I am noticing some strange/dangerous behavior related to instantiating a MergeDocument object with a source PDF that has password protection enabled.
When looking at the Document Properties page Security tab in Adobe Acrobat for my source PDF, it shows a security method of Password Security. In the Details section of the security it shows that there is no Document Open Password, but Permissions Password is set to Yes. For what it's worth, the PDF I am testing with is a completed fillable form generated from DocuSign.
The following items are listed as Not Allowed in the details:
Changing the Document
Commenting
Form Field Fill-in or Signing
Document Assembly
Page Extraction
When I attempt to instantiate a MergeDocument using the file path, it generates an exception saying "Required owner password for this feature."
When I do a simple File.ReadAllBytes with the file path and attempt to create a MergeDocument using the byte array that I just received from the ReadAllBytes call, I am able to successfully get back a MergeDocument. Once I have this MergeDocument, I am able to essentially violate the security of my protected document by extracting pages, appending pages, adding form elements, etc.
This does not seem like correct behavior in the MergeDocument constructor that takes in a byte array. Please advise.