DOC: Update notes on cryptography (#1938)

Closes #1754
py-pdf · Jul 2, 2023 · e5ec4f2 · e5ec4f2
1 parent 2b47d9a
commit e5ec4f2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 5 deletions.
diff --git a/docs/user/encryption-decryption.md b/docs/user/encryption-decryption.md
@@ -5,10 +5,10 @@
 
 ## Encrypt
 
-> ⚠️ WARNING ⚠️: pypdf only implements [RC4 encryption](https://en.wikipedia.org/wiki/RC4).
+> ⚠️ WARNING ⚠️: pypdf uses by default [RC4 encryption](https://en.wikipedia.org/wiki/RC4)
+> if you ommit the "algorithm" parameter.
 > This encryption algorithm is insecure. The more modern and secure AES
-> encryption is not implemented. pypdf can only decrypt, but not encrypt with
-> AES.
+> encryption requires [`pycryptodome`](https://pypi.org/project/pycryptodome/) to be installed.
 
 Add a password to a PDF (encrypt it):
 
@@ -23,13 +23,19 @@ for page in reader.pages:
  writer.add_page(page)
 
 # Add a password to the new PDF
-writer.encrypt("my-secret-password")
+writer.encrypt("my-secret-password", algorithm="AES-256")
 
 # Save the new PDF to a file
 with open("encrypted-pdf.pdf", "wb") as f:
  writer.write(f)
 ```
 
+We recommend using `AES-256-R5`:
+
+* Using the [Advanced Encryption Standard](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encryption
+* with a key size of 256 bit
+
+
 ## Decrypt
 
 Remove the password from a PDF (decrypt it):

diff --git a/pyproject.toml b/pyproject.toml
@@ -189,7 +189,6 @@ ignore = [
 "tests/*" = ["S101", "ANN001", "ANN201","D104", "S105", "S106", "D103", "B018", "B017"]
 "sample-files/*" = ["D100", "INP001"]
 "_encryption.py" = ["S324", "S311"]
-"_security.py" = ["S324"]
 "_writer.py" = ["S324"]
 "make_changelog.py" = ["T201", "S603", "S607"]
 "json_consistency.py" = ["T201"]