[
https://issues.apache.org/jira/browse/PDFBOX-5027?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17240099#comment-17240099
]
jakatal commented on PDFBOX-5027:
---------------------------------
With the separator it should be quite simple... but still the exception
handling to be discussed:
Here the snipped of pdfbox/Encrypt.java (lines 169 and following) shows the
relevant certFile input handling, modification marked with "+"
{code:java}
if( !document.isEncrypted() )
{
if( certFile != null )
{
PublicKeyProtectionPolicy ppp = new
PublicKeyProtectionPolicy();
PublicKeyRecipient recip = new PublicKeyRecipient();
recip.setPermission(ap);
CertificateFactory cf =
CertificateFactory.getInstance("X.509");
+ String[] certFileArray = certFile.Split(
System.getProperty("path.separator") );
+ // todo: Can Split method fail, at least one entry
should be in the Array?
+ for(String singleCertFile: certFileArray)
+ {
+ try (InputStream inStream = new
FileInputStream(singleCertFile))
{
X509Certificate certificate = (X509Certificate)
cf.generateCertificate(inStream);
recip.setX509(certificate);
}
+ // todo: catch with error handling: one or several
certificate out of a list cannot be handled
ppp.addRecipient(recip);
+ }
ppp.setEncryptionKeyLength(keyLength);
document.protect(ppp);
}
else
{
StandardProtectionPolicy spp =
new StandardProtectionPolicy(ownerPassword,
userPassword, ap);
spp.setEncryptionKeyLength(keyLength);
document.protect(spp);
}
document.save( outfile );
}
{code}
Quite simple. Not yet fully tested though. Any intercourses expected with other
code parts?
> Protect/Encrypt PDF with multiple certificates on command line
> --------------------------------------------------------------
>
> Key: PDFBOX-5027
> URL: https://issues.apache.org/jira/browse/PDFBOX-5027
> Project: PDFBox
> Issue Type: Improvement
> Components: Crypto
> Affects Versions: 2.0.21
> Reporter: jakatal
> Priority: Trivial
> Fix For: 2.0.22, 3.0.0 PDFBox
>
> Original Estimate: 6h
> Remaining Estimate: 6h
>
> Hi,
> PDFBox has (obviously) the ability to protect a file with several
> certificates by adding teh recipient's certificates one after another:
>
>
> {code:java}
> //Class PublicKeyProtectionPolicy has
> public void addRecipient(PublicKeyRecipient recipient)
> { recipients.add(recipient); }
> {code}
> For the commandline tool functionality, it just offers "-cert" with the
> option to add a SINGLE certificate. I expect that in most serious use cases
> actually two certificates are used to protect the document (the actual
> recipient and the creator who wants to be able still to open the document as
> well).
>
> I propose to extend the command line functionality (Encrypt.java) by having
> an iteration through several cert files, e.g. separated by special character.
>
> Thanks.
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
