You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@pdfbox.apache.org by scc lab <an...@gmail.com> on 2016/08/11 09:20:17 UTC
Issue in certificate based encryption
Hello PDFBox team,
I am writing this email to ask for guidance about the use of PDFBox sdk.
I have downloaded PDFBox sdk and tried some samples given with it. I am
interested in the encryption feature. I tried the password encryption and
its working fine. But when I try to do certificate based encryption, it
gives me run-time error. The exception I get is,
java.lang.RuntimeException: Could not find a suitable javax.crypto provider
at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.createDERForRecipient(PublicKeySecurityHandler.java:419)
at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.computeRecipientsField(PublicKeySecurityHandler.java:388)
at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:322)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1277)
at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1229)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1095)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1067)
at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1055)
at createpdf.CreatePDF_1.main(CreatePDF_1.java:77)
Caused by: java.security.NoSuchAlgorithmException: 1.2.840.113549.3.2
KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(KeyGenerator.java:169)
at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:223)
at
org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.createDERForRecipient(PublicKeySecurityHandler.java:413)
... 8 more
And the code I have written is,
package createpdf;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import org.apache.pdfbox.pdmodel.PDDocument;
import org.apache.pdfbox.pdmodel.PDPage;
import org.apache.pdfbox.pdmodel.encryption.AccessPermission;
import org.apache.pdfbox.pdmodel.encryption.StandardProtectionPolicy;
import org.apache.pdfbox.pdmodel.encryption.PublicKeyProtectionPolicy;
import org.apache.pdfbox.pdmodel.encryption.PublicKeyRecipient;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class CreatePDF_1 {
/**
* @param args the command line arguments
*/
public static void main(String[] args) {
// TODO code application logic here
String fileName = "EmptyPdf.pdf"; // name of our file
try{
PDDocument doc = new PDDocument(); // creating instance of pdfDoc
doc.addPage(new PDPage()); // adding page in pdf doc file
/////////////////////////
AccessPermission ap = new AccessPermission();
PublicKeyProtectionPolicy ppp = new PublicKeyProtectionPolicy();
PublicKeyRecipient recip = new PublicKeyRecipient();
recip.setPermission(ap);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream inStream = new FileInputStream("user1.cer");
X509Certificate certificate =
(X509Certificate)cf.generateCertificate(inStream);
inStream.close();
InputStream in = new FileInputStream("user1.cer");
CertificateFactory cF = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate)cF.generateCertificate(in);
in.close();
try{
recip.setX509(cert);
ppp.addRecipient(recip);
ppp.setEncryptionKeyLength(40);
doc.protect(ppp);
} catch (Exception e) {
e.printStackTrace();
}
/////////////////////////
try {
doc.save(fileName); // saving as pdf file with name perm
doc.close(); // cleaning memory
} catch(Exception e) {
e.printStackTrace();
}
}
catch(Exception e){
System.out.println(e.getMessage());
}
}
}
I have imported the jar file named pdfbox-app-2.0.2.jar as library. The
build environment is NetBeans IDE 8.1 with java version 8. Kindly guide me
about the issue.
Regards,
Re: Issue in certificate based encryption
Posted by Tilman Hausherr <TH...@t-online.de>.
Hi,
Use single jar files, i.e. pdfbox, fontbox, commons-log and bc*.jar (see
dependencies) and whatever else you need.
Long explanation:
The reason is that you used pdfbox-app-2.0.2.jar. I do this all the time
too. Your code failed in a class that has a nice unit test, but the unit
test succeeds. I reduced this to three lines of code:
Security.addProvider(new BouncyCastleProvider());
System.out.println(Arrays.toString(Security.getProviders()));
System.out.println(KeyGenerator.getInstance("1.2.840.113549.3.2")); // fail
A minor change
Security.addProvider(new BouncyCastleProvider());
System.out.println(Arrays.toString(Security.getProviders()));
System.out.println(KeyGenerator.getInstance("1.2.840.113549.3.2",
"BC")); // fail
shows the real reason, with a new exception:
Exception in thread "main" java.security.NoSuchProviderException: JCE
cannot authenticate the provider BC
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:100)
at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:265)
at pdfboxpageimageextraction.CreatePDF_1.main(CreatePDF_1.java:39)
Caused by: java.util.jar.JarException:
file:/XXXXXX/PDFBox%20reactor/app/target/pdfbox-app-2.1.0-TILMAN.jar has
unsigned entries - org/apache/commons/logging/Log.class
at javax.crypto.JarVerifier.verifySingleJar(JarVerifier.java:467)
at javax.crypto.JarVerifier.verifyJars(JarVerifier.java:325)
at javax.crypto.JarVerifier.verify(JarVerifier.java:253)
at javax.crypto.JceSecurity.verifyProviderJar(JceSecurity.java:159)
at javax.crypto.JceSecurity.getVerificationResult(JceSecurity.java:185)
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:97)
... 2 more
A search finds this:
https://stackoverflow.com/questions/13721579/jce-cannot-authenticate-the-provider-bc-in-java-swing-application
"all JCE provider JARs must be signed before they will be trusted by
your Java runtime"
Anyway, I tried running your code in a project with single jar files,
i.e. pdfbox, fontbox, commons-log and bcprov, and it no longer brought
an exception (but I don't know if it actually worked, LOL).
