You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pdfbox.apache.org by Big Sam <sa...@gmail.com> on 2017/02/08 04:36:21 UTC

Encryption algoritms

Hello PdfBox team!

  My name is Sayat, I'm from Kazakhstan.

   Is there any way to include ECGOST34310 encryption algorithm to pdfbox
library? Currently it's not supported. I can't sign pdf documents with my
key because it uses ECGOST34310 and ECGOST3411. The keystore is
 attached to this message. Password is 123456.
Please, help!

Thank you guys!

Re: Encryption algoritms

Posted by Tilman Hausherr <TH...@t-online.de>.

Am 08.02.2017 um 05:36 schrieb Big Sam:
> Hello PdfBox team!
>
>   My name is Sayat, I'm from Kazakhstan.
>
>    Is there any way to include ECGOST34310 encryption algorithm to 
> pdfbox library? Currently it's not supported. I can't sign pdf 
> documents with my key because it uses ECGOST34310 and ECGOST3411. The 
> keystore is  attached to this message. Password is 123456.

We're not doing the crypto ourselves, this is done in BouncyCastle, so 
you'd have to ask them to support the algorithm(s). 
https://bouncycastle.org When that is done all you'd need to do is to 
alter the CreateSignatureBase example code.

See also this question/answer (related to a different product).
https://stackoverflow.com/questions/37156747/pdf-document-verify-exception

Tilman



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
For additional commands, e-mail: dev-help@pdfbox.apache.org

Re: Encryption algoritms

Posted by Thomas Chojecki <in...@rayman2200.de>.

 

Hello Sayat, 

as already mentioned by Tilman, the GOST Algorithm need to be supported
by BouncyCastle. I've took a look at the latest ReleaseNotes [1] and
there are already made some implementations regarding ECGOST3410. If you
want support for ECGOST34310 and ECGOST3411 you need to implement it
yourselfe or wait until it's done by the BouncyCastle Team. 

But there is a second problem with this Algorithm, neither the ISO
32000-1 specification nor the PAdES specification allow this algorithm.
So you will not be able to verify your document in Adobe Reader nor a
normal pdf reader. So you need to write your own signature and
verification engine for this kind of key. 

Best regards 

Thomas 

[1] https://bouncycastle.org/releasenotes.html 

Am 2017-02-08 05:36, schrieb Big Sam: 

> Hello PdfBox team! 
> 
> My name is Sayat, I'm from Kazakhstan. 
> 
> Is there any way to include ECGOST34310 encryption algorithm to pdfbox library? Currently it's not supported. I can't sign pdf documents with my key because it uses ECGOST34310 and ECGOST3411. The keystore is attached to this message. Password is 123456. 
> Please, help! 
> 
> Thank you guys! 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@pdfbox.apache.org
> For additional commands, e-mail: dev-help@pdfbox.apache.org