[libpdfbox-java] 07/08: Refresh 01-bouncycastle-compatibility.patch

Markus Koschany apo at moszumanska.debian.org
Wed Jul 26 21:55:46 UTC 2017 

This is an automated email from the git hooks/post-receive script.

apo pushed a commit to annotated tag debian/1%1.8.13-1
in repository libpdfbox-java.

commit 19b21c147cf25d741f509cddbe9b251ce2490f4a
Author: Markus Koschany <apo at debian.org>
Date:   Wed Jul 26 22:53:38 2017 +0200

    Refresh 01-bouncycastle-compatibility.patch
---
 debian/changelog                                   |  1 +
 debian/patches/01-bouncycastle-compatibility.patch | 98 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 3 files changed, 100 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index ac99f9c..a77beeb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,6 +7,7 @@ libpdfbox-java (1:1.8.13-1) unstable; urgency=medium
   * Use https for Format field.
   * get-orig-source: Use --download-current-version option.
   * Ignore com.github.jai-imageio artifacts.
+  * Refresh 01-bouncycastle-compatibility.patch.
 
  -- Markus Koschany <apo at debian.org>  Wed, 26 Jul 2017 22:13:10 +0200
 
diff --git a/debian/patches/01-bouncycastle-compatibility.patch b/debian/patches/01-bouncycastle-compatibility.patch
new file mode 100644
index 0000000..fe88cea
--- /dev/null
+++ b/debian/patches/01-bouncycastle-compatibility.patch
@@ -0,0 +1,98 @@
+Description: Fix the compatibility with the latest version of BouncyCastle in Debian
+Origin: vendor
+Bug: https://issues.apache.org/jira/browse/PDFBOX-1587
+     https://issues.apache.org/jira/browse/PDFBOX-1669
+Author: Gregor Herrmann <gregoa at debian.org>, Tony Mancill <tmancill at debian.org>
+--- a/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
++++ b/pdfbox/src/main/java/org/apache/pdfbox/pdmodel/encryption/PublicKeySecurityHandler.java
+@@ -27,6 +27,7 @@ import java.security.KeyStoreException;
+ import java.security.MessageDigest;
+ import java.security.NoSuchAlgorithmException;
+ import java.security.NoSuchProviderException;
++import java.security.PrivateKey;
+ import java.security.SecureRandom;
+ import java.security.cert.X509Certificate;
+ import java.util.Iterator;
+@@ -38,8 +39,8 @@ import org.apache.commons.logging.Log;
+ import org.apache.commons.logging.LogFactory;
+ 
+ import org.bouncycastle.asn1.ASN1InputStream;
+-import org.bouncycastle.asn1.DERObject;
+-import org.bouncycastle.asn1.DERObjectIdentifier;
++import org.bouncycastle.asn1.ASN1Primitive;
++import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+ import org.bouncycastle.asn1.DEROctetString;
+ import org.bouncycastle.asn1.DEROutputStream;
+ import org.bouncycastle.asn1.DERSet;
+@@ -56,6 +57,7 @@ import org.bouncycastle.asn1.x509.TBSCer
+ import org.bouncycastle.cms.CMSEnvelopedData;
+ import org.bouncycastle.cms.CMSException;
+ import org.bouncycastle.cms.RecipientInformation;
++import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
+ import org.apache.pdfbox.cos.COSArray;
+ import org.apache.pdfbox.cos.COSString;
+ import org.apache.pdfbox.exceptions.CryptographyException;
+@@ -185,7 +187,7 @@ public class PublicKeySecurityHandler ex
+                     if (ri.getRID().match(material.getCertificate()) && !foundRecipient)
+                     {
+                         foundRecipient = true;
+-                        envelopedData = ri.getContent(material.getPrivateKey(), "BC");
++                        envelopedData = ri.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey) material.getPrivateKey()).setProvider("BC"));
+                         break;
+                     }
+                 }
+@@ -239,10 +241,6 @@ public class PublicKeySecurityHandler ex
+         {
+             throw new CryptographyException(e);
+         }
+-        catch (NoSuchProviderException e)
+-        {
+-            throw new CryptographyException(e);
+-        }
+         catch (NoSuchAlgorithmException e)
+         {
+             throw new CryptographyException(e);
+@@ -311,7 +309,7 @@ public class PublicKeySecurityHandler ex
+                 pkcs7input[22] = two;
+                 pkcs7input[23] = one;
+ 
+-                DERObject obj = createDERForRecipient(pkcs7input, certificate);
++                ASN1Primitive obj = createDERForRecipient(pkcs7input, certificate);
+ 
+                 ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ 
+@@ -378,7 +376,7 @@ public class PublicKeySecurityHandler ex
+ 
+     }
+ 
+-    private DERObject createDERForRecipient(byte[] in, X509Certificate cert)
++    private ASN1Primitive createDERForRecipient(byte[] in, X509Certificate cert)
+         throws IOException,
+                GeneralSecurityException
+     {
+@@ -389,7 +387,7 @@ public class PublicKeySecurityHandler ex
+         AlgorithmParameters algorithmparameters = algorithmparametergenerator.generateParameters();
+         ByteArrayInputStream bytearrayinputstream = new ByteArrayInputStream(algorithmparameters.getEncoded("ASN.1"));
+         ASN1InputStream asn1inputstream = new ASN1InputStream(bytearrayinputstream);
+-        DERObject derobject = asn1inputstream.readObject();
++        ASN1Primitive derobject = asn1inputstream.readObject();
+         KeyGenerator keygenerator;
+         try
+         {
+@@ -409,13 +407,13 @@ public class PublicKeySecurityHandler ex
+         DEROctetString deroctetstring = new DEROctetString(abyte1);
+         KeyTransRecipientInfo keytransrecipientinfo = computeRecipientInfo(cert, secretkey.getEncoded());
+         DERSet derset = new DERSet(new RecipientInfo(keytransrecipientinfo));
+-        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new DERObjectIdentifier(s), derobject);
++        AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(new ASN1ObjectIdentifier(s), derobject);
+         EncryptedContentInfo encryptedcontentinfo =
+             new EncryptedContentInfo(PKCSObjectIdentifiers.data, algorithmidentifier, deroctetstring);
+-        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null);
++        EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, (org.bouncycastle.asn1.ASN1Set) null);
+         ContentInfo contentinfo =
+             new ContentInfo(PKCSObjectIdentifiers.envelopedData, env);
+-        return contentinfo.getDERObject();
++        return contentinfo.toASN1Primitive();
+     }
+ 
+     private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)
diff --git a/debian/patches/series b/debian/patches/series
index 2b83427..bddecbe 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
+01-bouncycastle-compatibility.patch
 02-jar-packaging.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/libpdfbox-java.git

More information about the pkg-java-commits mailing list