[jira] [Commented] (PDFBOX-3462) Certificate based encryption fails with pdfbox-app

Tue, 28 Mar 2017 02:56:06 -0700 

    [ 
https://issues.apache.org/jira/browse/PDFBOX-3462?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15944895#comment-15944895
 ] 

Andreas Lehmkühler commented on PDFBOX-3462:
--------------------------------------------

We have to remove the bouncy castle stuff from our jar as the bundling destroys 
the signature. All users have to add the origin bouncy castle jars to the 
classpath on their own if needed

> Certificate based encryption fails with pdfbox-app
> --------------------------------------------------
>
>                 Key: PDFBOX-3462
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-3462
>             Project: PDFBox
>          Issue Type: Bug
>          Components: Crypto
>    Affects Versions: 1.8.12, 1.8.13, 2.0.2, 2.0.3, 3.0.0
>            Reporter: Tilman Hausherr
>
> Certificate based encryption fails with pdfbox-app fails with 
> "NoSuchAlgorithmException: 1.2.840.113549.3.2 KeyGenerator not available". 
> The cause (see long explanation 
> [here|https://mail-archives.apache.org/mod_mbox/pdfbox-users/201608.mbox/%3Ce51f59c8-ad42-f6a7-cbf2-f89034b46cff%40t-online.de%3E])
>  is that "all JCE provider JARs must be signed before they will be trusted by 
> your Java runtime", i.e. there is no problem when using the bcprov*.jar, only 
> when using a jar that has the bc jar merged into.
> The Encrypt command line application fails as well (only for certificate 
> based encryption).
> To test this, just run this code:
> {code}
> Security.addProvider(new BouncyCastleProvider());
> System.out.println(Arrays.toString(Security.getProviders()));
> System.out.println(KeyGenerator.getInstance("1.2.840.113549.3.2", "BC")); // 
> fail
> {code}
> todo:
> - ✓ better error message
> - adjust website? Remove -certFile option from Encrypt tool?
> - -test whether certificate based signing also fails? If yes, better error 
> message- no problem



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to