[jira] [Updated] (PDFBOX-2268) AES-256 decryptions fails

[Michele Balistreri (JIRA)]

     [ 
https://issues.apache.org/jira/browse/PDFBOX-2268?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michele Balistreri updated PDFBOX-2268:
---------------------------------------

    Description: 
When opening a document encrypted with AES-256 (owner password only) by 
providing no password, the isUserPassword method fails, since it tries 
(indirectly) to decrypt a null pointer.

Also, the code validating the Perms dictionary is correct, but unfortunately 
not even Acrobat seems to write Perms correctly (in my case P = F0C0 and Perms 
= F2C0), so that check needs to be relaxed. Perhaps logging the issue instead 
of throwing an exception would be more adequate.

Provided is a patch for both issues. I understand it is probably suboptimal but 
I am completely new to the project and have not yet had the time to study all 
coding conventions. Considering the patch is very small maybe someone can take 
it as a pointer of what needs to be changes.

  was:
When opening a document encrypted with AES-256 (owner password only) by 
providing no password, the isUserPasswordMethod fails, since it tries to 
decrypt a null pointer.

Also, the code validating the Perms dictionary is correct, but unfortunately 
not even Acrobat seems to write Perms correctly (in my case P = F0C0 and Perms 
= F2C0), so that check needs to be relaxed. Perhaps logging the issue instead 
of throwing an exception would be more adequate.

Provided is a patch for both issues. I understand it is probably suboptimal but 
I am completely new to the project and have not yet had the time to study all 
coding conventions. Considering the patch is very small maybe someone can take 
it as a pointer of what needs to be changes.


> AES-256 decryptions fails
> -------------------------
>
>                 Key: PDFBOX-2268
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-2268
>             Project: PDFBox
>          Issue Type: Bug
>          Components: PDModel
>    Affects Versions: 2.0.0
>            Reporter: Michele Balistreri
>         Attachments: AES256-fix.diff
>
>
> When opening a document encrypted with AES-256 (owner password only) by 
> providing no password, the isUserPassword method fails, since it tries 
> (indirectly) to decrypt a null pointer.
> Also, the code validating the Perms dictionary is correct, but unfortunately 
> not even Acrobat seems to write Perms correctly (in my case P = F0C0 and 
> Perms = F2C0), so that check needs to be relaxed. Perhaps logging the issue 
> instead of throwing an exception would be more adequate.
> Provided is a patch for both issues. I understand it is probably suboptimal 
> but I am completely new to the project and have not yet had the time to study 
> all coding conventions. Considering the patch is very small maybe someone can 
> take it as a pointer of what needs to be changes.



--
This message was sent by Atlassian JIRA
(v6.2#6252)