[jira] [Resolved] (PDFBOX-5338) Simplify ICOSVisitor interface, remove unused return value

2021-12-08 Thread Jira 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5338?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andreas Lehmkühler resolved PDFBOX-5338.

Resolution: Fixed

> Simplify ICOSVisitor interface, remove unused return value
> --
>
> Key: PDFBOX-5338
> URL: https://issues.apache.org/jira/browse/PDFBOX-5338
> Project: PDFBox
>  Issue Type: Improvement
>  Components: Parsing
>Affects Versions: 3.0.0 PDFBox
>Reporter: Andreas Lehmkühler
>Assignee: Andreas Lehmkühler
>Priority: Major
> Fix For: 3.0.0 PDFBox
>
>
> All methods from {{org.apache.pdfbox.cos.ICOSVisitor}} define a return value 
> but it isn't used anywhere. We should remove it to simplify the code



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Re: Build issue

2021-12-08 Thread Andreas Lehmkuehler 

Done, see PDFBOX-5338

Am 09.12.21 um 08:04 schrieb Andreas Lehmkuehler:

Hi,

I've accidentally commited some changes without a comment and atr least one 
class is missing. I'm going to fix that soon


Andreas

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Commented] (PDFBOX-5338) Simplify ICOSVisitor interface, remove unused return value

2021-12-08 Thread Jira 


[ 
https://issues.apache.org/jira/browse/PDFBOX-5338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17456185#comment-17456185
 ] 

Andreas Lehmkühler commented on PDFBOX-5338:


*manually added due to accidentally uncomplete committed changes*

Commit 1895714 from le...@apache.org in branch 'pdfbox/trunk'
[ [https://svn.apache.org/r1895713] ]

PDFBOX-5338: remove unused return value

> Simplify ICOSVisitor interface, remove unused return value
> --
>
> Key: PDFBOX-5338
> URL: https://issues.apache.org/jira/browse/PDFBOX-5338
> Project: PDFBox
>  Issue Type: Improvement
>  Components: Parsing
>Affects Versions: 3.0.0 PDFBox
>Reporter: Andreas Lehmkühler
>Assignee: Andreas Lehmkühler
>Priority: Major
> Fix For: 3.0.0 PDFBox
>
>
> All methods from {{org.apache.pdfbox.cos.ICOSVisitor}} define a return value 
> but it isn't used anywhere. We should remove it to simplify the code



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Commented] (PDFBOX-5338) Simplify ICOSVisitor interface, remove unused return value

2021-12-08 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/PDFBOX-5338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17456184#comment-17456184
 ] 

ASF subversion and git services commented on PDFBOX-5338:
-

Commit 1895714 from le...@apache.org in branch 'pdfbox/trunk'
[ https://svn.apache.org/r1895714 ]

PDFBOX-5338: remove unused return value

> Simplify ICOSVisitor interface, remove unused return value
> --
>
> Key: PDFBOX-5338
> URL: https://issues.apache.org/jira/browse/PDFBOX-5338
> Project: PDFBox
>  Issue Type: Improvement
>  Components: Parsing
>Affects Versions: 3.0.0 PDFBox
>Reporter: Andreas Lehmkühler
>Assignee: Andreas Lehmkühler
>Priority: Major
> Fix For: 3.0.0 PDFBox
>
>
> All methods from {{org.apache.pdfbox.cos.ICOSVisitor}} define a return value 
> but it isn't used anywhere. We should remove it to simplify the code



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Created] (PDFBOX-5338) Simplify ICOSVisitor interface, remove unused return value

2021-12-08 Thread Jira 
Andreas Lehmkühler created PDFBOX-5338:
--

 Summary: Simplify ICOSVisitor interface, remove unused return value
 Key: PDFBOX-5338
 URL: https://issues.apache.org/jira/browse/PDFBOX-5338
 Project: PDFBox
  Issue Type: Improvement
  Components: Parsing
Affects Versions: 3.0.0 PDFBox
Reporter: Andreas Lehmkühler
Assignee: Andreas Lehmkühler
 Fix For: 3.0.0 PDFBox


All methods from {{org.apache.pdfbox.cos.ICOSVisitor}} define a return value 
but it isn't used anywhere. We should remove it to simplify the code



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Build issue

2021-12-08 Thread Andreas Lehmkuehler 

Hi,

I've accidentally commited some changes without a comment and atr least one 
class is missing. I'm going to fix that soon


Andreas

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Build failed in Jenkins: PDFBox » PDFBox-trunk » Apache PDFBox #1054

2021-12-08 Thread Apache Jenkins Server 
See 


Changes:

[Andreas Lehmkühler] 


