You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Bernd Engelhardt (JIRA)" <ji...@apache.org> on 2010/09/22 15:48:34 UTC
[jira] Created: (PDFBOX-837) Wrong RevisionNumber when disabling
all permissions and using 128bit encryption
Wrong RevisionNumber when disabling all permissions and using 128bit encryption
-------------------------------------------------------------------------------
Key: PDFBOX-837
URL: https://issues.apache.org/jira/browse/PDFBOX-837
Project: PDFBox
Issue Type: Bug
Components: PDModel
Affects Versions: 1.2.1
Reporter: Bernd Engelhardt
When disabling all permissions and using a 128bit encryption the following exception is thrown when saving the PDF document:
org.apache.pdfbox.exceptions.COSVisitorException: Error: Expected length=5 actual=16
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1022)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:911)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:892)
at pdfbox.Main.main(Main.java:53)
This is reproducable with the following code:
public class Main {
public static void main(String[] args) {
try {
AccessPermission ap = new AccessPermission();
StandardProtectionPolicy spp = null;
ap.setCanAssembleDocument(false);
ap.setCanExtractContent(false);
ap.setCanExtractForAccessibility(false);
ap.setCanFillInForm(false);
ap.setCanModify(false);
ap.setCanModifyAnnotations(false);
ap.setCanPrint(false);
ap.setCanPrintDegraded(false);
spp = new StandardProtectionPolicy(null, null, ap);
spp.setEncryptionKeyLength(128);
PDDocument document = null;
FileInputStream sourceFile = new FileInputStream(new File("C:\\Web\\NetBeansProjects\\pdfBox\\test.pdf"));
document = PDDocument.load(sourceFile);
document.protect(spp);
document.save("C:\\Web\\NetBeansProjects\\pdfBox\\test_encrypted.pdf");
document.close();
} catch (Exception ex) {
Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
}
}
}
The problem is based on "computeRevisionNumber" in "StandardSecurityHandler.java". If all flags are disabled, the routine returns a value of 2. But if the 128bit encryption is enabled, the revision should be 3. If not, the method "computeUserPassword" will fail.
A solution would be to check the key length in "computeRevisionNumber".
private int computeRevisionNumber()
{
if(version == 2
&& !policy.getPermissions().canFillInForm()
&& !policy.getPermissions().canExtractForAccessibility()
&& !policy.getPermissions().canPrintDegraded()
&& keyLength == 40 )
{
return 2;
}
return 3;
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (PDFBOX-837) Wrong RevisionNumber when disabling
all permissions and using 128bit encryption
Posted by "Bernd Engelhardt (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/PDFBOX-837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bernd Engelhardt updated PDFBOX-837:
------------------------------------
Attachment: StandardSecurityHandler_patch.patch
Patch for "StandardSecurityHandler" (Trunk, Rev 999590)
> Wrong RevisionNumber when disabling all permissions and using 128bit encryption
> -------------------------------------------------------------------------------
>
> Key: PDFBOX-837
> URL: https://issues.apache.org/jira/browse/PDFBOX-837
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel
> Affects Versions: 1.2.1
> Reporter: Bernd Engelhardt
> Attachments: StandardSecurityHandler_patch.patch
>
>
> When disabling all permissions and using a 128bit encryption the following exception is thrown when saving the PDF document:
> org.apache.pdfbox.exceptions.COSVisitorException: Error: Expected length=5 actual=16
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1022)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:911)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:892)
> at pdfbox.Main.main(Main.java:53)
> This is reproducable with the following code:
> public class Main {
> public static void main(String[] args) {
> try {
> AccessPermission ap = new AccessPermission();
> StandardProtectionPolicy spp = null;
> ap.setCanAssembleDocument(false);
> ap.setCanExtractContent(false);
> ap.setCanExtractForAccessibility(false);
> ap.setCanFillInForm(false);
> ap.setCanModify(false);
> ap.setCanModifyAnnotations(false);
> ap.setCanPrint(false);
> ap.setCanPrintDegraded(false);
> spp = new StandardProtectionPolicy(null, null, ap);
> spp.setEncryptionKeyLength(128);
> PDDocument document = null;
> FileInputStream sourceFile = new FileInputStream(new File("C:\\Web\\NetBeansProjects\\pdfBox\\test.pdf"));
> document = PDDocument.load(sourceFile);
> document.protect(spp);
> document.save("C:\\Web\\NetBeansProjects\\pdfBox\\test_encrypted.pdf");
> document.close();
> } catch (Exception ex) {
> Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
> }
> }
> }
> The problem is based on "computeRevisionNumber" in "StandardSecurityHandler.java". If all flags are disabled, the routine returns a value of 2. But if the 128bit encryption is enabled, the revision should be 3. If not, the method "computeUserPassword" will fail.
