is it possible to check if pdf is password protected using ghostscript?

Question

is it possible to check if pdf is password protected using ghostscript? what would be the command? I know you can strip pdf password using ghostscript, but all I want to do is just checking if PDF is password protected or security enabled.

Having started a bounty, I would also like to know whether it is possible to detect password-protected PDFs with other tools. — Benoit, Dec 09 '10 at 08:20

score 10 · Accepted Answer · answered Dec 09 '10 at 10:02

10

checkuserpasswdPDF.sh:

#!/bin/sh

GS=~/gs/bin/gs
output=`$GS -dBATCH -sNODISPLAY "$1" 2>&1`
gsexit=$?

if [ "$gsexit" == "0" ]; then
  echo "Not user-password protected"
  exit 0;
else
  found=`echo "$output" |grep -o "This file requires a password"`
  if [ -z "$found" ]; then
    echo "Failed to invoke gs" 
    exit $gsexit
  else
    echo "Protected"
    exit 0;
  fi  
fi

Checks for user-password protected PDFs: checkuserpasswdPDF.sh test.pdf.

GS disregards owner-passwords (see this).

answered Dec 09 '10 at 10:02

khachik

28,112
9
59
94

humm this looks promising, I will give this a try – Aman Dec 10 '10 at 11:20
This command takes much time for larger pdf and increases server load – Rishab Feb 24 '20 at 04:37

Reza S · Answer 2 · 2018-07-25T21:12:52.897

3

You can test using pdfinfo

pdfinfo $filename &>/dev/null;
if [[ $? -eq 1 ]] ; then
   echo "File can not be opened for reading"
fi

edited Jul 25 '18 at 21:12

answered Jun 27 '18 at 22:58

Reza S

9,480
3
54
84

TrueTom · Answer 3 · 2016-07-12T15:49:57.507

2

Using a bat file, you can do a little workaround by searching for "Encrypt" in the pdfs. Its quiet fast to search through many files.

Findstr /M /I "Encrypt" *.pdf

This will return all filenames that are secured (since "Encrypt" will be written in the file as dos reads it)

Maybe this is something someone can use. I use:
for /f %%a in ('Findstr /M /I "Encrypt" *.pdf') do move %%a c:\tempfiles\
to move all secured pdf's to c:\tempfiles. From there I use ghostscript to remove the security, and move it back to original folder.

edited Jul 12 '16 at 15:49

answered Jul 05 '16 at 12:08

TrueTom

31
10

1

Keep in mind that this doesn't distinguish between owner password protection and user password protection. This test shows if it has _any_ password protection – Reza S Jul 25 '18 at 21:10

score 2 · Answer 4 · answered Dec 09 '10 at 08:22

2

With pdftk it is possible to detect a user password or owner password by just trying to do a dump_data operation.

 protected=0
 pdftk "input.pdf" dump_data output /dev/null dont_ask || protected=1

The problem here is that you don't know what the password prevents: reading, extracting data, modifying...?

answered Dec 09 '10 at 08:22

Benoit

76,634
23
210
236

2

i tried something similar, but it was limiting and pdftk wasn't always giving me correct result. – Aman Dec 10 '10 at 11:23

score 0 · Answer 5 · answered Sep 17 '21 at 08:47

0

The answer of @Benoit gives ugly errors on console, but works.

So I would put this to an oneliner with suppression of error output:

protected=0 && pdftk "input.pdf" dump_data output /dev/null dont_ask 2>/dev/null || protected=1

answered Sep 17 '21 at 08:47

CONSULitAS

1
2

is it possible to check if pdf is password protected using ghostscript?

5 Answers5

Linked