-
Notifications
You must be signed in to change notification settings - Fork 66
OtherSigningOptions
The BasicSignatureOptions class can be used to control some options related to the KeyInfo element, such whether it should include the issuer/serial or the signing certificate. It also allows to decide whether the KeyInfo itself should be signed.
public final class BasicSignatureOptions
{
public BasicSignatureOptions includeSigningCertificate(SigningCertificateMode includeSigningCertificateMode) // ...
public BasicSignatureOptions includeSubjectName(boolean includeSubjectName) // ...
public BasicSignatureOptions includeIssuerSerial(boolean includeIssuerSerial) // ...
public BasicSignatureOptions includePublicKey(boolean includePublicKey) // ...
public BasicSignatureOptions signKeyInfo(boolean signKeyInfo) // ...
}
BasicSignatureOptions can be configured on the signing profiles.
Note: prior do v1.5.0 these settings were available via BasicSignatureOptionsProvider, which is now deprecated.
The XadesSigner interface has an overload of the sign method that enables controlling how the signature element is appended to the DOM tree:
public XadesSignatureResult sign(
SignedDataObjects signedDataObjects,
Node referenceNode,
SignatureAppendingStrategy appendingStrategy);
To that end, a SignatureAppendingStrategy should be used. It is passed the signature element and the node that was passed to the sign method.
public interface SignatureAppendingStrategy
{
void append(Element signatureElement, Node referenceNode);
//...
}
The library includes some common appending strategies, define on the SignatureAppendingStrategies class.