Andrea Vacondio created PDFBOX-2667:
---------------------------------------
Summary: StandardSecurityHandler should throw
InvalidPasswordException
Key: PDFBOX-2667
URL: https://issues.apache.org/jira/browse/PDFBOX-2667
Project: PDFBox
Issue Type: Bug
Components: PDModel
Affects Versions: 2.0.0
Reporter: Andrea Vacondio
As result of PDFBOX-1973 changes, according to comments Revision 1576587, the
StandardSecurityHandler.prepareForDecryption now has something like this:
{code}
if(isOwnerPassword){
//do something
}else if(isUserPassword){
//do something else
}else{
throw new IOException("Cannot decrypt PDF, the password is incorrect");
}
{code}
In my use case the user tries to load a pdf, if the document is encrypted and
he didn't supply a password or the supplied one is incorrect, a popup asking
for the password is shown. The document is then loaded with the given password.
In PDFBOX-1973 is discussed the possibility of throwing a different exception
vs returning a boolean but currently none of the solutions is implemented and I
can't distinguish between an "incorrect password" IOException vs a "something
else is wrong" IOException.
There is already a InvalidPasswordException in the excryption package but as
far as I can tell it's only used in the examples project (btw that example must
be somehow broken since the exception is never thrown)
Unless you are going to implement the boolean solution, I'd suggest to modify
the algorithm with:
{code}
if(isOwnerPassword){
//do something
}else if(isUserPassword){
//do something else
}else{
throw new InvalidPasswordException("Cannot decrypt PDF, the password is
incorrect");
}
{code}
So users can react to an invalid password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
