[
https://issues.apache.org/jira/browse/PDFBOX-3149?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15037440#comment-15037440
]
Tilman Hausherr commented on PDFBOX-3149:
-----------------------------------------
Your patch makes sense, and it works fine with all my files (including some I9
forms that are AES128 encrypted). Sadly I can't just modify a PDF file, because
each of these has compressed streams, i.e. the streams are encoded as well, so
I can't access the /Info part.
I don't know why AES128 encryption isn't supported. We support AES256, and
128bit key with RC4. It isn't really a flaw that the 128bit encryption is a
poor one, people can and should use AES256 instead.
> Failure to decrypt empty strings (AES 128)
> ------------------------------------------
>
> Key: PDFBOX-3149
> URL: https://issues.apache.org/jira/browse/PDFBOX-3149
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto, Parsing, PDModel
> Affects Versions: 2.0.0
> Reporter: Jesse Long
> Assignee: Tilman Hausherr
> Priority: Minor
> Attachments: PDFBOX-3149.patch
>
>
> SecurityHandler fails to decrypt empty strings in a AES 128 encrypted PDF.
> Strings like: <</Name ()>>
> This is because it tries to read the first 16 bytes as the AES IV, failing
> which it throws IOException. Solution: if you cannot read any bytes from the
> stream, it is empty and so there is nothing to decrypt.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
