEncryptionTest.customInfoEntryValue);
+        document.getDocumentInfo().setMoreInfo(PdfEncryptionTestUtils.CUSTOM_INFO_ENTRY_KEY, PdfEncryptionTestUtils.CUSTOM_INFO_ENTRY_VALUE);
         PdfPage page = document.addNewPage();
-        PdfEncryptionTest.writeTextBytesOnPageContent(page, PdfEncryptionTest.pageTextContent);
+        PdfEncryptionTestUtils.writeTextBytesOnPageContent(page, PdfEncryptionTestUtils.PAGE_TEXT_CONTENT);
 
         page.flush();
         document.close();
 
-        PdfEncryptionTest.checkDecryptedWithPasswordContent(destinationFolder + filename, ownerPassword, PdfEncryptionTest.pageTextContent);
+        encryptionUtil.checkDecryptedWithPasswordContent(destinationFolder + filename, ownerPassword, PdfEncryptionTestUtils.PAGE_TEXT_CONTENT);
 
         CompareTool compareTool = new CompareTool().enableEncryptionCompare();
         String compareResult = compareTool.compareByContent(destinationFolder + filename, sourceFolder + "cmp_" + filename, destinationFolder, "diff_", ownerPassword, ownerPassword);