encryption: SecurityHandler.java StandardSecurityHandler.java

tilman Sun, 10 Nov 2019 00:43:47 -0800

Author: tilman
Date: Sun Nov 10 08:43:16 2019
New Revision: 1869628

URL: http://svn.apache.org/viewvc?rev=1869628&view=rev
Log:
PDFBOX-4071: add exception for Sonar because PDF specification requests usage 
of problematic encryption algorithms


Modified:
    
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
    
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java

Modified: 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
URL: 
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java?rev=1869628&r1=1869627&r2=1869628&view=diff
==============================================================================
--- 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
 (original)
+++ 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandler.java
 Sun Nov 10 08:43:16 2019
@@ -286,6 +286,7 @@ public abstract class SecurityHandler
 
         try
         {
+            @SuppressWarnings({"squid:S4432"}) // PKCS#5 padding is requested 
by PDF specification
             Cipher decryptCipher;
             try
             {
@@ -337,9 +338,11 @@ public abstract class SecurityHandler
             return;
         }
 
+        @SuppressWarnings({"squid:S4432"}) // PKCS#5 padding is requested by 
PDF specification
         Cipher cipher;
         try
         {
+            
             cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
             SecretKeySpec keySpec = new SecretKeySpec(encryptionKey, "AES");
             IvParameterSpec ivSpec = new IvParameterSpec(iv);

Modified: 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
URL: 
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java?rev=1869628&r1=1869627&r2=1869628&view=diff
==============================================================================
--- 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
 (original)
+++ 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/StandardSecurityHandler.java
 Sun Nov 10 08:43:16 2019
@@ -316,6 +316,7 @@ public final class StandardSecurityHandl
         {
             // "Decrypt the 16-byte Perms string using AES-256 in ECB mode 
with an 
             // initialization vector of zero and the file encryption key as 
the key."
+            @SuppressWarnings({"squid:S4432"})
             Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
             cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(encryptionKey, 
"AES"));
             byte[] perms = cipher.doFinal(encryption.getPerms());

svn commit: r1869628 - in /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption: SecurityHandler.java StandardSecurityHandler.java

Reply via email to