> A solution would be to check the key length in "computeRevisionNumber".
> private int computeRevisionNumber()
> {
> if(version == 2
> && !policy.getPermissions().canFillInForm()
> && !policy.getPermissions().canExtractForAccessibility()
> && !policy.getPermissions().canPrintDegraded()
> && keyLength == 40 )
> {
> return 2;
> }
> return 3;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (PDFBOX-837) Wrong RevisionNumber when disabling
all permissions and using 128bit encryption
Posted by "Andreas Lehmkühler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/PDFBOX-837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andreas Lehmkühler updated PDFBOX-837:
--------------------------------------
Fix Version/s: (was: 1.2.1)
> Wrong RevisionNumber when disabling all permissions and using 128bit encryption
> -------------------------------------------------------------------------------
>
> Key: PDFBOX-837
> URL: https://issues.apache.org/jira/browse/PDFBOX-837
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel
> Affects Versions: 1.2.1
> Reporter: Bernd Engelhardt
> Attachments: StandardSecurityHandler_patch.patch
>
>
> When disabling all permissions and using a 128bit encryption the following exception is thrown when saving the PDF document:
> org.apache.pdfbox.exceptions.COSVisitorException: Error: Expected length=5 actual=16
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1022)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:911)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:892)
> at pdfbox.Main.main(Main.java:53)
> This is reproducable with the following code:
> public class Main {
> public static void main(String[] args) {
> try {
> AccessPermission ap = new AccessPermission();
> StandardProtectionPolicy spp = null;
> ap.setCanAssembleDocument(false);
> ap.setCanExtractContent(false);
> ap.setCanExtractForAccessibility(false);
> ap.setCanFillInForm(false);
> ap.setCanModify(false);
> ap.setCanModifyAnnotations(false);
> ap.setCanPrint(false);
> ap.setCanPrintDegraded(false);
> spp = new StandardProtectionPolicy(null, null, ap);
> spp.setEncryptionKeyLength(128);
> PDDocument document = null;
> FileInputStream sourceFile = new FileInputStream(new File("C:\\Web\\NetBeansProjects\\pdfBox\\test.pdf"));
> document = PDDocument.load(sourceFile);
> document.protect(spp);
> document.save("C:\\Web\\NetBeansProjects\\pdfBox\\test_encrypted.pdf");
> document.close();
> } catch (Exception ex) {
> Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
> }
> }
> }
> The problem is based on "computeRevisionNumber" in "StandardSecurityHandler.java". If all flags are disabled, the routine returns a value of 2. But if the 128bit encryption is enabled, the revision should be 3. If not, the method "computeUserPassword" will fail.
> A solution would be to check the key length in "computeRevisionNumber".
> private int computeRevisionNumber()
> {
> if(version == 2
> && !policy.getPermissions().canFillInForm()
> && !policy.getPermissions().canExtractForAccessibility()
> && !policy.getPermissions().canPrintDegraded()
> && keyLength == 40 )
> {
> return 2;
> }
> return 3;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (PDFBOX-837) Wrong RevisionNumber when disabling
all permissions and using 128bit encryption
Posted by "Andreas Lehmkühler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/PDFBOX-837?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12917318#action_12917318 ]
Andreas Lehmkühler commented on PDFBOX-837:
-------------------------------------------
I'm afraid your patch will have some unwanted side effects.
In StandardSecurityHandler.prepareDocumentForEncryption() "version" wil be initialized as follows:
...
version = computeVersionNumber();
...
private int computeVersionNumber()
{
if(keyLength == 40)
{
return DEFAULT_VERSION;
}
return 2;
}
So that "version" will be set to 1 (DEFAULT_VERSION) if "keyLength" equals 40.
If we have a look at the if-clause extended by your patch, it is obvious that the first condition will never be reached, because "version" never equals 2 if "keyLength" equals 40.
