Merge pull request #146 from silegis-mg/silegismg

XAdES-X-L and a XAdES-A support

pom.xml

@@ -72,8 +72,7 @@
             <version>1.56</version>
         </dependency>
     </dependencies>
-
-    <distributionManagement>
+	    <distributionManagement>
         <snapshotRepository>
             <id>ossrh</id>
             <url>https://oss.sonatype.org/content/repositories/snapshots</url>
@@ -97,6 +96,29 @@
     </build>
 
     <profiles>
+        <profile>
+            <id>test-with-proxy</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemProperties>
+                                <property>
+                                    <name>http.proxyHost</name>
+                                    <value>${http.proxyHost}</value>
+                                </property>
+                                <property>
+                                    <name>http.proxyPort</name>
+                                    <value>${http.proxyPort}</value>
+                                </property>
+                            </systemProperties>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
         <profile>
             <id>release</id>
             <build>
@@ -170,4 +192,4 @@
         </profile>
     </profiles>
 
-</project>
+</project>

src/main/java/xades4j/production/DataGenArchiveTimeStamp.java

@@ -28,11 +28,8 @@
 import org.w3c.dom.Element;
 import xades4j.properties.ArchiveTimeStampProperty;
 import xades4j.properties.CertificateValuesProperty;
-import xades4j.properties.CompleteCertificateRefsProperty;
-import xades4j.properties.CompleteRevocationRefsProperty;
 import xades4j.properties.QualifyingProperty;
 import xades4j.properties.RevocationValuesProperty;
-import xades4j.properties.SignatureTimeStampProperty;
 import xades4j.properties.data.ArchiveTimeStampData;
 import xades4j.properties.data.BaseXAdESTimeStampData;
 import xades4j.providers.AlgorithmsProviderEx;
@@ -94,13 +91,10 @@ protected void addPropSpecificTimeStampInput(
             if (ki != null)
                 digestInput.addNode(ki.getElement());
 
-            // Unsigned properties, in order of appearance.
-            Map<String, Integer> propsCnt = new HashMap<String, Integer>(5);
+            // Required properties, in order of appearance.
+            Map<String, Integer> propsCnt = new HashMap<String, Integer>(2);
             propsCnt.put(CertificateValuesProperty.PROP_NAME, 0);
             propsCnt.put(RevocationValuesProperty.PROP_NAME, 0);
-            propsCnt.put(CompleteCertificateRefsProperty.PROP_NAME, 0);
-            propsCnt.put(CompleteRevocationRefsProperty.PROP_NAME, 0);
-            propsCnt.put(SignatureTimeStampProperty.PROP_NAME, 0);
 
             e = DOMHelper.getFirstChildElement(unsignedSigPropsElem);
             // UnsignedProperties shouldn't be empty!

src/main/java/xades4j/production/DataGenAttrAuthoritiesCertValues.java

@@ -0,0 +1,54 @@
+/*
+ * XAdES4j - A Java library for generation and verification of XAdES signatures.
+ * Copyright (C) 2012 Hubert Kario - QBS.
+ *
+ * XAdES4j is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or any later version.
+ *
+ * XAdES4j is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with XAdES4j. If not, see <http://www.gnu.org/licenses/>.
+ */
+package xades4j.production;
+
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+
+import xades4j.properties.AttrAuthoritiesCertValuesProperty;
+import xades4j.properties.data.AttrAuthoritiesCertValuesData;
+import xades4j.properties.data.CertificateValuesData;
+import xades4j.properties.data.PropertyDataObject;
+
+/**
+ * @author Hubert Kario
+ */
+public class DataGenAttrAuthoritiesCertValues
+    implements PropertyDataObjectGenerator<AttrAuthoritiesCertValuesProperty>
+{
+    @Override
+    public PropertyDataObject generatePropertyData(
+            AttrAuthoritiesCertValuesProperty prop,
+            PropertiesDataGenerationContext ctx)
+            throws PropertyDataGenerationException
+    {
+        AttrAuthoritiesCertValuesData attrAuthCertValuesData =
+                new AttrAuthoritiesCertValuesData();
+        try
+        {
+            for (X509Certificate cer : prop.getCertificates())
+            {
+                attrAuthCertValuesData.addData(cer.getEncoded());
+            }
+        } catch (CertificateEncodingException ex)
+        {
+            throw new PropertyDataGenerationException(prop, "cannot get encoded certificate", ex);
+        }
+
+        return attrAuthCertValuesData;
+    }
+}

