Add comments around non-security-related uses of MD5

Jay Berkenbilt
1 parent c365a26e
Showing 2 changed files with 7 additions and 3 deletions
include/qpdf/QPDFEFStreamObjectHelper.hh
libqpdf/QPDFEFStreamObjectHelper.cc
@@ -57,9 +57,11 @@ class QPDFEFStreamObjectHelper: public QPDFObjectHelper
     // Subtype is a mime type such as "text/plain"
     QPDF_DLL
     std::string getSubtype();
-    // Return the MD5 checksum as stored in the object as a binary
-    // string. This does not check consistency with the data. If not
-    // present, return an empty string.
+    // Return the checksum as stored in the object as a binary string.
+    // This does not check consistency with the data. If not present,
+    // return an empty string. The PDF spec specifies this as an MD5
+    // checksum and notes that it is not to be used for security
+    // purposes since MD5 is known not to be secure.
     QPDF_DLL
     std::string getChecksum();
@@ -139,6 +139,8 @@ QPDFEFStreamObjectHelper::newFromStream(QPDFObjectHandle stream)
     stream.getDict().replaceKey(
         "/Type", QPDFObjectHandle::newName("/EmbeddedFile"));
     Pl_Discard discard;
+    // The PDF spec specifies use of MD5 here and notes that it is not
+    // to be used for security. MD5 is known to be insecure.
     Pl_MD5 md5("EF md5", &discard);
     Pl_Count count("EF size", &md5);
     if (!stream.pipeStreamData(&count, nullptr, 0, qpdf_dl_all)) {