I'll open an issue about this later.
The comnand line Encrypt tool also fails when a certificate is used.
Tilman
Am 11.08.2016 um 11:20 schrieb scc lab:
> Hello PDFBox team,
>
> I am writing this email to ask for guidance about the use of PDFBox sdk.
>
> I have downloaded PDFBox sdk and tried some samples given with it. I am
> interested in the encryption feature. I tried the password encryption and
> its working fine. But when I try to do certificate based encryption, it
> gives me run-time error. The exception I get is,
>
> java.lang.RuntimeException: Could not find a suitable javax.crypto provider
> at
> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.createDERForRecipient(PublicKeySecurityHandler.java:419)
> at
> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.computeRecipientsField(PublicKeySecurityHandler.java:388)
> at
> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.prepareDocumentForEncryption(PublicKeySecurityHandler.java:322)
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1277)
> at org.apache.pdfbox.pdfwriter.COSWriter.write(COSWriter.java:1229)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1095)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1067)
> at org.apache.pdfbox.pdmodel.PDDocument.save(PDDocument.java:1055)
> at createpdf.CreatePDF_1.main(CreatePDF_1.java:77)
> Caused by: java.security.NoSuchAlgorithmException: 1.2.840.113549.3.2
> KeyGenerator not available
> at javax.crypto.KeyGenerator.<init>(KeyGenerator.java:169)
> at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:223)
> at
> org.apache.pdfbox.pdmodel.encryption.PublicKeySecurityHandler.createDERForRecipient(PublicKeySecurityHandler.java:413)
> ... 8 more
>
> And the code I have written is,
>
>
> package createpdf;
>
> import java.io.FileInputStream;
> import java.io.IOException;
> import java.io.InputStream;
>
> import org.apache.pdfbox.pdmodel.PDDocument;
> import org.apache.pdfbox.pdmodel.PDPage;
> import org.apache.pdfbox.pdmodel.encryption.AccessPermission;
> import org.apache.pdfbox.pdmodel.encryption.StandardProtectionPolicy;
> import org.apache.pdfbox.pdmodel.encryption.PublicKeyProtectionPolicy;
> import org.apache.pdfbox.pdmodel.encryption.PublicKeyRecipient;
>
> import java.security.cert.CertificateFactory;
> import java.security.cert.X509Certificate;
>
> public class CreatePDF_1 {
>
> /**
> * @param args the command line arguments
> */
> public static void main(String[] args) {
> // TODO code application logic here
>
> String fileName = "EmptyPdf.pdf"; // name of our file
> try{
> PDDocument doc = new PDDocument(); // creating instance of pdfDoc
>
> doc.addPage(new PDPage()); // adding page in pdf doc file
>
> /////////////////////////
> AccessPermission ap = new AccessPermission();
> PublicKeyProtectionPolicy ppp = new PublicKeyProtectionPolicy();
> PublicKeyRecipient recip = new PublicKeyRecipient();
> recip.setPermission(ap);
>
> CertificateFactory cf = CertificateFactory.getInstance("X.509");
>
> InputStream inStream = new FileInputStream("user1.cer");
> X509Certificate certificate =
> (X509Certificate)cf.generateCertificate(inStream);
> inStream.close();
>
>
>
> InputStream in = new FileInputStream("user1.cer");
>
> CertificateFactory cF = CertificateFactory.getInstance("X.509");
>
> X509Certificate cert = (X509Certificate)cF.generateCertificate(in);
>
> in.close();
>
>
> try{
>
> recip.setX509(cert);
> ppp.addRecipient(recip);
> ppp.setEncryptionKeyLength(40);
> doc.protect(ppp);
>
> } catch (Exception e) {
>
> e.printStackTrace();
>
> }
>
> /////////////////////////
>
> try {
>
> doc.save(fileName); // saving as pdf file with name perm
>
> doc.close(); // cleaning memory
>
> } catch(Exception e) {
> e.printStackTrace();
> }
> }
> catch(Exception e){
> System.out.println(e.getMessage());
> }
> }
> }
>
> I have imported the jar file named pdfbox-app-2.0.2.jar as library. The
> build environment is NetBeans IDE 8.1 with java version 8. Kindly guide me
> about the issue.
>
>
> Regards,
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: users-help@pdfbox.apache.org