Reputation: 787
Adding SignedDataObjects (and consequently add proofOfApproval property) to an enveloped signature
I'm creating an Enveloped signature with xades4j following this statements:
Element elemToSign = doc.getDocumentElement();
XadesSigner signer = new XadesTSigningProfile(...).newSigner();
new Enveloped(signer).sign(elemToSign);
But I need to put in the signature also other properties like ProofOfApprova etc...
I see that in xades4j examples the proofOfApprovalProperties are addedto enveloped signature using different statements of signature, for example:
AllDataObjsCommitmentTypeProperty globalCommitment = AllDataObjsCommitmentTypeProperty.proofOfApproval();
CommitmentTypeProperty commitment = CommitmentTypeProperty.proofOfCreation();
DataObjectDesc obj1 = new DataObjectReference('#' + elemToSign.getAttribute("Id"))
.withTransform(new EnvelopedSignatureTransform())
.withDataObjectFormat(new DataObjectFormatProperty("text/xml", "MyEncoding")
.withDescription("Isto é uma descrição do elemento raiz")
.withDocumentationUri("http://doc1.txt")
.withDocumentationUri("http://doc2.txt"))
.withIdentifier("http://elem.root"))
.withCommitmentType(commitment)
.withDataObjectTimeStamp(dataObjsTimeStamp)
SignedDataObjects dataObjs = new SignedDataObjects(obj1)
.withCommitmentType(globalCommitment);
signer.sign(dataObjs, elemToSign);
I see here that another procedure of signature is used, more specificately the statement in which I create a DataObjectreference saying that I use "Id" attibute fo root tag is unusable for me because in input I can have any kind of xml document and I cannot know what kind of attribute (if present) I can use foe define root tag.
Briefly, can I have some examp'le code where I create an Enveloped signature and put a proofOfApproval property using "new Enveloped(signer).sign(elemToSign);", or anyway whitout knowing the xml source structure?
Thanks
M.
Upvotes: 0
Views: 958
Answers (1)
Reputation: 2090
The proofOfApproval property has to be applied to data objects being signed, hence the need to use the SignedDataObjects class.
The Enveloped class is just a helper for straightforward scenarios. If I understood correctly you want to sign the whole XML document. The XML-Signatures spec defines that an empty URI on a reference (URI="") means exactly that. If you check the code on the Enveloped class you'll see that it adds a DataObjectReference with an empty uri.
To sum up, you'll need something like:
DataObjectDesc obj1 = new DataObjectReference("")
.withTransform(new EnvelopedSignatureTransform())
.withCommitmentType(CommitmentTypeProperty.proofOfApproval());
signer.sign(new SignedDataObjects(obj1), elemToSign);
Upvotes: 1
Related Questions
- Convert enveloped XaDES to detached
- Enveloping signatures with XadesBes timestamped
- Is there an example of how to do a XAdES-BES enveloped signature with the XAdES4j library?
- Xml enveloped signature in gSOAP
- How to sign KeyInfo properties XAdES4j?
- XAdES internally detached signature
- Xades4j produces an invalid signature with signSigningCertificate set to true and DataObjectFormatProperty
- xades4j: how to produce an signature with a transform in the signedproperties reference
- Xades4j verification enveloped signature
- Signing with xmlsec