Library to manage XAdES signatures in Java

xml digital-signature archiving java xml-signature
13,190

Solution 1

We have recently completed a project using XAdES-BES signatures in both enveloped and enveloping forms. We chose the XAdES4j project because it seemed the most complete, and XAdES was a core requirement.

The support on the Q&A section is sometimes slow, and and only the most obvious use case is well documented. That said the library is well tested, excellently designed, and very useful.

We spent a couple of weeks getting our heads around it and I would now recommend it as a platform.

The only caveat is that (as you say) it is the production of an academic project, so how much support it will receive in the future is anyone's guess. If you pick it up and buy into it then consider contributing, and it might pick up a bit of speed.

Solution 2

You can look at the "Componentes de firma", a LGPL suite of components created and mantained by the Spanish government. It's a full cryptographic suite that supports creation and validation of the following XAdES formats:

  • XAdES-BES
  • XAdES-T
  • XAdES-C
  • XAdES-X
  • XAdES-XL
  • XAdES-EPES

With detached, enveloped, enveloping and mixed signatures.

Detailed description of the XAdES signatures can be found at http://oficinavirtual.mityc.es/componentes/MITyCLibXADES/index.html, and the download site is http://oficinavirtual.mityc.es/componentes/downloads.html

Solution 3

Just to complete the list, XMLBlackbox package of our SecureBlackbox (Java edition) offers full support for all XAdES versions and is actively maintained and supported.

Share:
13,190

Related videos on Youtube

Jhack
Author by

Jhack

me tuobA

Updated on May 23, 2022

Comments

  • Jhack
    Jhack almost 2 years

    I'm looking for a Java library that allows the creation and verification of XAdES signatures (the more formats, the better: XAdES-BES, XAdES-C, XAdES-X-L, etc.).

    The most interesting implementations I found are:

    • Java XML Digital Signature API (JSR 105) (= the one included in Java SE 6), which is based on the following one;
    • Apache Santuario (http://santuario.apache.org/), which provides an useful support only for basic features;
    • XAdES4j (http://code.google.com/p/xades4j/, nice presentation: http://prezi.com/06vyxbgohncv/xades4j-en/), which seems to be interesting, because it "enables producing, verifying and extending signatures in the main XAdES forms: XAdES-BES, XAdES-EPES, XAdES-T and XAdES-C. Also, extended forms are supported through the enrichment of an existing signature". However it's the result of a thesys and it's followed only by a developer;
    • eID Digital Signature Service (http://code.google.com/p/eid-dss/), which is developed by the Belgium Federal ICT Department and supports the XAdES-X-L format.

    Which one would you suggest to use or to build on?

  • Hubert Kario
    Hubert Kario over 11 years
    Unless I've read their documentation wrong and they didn't put this change to the change log, it looks like the Java version of the library doesn't support ArchiveTimeStamp (XAdES-A) from version 1.4.2 of the standard. This will make the A form generated with it invalid with Qualified Signatures after 2012 or 2013, can't remember exactly now...
  • Eugene Mayevski 'Callback
    Eugene Mayevski 'Callback over 11 years
    @HubertKario XAdES-A is supported. Maybe an additional line or two of code should be written, but this is not a problem.
  • Eugene Mayevski 'Callback
    Eugene Mayevski 'Callback over 11 years
    @HubertKario All supported profiles are listed on eldos.com/sbb/desc-xml-spec.php and XAdES-A is in the list. Moreover, this is the only place where specific profiles are listed.
  • Hubert Kario
    Hubert Kario over 11 years
    Link you provided doesn't tell which version of the standard you support. Current EU law requires creation of ArchiveTimeStamp property in 1.4.1 namespace (so something theoretically completely different from the ArchiveTimeStamp from 1.3.2 version of the standard) and support for TimeStampValidationData property in 1.4.1 namespace. If you are supporting it, then good. Last time I checked you didn't and now I can't find the documentation again so I can't check if this has changed.
  • Eugene Mayevski 'Callback
    Eugene Mayevski 'Callback over 11 years
    @HubertKario If you didn't find something, you are welcome to contact technical support. SO is not the place for such support.
  • Hubert Kario
    Hubert Kario over 11 years
    I've extended xaded4j to full XAdES-A support, patches are in bug tracker.
  • Juan Calero
    Juan Calero over 10 years
    I wouldn't recommend it. We are using this components, and we are having lots of problems. It has several bugs, and the overall feel is a very low quality product.
  • Philip Helger
    Philip Helger about 9 years
    I'm not very familiar with Spansih, but isn't it licensed (also) under EUPL 1.1?
  • meles
    meles over 6 years
    Unfortunately both links don't work anymore.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

XMLDSig: Do I have to specify Reference URI in an enveloped signature
command line tool for XML digital signing
XML adding the same element as a child (Getting HIERARCHY_REQUEST_ERR)
XML validation with XMLDSIG using XadES-BES algorithm
Digital signature: sample code for verification and for extracting certification information
Java's default JAXB implementation is chosen over my classpath
JAXB adding namespace to parent but not to the child elements contained
Convert Xml request to Object Spring Boot
JAXB unmarshal with declared type does not populate the resulting object with data
How do I set the elementFormDefault of an Element in JAXB on a single class basis instead of having it set for the entire package?