[
https://issues.apache.org/jira/browse/PDFBOX-4453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16758948#comment-16758948
]
Michael Klink edited comment on PDFBOX-4453 at 2/2/19 10:49 AM:
----------------------------------------------------------------
[~tilman] -
Another option would be to add another flag to {{COSBase}} which indicates
whether the instance has gone through decryption already.
{{SecurityHandler.decrypt}} could then decide based on that flag whether or not
to decrypt and set that flag after decryption.
This would also allow to get rid of {{SecurityHandler.objects}}.
If you don't want {{COSBase}} instance data to grow in size, replace the
current `boolean direct` in it by a `byte flags` and set or check different
bits in setters and getters for _direct_ and _decrypted_ respectively.
As an aside, you might want to keep the non-decrypted value of a {{COSString}}
in a new member of that object. As ISO 32000-2 clarifies, _any hexadecimal
strings representing the value of the Contents key in a Signature dictionary_
are not encrypted in an encrypted PDF. Thus, one needs a way to retrieve that
string _without any decryption applied_. The easiest way would be via a method
{{COSString.getValueWithoutDecryption}} which returns the bytes as they are in
the PDF file.
was (Author: mkl):
[~tilman] -
Another option would be to add another flag to {{COSBase}} which indicates
whether the instance has gone through decryption already.
{{SecurityHandler.decrypt}} could then decide based on that flag whether or not
to decrypt and set that flag after decryption.
If you don't want {{COSBase}} instance data to grow in size, replace the
current `boolean direct` in it by a `byte flags` and set or check different
bits in setters and getters for _direct_ and _decrypted_ respectively.
> Encrypted string not decrypted
> ------------------------------
>
> Key: PDFBOX-4453
> URL: https://issues.apache.org/jira/browse/PDFBOX-4453
> Project: PDFBox
> Issue Type: Bug
> Components: Crypto
> Affects Versions: 2.0.13
> Reporter: Tilman Hausherr
> Priority: Critical
> Fix For: 2.0.14, 3.0.0 PDFBox
>
> Attachments: 2AF-0088-NA-LMF35-40-01-2019-01-18-14-25-52(1).pdf
>
>
> In the attached file, an ancrypted string "0" should be decrypted to "3" but
> it is not.
> * It is RC4 40 bit enrcyption
> * The string is not decrypted because it is skipped because it is in the
> objects HashSet
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
