You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@pdfbox.apache.org by Mark Eastman <Ma...@advancedcomputersoftware.com> on 2011/12/14 18:52:20 UTC

pdfbox Encrypt with -certFile : can't recognise cert file

I am trying to encrypt a pdf with a certificate. I have tried various
certificates generated with keytool and none work.

 

The last attempt was:

keytool -genkey -dname "cn=Mark Jones, ou=JavaSoft, o=Sun, c=US" -alias
pdf -keypass kpi135 -keystore mykeystore -storepass password -validity
180

keytool -export -alias pdf -keystore mykeystore -storepass password
-file pdf.cer

java -jar pdfbox-app-1.6.0.jar Encrypt -certFile pdf.cer GWT.pdf
secureCert.pdf

Encrypt failed with the following exception:

org.apache.pdfbox.exceptions.COSVisitorException: 1.2.840.113549.3.2
KeyGenerator not available

        at
org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1315)

        at
org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1121)

        at
org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1102)

        at org.apache.pdfbox.Encrypt.encrypt(Encrypt.java:189)

        at org.apache.pdfbox.Encrypt.main(Encrypt.java:53)

        at org.apache.pdfbox.PDFBox.main(PDFBox.java:40)

org.apache.pdfbox.exceptions.CryptographyException: 1.2.840.113549.3.2
KeyGenerator not available

        at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDoc
umentForEncryption(PublicKeySecurity

andler.java:344)

        at
org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1306)

        at
org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1121)

        at
org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1102)

        at org.apache.pdfbox.Encrypt.encrypt(Encrypt.java:189)

        at org.apache.pdfbox.Encrypt.main(Encrypt.java:53)

        at org.apache.pdfbox.PDFBox.main(PDFBox.java:40)

 

 

I also tried with a certificate I got from verisign:

C:\devtools\pdfbox-1.6.0>java -jar pdfbox-app-1.6.0.jar Encrypt
-certFile coa2009.cer -canPrint false GWT.pdf secure.pdf

 

Encrypt failed with the following exception:

java.security.cert.CertificateException: Unable to initialize,
java.io.IOException: DerInputStream.getLength(): lengthTa

g=127, too big.

        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:182)

        at
sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.
java:101)

        at
java.security.cert.CertificateFactory.generateCertificate(CertificateFac
tory.java:305)

       at org.apache.pdfbox.Encrypt.encrypt(Encrypt.java:171)

        at org.apache.pdfbox.Encrypt.main(Encrypt.java:53)

        at org.apache.pdfbox.PDFBox.main(PDFBox.java:40)

Caused by: java.io.IOException: DerInputStream.getLength():
lengthTag=127, too big.

        at
sun.security.util.DerInputStream.getLength(DerInputStream.java:544)

        at sun.security.util.DerValue.<init>(DerValue.java:235)

        at
sun.security.util.DerInputStream.getDerValue(DerInputStream.java:400)

        at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1709)

        at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:179)

        ... 5 more

 

At the moment I can't get any certificates to work. I have tried with
Java 1.6.0_29 and also 1.7.0_01 (neither affects the outcome)

 

Do you have a valid certificate that does work, or an example set of
keytool commands that will generate one that will work.

 

I can get the encrypt to work if I just use -U option, so I know the
input pdf is valid

 

Mark Eastman


#####################################################################################
Advanced Business Software and Solutions Limited, trading as Advanced Business Solutions, part of Advanced Computer Software Group.
Registered in England at Munro House, Portsmouth Road, Cobham, Surrey, KT11 1TF. Registration number 03214465
Please note that Advanced Business Software and Solutions Limited may monitor email traffic data and also the content of email for the purposes of security and staff training.
This message (and any associated files) is intended only for the use of the stated recipient and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error or are not the intended recipient please notify us immediately by replying to the message or calling 08451 60 61 62 and deleting it from your computer. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company.
We advise that in keeping with good computing practice the recipient of this email should ensure that it is virus free. We do not accept responsibility for any virus that may be transferred by way of this email.
Email may be susceptible to data corruption, interception and unauthorised amendment, and we do not accept liability for any such corruption, interception or amendment or any consequences thereof.

This email has been scanned for all viruses by the MessageLabs SkyScan service.

Please consider the environment before printing this email

#####################################################################################