Skip to content
/ xades Public

Duuba XAdES is a library for creating XML Advanced electronic signatures (XAdES) for sealing and signing. Use it to create XAdES baseline signatures according to ETSI specifications TS 101 903 v1.4.1 and EN 319 132 v1.1.1. For more information, visit the project website

License

Notifications You must be signed in to change notification settings

duuba/xades

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Duuba XAdES

Duuba XAdES is a library for creating XML advanced electronic signatures (XAdES) for sealing and signing. Use it to create XAdES baseline signatures according to ETSI specifications TS 101 903 v1.4.1 and EN 319 132 v1.1.1.

Duuba supports both ETSI specifications of XAdES. The main difference between these two specifications is that for some of the qualifying properties EN 319 132 defines additional data or uses another representation of the same data. Duuba therefore includes new versions of the corresponding XML element declarations in the XML schema (the elements with "V2" suffix). There are also different classes to represent the different versions of these properties. Duuba will automatically create the correct elements based on the specification set when creating the signature.


For more information on Duuba visit the project website at https://duuba.org
Lead developer: Sander Fieten
Code hosted at https://github.com/duuba/xades
Issue tracker https://github.com/duuba/xades/issues

Features

  • Creates XAdES baseline signatures
  • Can be used for signing EESSI documents
  • Fast - signing a 1.2GB document takes 9.4 seconds
  • Compact
  • Easy to use
  • Well documented in the code
  • Can handle large documents (tested with documents up to 1.2GB)
  • Low memory usage

Using

As Duuba XAdES is available on Maven Central it can be easily included in your project using the following Maven coordinates:

	<groupId>org.duuba.xades</groupId>
	<artifactId>xades</artifactId>
	<version>1.0.0</version>

Duuba is built on top of the Apache Santuario library for the processing of XML signatures. It follows the standard Java XML factory pattern and adds the classes and factory methods for the elements representing the XAdES signature and its qualifying attributes. This means that you will need to use both the factory from Santuario to create the “normal” XML signature object and use org.duuba.xades.XadesSignatureFactory to create the XAdES specific ones. To ensure you use the correct XMLSignatureFactory instance use the XadesSignatureFactory.getXMLSignatureFactory() method.

To facilitate the creation of an enveloped XAdES baseline signature we have included a builder, org.duuba.xades.builders.BasicEnvelopedSignatureBuilder, that takes care of creating all necessary elements of the XAdES signature. You provide the private key, certificate and values for the qualifying properties to include and the builder will take care of constructing the XAdES signature. An example of how the builder can be used to create the signature can be found in org.duuba.xades.examples.EnvelopedBBExample.

Contributing

We are using the simplified Github workflow to accept modifications which means you should:

  • create an issue related to the problem you want to fix or the function you want to add (good for traceability and cross-reference)
  • fork the repository
  • create a branch (optionally with the reference to the issue in the name)
  • write your code, including comments
  • commit incrementally with readable and detailed commit messages
  • run integration tests to check everything works on runtime
  • Update the changelog with a short description of the changes including a reference to the issues fixed
  • submit a pull request against the 'next' branch of this repository

If your contribution is more than a patch, please contact us beforehand to discuss which branch you can best submit the pull request to.

Submitting bugs

You can report issues directly on the project Issue Tracker. Please document the steps to reproduce your problem in as much detail as you can (if needed and possible include screenshots).

Versioning

Version numbering follows the Semantic versioning approach.

License

Duuba XAdES is licensed under the Lesser General Public License V3 (LGPLv3) which is included in the license.txt in the root of the project.

Elements of the Bouncy Castle library provided by The Legion of the Bouncy Castle Inc., see the bc_license.txt file.

Support

Commercial Duuba XAdES support is provided by Chasquis. Contact Chasquis-consulting.com for more information.

About

Duuba XAdES is a library for creating XML Advanced electronic signatures (XAdES) for sealing and signing. Use it to create XAdES baseline signatures according to ETSI specifications TS 101 903 v1.4.1 and EN 319 132 v1.1.1. For more information, visit the project website

Topics

Resources

License

Stars

Watchers

Forks

Languages