Certificate encryption for AES 256 is not yet supported. It should be available
in September.
Paulo
-----Original Message-----
From: Alex Miller [mailto:reisnakea...@gmail.com]
Sent: Wednesday, June 22, 2011 2:48 PM
To: itext-questions@lists.sourceforge.net
Subject: [iText-questions] ArrayIndexOutOfBoundsException while encrypting a
PDF with AES 256 (IText pdf java)
Hi,
When I try to encrypt a pdf using AES 256 it gives me the following error:
java.lang.ArrayIndexOutOfBoundsException
at java.lang.System.arraycopy(Native Method)
at
com.itextpdf.text.pdf.PdfEncryption.setupByEncryptionKey(PdfEncryption.java:527)
at
com.itextpdf.text.pdf.PdfEncryption.getEncryptionDictionary(PdfEncryption.java:633)
at com.itextpdf.text.pdf.PdfWriter.setEncryption(PdfWriter.java:2057)
at com.itextpdf.text.pdf.PdfStamper.setEncryption(PdfStamper.java:349)
....
This is the code that generates the error:
public static KeyPair generateKeyPair(String algorithm, int bitLength)
throws NoSuchAlgorithmException {
KeyPairGenerator kpGen = null;
try {
kpGen = KeyPairGenerator.getInstance(algorithm, "BC");
} catch (NoSuchProviderException ex) {
Logger.getLogger(Util.class.getName()).log(Level.SEVERE,
null, ex);
}
kpGen.initialize(bitLength, new SecureRandom());
return kpGen.generateKeyPair();
}
public static Certificate getCertificate(KeyPair pair) throws Exception {
X509v3CertificateBuilder builder = new
X509v3CertificateBuilder(new X500Name("CN=CA"),
BigInteger.valueOf(new Date().getTime()),
new Date(),
new Date(new Date().getTime() + 100000000L),
new X500Name("CN=Reader"),
SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded()));
ContentSigner signer = new
JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(pair.getPrivate());
X509CertificateHolder certHolder = builder.build(signer);
ByteArrayInputStream bIn = new
ByteArrayInputStream(certHolder.getEncoded());
return CertificateFactory.getInstance("X.509",
"BC").generateCertificate(bIn);
}
public static void encryptPdf(String src, String dest, Certificate
readCertificate)
throws IOException, DocumentException, CertificateException {
PdfReader reader = new PdfReader(src);
FileOutputStream fout = new FileOutputStream(dest);
PdfStamper stamper = new PdfStamper(reader, fout);
stamper.setEncryption(new Certificate[]{readCertificate}, //
This is the instruction that gives me the error!
new int[]{PdfWriter.ALLOW_PRINTING},
//
PdfWriter.ENCRYPTION_AES_256);
//
stamper.close();
fout.close();
}
public static final String ORIGINAL = "./X509.pdf";
public static final String ENCIPHERED = "./X509-crypt.pdf";
public static final String DECIPHERED = "./X509-decrypt.pdf";
public static final String SIGNED = "./X509-signed.pdf";
public static void main(String[] args) {
Security.addProvider(new
org.bouncycastle.jce.provider.BouncyCastleProvider());
Certificate readerCert = null;
System.out.println(Cipher.getMaxAllowedKeyLength("AES")); // OK
KeyPair pair = generateKeyPair("RSA", 2048);
readerCert = getCertificate(pair);
System.out.println(readerCert);
KeyPair fakePair = generateKeyPair("RSA", 2048);
Certificate fakeCertificate = getCertificate(fakePair);
encryptPdf(ORIGINAL, ENCIPHERED, readerCert);
}
My configuration:
OS: Windows 7 x64 service pack 1
Jdk and Jre latest version 1.6.26
Itext latest version 5.11
IDE: netbeans 7.0
I've given a look at what happened inside Itext and i found that the
instruction that launch exception is:
"System.arraycopy(key, 0, mkey, 0, mkey.length);"
where key is a 20 bytes arrays and mkey.length is 32!
With the other algorithm (ARC4_40, ARC4_128, AES_128) i have no problem!
I attach the pdf that i want to encipher.
I thank you in advance
Alex Miller.
Aviso Legal:
Esta mensagem é destinada exclusivamente ao destinatário. Pode conter
informação confidencial ou legalmente protegida. A incorrecta transmissão desta
mensagem não significa a perca de confidencialidade. Se esta mensagem for
recebida por engano, por favor envie-a de volta para o remetente e apague-a do
seu sistema de imediato. É proibido a qualquer pessoa que não o destinatário de
usar, revelar ou distribuir qualquer parte desta mensagem.
Disclaimer:
This message is destined exclusively to the intended receiver. It may contain
confidential or legally protected information. The incorrect transmission of
this message does not mean the loss of its confidentiality. If this message is
received by mistake, please send it back to the sender and delete it from your
system immediately. It is forbidden to any person who is not the intended
receiver to use, distribute or copy any part of this message.
------------------------------------------------------------------------------
Simplify data backup and recovery for your virtual environment with vRanger.
Installation's a snap, and flexible recovery options mean your data is safe,
secure and there when you need it. Data protection magic?
Nope - It's vRanger. Get your free trial download today.
http://p.sf.net/sfu/quest-sfdev2dev
_______________________________________________
iText-questions mailing list
iText-questions@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/itext-questions
iText(R) is a registered trademark of 1T3XT BVBA.
Many questions posted to this list can (and will) be answered with a reference
to the iText book: http://www.itextpdf.com/book/
Please check the keywords list before you ask for examples:
http://itextpdf.com/themes/keywords.php
