swedenconnect / signature-validation Goto Github PK
View Code? Open in Web Editor NEWCore logic for performing signature validation operations
License: Apache License 2.0
Core logic for performing signature validation operations
License: Apache License 2.0
Several limited implementations of certificate and signature validation would benefit from a CRL checker with a CRL cache that does not require cache storage on the hard disk.
A recent implementation of an In memory CRL cache was made in another project. That implementation should be imported to this library.
Original RFC 2560 OCSP specified that OCSP nonce should be stored as the extValue bytes and most OCSP clients today, including this one create OCSP requests this way.
However, clarifications in RFC 6960 makes it clear that the OCSP nonce should be encoded in an OCTETSTRING before being DER encoded as extension data.
The code should be updated to always wrap nonce data in a DER encoded OCTETSTRING. This wrapping should use a 30 byte nonce causing the wrapped nonce to be 32 bytes, making sure that it works against RFC 8954 compliant responders.
Currently the results reports "invalidSigningCert" if there is no XAdES reference available.
This should only be set IF this is an ETSI AdES signature AND the references is missing or in error.
Fix should be applied to "XMLSignatureElementValidatorImpl" row 216 and 458
The signature validation report indicates "TOTAL-FAILED" result if no chain is found.
This should be changed to "INDETERMINATE" and an indication that the validity of the signature could not be determined.
There is a dependency on xalan via sign service pdf commons. This is being updated but not released.
Once this is fixed, we must update the dependency here
The OCSP validation checker does not accurately handle the situation where the OCSP response is signed by the CA certificate and where the OCSP response totally omits inclusion of any "certs" in the BasicOCSPResponse".
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.