You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "Tilman Hausherr (JIRA)" <ji...@apache.org> on 2015/04/29 21:31:06 UTC
[jira] [Resolved] (PDFBOX-2781) Opening pdf document after
encrypting it with PDFBox throws IllegalBlockSizeException
[ https://issues.apache.org/jira/browse/PDFBOX-2781?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tilman Hausherr resolved PDFBOX-2781.
-------------------------------------
Resolution: Fixed
You have encovered two bugs, which have popped up because you re-encrypted a file that was already encrypted, and in a different strength.
1) You encrypted the file with a non-AES method, but the encryption dictionary keeps old values that point to AES. From the spec about V = 4 or 5:
{quote}
The security handler defines the use of encryption and decryption in the document, using the rules specified by the CF, StmF, and StrF entries.
{quote}
It also tells this about the CF, StmF, and StrF entries:
{quote}
meaningful only when the value of V is 4 or 5
{quote}
By itself, this is harmless, but not useful. So we need to remove the CF, StmF, and StrF entries if V is not 4 or 5.
2) The file is then decrypted with AES, despite that it wasn't encrypted with AES, and this fails. This happens because it finds "AESV2" from the previous encryption. It shouldn't have looked at that one at all, because your encryption has set V to be 2, so the CF dictionary should have been ignored anyway.
So we MUST ignore the CF, StmF, and StrF entries if V is not 4 or 5.
> Opening pdf document after encrypting it with PDFBox throws IllegalBlockSizeException
> -------------------------------------------------------------------------------------
>
> Key: PDFBOX-2781
> URL: https://issues.apache.org/jira/browse/PDFBOX-2781
> Project: PDFBox
> Issue Type: Bug
> Components: PDModel, Writing
> Affects Versions: 1.8.9, 1.8.10, 2.0.0
> Environment: jdk 1.7.0_55, bouncy castle provider 1.52
> Reporter: Samuli Saarinen
> Assignee: Tilman Hausherr
> Fix For: 1.8.10, 2.0.0
>
> Attachments: testform_protected.pdf
>
>
> I'm trying to encrypt pdf document as per [1] like this:
> {code:java}
> PDDocument doc = PDDocument.loadNonSeq(getClass().getResourceAsStream("/testform_protected.pdf"), null);
> int keyLength = 128; // 40 or 128; 256 will be available in version 2.0
> AccessPermission ap = doc.getCurrentAccessPermission();
> StandardProtectionPolicy spp = new StandardProtectionPolicy("12345", "", ap);
> spp.setEncryptionKeyLength(keyLength);
> spp.setPermissions(ap);
> doc.protect(spp);
> File outFile = new File("./target/testform_saved.pdf");
> doc.save(outFile);
> doc.close();
> PDDocument loaded = PDDocument.loadNonSeq(outFile, null);
> {code}
> It works fine but opening the encrypted document with PDFBox (last line of above code) throws:
> {noformat}
> org.apache.pdfbox.exceptions.WrappedIOException
> at org.apache.pdfbox.pdmodel.encryption.SecurityHandler.encryptData(SecurityHandler.java:371)
> at org.apache.pdfbox.pdmodel.encryption.SecurityHandler.decryptString(SecurityHandler.java:577)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.decryptString(NonSequentialPDFParser.java:1571)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.decryptDictionary(NonSequentialPDFParser.java:1535)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.decrypt(NonSequentialPDFParser.java:1596)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.parseObjectDynamically(NonSequentialPDFParser.java:1460)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.parseObjectDynamically(NonSequentialPDFParser.java:1343)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.initialParse(NonSequentialPDFParser.java:383)
> at org.apache.pdfbox.pdfparser.NonSequentialPDFParser.parse(NonSequentialPDFParser.java:886)
> at org.apache.pdfbox.pdmodel.PDDocument.loadNonSeq(PDDocument.java:1273)
> at org.apache.pdfbox.pdmodel.PDDocument.loadNonSeq(PDDocument.java:1256)
> at com.remion.bronto.proex.pdf.PDFBoxEncryptionTest.testEncryptDecrypt(PDFBoxEncryptionTest.java:30)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:84)
> at org.testng.internal.Invoker.invokeMethod(Invoker.java:714)
> at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901)
> at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231)
> at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:127)
> at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111)
> at org.testng.TestRunner.privateRun(TestRunner.java:767)
> at org.testng.TestRunner.run(TestRunner.java:617)
> at org.testng.SuiteRunner.runTest(SuiteRunner.java:334)
> at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329)
> at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291)
> at org.testng.SuiteRunner.run(SuiteRunner.java:240)
> at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
> at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
> at org.testng.TestNG.runSuitesSequentially(TestNG.java:1224)
> at org.testng.TestNG.runSuitesLocally(TestNG.java:1149)
> at org.testng.TestNG.run(TestNG.java:1057)
> at org.testng.remote.RemoteTestNG.run(RemoteTestNG.java:111)
> at org.testng.remote.RemoteTestNG.initAndRun(RemoteTestNG.java:204)
> at org.testng.remote.RemoteTestNG.main(RemoteTestNG.java:175)
> Caused by: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:750)
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:676)
> at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:313)
> at javax.crypto.Cipher.doFinal(Cipher.java:1970)
> at org.apache.pdfbox.pdmodel.encryption.SecurityHandler.encryptData(SecurityHandler.java:351)
> ... 35 more
> {noformat}
> Opening the saved document with Acrobat works fine.
> [1] http://pdfbox.apache.org/1.8/cookbook/encryption.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org