[
https://issues.apache.org/jira/browse/PDFBOX-1314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13283508#comment-13283508
]
Petras commented on PDFBOX-1314:
--------------------------------
I found another side effect of this bug if original document (not created with
PDFBox), containing digital signature, was incrementally updated (let's say
another signature was applied). In that case Adobe Acrobat X invalidates the
first signature since some dictionaries, that originally were direct objects,
became indirect.
See attached file (sample_signed_with_increment.pdf) containing 2 signatures.
The document originally was created and signed with different tool. Another
signature was added with PDFBox. Acrrobat shows first signature invalid. It may
also be an issue for Adobe Acrobat X (used v10.1.3.23), since actually original
content was not modified. Though Acrobat says that "1 Page is modified", if you
ask Acrobat to compare signed version to current version, report says that
pages are identical. If you validate signature of the _signed version_ of
document, Acrobat validates this signature.
The culprit is /Font entry value in page object resource dictionary that after
incremental update turned from direct to indirect dictionary object:
------ Original ------
5 0 obj
<</Parent 11 0 R/Contents 12 0
R/Type/Page/Resources<</ProcSet[/PDF/Text]/Font<</F1 13 0 R>>>>/MediaBox[0 0
612 792]/Annots[4 0 R]>>
endobj
------ After incremental update ----
5 0 obj
<<
/Parent 11 0 R
/Contents 12 0 R
/Type /Page
/Resources <<
/ProcSet [/PDF /Text]
/Font 17 0 R
>>
/MediaBox [0 0 612 792]
/Annots [4 0 R 14 0 R]
>>
endobj
...
17 0 obj
<<
/F1 13 0 R
>>
endobj
If before incremental save /Font entry value's COSBase property "direct" is set
to true, PDFBox saves it as direct object and Acrobat does not complain and
validates the first signature.
> PDFParser should set "direct" property in COSBase if this object is direct
> --------------------------------------------------------------------------
>
> Key: PDFBOX-1314
> URL: https://issues.apache.org/jira/browse/PDFBOX-1314
> Project: PDFBox
> Issue Type: Bug
> Components: Parsing
> Affects Versions: 1.6.0
> Reporter: Petras
> Labels: COSWriter, PDFParser
> Attachments: sample_signed_with_increment.pdf
>
>
> PDFParser during PDF parsing does not update COSBase#direct property - it
> always return false when read. Especially this issue manifests for dictionary
> objects when PDF is saved (either regularly or incrementally) - all
> dictionary objects in saved PDF, if they do not have COSBase#direct property
> set or are not specifically treated by COSWriter (like XObject or Resources)
> are written as indirect objects. Though PDF specification allows dictionary
> objects to be indirect, but not for /Extensions dictionary in document
> catalog: "The extensions dictionary, all developer extensions dictionary
> entries in the extensions dictionary, as well as their entries, all shall be
> direct objects (i.e., this information shall be nested directly within the
> catalog dictionary with no indirect objects used)." (see ISO 32000-1: 7.12
> Extensions Dictionary).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
