[jira] [Commented] (PDFBOX-2963) Remove Bouncy Castle Reference

[Tilman Hausherr (JIRA)]

    [ 
https://issues.apache.org/jira/browse/PDFBOX-2963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15684156#comment-15684156
 ] 

Tilman Hausherr commented on PDFBOX-2963:
-----------------------------------------

I've read the texts again and maybe I understand better now. Intended changes:

0) remove {{Security.addProvider(new BouncyCastleProvider());}} from 
SecurityHandlerFactory;

1) Add this class (may need to be improved, not sure if this is the perfect 
singleton):
{code}
public class SecurityProvider
{
    private static Provider provider = null;

    private SecurityProvider()
    {
    }

    public static Provider getProvider() throws IOException
    {
        if (provider == null)
        {
            try
            {
                Class<Provider> providerClass =
                        (Class<Provider>) 
Class.forName("org.bouncycastle.jce.provider.BouncyCastleProvider");
                provider = providerClass.newInstance();
            }
            catch (ClassNotFoundException ex)
            {
                throw new IOException(ex);
            }
            catch (InstantiationException ex)
            {
                throw new IOException(ex);
            }
            catch (IllegalAccessException ex)
            {
                throw new IOException(ex);
            }
            Security.addProvider(provider);
        }
        return provider;
    }

    public static void setProvider(Provider provider)
    {
        SecurityProvider.provider = provider;
        Security.addProvider(provider);
    }   
}
{code}
2) at every place in the org.apache.pdfbox.pdmodel.encryption, search for 
{{getInstance()}}, and add {{SecurityProvider.getProvider()}} as second 
parameter, except for MD5.

Sadly BCFIPS is not or not yet on maven central, so I'm waiting for somebody to 
come forward to test this the hard way.

> Remove Bouncy Castle Reference
> ------------------------------
>
>                 Key: PDFBOX-2963
>                 URL: https://issues.apache.org/jira/browse/PDFBOX-2963
>             Project: PDFBox
>          Issue Type: Improvement
>          Components: Crypto, PDModel
>    Affects Versions: 1.8.9, 1.8.10, 2.0.0
>            Reporter: Johnny Minty
>             Fix For: 2.0.4, 2.1.0
>
>
> PDFBox Versions 1.8.X and 2.0.X add Bouncy Castle as a security provider 
> explicitly (Hard coded)
> Referencing bouncy castle explicitly ties PDF box to a specific provider 
> implementation.
> Instead of referencing BouncyCastleProvider explicitly provide an option to 
> select another provider or alternatively allow a way to override the default. 
> Version 1.8.X:
> https://github.com/apache/pdfbox/blob/1.8.10/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandlersManager.java
> {code}
> public static SecurityHandlersManager getInstance()
>     {
>         if(instance == null)
>         {
>             instance = new SecurityHandlersManager();
>             Security.addProvider(new BouncyCastleProvider());
>         }
>         return instance;
>     }
> {code}
> Version 2.0.0:
> https://github.com/apache/pdfbox/blob/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/SecurityHandlerFactory.java
> {code}
>    static
>     {
>         Security.addProvider(new BouncyCastleProvider());
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org