Missing CountersignedSignature type in xades4j

StackOverflow https://stackoverflow.com/questions/23394852

  •  12-07-2023
  •  | 
  •  

Question

I noticed in my document countersigned with xades4j there is no Type="..CountersignedSignature" in the Reference of countersigned signature. The same is in xades4j unit test in document.signed.bes.cs.xml.

On the other hand, in xades4j.properties.CounterSignatureProperty I can see the following property defined:

public String COUNTER_SIGNATURE_TYPE_URI = "http://uri.etsi.org/01903#CountersignedSignature";

How can I force xades to use that property? If the type attribute is missing I have a problem with validating the document in other 3rd party software.

I used code written in SignerBESTest.

Document doc = getTestDocument();
Element elemToSign = doc.getDocumentElement();

XadesBesSigningProfile profile = new XadesBesSigningProfile(keyingProviderMy);
final XadesSigner counterSigner = profile.newSigner();
profile.withSignaturePropertiesProvider(new SignaturePropertiesProvider() {
@Override
public void provideProperties(final SignaturePropertiesCollector signedPropsCol) {
    signedPropsCol.addCounterSignature(new CounterSignatureProperty(counterSigner));
    signedPropsCol.setSignerRole(new SignerRoleProperty("CounterSignature"));
}
});
final XadesSignatureFormatExtender extender = new XadesFormatExtenderProfile().getFormatExtender();

final List<UnsignedSignatureProperty> unsignedProps = new ArrayList<UnsignedSignatureProperty>();
unsignedProps.add(new CounterSignatureProperty(counterSigner));

org.apache.xml.security.Init.init();
final Element sigElem = (Element) documentSource.getElementsByTagName("ds:Signature").item(0);
final XMLSignature xmlSig = new XMLSignature(sigElem, documentSource.getBaseURI());
extender.enrichSignature(xmlSig, new UnsignedProperties(unsignedProps));

Thanks in advance!

Edit1: I will add that I know the solution by modifying xades4j sources but I would be more interested with a solution which I can apply only in my source code.

Was it helpful?

Solution

The XAdES spec defines two mechanisms for managing counter signatures:

  1. Use the Type attribute on arbitrary signatures
  2. Use the CounterSignature property which contains a counter signature that actually is an enveloped signature (contained in the original one).

XAdES4j uses the second approach, hence not including the Type attribute. Also, there's no way to enforce its presence on the API. That said, I may check if it is easy to include the attribute.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top