Hi,
Now I get it... I had a look at the code, we do not support AES at all
for public keys. Passing an 128 bit key results in a 128-Bit RC4
encryption LOL.
I've created an issue for this:
https://jira.apache.org/jira/browse/PDFBOX-4413
Please register and click to watch the issue.
I suspect that much of it is already available in the base class, but
PublicKeySecurityHandler.prepareDocumentForEncryption() is definitively
old stuff.
Tilman
Am 21.12.2018 um 10:29 schrieb gavinr...@pseudocoder.co.uk:
As requested
Exception in thread "main" java.io.IOException: 256 bit key length is
not supported yet for public key security
at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:286)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1313)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1262)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1335)
public static void main(String args[]) throws Exception {
PDDocument doc = PDDocument.load(new
File("Resources/sample.pdf"));
PublicKeyProtectionPolicy policy = new
PublicKeyProtectionPolicy();
PublicKeyRecipient recip = new PublicKeyRecipient();
AccessPermission ap = new AccessPermission();
ap.setCanModify(false);
recip.setPermission(ap);
InputStream inStream = new
FileInputStream("Resources/CertExchange.cer");
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream is =
Files.newInputStream(Paths.get("Resources/keystore.pem"));
String keyStorePassword = "123456";
KeyStore keyStore =
KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(is, keyStorePassword.toCharArray());
X509Certificate certificate = (X509Certificate)
keyStore.getCertificate("Gavin");
recip.setX509(certificate); // set the recipient's certificate
policy.addRecipient(recip);
policy.setEncryptionKeyLength(256); // the document will be
encrypted with 128 bits secret key
doc.protect(policy);
doc.save(new FileOutputStream("Resources/output.pdf"));
}
Quoting Tilman Hausherr <thaush...@t-online.de>:
Hi,
Please provide a stack trace and a working example, i.e. code and a
certificate. Please upload these somewhere, attachments are usually
deleted by the mailing list software.
Tilman
Am 21.12.2018 um 10:09 schrieb gavinr...@pseudocoder.co.uk:
I'm using PDFBox 2.0.12 and I’m attempting to encrypt a PDF Document
using 256 bit keylength.
But I’m receiving an Error that this is not supported, but it
appears that from the documentation that 256 IS supported but only
for passwords.
Is there a mechanism for using the current working implementation of
passwords with the Certificate encryption?
(or any plans to allow 256 with certificates?)
Regards
Gavin
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: users-h...@pdfbox.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: users-h...@pdfbox.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: users-h...@pdfbox.apache.org