> Wrong RevisionNumber when disabling all permissions and using 128bit encryption
> -------------------------------------------------------------------------------
>
> Key: PDFBOX-837
> URL: https://issues.apache.org/jira/browse/PDFBOX-837
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel
> Affects Versions: 1.2.1
> Reporter: Bernd Engelhardt
> Attachments: StandardSecurityHandler_patch.patch
>
>
> When disabling all permissions and using a 128bit encryption the following exception is thrown when saving the PDF document:
> org.apache.pdfbox.exceptions.COSVisitorException: Error: Expected length=5 actual=16
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1022)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:911)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:892)
> at pdfbox.Main.main(Main.java:53)
> This is reproducable with the following code:
> public class Main {
> public static void main(String[] args) {
> try {
> AccessPermission ap = new AccessPermission();
> StandardProtectionPolicy spp = null;
> ap.setCanAssembleDocument(false);
> ap.setCanExtractContent(false);
> ap.setCanExtractForAccessibility(false);
> ap.setCanFillInForm(false);
> ap.setCanModify(false);
> ap.setCanModifyAnnotations(false);
> ap.setCanPrint(false);
> ap.setCanPrintDegraded(false);
> spp = new StandardProtectionPolicy(null, null, ap);
> spp.setEncryptionKeyLength(128);
> PDDocument document = null;
> FileInputStream sourceFile = new FileInputStream(new File("C:\\Web\\NetBeansProjects\\pdfBox\\test.pdf"));
> document = PDDocument.load(sourceFile);
> document.protect(spp);
> document.save("C:\\Web\\NetBeansProjects\\pdfBox\\test_encrypted.pdf");
> document.close();
> } catch (Exception ex) {
> Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
> }
> }
> }
> The problem is based on "computeRevisionNumber" in "StandardSecurityHandler.java". If all flags are disabled, the routine returns a value of 2. But if the 128bit encryption is enabled, the revision should be 3. If not, the method "computeUserPassword" will fail.
> A solution would be to check the key length in "computeRevisionNumber".
> private int computeRevisionNumber()
> {
> if(version == 2
> && !policy.getPermissions().canFillInForm()
> && !policy.getPermissions().canExtractForAccessibility()
> && !policy.getPermissions().canPrintDegraded()
> && keyLength == 40 )
> {
> return 2;
> }
> return 3;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (PDFBOX-837) Wrong RevisionNumber when disabling
all permissions and using 128bit encryption
Posted by "Bernd Engelhardt (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/PDFBOX-837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bernd Engelhardt updated PDFBOX-837:
------------------------------------
Fix Version/s: 1.2.1
> Wrong RevisionNumber when disabling all permissions and using 128bit encryption
> -------------------------------------------------------------------------------
>
> Key: PDFBOX-837
> URL: https://issues.apache.org/jira/browse/PDFBOX-837
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel
> Affects Versions: 1.2.1
> Reporter: Bernd Engelhardt
> Fix For: 1.2.1
>
> Attachments: StandardSecurityHandler_patch.patch
>
>
> When disabling all permissions and using a 128bit encryption the following exception is thrown when saving the PDF document:
> org.apache.pdfbox.exceptions.COSVisitorException: Error: Expected length=5 actual=16
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1022)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:911)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:892)
> at pdfbox.Main.main(Main.java:53)
> This is reproducable with the following code:
> public class Main {
> public static void main(String[] args) {
> try {
> AccessPermission ap = new AccessPermission();
> StandardProtectionPolicy spp = null;
> ap.setCanAssembleDocument(false);
> ap.setCanExtractContent(false);
> ap.setCanExtractForAccessibility(false);
> ap.setCanFillInForm(false);
> ap.setCanModify(false);
> ap.setCanModifyAnnotations(false);
> ap.setCanPrint(false);
> ap.setCanPrintDegraded(false);
> spp = new StandardProtectionPolicy(null, null, ap);
> spp.setEncryptionKeyLength(128);
> PDDocument document = null;
> FileInputStream sourceFile = new FileInputStream(new File("C:\\Web\\NetBeansProjects\\pdfBox\\test.pdf"));
> document = PDDocument.load(sourceFile);
> document.protect(spp);
> document.save("C:\\Web\\NetBeansProjects\\pdfBox\\test_encrypted.pdf");
> document.close();
> } catch (Exception ex) {
> Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
> }
> }
> }
> The problem is based on "computeRevisionNumber" in "StandardSecurityHandler.java". If all flags are disabled, the routine returns a value of 2. But if the 128bit encryption is enabled, the revision should be 3. If not, the method "computeUserPassword" will fail.
> A solution would be to check the key length in "computeRevisionNumber".
> private int computeRevisionNumber()
> {
> if(version == 2
> && !policy.getPermissions().canFillInForm()
> && !policy.getPermissions().canExtractForAccessibility()
> && !policy.getPermissions().canPrintDegraded()
> && keyLength == 40 )
> {
> return 2;
> }
> return 3;
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.