[SANTUARIO-615] Implementation pre-post processing extension with xades (basic) example.

pom.xml

@@ -366,6 +366,7 @@
                                 <schemaInclude>bindings/schemas/xenc-schema.xsd</schemaInclude>
                                 <schemaInclude>bindings/schemas/xenc-schema-11.xsd</schemaInclude>
                                 <schemaInclude>bindings/schemas/rsa-pss.xsd</schemaInclude>
+                                <schemaInclude>bindings/schemas/XAdES01903v141-202107.xsd</schemaInclude>
                             </schemaIncludes>
                             <bindingDirectory>${basedir}/src/main/resources/bindings/</bindingDirectory>
                             <bindingIncludes>
@@ -377,6 +378,7 @@
                                 <bindingInclude>security-config.xjb</bindingInclude>
                                 <bindingInclude>xop.xjb</bindingInclude>
                                 <bindingInclude>rsa-pss.xjb</bindingInclude>
+                                <bindingInclude>xades.xjb</bindingInclude>
                             </bindingIncludes>
                             <catalog>${basedir}/src/main/resources/bindings/bindings.cat</catalog>
                             <forceRegenerate>false</forceRegenerate>

src/main/java/module-info.java

@@ -63,6 +63,8 @@
     opens org.apache.xml.security;
     opens org.apache.xml.security.binding.excc14n;
     opens org.apache.xml.security.binding.xmldsig;
+    opens org.apache.xml.security.binding.xmldsig.xades.v132;
+    opens org.apache.xml.security.binding.xmldsig.xades.v141;
     opens org.apache.xml.security.binding.xmldsig11;
     opens org.apache.xml.security.binding.xmlenc;
     opens org.apache.xml.security.binding.xmlenc11;
@@ -74,4 +76,6 @@
     opens org.apache.xml.security.keys.storage.implementations;
     opens org.apache.xml.security.transforms.implementations;
     opens org.apache.xml.security.utils.resolver.implementations;
+    opens org.apache.xml.security.utils.jaxb;
+    exports org.apache.xml.security.extension.exceptions;
 }

src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMUtils.java

@@ -34,18 +34,24 @@
 import javax.xml.crypto.dsig.spec.XPathFilterParameterSpec;
 import javax.xml.crypto.dsig.spec.XPathType;
 import javax.xml.crypto.dsig.spec.XSLTTransformParameterSpec;
+import javax.xml.namespace.QName;
 
-import org.w3c.dom.Attr;
-import org.w3c.dom.Document;
-import org.w3c.dom.Element;
-import org.w3c.dom.Node;
+import jakarta.xml.bind.JAXBContext;
+import jakarta.xml.bind.JAXBElement;
+import jakarta.xml.bind.JAXBException;
+import jakarta.xml.bind.Marshaller;
+import org.w3c.dom.*;
 
 /**
  * Useful static DOM utility methods.
  *
  */
 public final class DOMUtils {
 
+    // most common attributes for id attribute names in XML
+    private static final List<String> ID_ATTRIBUTE_NAMES = List.of("Id", "ID", "id");
+
+
     // class cannot be instantiated
     private DOMUtils() {}
 
