[
https://issues.apache.org/jira/browse/PDFBOX-3173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15068418#comment-15068418
]
Tilman Hausherr commented on PDFBOX-3173:
-----------------------------------------
The last commit has two parts. The first part is that only the /Contents string
is not decrypted, but the rest is. This works fine with my test files, except
the file from PDFBOX-2801 that was provided by [~briksoftware]. That one failed
in object 9, /Author entry, because that string is 47 bytes long, but must be a
mutiple of 16 for AES decryption (Adobe Reader is able to decrypt it - maybe
the initial backslash + open parenthesis is the problem but that is not our
bug). That is what the second part of the commit is for, it is what
[~briksoftware] suggested at first, which would also solve the problem with the
file he didn't attach.
Next: test with 1.8.
> Signature dictionary is not decrypted in encrypted files
> --------------------------------------------------------
>
> Key: PDFBOX-3173
> URL: https://issues.apache.org/jira/browse/PDFBOX-3173
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto
> Affects Versions: 2.0.0
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Attachments: 045697.pdf, 050289.pdf, 070413.pdf
>
>
> Changes in PDFBOX-2801 and PDFBOX-2469 result in the signature dictionary not
> being decrypted in encrypted files. Because these aren't visible signatures,
> this is noticed only when looking at the signature dictionary in PDFDebugger.
> See also this thread in the dev mailing list:
> https://mail-archives.apache.org/mod_mbox/pdfbox-dev/201512.mbox/browser
> Example files:
> - PDFBOX-2711
> - 045697.pdf
> - 050289.pdf
> - 070413.pdf
> I hit that problem while wondering what to do about PDFBOX-2729, and wondered
> why the "too good to be true" solution of [~GGlad] worked at all, because his
> solution did encrypt the signature parts.
> I did not find anything in the "32000" spec that the signature dictionary is
> not to be encrypted.
> From [~msahyoun]:
> {quote}
> From ISO32000-2:
> Encryption applies to all strings and streams in the document's PDF file,
> with the following exceptions:
> The values for the ID entry in the trailer
> Any strings in an Encrypt dictionary
> Any strings that are inside streams such as content streams and compressed
> object streams, which themselves are encrypted
> Any hexadecimal strings representing the value of the Contents key in a
> Signature dictionary
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
