pdfbox-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tilman Hausherr <THaush...@t-online.de>
Subject Re: Certifcate Based AES256
Date Fri, 21 Dec 2018 13:27:33 GMT
Hi,

Now I get it... I had a look at the code, we do not support AES at all 
for public keys. Passing an 128 bit key results in a 128-Bit RC4 
encryption LOL.


I've created an issue for this:
https://jira.apache.org/jira/browse/PDFBOX-4413
Please register and click to watch the issue.

I suspect that much of it is already available in the base class, but 
PublicKeySecurityHandler.prepareDocumentForEncryption() is definitively 
old stuff.

Tilman



Am 21.12.2018 um 10:29 schrieb gavinreid@pseudocoder.co.uk:
> As requested
>
> Exception in thread "main" java.io.IOException: 256 bit key length is 
> not supported yet for public key security
>     at 
> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:286)
>     at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1313)
>     at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1262)
>     at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1335)
>
> public static void main(String args[]) throws Exception {
>         PDDocument doc = PDDocument.load(new 
> File("Resources/sample.pdf"));
>
>         PublicKeyProtectionPolicy policy = new 
> PublicKeyProtectionPolicy();
>         PublicKeyRecipient recip = new PublicKeyRecipient();
>         AccessPermission ap = new AccessPermission();
>         ap.setCanModify(false);
>         recip.setPermission(ap);
>         InputStream inStream = new 
> FileInputStream("Resources/CertExchange.cer");
>         CertificateFactory cf = CertificateFactory.getInstance("X.509");
>         InputStream is = 
> Files.newInputStream(Paths.get("Resources/keystore.pem"));
>         String keyStorePassword = "123456";
>         KeyStore keyStore = 
> KeyStore.getInstance(KeyStore.getDefaultType());
>         keyStore.load(is, keyStorePassword.toCharArray());
>         X509Certificate certificate = (X509Certificate) 
> keyStore.getCertificate("Gavin");
>
>         recip.setX509(certificate); // set the recipient's certificate
>         policy.addRecipient(recip);
>         policy.setEncryptionKeyLength(256); // the document will be 
> encrypted with 128 bits secret key
>         doc.protect(policy);
>         doc.save(new FileOutputStream("Resources/output.pdf"));
>
> }
>
>
>
> Quoting Tilman Hausherr <THausherr@t-online.de>:
>
>> Hi,
>> Please provide a stack trace and a working example, i.e. code and a 
>> certificate. Please upload these somewhere, attachments are usually 
>> deleted by the mailing list software.
>> Tilman
>>
>> Am 21.12.2018 um 10:09 schrieb gavinreid@pseudocoder.co.uk:
>>>
>>> I'm using PDFBox 2.0.12 and I’m attempting to encrypt a PDF Document 
>>> using 256 bit keylength.
>>>
>>> But I’m receiving an Error that this is not supported, but it 
>>> appears that from the documentation that 256 IS supported but only 
>>> for passwords.
>>>
>>> Is there a mechanism for using the current working implementation of 
>>> passwords with the Certificate encryption?
>>> (or any plans to allow 256 with certificates?)
>>>
>>> Regards
>>>
>>> Gavin
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
>>> For additional commands, e-mail: users-help@pdfbox.apache.org
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
>> For additional commands, e-mail: users-help@pdfbox.apache.org
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
> For additional commands, e-mail: users-help@pdfbox.apache.org
>


Mime
View raw message