Qoppa’s PDF libraries components (v2020 and up) and Android PDF toolkit (v6.8 and up) use the safest hash algorithm available and supported by the PDF file version when applying digital signatures.
This is priority order in which we look for hash algorithms based on the document version:
- PDF File Version 1.7 & up: “SHA512”, “SHA384”, “RIPEMD160”, “SHA256”, “SHA1”
- PDF File Version 1.6: “SHA256”, “SHA1”
- PDF File Version 1.5 & below: “SHA1”
You can find more details about this in PDF reference documents published by PDF/A association: PDF Reference 1.7 on page 740, and PDF Reference 2.0 on page 559.
Qoppa’s PDF library jPDFProcess and Android PDF toolkit can be used to change the PDF file version if a specific hash algorithm is desired.