pdfbox-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tilman Hausherr <THaush...@t-online.de>
Subject Re: Certifcate Based AES256
Date Fri, 21 Dec 2018 13:45:14 GMT
Am 21.12.2018 um 14:35 schrieb gavinreid@pseudocoder.co.uk:
> Are you sure its RC4?
> I'd seen the following in 
> PublicKeySecurityHandler.prepareDocumentForEncryption()
>
> key = KeyGenerator.getInstance("AES");
>
> if its really using RC4 I'm going to take a little nap until I feel 
> well again.


Reading further there makes me think that this is used to compute a seed.


Tilman



>
> Gavin
>
>
> Quoting Tilman Hausherr <THausherr@t-online.de>:
>
>> Hi,
>>
>> Now I get it... I had a look at the code, we do not support AES at 
>> all for public keys. Passing an 128 bit key results in a 128-Bit RC4 
>> encryption LOL.
>>
>>
>> I've created an issue for this:
>> https://jira.apache.org/jira/browse/PDFBOX-4413
>> Please register and click to watch the issue.
>>
>> I suspect that much of it is already available in the base class, but 
>> PublicKeySecurityHandler.prepareDocumentForEncryption() is 
>> definitively old stuff.
>>
>> Tilman
>>
>>
>>
>> Am 21.12.2018 um 10:29 schrieb gavinreid@pseudocoder.co.uk:
>>> As requested
>>>
>>> Exception in thread "main" java.io.IOException: 256 bit key length 
>>> is not supported yet for public key security
>>>     at 
>>> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:286)
>>>     at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1313)
>>>     at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1262)
>>>     at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1335)
>>>
>>> public static void main(String args[]) throws Exception {
>>>         PDDocument doc = PDDocument.load(new 
>>> File("Resources/sample.pdf"));
>>>
>>>         PublicKeyProtectionPolicy policy = new 
>>> PublicKeyProtectionPolicy();
>>>         PublicKeyRecipient recip = new PublicKeyRecipient();
>>>         AccessPermission ap = new AccessPermission();
>>>         ap.setCanModify(false);
>>>         recip.setPermission(ap);
>>>         InputStream inStream = new 
>>> FileInputStream("Resources/CertExchange.cer");
>>>         CertificateFactory cf = 
>>> CertificateFactory.getInstance("X.509");
>>>         InputStream is = 
>>> Files.newInputStream(Paths.get("Resources/keystore.pem"));
>>>         String keyStorePassword = "123456";
>>>         KeyStore keyStore = 
>>> KeyStore.getInstance(KeyStore.getDefaultType());
>>>         keyStore.load(is, keyStorePassword.toCharArray());
>>>         X509Certificate certificate = (X509Certificate) 
>>> keyStore.getCertificate("Gavin");
>>>
>>>         recip.setX509(certificate); // set the recipient's certificate
>>>         policy.addRecipient(recip);
>>>         policy.setEncryptionKeyLength(256); // the document will be 
>>> encrypted with 128 bits secret key
>>>         doc.protect(policy);
>>>         doc.save(new FileOutputStream("Resources/output.pdf"));
>>>
>>> }
>>>
>>>
>>>
>>> Quoting Tilman Hausherr <THausherr@t-online.de>:
>>>
>>>> Hi,
>>>> Please provide a stack trace and a working example, i.e. code and a 
>>>> certificate. Please upload these somewhere, attachments are usually 
>>>> deleted by the mailing list software.
>>>> Tilman
>>>>
>>>> Am 21.12.2018 um 10:09 schrieb gavinreid@pseudocoder.co.uk:
>>>>>
>>>>> I'm using PDFBox 2.0.12 and I’m attempting to encrypt a PDF 
>>>>> Document using 256 bit keylength.
>>>>>
>>>>> But I’m receiving an Error that this is not supported, but it 
>>>>> appears that from the documentation that 256 IS supported but only 
>>>>> for passwords.
>>>>>
>>>>> Is there a mechanism for using the current working implementation 
>>>>> of passwords with the Certificate encryption?
>>>>> (or any plans to allow 256 with certificates?)
>>>>>
>>>>> Regards
>>>>>
>>>>> Gavin
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
>>>>> For additional commands, e-mail: users-help@pdfbox.apache.org
>>>>>
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
>>>> For additional commands, e-mail: users-help@pdfbox.apache.org
>>>
>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
>>> For additional commands, e-mail: users-help@pdfbox.apache.org
>>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
> For additional commands, e-mail: users-help@pdfbox.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: users-help@pdfbox.apache.org


Mime
View raw message