[
https://issues.apache.org/jira/browse/PDFBOX-4421?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17198359#comment-17198359
]
Christian Appl edited comment on PDFBOX-4421 at 9/18/20, 2:12 PM:
------------------------------------------------------------------
*Concerning AES-256:*
I won't have the time to further check and verify this, as I will be on
vacation for the next 2 weeks, but: I also stumbled upon the keylength problem
for AES-256. For AES-128 and AES-256 Adobe DC apparently never sets the
optional /Length entry for the encryption dictionary - possibly AES-256 should
also rather search the Filters for such a length entry additionally. As pointed
out above: Otherwise it will attempt to use the default value (40) and will
fail to decrypt documents for that reason:
!screenshot-1.png!
Also see: B2-AES-256-secured.pdf for an example
*Edit:* Updated patch has been provided - this should fix it, but should be
tested.
was (Author: capsvd):
*Concerning AES-256:*
I won't have the time to further check and verify this, as I will be on
vacation for the next 2 weeks, but: I also stumbled upon the keylength problem
for AES-256. For AES-128 and AES-256 Adobe DC apparently never sets the
optional /Length entry for the encryption dictionary - possibly AES-256 should
also rather search the Filters for such a length entry additionally. As pointed
out above: Otherwise it will attempt to use the default value (40) and will
fail to decrypt documents for that reason:
!screenshot-1.png!
Also see: B2-AES-256-secured.pdf for an example
> Add support for AES128 encryption for public key
> ------------------------------------------------
>
> Key: PDFBOX-4421
> URL: https://issues.apache.org/jira/browse/PDFBOX-4421
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto
> Affects Versions: 2.0.13
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Priority: Major
> Labels: AES128
> Fix For: 3.0.0 PDFBox, 2.0.22
>
> Attachments: B2-AES-256-secured.pdf, B2-Adobe-128-aes-sec.pdf,
> PDFBOX-4421_Add_support_for_AES128_encryption_for_public_key_(AES128,_256_-_filter_based_k.patch,
> PDFBOX-4421_Add_support_for_AES128_encryption_for_public_key_(DRAFT).patch,
> image-2020-09-16-10-32-11-060.png, image-2020-09-16-10-33-55-201.png,
> image-2020-09-16-11-55-33-275.png, keystore.pfx, screenshot-1.png
>
>
> Follow-up of PDFBOX-4413. AES256 works for public key crypto, but AES128
> doesn't when the file is generated by an external software. (local tests
> work) We should at least get the decryption to work.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
