algorithm attribute

Inherited:no
Used By:input
See:alias handler keypassword keystoretype location ocsp pades password reason signer timestampurl

Sets the algorithm of the digital signature. The default is SHA1, but various other options are available, typically including SHA256 and SHA512 (the exact list depends on the Java installation). This is only used by the input type="signature" element, and is not mandatory.

This shows how to digitally sign a document

<input type="signature"
       handler="acrobat6"               // handler used to verify this signature
       keystore="file:/privatekey.jks"  // URL of the keystore
       keystoretype="JKS-SUN"           // type of keystore
       password="storepassword"         // password to unlock the keystore
       alias="secretkey"                // key from the keystore to use
       keypassword="secretkeypassword"  // password to unlock the key, if required
       certify="nochanges"              // allow no changes after signing
       signer="John Smith"              // name to place on the signature
       reason="I am the author"         // reason you're signing the document
/>

Same as the above example but showing the additional keys that might be used to create a signature with "long-term validation".

<input type="signature"
       handler="acrobat6"               // handler used to verify this signature
       keystore="file:/privatekey.jks"  // URL of the keystore
       keystoretype="JKS-SUN"           // type of keystore
       password="storepassword"         // password to unlock the keystore
       alias="secretkey"                // key from the keystore to use
       keypassword="secretkeypassword"  // password to unlock the key, if required
       signer="John Smith"              // name to place on the signature
       reason="I am the author"         // reason you're signing the document
       timestampurl="http://timestamp.entrust.net/TSS/RFC3161sha1TS" // URL of the RFC3161 Timestamp service
       pades="true"                     // Mark the signature as PAdES compatible
       ocsp="true"                      // Perform OCSP and CRL verification at time of signing
       algorithm="SHA256"               // Set the digest algorithm to SHA-256 (optional).
/>