[ https://issues.apache.org/jira/browse/PDFBOX-5066?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17258315#comment-17258315 ]
Tilman Hausherr commented on PDFBOX-5066: ----------------------------------------- Yeah that part is a bit messy because other algorithms can be used but I never found a PDF where this is the case. > ShowSignature: say which digest algorithm was used, detect forged content > ------------------------------------------------------------------------- > > Key: PDFBOX-5066 > URL: https://issues.apache.org/jira/browse/PDFBOX-5066 > Project: PDFBox > Issue Type: Improvement > Components: Signing > Affects Versions: 2.0.23 > Reporter: Ralf Hauser > Priority: Minor > > 1) SHA256 is was used by the signer to get the content digests of > target/pdfs/notCertified_368835_Sig_en_201026090509.pdf , this should be > mentioned like > System.out.println("Signature found"); > so maybe > System.out.println("Signature algorithm: "+algo); > where 'algo' is for example "sha256WithRSAEncryption" (as per > [http://oidref.com/1.2.840.113549.1.1.11]) > 2) for subFilter="adbe.x509.rsa_sha1" it is not detected, if the pdf content > is altered. > > See also PDFBOX-4297 -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org