[
https://issues.apache.org/jira/browse/PDFBOX-4155?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16412704#comment-16412704
]
Marc Kaufman edited comment on PDFBOX-4155 at 3/24/18 6:21 PM:
---------------------------------------------------------------
The attached PDF was encrypted with the Password: "SªSLprep"
[S<U+00AA>SL<U+00AD><U+00AD><U+00AD><U+00AD><U+00AD>prep]. If you use that
string to open the file in Reader, it opens. The SASLprep'd equivalent is
"SaSLprep" [<U+00AA> becomes 'a', <U+00AD> is removed], and that string will
also open the file.
There are more complicated examples involving joining forms in some languages,
and alternative representations of compound characters.
If you create a file in PDFBox, using the non-SASLprep string, you won't be
able to open it in Acrobat. If you try to open the provided example file in
PDFBox using the non-SASLprep string, it won't open.
was (Author: mkaufman):
The attached PDF was encrypted with the Password: "SªSLprep"
[S<U+00AA>SL<U+00AD><U+00AD><U+00AD><U+00AD><U+00AD>prep]. If you use that
string to open the file in Reader, it opens. The SASLprep'd equivalent is
"SaSLprep" [<U+00AA> becomes 'a', <U+00AD> is removed], and that string will
also open the file.
There are more complicated examples involving joining forms in some languages,
and alternative representations of compound characters.
If you create the file in PDFBox, using the non-SASLprep string, you won't be
able to open it in Acrobat. If you try to open the example file using the
non-SASLprep string, it won't open.
> Password Security with Unicode needs SASLprep
> ---------------------------------------------
>
> Key: PDFBOX-4155
> URL: https://issues.apache.org/jira/browse/PDFBOX-4155
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto
> Affects Versions: 2.0.8
> Reporter: Marc Kaufman
> Priority: Minor
> Labels: security
> Attachments: SASLPrep example.pdf
>
>
> Standard Security handler for Version 6 (AES256) handles Unicode passwords.
> However the current handler is missing this part:
> "The UTF-8 password string shall be generated from Unicode input by
> processing the input string with the SASLprep (RFC 4013) profile of
> stringprep (RFC 3454) using the Normalize and BiDi options, and then
> converting to a UTF-8 representation."
> SASLprep is required to normalize equivalent codings for complex glyphs (such
> as those using umlauts, etc).
> pdmodel/encryption/StandardSecurityHandler.java
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
