[
https://issues.apache.org/jira/browse/PDFBOX-2460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14190638#comment-14190638
]
John Hewson edited comment on PDFBOX-2460 at 10/30/14 7:14 PM:
---------------------------------------------------------------
The exception is thrown in createDERForRecipient at the line:
{code}
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert,
secretkey.getEncoded());
{code}
The value for secretkey is 16 bytes long (128-bit), but cert is using a
1024-bit RSA public key, perhaps it is this which is the cause of the
InvalidKeyException?
This method ultimately calls:
{code} cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId());{code}
Where the algorithmId.getAlgorithm is 1.2.840.113549.1.1.1 which is the OID for
"RSA encryption". I suppose that means that the JDK won't let us use RSA no
matter how weak the key is.
was (Author: jahewson):
The exception is thrown in createDERForRecipient at the line:
{code}
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert,
secretkey.getEncoded());
{code}
The value for secretkey is 16 bytes long (128-bit), but cert is using a
1024-bit RSA public key, perhaps it is this which is the cause of the
InvalidKeyException? We could perhaps just do the test with a super-weak RSA
key?
> fix TestPublicKeyEncryption.java
> --------------------------------
>
> Key: PDFBOX-2460
> URL: https://issues.apache.org/jira/browse/PDFBOX-2460
> Project: PDFBox
> Issue Type: Bug
> Components: Utilities
> Affects Versions: 2.0.0
> Environment: java7 , deb7
> Reporter: Ralf Hauser
> Assignee: Tilman Hausherr
> Fix For: 2.0.0
>
> Attachments: patch2460Decryption.txt, patch2460DecryptionVerbose.txt,
> patch2460PublicKeyTestCaseOnError.txt
>
>
> as reported by Tilman in PDFBOX-2456
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
