[jira] [Comment Edited] (PDFBOX-2460) fix TestPublicKeyEncryption.java

Thu, 30 Oct 2014 12:17:24 -0700 

    [ 
https://issues.apache.org/jira/browse/PDFBOX-2460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14190638#comment-14190638
 ] 

John Hewson edited comment on PDFBOX-2460 at 10/30/14 7:15 PM:
---------------------------------------------------------------

The exception is thrown in createDERForRecipient at the line:
{code}
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, 
secretkey.getEncoded());
{code}

The value for secretkey is 16 bytes long (128-bit), but cert is using a 
1024-bit RSA public key, which is presumably the cause of the 
InvalidKeyException.

This method ultimately calls:
{code} cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId());{code}
Where the algorithmId.getAlgorithm is 1.2.840.113549.1.1.1 which is the OID for 
"RSA encryption". I suppose that means that the JDK won't let us use RSA no 
matter how weak the key is.


was (Author: jahewson):
The exception is thrown in createDERForRecipient at the line:
{code}
KeyTransRecipientInfo recipientInfo = computeRecipientInfo(cert, 
secretkey.getEncoded());
{code}

The value for secretkey is 16 bytes long (128-bit), but cert is using a 
1024-bit RSA public key, perhaps it is this which is the cause of the 
InvalidKeyException?

This method ultimately calls:
{code} cipher = Cipher.getInstance(algorithmId.getAlgorithm().getId());{code}
Where the algorithmId.getAlgorithm is 1.2.840.113549.1.1.1 which is the OID for 
"RSA encryption". I suppose that means that the JDK won't let us use RSA no 
matter how weak the key is.

> fix TestPublicKeyEncryption.java
> --------------------------------
>
>                 Key: PDFBOX-2460
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-2460
>             Project: PDFBox
>          Issue Type: Bug
>          Components: Utilities
>    Affects Versions: 2.0.0
>         Environment: java7 , deb7
>            Reporter: Ralf Hauser
>            Assignee: Tilman Hausherr
>             Fix For: 2.0.0
>
>         Attachments: patch2460Decryption.txt, patch2460DecryptionVerbose.txt, 
> patch2460PublicKeyTestCaseOnError.txt
>
>
> as reported by Tilman in PDFBOX-2456



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to