--
[INFO] 
[INFO] --< org.apache.pdfbox:pdfbox >--
[INFO] Building Apache PDFBox 3.0.0-SNAPSHOT [4/12]
[INFO] ---[ bundle ]---
[INFO] 
[INFO] --- maven-clean-plugin:3.1.0:clean (default-clean) @ pdfbox ---
[INFO] 
[INFO] --- maven-enforcer-plugin:3.0.0:enforce (default) @ pdfbox ---
[INFO] 
[INFO] --- maven-enforcer-plugin:3.0.0:enforce (enforce-maven-version) @ pdfbox 
---
[INFO] 
[INFO] --- jacoco-maven-plugin:0.8.7:prepare-agent (default) @ pdfbox ---
[INFO] surefireArgLine set to 
-javaagent:/home/jenkins/.m2/repository/org/jacoco/org.jacoco.agent/0.8.7/org.jacoco.agent-0.8.7-runtime.jar=destfile=
[INFO] 
[INFO] --- maven-remote-resources-plugin:1.7.0:process 
(process-resource-bundles) @ pdfbox ---
[INFO] Preparing remote bundle org.apache:apache-jar-resource-bundle:1.4
[INFO] Copying 3 resources from 1 bundle.
[INFO] Copying appended resource: META-INF/NOTICE
[INFO] Copying appended resource: META-INF/LICENSE
[INFO] 
[INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ pdfbox 
---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] Copying 21 resources
[INFO] Copying 3 resources
[INFO] 
[INFO] --- maven-compiler-plugin:3.8.1:compile (default-compile) @ pdfbox ---
[INFO] Changes detected - recompiling the module!
[INFO] Compiling 628 source files to 

[INFO] 
:
 Some input files use unchecked or unsafe operations.
[INFO] 
:
 Recompile with -Xlint:unchecked for details.
[INFO] -
[WARNING] COMPILATION WARNING : 
[INFO] -
[WARNING] 
:[436,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[438,30]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[196,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[446,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[375,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[358,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[340,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[WARNING] 
:[314,18]
 getHeight(int) in org.apache.pdfbox.pdmodel.font.PDFontLike has been deprecated
[INFO] 8 warnings 
[INFO] -
[INFO] -
[ERROR] COMPILATION ERROR : 
[INFO] -
[ERROR] 
:[86,8]
 org.apache.pdfbox.pdfwriter.COSWriter is not abstract and does not override 
abstract method

Build failed in Jenkins: PDFBox » PDFBox-trunk #1054

2021-12-08 Thread Apache Jenkins Server 
See 


Changes:

[Andreas Lehmkühler] 


--
[...truncated 48.99 KB...]
[INFO] 
[INFO] <<< maven-source-plugin:3.2.1:jar (attach-sources) < generate-sources @ 
xmpbox <<<
[INFO] 
[INFO] 
[INFO] --- maven-source-plugin:3.2.1:jar (attach-sources) @ xmpbox ---
[INFO] Skipping source per configuration.
[INFO] 
[INFO] --- apache-rat-plugin:0.13:check (default) @ xmpbox ---
[INFO] Enabled default license matchers.
[INFO] Will parse SCM ignores for exclusions...
[INFO] Finished adding exclusions from SCM ignore files.
[INFO] 62 implicit excludes (use -debug for more details).
[INFO] 1 explicit excludes (use -debug for more details).
[INFO] 132 resources included (use -debug for more details)
[INFO] Rat check: Summary over all files. Unapproved: 0, unknown: 0, generated: 
0, approved: 129 licenses.
[INFO] 
[INFO] --- dependency-check-maven:6.5.0:check (default) @ xmpbox ---
[INFO] Checking for updates
[INFO] Skipping NVD check since last check was within 4 hours.
[INFO] Skipping RetireJS update since last update was within 24 hours.
[INFO] Check for updates complete (66 ms)
[INFO] 

Dependency-Check is an open source tool performing a best effort analysis of 
3rd party dependencies; false positives and false negatives may exist in the 
analysis performed by the tool. Use of the tool and the reporting provided 
constitutes acceptance for use in an AS IS condition, and there are NO 
warranties, implied or otherwise, with regard to the analysis or its use. Any 
use of the tool and the reporting provided is at the user?s risk. In no event 
shall the copyright holder or OWASP be held liable for any damages whatsoever 
arising out of or in connection with the use of this tool, the analysis 
performed, or the resulting report.


