[
https://issues.apache.org/jira/browse/PDFBOX-3173?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15072782#comment-15072782
]
Thomas Chojecki commented on PDFBOX-3173:
-----------------------------------------
I've tried it but without success. At the moment we use the pdfbox 1.8.8 and
that version isn't capable to create a non broken document. Porting to 2.0.0
isn't possible without bigger refactoring. Maybe at the moment impossible,
because some features like PDPage to Image is missing and need to be
reimplemented.
So at the moment I can only offer verification with pdfbox 2.0.0.
PS:
I used this file for testing: FormI-9-English.pdf and the result is
http://people.apache.org/~tchojecki/Signed7189737479851398678.pdf
My code look something like this:
...
if (document.isEncrypted())
{
document.decrypt("");
document.encrypt("", "");
}
...
And this combination is the only one that produce a document at all and not
throwing exceptions.
> Signature dictionary is not decrypted in encrypted files
> --------------------------------------------------------
>
> Key: PDFBOX-3173
> URL: https://issues.apache.org/jira/browse/PDFBOX-3173
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto, Signing
> Affects Versions: 1.8.10, 1.8.11, 2.0.0
> Reporter: Tilman Hausherr
> Assignee: Tilman Hausherr
> Fix For: 1.8.11, 2.0.0
>
> Attachments: 045697.pdf, 050289.pdf, 070413.pdf, 346444.pdf,
> Sample_DocTimestamp.pdf
>
>
> Changes in PDFBOX-2801 and PDFBOX-2469 result in the signature dictionary not
> being decrypted in encrypted files. Because these aren't visible signatures,
> this is noticed only when looking at the signature dictionary in PDFDebugger.
> See also this thread in the dev mailing list:
> https://mail-archives.apache.org/mod_mbox/pdfbox-dev/201512.mbox/browser
> Example files:
> - PDFBOX-2711
> - 045697.pdf
> - 050289.pdf
> - 070413.pdf
> - 346444.pdf
> I hit that problem while wondering what to do about PDFBOX-2729, and wondered
> why the "too good to be true" solution of [~GGlad] worked at all, because his
> solution did encrypt the signature parts.
> I did not find anything in the "32000" spec that the signature dictionary is
> not to be encrypted.
> From [~msahyoun]:
> {quote}
> From ISO32000-2:
> Encryption applies to all strings and streams in the document's PDF file,
> with the following exceptions:
> The values for the ID entry in the trailer
> Any strings in an Encrypt dictionary
> Any strings that are inside streams such as content streams and compressed
> object streams, which themselves are encrypted
> Any hexadecimal strings representing the value of the Contents key in a
> Signature dictionary
> {quote}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
