svn commit: r1923407 - /pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java

Mon, 27 Jan 2025 10:40:46 -0800 

Author: tilman
Date: Mon Jan 27 18:40:39 2025
New Revision: 1923407

URL: http://svn.apache.org/viewvc?rev=1923407&view=rev
Log:
PDFBOX-5940: add comment based on remarks by mkl

Modified:
    
pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java

Modified: 
pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
URL: 
http://svn.apache.org/viewvc/pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java?rev=1923407&r1=1923406&r2=1923407&view=diff
==============================================================================
--- 
pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
 (original)
+++ 
pdfbox/branches/3.0/examples/src/main/java/org/apache/pdfbox/examples/signature/CreateSignatureBase.java
 Mon Jan 27 18:40:39 2025
@@ -138,6 +138,9 @@ public abstract class CreateSignatureBas
         {
             CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
             X509Certificate cert = (X509Certificate) certificateChain[0];
+            // cert.getSigAlgName() returns the algorithm the certificate 
itself has been signed with,
+            // this is usually also the algorithm to use for signing, but not 
always.
+            // See also the comment by mkl at the bottom of 
https://issues.apache.org/jira/browse/PDFBOX-5940
             ContentSigner sha1Signer = new 
JcaContentSignerBuilder(cert.getSigAlgName()).build(privateKey);
             gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new 
JcaDigestCalculatorProviderBuilder().build()).build(sha1Signer, cert));
             gen.addCertificates(new 
JcaCertStore(Arrays.asList(certificateChain)));

Reply via email to