   About ODC: 
https://jeremylong.github.io/DependencyCheck/general/internals.html
   False Positives: 
https://jeremylong.github.io/DependencyCheck/general/suppression.html

? Sponsor: https://github.com/sponsors/jeremylong


[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (3 seconds)
[INFO] Finished CPE Analyzer (3 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Analysis Complete (3 seconds)
[INFO] Writing report to: 

[INFO] 
[INFO] --- maven-install-plugin:2.5.2:install (default-install) @ xmpbox ---
[INFO] Installing 

 to 
/home/jenkins/.m2/repository/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-SNAPSHOT.jar
[INFO] Installing 
 to 
/home/jenkins/.m2/repository/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-SNAPSHOT.pom
[INFO] 
[INFO] --- maven-bundle-plugin:5.1.2:install (default-install) @ xmpbox ---
[INFO] Installing 
org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-SNAPSHOT.jar
[INFO] Writing OBR metadata
[INFO] 
[INFO] --- maven-deploy-plugin:2.8.2:deploy (default-deploy) @ xmpbox ---
[INFO] Downloading from apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/maven-metadata.xml
[INFO] Downloaded from apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/maven-metadata.xml
 (782 B at 1.0 kB/s)
[INFO] Uploading to apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-20211209.070118-3060.jar
[INFO] Uploaded to apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-20211209.070118-3060.jar
 (134 kB at 93 kB/s)
[INFO] Uploading to apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-20211209.070118-3060.pom
[INFO] Uploaded to apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/3.0.0-SNAPSHOT/xmpbox-3.0.0-20211209.070118-3060.pom
 (2.6 kB at 2.5 kB/s)
[INFO] Downloading from apache.snapshots.https: 
https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/xmpbox/maven-metadata.xml

[jira] [Commented] (PDFBOX-4892) Improve code quality (4)

2021-12-08 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/PDFBOX-4892?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17455198#comment-17455198
 ] 

ASF subversion and git services commented on PDFBOX-4892:
-

Commit 1895694 from Tilman Hausherr in branch 'pdfbox/trunk'
[ https://svn.apache.org/r1895694 ]

PDFBOX-4892: refactor, as suggested by valerybokov

> Improve code quality (4)
> 
>
> Key: PDFBOX-4892
> URL: https://issues.apache.org/jira/browse/PDFBOX-4892
> Project: PDFBox
>  Issue Type: Improvement
>Affects Versions: 2.0.20
>Reporter: Tilman Hausherr
>Priority: Minor
>
> This is a longterm issue for the task to improve code quality, by using the 
> [SonarQube report|https://sonarcloud.io/project/issues?id=pdfbox-reactor], 
> hints in different IDEs, the FindBugs tool and other code quality tools.
> This is a follow-up of PDFBOX-4071, which was getting too long.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Commented] (PDFBOX-4892) Improve code quality (4)

2021-12-08 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/PDFBOX-4892?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17455197#comment-17455197
 ] 

ASF subversion and git services commented on PDFBOX-4892:
-

Commit 1895693 from Tilman Hausherr in branch 'pdfbox/branches/2.0'
[ https://svn.apache.org/r1895693 ]

PDFBOX-4892: refactor, as suggested by valerybokov

> Improve code quality (4)
> 
>
> Key: PDFBOX-4892
> URL: https://issues.apache.org/jira/browse/PDFBOX-4892
> Project: PDFBox
>  Issue Type: Improvement
>Affects Versions: 2.0.20
>Reporter: Tilman Hausherr
>Priority: Minor
>
> This is a longterm issue for the task to improve code quality, by using the 
> [SonarQube report|https://sonarcloud.io/project/issues?id=pdfbox-reactor], 
> hints in different IDEs, the FindBugs tool and other code quality tools.
> This is a follow-up of PDFBOX-4071, which was getting too long.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Re: Code Scanning / Security Analysis on github repo

2021-12-08 Thread Tilman Hausherr 
Yes this would be interesting. Although I expect a lot of false 
positives, like with Sonar.


Tilman

Am 08.12.2021 um 10:14 schrieb sahy...@fileaffairs.de:

Dear all,

what about enabling code scanning / security analysis on our github
repo (if possible).

https://docs.github.com/en/code-security

Thoughts?

Maruan


-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Resolved] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread Tilman Hausherr (Jira) 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tilman Hausherr resolved PDFBOX-5312.
-
Resolution: Fixed

Thanks for reporting this!

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Assignee: Tilman Hausherr
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Commented] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17455080#comment-17455080
 ] 

ASF subversion and git services commented on PDFBOX-5312:
-

Commit 1895686 from Tilman Hausherr in branch 'pdfbox/branches/2.0'
[ https://svn.apache.org/r1895686 ]

PDFBOX-5312: improve javadoc

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Assignee: Tilman Hausherr
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Commented] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread ASF subversion and git services (Jira) 


[ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17455081#comment-17455081
 ] 

ASF subversion and git services commented on PDFBOX-5312:
-

Commit 1895688 from Tilman Hausherr in branch 'pdfbox/trunk'
[ https://svn.apache.org/r1895688 ]

PDFBOX-5312: improve javadoc

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Assignee: Tilman Hausherr
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread Tilman Hausherr (Jira) 


[ https://issues.apache.org/jira/browse/PDFBOX-5312 ]


