File: 01-bouncycastle-compatibility.patch

package info (click to toggle)
libpdfbox-java 1%3A1.8.12-1
links: PTS, VCS
area: main
in suites: stretch
size: 17,904 kB
ctags: 15,307
sloc: java: 118,931; xml: 3,647; jsp: 28; makefile: 26
file content (98 lines) | stat: -rw-r--r-- 4,784 bytes
Description: Fix the compatibility with the latest version of BouncyCastle in Debian
Origin: vendor
Bug: https://issues.apache.org/jira/browse/PDFBOX-1587
     https://issues.apache.org/jira/browse/PDFBOX-1669
Author: Gregor Herrmann <gregoa@debian.org>, Tony Mancill <tmancill@debian.org>
--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
+++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
@@ -27,6 +27,7 @@
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
 import java.security.SecureRandom;
 import java.security.cert.X509Certificate;
 import java.util.Iterator;
@@ -38,8 +39,8 @@
 import org.apache.commons.logging.LogFactory;
 
 import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERObject;
-import org.bouncycastle.asn1.DERObjectIdentifier;
+import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DEROctetString;
 import org.bouncycastle.asn1.DEROutputStream;
 import org.bouncycastle.asn1.DERSet;
@@ -56,6 +57,7 @@
 import org.bouncycastle.cms.CMSEnvelopedData;
 import org.bouncycastle.cms.CMSException;
 import org.bouncycastle.cms.RecipientInformation;
+import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
 import org.apache.pdfbox.cos.COSArray;
 import org.apache.pdfbox.cos.COSString;
 import org.apache.pdfbox.exceptions.CryptographyException;
@@ -185,7 +187,7 @@
                     if (ri.getRID().match(material.getCertificate()) && !foundRecipient)
                     {
                         foundRecipient = true;
-                        envelopedData = ri.getContent(material.getPrivateKey(), "BC");
+                        envelopedData = ri.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey) material.getPrivateKey()).setProvider("BC"));
                         break;
                     }
                 }
@@ -239,10 +241,6 @@
         {
             throw new CryptographyException(e);
         }
-        catch (NoSuchProviderException e)
-        {
-            throw new CryptographyException(e);
-        }
         catch (NoSuchAlgorithmException e)
         {
             throw new CryptographyException(e);
@@ -311,7 +309,7 @@
                 pkcs7input[22] = two;
                 pkcs7input[23] = one;
 
-                DERObject obj = createDERForRecipient(pkcs7input, certificate);
+                ASN1Primitive obj = createDERForRecipient(pkcs7input, certificate);
 
                 ByteArrayOutputStream baos = new ByteArrayOutputStream();
 
@@ -378,7 +376,7 @@
 
     }
 
-    private DERObject createDERForRecipient(byte[] in, X509Certificate cert)
+    private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert)
         throws IOException,
                GeneralSecurityException
     {
@@ -389,7 +387,7 @@
         AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
         ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
         ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
-        DERObject derobject = asn1inputstream.readObject();
+        ASN1Primitive derobject = asn1inputstream.readObject();
         KeyGenerator keygenerator = KeyGenerator.getInstance(s);
         keygenerator.init(128);
         SecretKey secretkey = keygenerator.generateKey();
@@ -399,13 +397,13 @@
         DEROctetString deroctetstring = new DEROctetString(abyte1);
         KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
         DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
-        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new DERObjectIdentifier(s), derobject);
+        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
         EncryptedContentInfo encryptedcontentinfo =
             new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
-        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null);
+        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (org.bouncycastle.asn1.ASN1Set) null);
         ContentInfo contentinfo =
             new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
-        return contentinfo.getDERObject();
+        return contentinfo.toASN1Primitive();
     }
 
     private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)