Suggested improvement: Allow parsers to access to the last xrefTable filled in XrefTrailerResolver

[Enric Granda <En...@entrust.com.INVALID>]

PDF 2.0 states that adding an incremental update with a DSS or a DocTimestamp is allowed without invalidating the signature even for a PDF with a certification signature with "no changes allowed" permission. See https://github.com/pdf-association/pdf-issues/issues/131

In order to allow a parser to check which objects where added in an incremental update, it would be needed to access to the object list of the XRef of the last update.
The XrefTrailerResolver class has this information since it fills a Map<Long, XrefTrailerObj> bytePosToXrefMap
And the XrefTrailerObj contains the trailer dictionary and a Map with the xrefTable.
But this xrefTable is private.

The XrefTrailerResolver allows the access to the first or last trailer dictionary with public methods getFirstTrailer and getLastTrailer.
But it does not allow access to the xrefTable.

My suggestion is to add a new public method to XrefTrailerResolver class that allows access to the last xrefTable. It would be analog to the existing method getLastTrailer, for instance:

    public final Map<COSObjectKey, Long> getLastXrefTable()
    {
        if (bytePosToXrefMap.isEmpty())
        {
            return null;
        }
        Set<Long> offsets = bytePosToXrefMap.keySet();
        SortedSet<Long> sortedOffset = new TreeSet<>(offsets);
        return bytePosToXrefMap.get(sortedOffset.last()).xrefTable;
    }

This will allow parser classes to check the type of the new objects added in the last incremental update.

Enric
Any email and files/attachments transmitted with it are intended solely for the use of the individual or entity to whom they are addressed. If this message has been sent to you in error, you must not copy, distribute or disclose of the information it contains. Please notify Entrust immediately and delete the message from your system.