svn commit: r1924997 - /pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java

Thu, 10 Apr 2025 10:58:47 -0700 

Author: tilman
Date: Thu Apr 10 17:58:41 2025
New Revision: 1924997

URL: http://svn.apache.org/viewvc?rev=1924997&view=rev
Log:
PDFBOX-5985: use SHA256 instead of MD5, as suggested by Srujith Pulipaka

Modified:
    pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java

Modified: 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java
URL: 
http://svn.apache.org/viewvc/pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java?rev=1924997&r1=1924996&r2=1924997&view=diff
==============================================================================
--- 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java 
(original)
+++ 
pdfbox/trunk/pdfbox/src/main/java/org/apache/pdfbox/pdfwriter/COSWriter.java 
Thu Apr 10 17:58:41 2025
@@ -1556,11 +1556,10 @@ public class COSWriter implements ICOSVi
         }
         if( missingID || incrementalUpdate)
         {
-            @SuppressWarnings({"squid:S5542","lgtm 
[java/weak-cryptographic-algorithm]"})
-            MessageDigest md5;
+            MessageDigest sha256;
             try
             {
-                md5 = MessageDigest.getInstance("MD5");
+                sha256 = MessageDigest.getInstance("SHA256");
             }
             catch (NoSuchAlgorithmException e)
             {
@@ -1570,20 +1569,20 @@ public class COSWriter implements ICOSVi
 
             // algorithm says to use time/path/size/values in doc to generate 
the id.
             // we don't have path or size, so do the best we can
-            md5.update( 
Long.toString(idTime).getBytes(StandardCharsets.ISO_8859_1) );
+            
sha256.update(Long.toString(idTime).getBytes(StandardCharsets.ISO_8859_1));
 
             COSDictionary info = trailer.getCOSDictionary(COSName.INFO);
             if( info != null )
             {
                 for (COSBase cosBase : info.getValues())
                 {
-                    
md5.update(cosBase.toString().getBytes(StandardCharsets.ISO_8859_1));
+                    
sha256.update(cosBase.toString().getBytes(StandardCharsets.ISO_8859_1));
                 }
             }
             // reuse origin documentID if available as first value
-            COSString firstID = missingID ? new COSString( md5.digest() ) : 
(COSString)idArray.get(0);
+            COSString firstID = missingID ? new COSString(sha256.digest()) : 
(COSString) idArray.get(0);
             // it's ok to use the same ID for the second part if the ID is 
created for the first time
-            COSString secondID = missingID ? firstID : new COSString( 
md5.digest() );
+            COSString secondID = missingID ? firstID : new 
COSString(sha256.digest());
             idArray = new COSArray();
             idArray.add( firstID );
             idArray.add( secondID );

Reply via email to