[
https://issues.apache.org/jira/browse/PDFBOX-5027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17239421#comment-17239421
]
jakatal commented on PDFBOX-5027:
---------------------------------
Error message "JCE cannot authenticate the provider BC" says that something
with the encryption library is wrong....
I didn't test all the version, but you get an older running 2.09 for example
with docker easily: [crochik/pdfbox - Docker
Hub|https://hub.docker.com/r/crochik/pdfbox]
A test run with a certificate just went well on my machine.
The advantage of repeating -certFile is of not having any issues with
separators - though the command line may be confusing. For my understanding,
once parameters are written many times only the last mentioned one counts.
In addition, the error behavior needs to be defined. I would say, the command
needs to stop once a single certificate can not be used (broken or wrong
format), to avoid a successful encryption without noticing that not all
certificates were used in the end.
But nevertheless, I like the idea of having the -certFile repeated simply.
Shall we consider to provider a draft candidate?
> Protect/Encrypt PDF with multiple certificates on command line
> --------------------------------------------------------------
>
> Key: PDFBOX-5027
> URL: https://issues.apache.org/jira/browse/PDFBOX-5027
> Project: PDFBox
> Issue Type: Improvement
> Components: Crypto
> Reporter: jakatal
> Priority: Trivial
> Original Estimate: 6h
> Remaining Estimate: 6h
>
> Hi,
> PDFBox has (obviously) the ability to protect a file with several
> certificates by adding teh recipient's certificates one after another:
>
>
> {code:java}
> //Class PublicKeyProtectionPolicy has
> public void addRecipient(PublicKeyRecipient recipient)
> { recipients.add(recipient); }
> {code}
> For the commandline tool functionality, it just offers "-cert" with the
> option to add a SINGLE certificate. I expect that in most serious use cases
> actually two certificates are used to protect the document (the actual
> recipient and the creator who wants to be able still to open the document as
> well).
>
> I propose to extend the command line functionality (Encrypt.java) by having
> an iteration through several cert files, e.g. separated by special character.
>
> Thanks.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
