xades4j sugestions for changes

Question

I have a list of suggestion for xades4j. These are minor changes in the xades4j usability.

---

1. Class DefaultTimeStampTokenProvider

It should be possible to override the method getHttpConnection(). This is my opinion, but today in many enterprises the IT systems are behind a proxy. So, if the getHttpConnection can have a custom implementation, basically a different way to set the connection, it Or it may be something else that I'm not thinking at the moment, it would be more generic.

---

2. Class ObjectIdentifier

I implemented the SignaturePolicyDocumentProvider. In this I used a hashmap to store the policies. And in order to have the method getSignaturePolicyDocumentStream working correctly, I had to add the methods hashCode() and equals() to ObjectIdentifier (eclipse generated code).

---

3. Interface KeyStoreKeyingDataProvider.SigningCertSelector

I was imagining a scenario where I have a keystore with several private keys with different alias and then I would use the selectCertificate to select the correct one based on the alias. But as rhe method selectCertificate have as input a List of X509Certificates this is not possible, I would need to have some kind of hashmap. Because being a List, it is very easy to get by position, but other types of logic become hard.

---

Thoughts?

Answer 1

In general, I agree with all your suggestions:

1. That approach is actually used on AuthenticatedTimeStampTokenProvider. I think the getHttpConnection() method isn't protected by mistake... However, I have something more generic planned: separate the act of obtaining the TSResponse from the remaining logic (something like the strategy pattern). This way we'd have a TS provider and a, lets say, "HttpTSResponseResolver" (or others).

2. Noted. I agree it can be useful. I'll see if the identifier string is sufficient for the hash code or if the identifier type must also be included.

3. Noted. The arguments should probably be a list of pairs.

Thanks for the feedback!