0

I'm creating an Enveloped signature with xades4j following this statements:

Element elemToSign = doc.getDocumentElement();
XadesSigner signer = new XadesTSigningProfile(...).newSigner();
new Enveloped(signer).sign(elemToSign);

But I need to put in the signature also other properties like ProofOfApprova etc...

I see that in xades4j examples the proofOfApprovalProperties are addedto enveloped signature using different statements of signature, for example:

AllDataObjsCommitmentTypeProperty globalCommitment = AllDataObjsCommitmentTypeProperty.proofOfApproval();
CommitmentTypeProperty commitment = CommitmentTypeProperty.proofOfCreation();

DataObjectDesc obj1 = new DataObjectReference('#' + elemToSign.getAttribute("Id"))
    .withTransform(new EnvelopedSignatureTransform())
    .withDataObjectFormat(new DataObjectFormatProperty("text/xml", "MyEncoding")
    .withDescription("Isto é uma descrição do elemento raiz")
    .withDocumentationUri("http://doc1.txt")
    .withDocumentationUri("http://doc2.txt"))
    .withIdentifier("http://elem.root"))
    .withCommitmentType(commitment)
    .withDataObjectTimeStamp(dataObjsTimeStamp)

SignedDataObjects dataObjs = new SignedDataObjects(obj1)
    .withCommitmentType(globalCommitment);

signer.sign(dataObjs, elemToSign);

I see here that another procedure of signature is used, more specificately the statement in which I create a DataObjectreference saying that I use "Id" attibute fo root tag is unusable for me because in input I can have any kind of xml document and I cannot know what kind of attribute (if present) I can use foe define root tag.

Briefly, can I have some examp'le code where I create an Enveloped signature and put a proofOfApproval property using "new Enveloped(signer).sign(elemToSign);", or anyway whitout knowing the xml source structure?

Thanks

M.

Lain
  • 2,166
  • 4
  • 23
  • 47
Michele Bortolato
  • 707
  • 2
  • 11
  • 27

1 Answers1

1

The proofOfApproval property has to be applied to data objects being signed, hence the need to use the SignedDataObjects class.

The Enveloped class is just a helper for straightforward scenarios. If I understood correctly you want to sign the whole XML document. The XML-Signatures spec defines that an empty URI on a reference (URI="") means exactly that. If you check the code on the Enveloped class you'll see that it adds a DataObjectReference with an empty uri.

To sum up, you'll need something like:

DataObjectDesc obj1 = new DataObjectReference("")
    .withTransform(new EnvelopedSignatureTransform())
    .withCommitmentType(CommitmentTypeProperty.proofOfApproval());
signer.sign(new SignedDataObjects(obj1), elemToSign);
lgoncalves
  • 2,040
  • 1
  • 14
  • 12
  • Thanks, i see it works. But i have another things to ask (i need to complete a project to the middle of september), do you know if i can add on KeyInfo element optionally other properties like Keyvalue and/or X509IssuerName? I did'nt find any axample about it. Thanks – Michele Bortolato Aug 27 '12 at 10:01
  • Please don't ask new questions in the comments. You should ask a new question instead, you will be more likely to receive an answer. – Antoine Aubry Sep 06 '12 at 21:53
  • @zuper - xades4j doesn't include those tags and currently there's no option to control that. It may be included on the next version. If you really need it, you can change the code to include the tag. The X509Data element is created on the KeyInfoBuilder class. – lgoncalves Sep 07 '12 at 13:43