Xades-BES validation as checksum
https://stackoverflow.com//questions/22053579
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to verify a document signed by xades4j but I'm not interested in a certificate validation. The only thing I need to know is that the document has been signed correctly and nothing has been changed since the signing.
I've tried a few different approaches but each one uses PKIXCertificateValidationProvider which requires parameters I'm not interested in like trusted certs. The same is used also in unittests in xades4j sources. I even tried to implement CertificateValidationProvider myself but certificates are needed later on by other classes like ValidationData.
Do you have any suggestion how to achieve this with xades4j? Or maybe some other library better documented I could use for validation purposes?
Solution
The correct approach for that scenario is implementing a CertificateValidationProvider. The validation data returned by the validate method should at least return a list with the signing certificate.
A possible implementation of validate for your scenario would be to match the certSelector against the supplied certificates and return a list with the first certificate that matches. This would only work if the signature contains the certificate...