src/main/java/xades4j/production/DataGenAttributeRevocationValues.java

@@ -0,0 +1,53 @@
+/*
+ * XAdES4j - A Java library for generation and verification of XAdES signatures.
+ * Copyright (C) 2012 Hubert Kario - QBS
+ *
+ * XAdES4j is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or any later version.
+ *
+ * XAdES4j is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with XAdES4j. If not, see <http://www.gnu.org/licenses/>.
+ */
+package xades4j.production;
+
+import java.security.cert.CRLException;
+import java.security.cert.X509CRL;
+
+import xades4j.properties.AttributeRevocationValuesProperty;
+import xades4j.properties.data.AttributeRevocationValuesData;
+import xades4j.properties.data.PropertyDataObject;
+
+/**
+ *
+ * @author Hubert Kario
+ *
+ */
+public class DataGenAttributeRevocationValues implements
+        PropertyDataObjectGenerator<AttributeRevocationValuesProperty>
+{
+    @Override
+    public PropertyDataObject generatePropertyData(
+            AttributeRevocationValuesProperty prop,
+            PropertiesDataGenerationContext ctx)
+            throws PropertyDataGenerationException
+    {
+        AttributeRevocationValuesData attrRevocValuesData = new AttributeRevocationValuesData();
+        try
+        {
+            for (X509CRL crl : prop.getCrls())
+            {
+                attrRevocValuesData.addData(crl.getEncoded());
+            }
+        } catch (CRLException ex)
+        {
+            throw new PropertyDataGenerationException(prop, "cannot get encoded CRL", ex);
+        }
+        return attrRevocValuesData;
+    }
+}

src/main/java/xades4j/production/DataGenTimeStampValidationData.java

@@ -0,0 +1,71 @@
+/*
+ * XAdES4j - A Java library for generation and verification of XAdES signatures.
+ * Copyright (C) 2012 Hubert Kario - QBS.
+ *
+ * XAdES4j is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or any later version.
+ *
+ * XAdES4j is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with XAdES4j. If not, see <http://www.gnu.org/licenses/>.
+ */
+package xades4j.production;
+
+import java.security.cert.CRLException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+
+import xades4j.properties.TimeStampValidationDataProperty;
+import xades4j.properties.data.PropertyDataObject;
+import xades4j.properties.data.TimeStampValidationDataData;
+
+/**
+ *
+ * @author Hubert Kario
+ *
+ */
+public class DataGenTimeStampValidationData implements
+        PropertyDataObjectGenerator<TimeStampValidationDataProperty>
+{
+
+    @Override
+    public PropertyDataObject generatePropertyData(
+            TimeStampValidationDataProperty prop,
+            PropertiesDataGenerationContext ctx)
+            throws PropertyDataGenerationException
+    {
+        TimeStampValidationDataData tsValidationDataData =
+                new TimeStampValidationDataData();
+
+        try
+        {
+            for (X509Certificate cer : prop.getCertificates())
+            {
+                tsValidationDataData.addCertificateData(cer.getEncoded());
+            }
+        } catch (CertificateEncodingException e)
+        {
+            throw new PropertyDataGenerationException(prop, "cannot get encoded certificate", e);
+        }
+
+        try
+        {
+            for (X509CRL crl : prop.getCrls())
+            {
+                tsValidationDataData.addCRLData(crl.getEncoded());
+            }
+        } catch (CRLException e)
+        {
+            throw new PropertyDataGenerationException(prop, "cannot get encoded CRL", e);
+        }
+
+        return tsValidationDataData;
+    }
+
+}

src/main/java/xades4j/production/DefaultProductionBindingsModule.java

@@ -22,6 +22,8 @@
 import xades4j.properties.AllDataObjsCommitmentTypeProperty;
 import xades4j.properties.AllDataObjsTimeStampProperty;
 import xades4j.properties.ArchiveTimeStampProperty;
+import xades4j.properties.AttrAuthoritiesCertValuesProperty;
+import xades4j.properties.AttributeRevocationValuesProperty;
 import xades4j.properties.CertificateValuesProperty;
 import xades4j.properties.CommitmentTypeProperty;
 import xades4j.properties.CompleteCertificateRefsProperty;
@@ -39,6 +41,7 @@
 import xades4j.properties.SignerRoleProperty;
 import xades4j.properties.SigningCertificateProperty;
 import xades4j.properties.SigningTimeProperty;
+import xades4j.properties.TimeStampValidationDataProperty;
 import xades4j.properties.data.CustomPropertiesDataObjsStructureVerifier;
 import xades4j.providers.AlgorithmsProvider;
 import xades4j.providers.AlgorithmsProviderEx;
@@ -163,12 +166,24 @@ public void provideProperties(DataObjectDesc dataObj)
         {
         }).to(DataGenCertificateValues.class);
 
