Tilman Hausherr created PDFBOX-3462:
---------------------------------------
Summary: Certificate based encryption fails with pdfbox-app
Key: PDFBOX-3462
URL: https://issues.apache.org/jira/browse/PDFBOX-3462
Project: PDFBox
Issue Type: Bug
Components: Crypto
Affects Versions: 2.0.2, 2.1.0
Reporter: Tilman Hausherr
Certificate based encryption fails with pdfbox-app fails with
"NoSuchAlgorithmException: 1.2.840.113549.3.2 KeyGenerator not available". The
cause (see long explanation
[here|https://mail-archives.apache.org/mod_mbox/pdfbox-users/201608.mbox/%3Ce51f59c8-ad42-f6a7-cbf2-f89034b46cff%40t-online.de%3E])
is that "all JCE provider JARs must be signed before they will be trusted by
your Java runtime", i.e. there is no problem when using the bcprov*.jar, only
when using a jar that has the bc jar merged into.
The Encrypt command line application fails as well (only for certificate based
encryption).
To test this, just run this code:
{code}
Security.addProvider(new BouncyCastleProvider());
System.out.println(Arrays.toString(Security.getProviders()));
System.out.println(KeyGenerator.getInstance("1.2.840.113549.3.2", "BC")); //
fail
{code}
todo:
- better error message
- adjust website? Remove -certFile option from Encrypt tool?
- test whether certificate based signing also fails? If yes, better error
message
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
