Skip to content

Commit e2455e3

Browse files
introfogintrofog
committed
Change hash algorithm from MD5 to better SHA-512 for PdfEncryption and SmartModePdfObjectsSerializer
DEVSIX-7380
1 parent 8accf34 commit e2455e3

File tree

2 files changed

+8
-8
lines changed

2 files changed

+8
-8
lines changed

kernel/src/main/java/com/itextpdf/kernel/pdf/PdfEncryption.java

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@ This file is part of the iText (R) project.
2323
package com.itextpdf.kernel.pdf;
2424

2525
import com.itextpdf.commons.utils.SystemUtil;
26-
import com.itextpdf.kernel.exceptions.PdfException;
2726
import com.itextpdf.kernel.crypto.IDecryptor;
2827
import com.itextpdf.kernel.crypto.OutputStreamEncryption;
2928
import com.itextpdf.kernel.crypto.securityhandler.PubKeySecurityHandler;
@@ -38,7 +37,9 @@ This file is part of the iText (R) project.
3837
import com.itextpdf.kernel.crypto.securityhandler.StandardHandlerUsingStandard40;
3938
import com.itextpdf.kernel.crypto.securityhandler.StandardSecurityHandler;
4039
import com.itextpdf.kernel.exceptions.KernelExceptionMessageConstant;
40+
import com.itextpdf.kernel.exceptions.PdfException;
4141
import com.itextpdf.kernel.security.IExternalDecryptionProcess;
42+
4243
import java.io.ByteArrayOutputStream;
4344
import java.io.IOException;
4445
import java.io.OutputStream;
@@ -255,17 +256,17 @@ public PdfEncryption(PdfDictionary pdfDict, Key certificateKey, Certificate cert
255256
}
256257

257258
public static byte[] generateNewDocumentId() {
258-
MessageDigest md5;
259+
MessageDigest sha512;
259260
try {
260-
md5 = MessageDigest.getInstance("MD5");
261+
sha512 = MessageDigest.getInstance("SHA-512");
261262
} catch (Exception e) {
262263
throw new PdfException(KernelExceptionMessageConstant.PDF_ENCRYPTION, e);
263264
}
264265
long time = SystemUtil.getTimeBasedSeed();
265266
long mem = SystemUtil.getFreeMemory();
266267
String s = time + "+" + mem + "+" + (seq++);
267268

268-
return md5.digest(s.getBytes(StandardCharsets.ISO_8859_1));
269+
return sha512.digest(s.getBytes(StandardCharsets.ISO_8859_1));
269270
}
270271

271272
/**

kernel/src/main/java/com/itextpdf/kernel/pdf/SmartModePdfObjectsSerializer.java

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -26,17 +26,16 @@ This file is part of the iText (R) project.
2626
import com.itextpdf.kernel.exceptions.PdfException;
2727

2828
import java.security.MessageDigest;
29-
3029
import java.util.HashMap;
3130
import java.util.Map;
3231

3332
class SmartModePdfObjectsSerializer {
34-
private MessageDigest md5;
33+
private MessageDigest sha512;
3534
private HashMap<SerializedObjectContent, PdfIndirectReference> serializedContentToObj = new HashMap<>();
3635

3736
SmartModePdfObjectsSerializer() {
3837
try {
39-
md5 = MessageDigest.getInstance("MD5");
38+
sha512 = MessageDigest.getInstance("SHA-512");
4039
} catch (Exception e) {
4140
throw new PdfException(e);
4241
}
@@ -110,7 +109,7 @@ private void serObject(PdfObject obj, ByteBuffer bb, int level, Map<PdfIndirectR
110109
serDic((PdfDictionary) obj, bb, level - 1, serializedCache);
111110
bb.append("$B");
112111
if (level > 0) {
113-
bb.append(md5.digest(((PdfStream) obj).getBytes(false)));
112+
bb.append(sha512.digest(((PdfStream) obj).getBytes(false)));
114113
}
115114
} else if (obj.isDictionary()) {
116115
serDic((PdfDictionary) obj, bb, level - 1, serializedCache);

0 commit comments

Comments
 (0)