@@ -422,4 +428,65 @@ public static boolean isNamespace(Node node)
         }
         return false;
     }
+
+    /**
+     * This method convert JAXB object to XML Element value and add it to the
+     * target node. The root object of JAXB object has name as defined in
+     * objectQName.
+     * The method also sets ID flag to IDs in the XML structure.
+     *
+     * @param target      the node to which the XML structure should be added
+     * @param obj         the object to be converted to Element value
+     * @param objectQName the QName of the object root element
+     * @return the created XML structure as a Node
+     * @throws JAXBException if an error occurs during the marshalling
+     */
+    public static Node objectToXMLStructure(Node target, Object obj, QName objectQName) throws JAXBException {
+
+        JAXBContext jc = JAXBContext.newInstance(obj.getClass());
+        Marshaller jaxbMarshaller = jc.createMarshaller();
+        JAXBElement<?> jaxbElement = new JAXBElement(
+                objectQName,
+                obj.getClass(), obj);
+        jaxbMarshaller.marshal(jaxbElement, target);
+        // set idness to all elements so that they can be used as references
+        setIdFlagToIdAttributes(target);
+        return target.getFirstChild();
+    }
+
+    /**
+     * This method declares all attributes with names: ID, id Id to be a
+     * user-determined ID attribute. This affects the value of
+     * <code>Attr.isId</code> and the behavior of
+     * <code>Document.getElementById</code>.
+     *
+     * @param n Node to start from setting id attributes as Id attribute
+     */
+    public static void setIdFlagToIdAttributes(Node n) {
+        setIdFlagToIdAttributes(n, ID_ATTRIBUTE_NAMES);
+    }
+
+    /**
+     * This method declares all attributes with names in idAttributes to be a
+     * user-determined ID attribute. This affects the value of
+     * <code>Attr.isId</code> and the behavior of
+     * <code>Document.getElementById</code>.
+     *
+     * @param n Node to start from setting id attributes as Id attribute
+     * @param idAttributes List of attribute names to be set as Id attribute
+     */
+    public static void setIdFlagToIdAttributes(Node n, List<String> idAttributes) {
+        if (n.getNodeType() == Node.ELEMENT_NODE) {
+            Element e = (Element) n;
+            idAttributes.forEach(id -> {
+                if (e.hasAttribute(id)) {
+                    e.setIdAttribute(id, true);
+                }
+            });
+            NodeList l = e.getChildNodes();
+            for (int i = 0; i < l.getLength(); i++) {
+                setIdFlagToIdAttributes(l.item(i), idAttributes);
+            }
+        }
+    }
 }

src/main/java/org/apache/xml/security/extension/SignatureProcessor.java

@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.extension;
+
+import org.apache.xml.security.signature.XMLSignature;
+import org.apache.xml.security.signature.XMLSignatureException;
+
+/**
+ * This interface is responsible for processing signature. The implementation of
+ * this interface can be uses as pre-processors to add to the signature and
+ * additional data such as XAdES QualifyingProperties for the XAdES basic
+ * signatures profile.
+ * The implementation can be used as post-processors to add update the signatures
+ * after the signature has been generated. An example the Timestamp (TSA) of the
+ * signature, or automatic registration of the signature hast to blockchain ledger.
+ */
+public interface SignatureProcessor {
+
+    /**
+     * Process the signature.
+     *
+     * @param signature the XMLSignature instance to be processed
+     * @throws XMLSignatureException if an error occurs while processing the signature
+     */
+    void processSignature(XMLSignature signature) throws XMLSignatureException;
+}

src/main/java/org/apache/xml/security/extension/exceptions/ExtensionException.java

@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.extension.exceptions;
+
+/**
+ * This Exception is thrown while extension processing fails.
+ *
+ */
+public class ExtensionException extends Exception {
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * Constructor ExtensionException
+     *
+     * @param message the message to display when this exception is thrown
+     */
+    public ExtensionException(String message) {
+        super(message);
+    }
+
+    /**
+     * Constructor ExtensionException
+     *
+     * @param message the message to display when this exception is thrown
+     * @param cause the cause of this exception
+     */
+    public ExtensionException(String message, Throwable cause) {
+        super(message, cause);
+    }
+}

src/main/java/org/apache/xml/security/extension/xades/XAdESConstants.java

@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.xml.security.extension.xades;
+
+/**
+ * Constants for the XAdES specification.
+ */
+public final class XAdESConstants {
+    private XAdESConstants() {
+    }
+
+    // XAdES namespace and prefix
+    public static final String XADES_V132_NS = "http://uri.etsi.org/01903/v1.3.2#";
+    public static final String XADES_V141_NS = "http://uri.etsi.org/01903/v1.4.1#";
+    public static final String XADES_V132_PREFIX = "xades132";
+    public static final String XADES_V141_PREFIX = "xades141";
+
+    /** SignedProperties reference type **/
+    public static final String REFERENCE_TYPE_SIGNEDPROPERTIES = "http://uri.etsi.org/01903#SignedProperties";
+
+    /** Tag of Element CanonicalizationMethod **/
+    public static final String _TAG_QUALIFYINGPROPERTIES = "QualifyingProperties";
+
+}