+        bind(new TypeLiteral<PropertyDataObjectGenerator<AttrAuthoritiesCertValuesProperty>>()
+        {
+        }).to(DataGenAttrAuthoritiesCertValues.class);
+
         bind(new TypeLiteral<PropertyDataObjectGenerator<RevocationValuesProperty>>()
         {
         }).to(DataGenRevocationValues.class);
 
+        bind(new TypeLiteral<PropertyDataObjectGenerator<AttributeRevocationValuesProperty>>()
+        {
+        }).to(DataGenAttributeRevocationValues.class);
+
         bind(new TypeLiteral<PropertyDataObjectGenerator<ArchiveTimeStampProperty>>()
         {
         }).to(DataGenArchiveTimeStamp.class);
+
+        bind(new TypeLiteral<PropertyDataObjectGenerator<TimeStampValidationDataProperty>>()
+        {
+        }).to(DataGenTimeStampValidationData.class);
     }
 }

src/main/java/xades4j/production/SignaturePropertiesCollectorImpl.java

@@ -26,6 +26,7 @@
 import xades4j.properties.SigningTimeProperty;
 import xades4j.properties.UnsignedSignatureProperty;
 import xades4j.providers.SignaturePropertiesCollector;
+import xades4j.utils.PropertiesList;
 import xades4j.utils.PropertiesSet;
 
 /**
@@ -34,13 +35,13 @@
 class SignaturePropertiesCollectorImpl implements SignaturePropertiesCollector
 {
     private final PropertiesSet<SignedSignatureProperty> signedSigProps;
-    private final PropertiesSet<UnsignedSignatureProperty> unsignedSigProps;
+    private final PropertiesList<UnsignedSignatureProperty> unsignedSigProps;
 
     public SignaturePropertiesCollectorImpl()
     {
 
         this.signedSigProps = new PropertiesSet<SignedSignatureProperty>(2);
-        this.unsignedSigProps = new PropertiesSet<UnsignedSignatureProperty>(0);
+        this.unsignedSigProps = new PropertiesList<UnsignedSignatureProperty>(0);
     }
 
     /***** Signed signature properties *****/

src/main/java/xades4j/production/XadesCSigningProfile.java

@@ -28,10 +28,19 @@
  * <p>
  * The {@code AttributeCertificateRefs} and {@code AttributeRevocationRefs} properties
  * are not supported.
+ * <p>
+ * If the (implicit or explicit) policy you're following requires grace periods for
+ * signature creation, it is highly recommended <b>not</b> to use this signing profile
+ * but to use {@link XadesTSigningProfile} for initial signature creation and then extend
+ * the signature to XAdES-C form after the grace period has elapsed and new revocation
+ * information is available.
  * @author Luís
  */
 public class XadesCSigningProfile extends XadesTSigningProfile
 {
+    /**
+     * @see XadesCSigningProfile
+     */
     public XadesCSigningProfile(
             KeyingDataProvider keyingProvider,
             ValidationDataProvider validationDataProv)
@@ -40,6 +49,9 @@ public XadesCSigningProfile(
         withBinding(ValidationDataProvider.class, validationDataProv);
     }
 
+    /**
+     * @see XadesCSigningProfile
+     */
     public XadesCSigningProfile(
             KeyingDataProvider keyingProvider,
             Class<? extends ValidationDataProvider> validationDataProvClass)
@@ -48,6 +60,9 @@ public XadesCSigningProfile(
         withBinding(ValidationDataProvider.class, validationDataProvClass);
     }
 
+    /**
+     * @see XadesCSigningProfile
+     */
     public XadesCSigningProfile(
             Class<? extends KeyingDataProvider> keyingProviderClass,
             ValidationDataProvider validationDataProv)
@@ -56,6 +71,9 @@ public XadesCSigningProfile(
         withBinding(ValidationDataProvider.class, validationDataProv);
     }
 
+    /**
+     * @see XadesCSigningProfile
+     */
     public XadesCSigningProfile(
             Class<? extends KeyingDataProvider> keyingProviderClass,
             Class<? extends ValidationDataProvider> validationDataProvClass)

src/main/java/xades4j/production/XadesFormatExtenderProfile.java

@@ -34,7 +34,7 @@
  * is used to add unsigned signature properties to an existing signature in order
  * augment its format. This can be done as part of the {@link xades4j.verification.XadesVerifier#verify(org.w3c.dom.Element, xades4j.verification.SignatureSpecificVerificationOptions, xades4j.production.XadesSignatureFormatExtender, xades4j.verification.XAdESForm) verification process}.
  * The {@code XadesSignatureFormatExtender} can also be used separately, but no
- * checks are made on the correctness of the signature.
+ * checks are made on the correctness of the signature or added properties.
  * <p>
  * This profile follows the same principles of {@link XadesSigningProfile}.
  * @author Luís