Ensure deterministic behavior on protected PDF signature #800
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps `junit.version` from 5.8.2 to 5.9.0. Updates `junit-jupiter-api` from 5.8.2 to 5.9.0 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit5@r5.8.2...r5.9.0) Updates `junit-jupiter-params` from 5.8.2 to 5.9.0 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit5@r5.8.2...r5.9.0) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps maven-bundle-plugin from 5.1.6 to 5.1.8. --- updated-dependencies: - dependency-name: org.apache.felix:maven-bundle-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.4.0...maven-javadoc-plugin-3.4.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [checkstyle](https://github.com/checkstyle/checkstyle) from 10.3.1 to 10.3.3. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](checkstyle/checkstyle@checkstyle-10.3.1...checkstyle-10.3.3) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [mockito-core](https://github.com/mockito/mockito) from 4.6.1 to 4.8.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v4.6.1...v4.8.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.1.2 to 3.2.0. - [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases) - [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.1.2...maven-checkstyle-plugin-3.2.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps `bouncycastle.version` from 1.71 to 1.71.1. Updates `bcprov-jdk18on` from 1.71 to 1.71.1 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) Updates `bcpkix-jdk18on` from 1.71 to 1.71.1 - [Release notes](https://github.com/bcgit/bc-java/releases) - [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html) - [Commits](https://github.com/bcgit/bc-java/commits) --- updated-dependencies: - dependency-name: org.bouncycastle:bcprov-jdk18on dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.bouncycastle:bcpkix-jdk18on dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [maven-jxr-plugin](https://github.com/apache/maven-jxr) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/apache/maven-jxr/releases) - [Commits](apache/maven-jxr@jxr-3.2.0...jxr-3.3.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-jxr-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
|
Hi @bsanchezb , the checkstyle problems were fixed on master. Can you please rebase your branch onto OpenPdf/master? |
…nPDF into sign-pdf-protected
|
Kudos, SonarCloud Quality Gate passed!
|
|
@asturio , done. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the new Feature/Bugfix
This fix enables a possibility to ensure deterministic signature creation within a password-protected (encrypted) PDF document.
Before the code always generated a different random identifier in case of encrypted documents, even when
overrideFileIdhas been provided.Unit-Tests for the new Feature/Bugfix
Compatibilities Issues
The fix does not change the original behavior, but takes into account
overrideFileIdfor protected documents, when provided. The change does not require any modifications on user's side.Testing details
Unit tests are added, ensuring different identifiers are computed by default, but deterministic ones when
overrideFileIdis provided. Unit tests also verify that the signed PDF document is still readable.Unit tests have also been executed on our side with the fix applied.