@@ -1556,11 +1556,10 @@ public void write(PDDocument doc, SignatureInterface signInterface) throws IOExc
15561556 }
15571557 if ( missingID || incrementalUpdate )
15581558 {
1559- @ SuppressWarnings ({"squid:S5542" ,"lgtm [java/weak-cryptographic-algorithm]" })
1560- MessageDigest md5 ;
1559+ MessageDigest sha256 ;
15611560 try
15621561 {
1563- md5 = MessageDigest .getInstance ("MD5 " );
1562+ sha256 = MessageDigest .getInstance ("SHA256 " );
15641563 }
15651564 catch (NoSuchAlgorithmException e )
15661565 {
@@ -1570,20 +1569,20 @@ public void write(PDDocument doc, SignatureInterface signInterface) throws IOExc
15701569
15711570 // algorithm says to use time/path/size/values in doc to generate the id.
15721571 // we don't have path or size, so do the best we can
1573- md5 .update ( Long .toString (idTime ).getBytes (StandardCharsets .ISO_8859_1 ) );
1572+ sha256 .update (Long .toString (idTime ).getBytes (StandardCharsets .ISO_8859_1 ));
15741573
15751574 COSDictionary info = trailer .getCOSDictionary (COSName .INFO );
15761575 if ( info != null )
15771576 {
15781577 for (COSBase cosBase : info .getValues ())
15791578 {
1580- md5 .update (cosBase .toString ().getBytes (StandardCharsets .ISO_8859_1 ));
1579+ sha256 .update (cosBase .toString ().getBytes (StandardCharsets .ISO_8859_1 ));
15811580 }
15821581 }
15831582 // reuse origin documentID if available as first value
1584- COSString firstID = missingID ? new COSString ( md5 .digest () ) : (COSString )idArray .get (0 );
1583+ COSString firstID = missingID ? new COSString (sha256 .digest ()) : (COSString ) idArray .get (0 );
15851584 // it's ok to use the same ID for the second part if the ID is created for the first time
1586- COSString secondID = missingID ? firstID : new COSString ( md5 .digest () );
1585+ COSString secondID = missingID ? firstID : new COSString (sha256 .digest ());
15871586 idArray = new COSArray ();
15881587 idArray .add ( firstID );
15891588 idArray .add ( secondID );
0 commit comments