Tilman Hausherr deleted comment on PDFBOX-5312:
-

was (Author: tilman):
TODO fix javadoc of some getKeyLength method

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Assignee: Tilman Hausherr
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Updated] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread Tilman Hausherr (Jira) 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tilman Hausherr updated PDFBOX-5312:

Fix Version/s: 2.0.25
   (was: 2.0.26)

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Assigned] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread Tilman Hausherr (Jira) 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tilman Hausherr reassigned PDFBOX-5312:
---

Assignee: Tilman Hausherr

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Assignee: Tilman Hausherr
>Priority: Major
> Fix For: 2.0.25, 3.0.0 PDFBox
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Updated] (PDFBOX-5312) Decryption for V4 fails when no Length entry is set in Encryption Dictionary

2021-12-08 Thread Tilman Hausherr (Jira) 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tilman Hausherr updated PDFBOX-5312:

Fix Version/s: 2.0.26
   (was: 2.0.25)

> Decryption for V4 fails when no Length entry is set in Encryption Dictionary
> 
>
> Key: PDFBOX-5312
> URL: https://issues.apache.org/jira/browse/PDFBOX-5312
> Project: PDFBox
>  Issue Type: Bug
>  Components: Crypto
>Affects Versions: 2.0.24
>Reporter: Moritz Flöter
>Priority: Major
> Fix For: 3.0.0 PDFBox, 2.0.26
>
> Attachments: ausdat.pdf
>
>
> The PDF standard defines the "Length" entry in the encryption dictionary to 
> only have an effect in V2 or V3.
> However, PDFBox relies on that value for V4 as well and fails to decrypt 
> files that do not define this length entry. It does not consider the length 
> entry in the crypt filter dictionary instead that could be used to get 
> information about the length:
>  <  <  /AESV2/Length
>  16
> It should be noted that Adobe Acrobat generates files with the required 
> "Length" entry in the encryption dictionary even when V4 is used. Therefore 
> PDFBox correctly processes output from Adobe Acrobat. It would however be 
> desirable for PDFBox to also handle other output that conforms to the 
> PDF-Standard.
> I attached a file that is encrypted with an empty password and fails to be 
> decrypted by pdfbox. However, you can open it with SumatraPDF, Acrobat 
> Reader, Okular etc. (ignore the text on the actual page of the pdf-file ... 
> our application read an RC4 file and wrote the output as AES 128Bit)



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Re: 2.0.25 Release?

2021-12-08 Thread Tilman Hausherr 

+1

Tilman

Am 08.12.2021 um 08:18 schrieb Andreas Lehmkuehler:

Hi,

how about cutting a 2.0.25 release next week (Monday or Tuesday)?

It would be nice to have another one this year.

Andreas

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org




-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

[jira] [Updated] (PDFBOX-5305) Pdf-A/1b Validation

2021-12-08 Thread Tilman Hausherr (Jira) 


 [ 
https://issues.apache.org/jira/browse/PDFBOX-5305?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tilman Hausherr updated PDFBOX-5305:

Fix Version/s: (was: 3.0.0 PDFBox)
   (was: 2.0.25)

> Pdf-A/1b Validation
> ---
>
> Key: PDFBOX-5305
> URL: https://issues.apache.org/jira/browse/PDFBOX-5305
> Project: PDFBox
>  Issue Type: Bug
>  Components: Preflight
>Affects Versions: 1.8.16, 2.0.24
>Reporter: Giuseppe Giordano
>Priority: Major
> Attachments: pdfA.pdf
>
>
> Good Morning,
> I've this PDF/A-1B generated with Adobe Livecycle, but validating it I obtain 
> this error:
>  
> Error code : 1.2.7 | Dettagli : Body Syntax error, HQDKMD+MyriadPro-Regular: 
> Filter specified in font file metadata dictionnary
>  
> My code is the same of 
> https://pdfbox.apache.org/1.8/cookbook/pdfavalidation.html
> Can you help me?
> Thanks
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Code Scanning / Security Analysis on github repo

2021-12-08 Thread sahy...@fileaffairs.de 
Dear all,

what about enabling code scanning / security analysis on our github
repo (if possible).

https://docs.github.com/en/code-security

Thoughts?

Maruan


-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org

Re: 2.0.25 Release?

2021-12-08 Thread sahy...@fileaffairs.de 
+1

Maruan


Am Mittwoch, dem 08.12.2021 um 08:18 +0100 schrieb Andreas Lehmkuehler:
> Hi,
> 
> how about cutting a 2.0.25 release next week (Monday or Tuesday)?
> 
> It would be nice to have another one this year.
> 
> Andreas
> 
> -
> To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
> For additional commands, e-mail: dev-h...@pdfbox.apache.org
> 

-- 
-- 


-
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org