PDFRip Files

PDFRip v3.0.0

v3.0.0 is a trust / performance / compatibility release focused on making pdfrip more correct, more measurable, and more useful on real password-cracking workloads.

Highlights

Prepared verifier hot path

• password attempts no longer rebuild general PDF parsing/storage state on every try
• the release extracts the security envelope once, prepares a direct verifier once, and reuses it across attempts
• verified against deterministic qpdf fixtures for Standard Security Handler revisions R2 through R6

Better compatibility coverage

The fixture and verifier matrix now covers:

• R2 / R3 / R4 RC4
• R4 AES-128
• R5 / R6 AES-256
• Unicode R5 / R6 passwords
• blank user passwords
• object streams and xref streams
• linearized PDFs
• EncryptMetadata=false

Exact progress and resume

• progress is now based on verified attempts, not merely queued work
• historical “100%, ETA 0s, but still running” behavior is fixed
• checkpoint / resume is now a first-class workflow with exact verified-prefix recovery

New and improved search workflows

• new mask mode for bounded structured passwords such as ?u{4}?d{4}
• new contains-word mode for “known substring + brute-force the rest” workflows
• date --format now supports custom shapes such as DD.MM.YYYY
• custom-query now supports literal-only queries and fixes the {0-99} --add-preceding-zeros bug
• numeric ranges are inclusive and sized exactly
• default-query now enumerates printable ASCII correctly, including space, and can explicitly test a blank password with --min-length 0 --max-length 0

Better UX and reporting

• success output distinguishes user vs owner passwords when the revision allows it
• blank passwords render explicitly as ""
• structured JSON output is available with --json
• malformed inputs and missing wordlists now return normal user-facing errors instead of panic-style failures
• README/help text now matches measured reality and current workflows

New opt-in fast mode

• --user-password-only skips owner-password acceptance checks when you only care about the document-opening password path
• this can materially reduce end-to-end time on R5/R6 workloads, but it will intentionally miss owner-only passwords

Measured improvements

Representative local measurements on the Apple M3 Pro development machine showed:

• synthetic R5 prepared verifier: 15.5x lower latency than the legacy path
• large bundled R3 example: 4.5x lower latency than the legacy path
• 10,000-candidate mask exhaustion: 3.4x faster at 4 workers than 1 worker
• --user-password-only speedups on user-password-heavy wordlist runs:
• R5 fixture: 1.31x faster
• R6 fixture: 2.77x faster
• R6 Unicode fixture: 2.25x faster

R6 remains substantially more KDF-bound than earlier revisions, so the release notes and README intentionally avoid over-claiming “hashcat-class” throughput.

Build and release hardening

• exact dependency pinning for sensitive direct crates
• tracked Cargo.lock with --locked CI/release flows
• CI coverage on Linux / macOS / Windows for stable + nightly
• cargo install --path . smoke testing
• benchmark-harness build coverage
• PDF fixtures marked binary-safe across platforms so Windows checkouts do not corrupt xref offsets

Backlog closed by this release

This release closes or supersedes a large chunk of the active backlog, including build-breaks, default-query regressions, custom-query bugs, progress overshoot bugs, resumable-job support, date-format support, contains-word search, and AES-256 compatibility coverage.

Merged via PR [#77].