Use libxml2/xmsec1 for XAdES signature parsing and validation

IB-7948

Signed-off-by: Raul Metsma <[email protected]>

.github/workflows/build.yml

@@ -5,7 +5,7 @@ permissions:
 env:
   BUILD_NUMBER: ${{ github.run_number }}
   CMAKE_BUILD_PARALLEL_LEVEL: 4
-  UBUNTU_DEPS: cmake xsdcxx libxml-security-c-dev libxml2-dev libxmlsec1-dev zlib1g-dev
+  UBUNTU_DEPS: cmake libxml2-dev libxmlsec1-dev zlib1g-dev
 jobs:
   macos:
     name: Build on macOS for ${{ matrix.target }}
@@ -21,8 +21,7 @@ jobs:
     - name: Install dependencies
       run: |
         brew update
-        brew install --formula swig doxygen boost xsd || brew link --overwrite xsd
-        brew unlink xerces-c
+        brew install --formula swig doxygen boost
         brew unlink [email protected] || true
         brew unlink [email protected] || true
         brew unlink xz
@@ -32,24 +31,15 @@ jobs:
       with:
         path: cache
         key: ${{ matrix.target }}-${{ hashFiles('prepare_osx_build_environment.sh') }}
-    - name: Build xerces-c
-      if: steps.cache.outputs.cache-hit != 'true'
-      run: ./prepare_osx_build_environment.sh xerces ${{ matrix.target }}
-    - name: Build xalan-c
-      if: steps.cache.outputs.cache-hit != 'true'
-      run: ./prepare_osx_build_environment.sh xalan ${{ matrix.target }}
     - name: Build openssl
       if: steps.cache.outputs.cache-hit != 'true'
       run: ./prepare_osx_build_environment.sh openssl ${{ matrix.target }}
-    - name: Build xml-security-c
-      if: steps.cache.outputs.cache-hit != 'true'
-      run: ./prepare_osx_build_environment.sh xmlsec ${{ matrix.target }}
     - name: Build libxml2
       if: steps.cache.outputs.cache-hit != 'true'
       run: ./prepare_osx_build_environment.sh libxml2 ${{ matrix.target }}
-    - name: Build xmlsec1
+    - name: Build xmlsec
       if: steps.cache.outputs.cache-hit != 'true'
-      run: ./prepare_osx_build_environment.sh xmlasec ${{ matrix.target }}
+      run: ./prepare_osx_build_environment.sh xmlsec ${{ matrix.target }}
     - name: Move to cache
       if: steps.cache.outputs.cache-hit != 'true'
       run: |
@@ -89,7 +79,7 @@ jobs:
     - name: Install Deps
       run: |
         dnf install -y --setopt=install_weak_deps=False \
-          git gcc-c++ cmake rpm-build xml-security-c-devel libxml2-devel xmlsec1-openssl-devel libtool-ltdl-devel zlib-devel doxygen boost-test swig python3-devel java-17-openjdk-devel xsd minizip-devel
+          git gcc-c++ cmake rpm-build libxml2-devel xmlsec1-openssl-devel libtool-ltdl-devel zlib-devel doxygen boost-test swig python3-devel java-17-openjdk-devel minizip-devel
     - name: Install CMake
       if: matrix.container == 39
       run: |
@@ -182,8 +172,6 @@ jobs:
       with:
         python-version: 3.11
         architecture: ${{ matrix.platform }}
-    - name: Build xsd
-      run: .\prepare_win_build_environment.ps1 -xsd
     - name: Install WiX
       run: |
         dotnet tool install -g wix --version 5.0.0

CMakeLists.txt

@@ -52,8 +52,6 @@ find_package(PKCS11)
 #find_package(PoDoFo)
 find_package(Threads)
 find_package(LibXml2 REQUIRED)
-find_package(XmlSecurityC REQUIRED)
-find_package(XSD 4.0 REQUIRED)
 find_package(ZLIB REQUIRED)
 find_package(MiniZip 1 QUIET)
 add_library(xmlsec INTERFACE)

build.ps1

@@ -15,7 +15,6 @@ param(
   [string]$swig = $null,
   [string]$doxygen = $null,
   [switch]$boost = $false,
-  [string]$xsd = "$libdigidocpp\xsd",
   [string]$sign = $null
 )
 
@@ -43,7 +42,6 @@ foreach($type in @("Debug", "RelWithDebInfo")) {
     "-DCMAKE_INSTALL_LIBDIR=bin" `
     "-DCMAKE_TOOLCHAIN_FILE=$vcpkg_dir/scripts/buildsystems/vcpkg.cmake" `
     "-DVCPKG_INSTALLED_DIR=$vcpkg_installed\vcpkg_installed_$platform" `
-    "-DXSD_ROOT=$xsd" `
     "-DSIGNCERT=$sign" `
     $cmakeext "&&" $cmake --build $buildpath --target $target "&&" $cmake --install $buildpath
 }

debian/control

@@ -6,8 +6,6 @@ Build-Depends:
  debhelper-compat (= 12),
  pkg-config,
  cmake,
- libxml-security-c-dev,
- xsdcxx (>= 4.0) | xsd (>= 4.0),
  libxml2-dev,
  libxmlsec1-dev,
  doxygen,

etc/schema/OpenDocument_dsig.xsd

@@ -33,6 +33,7 @@
 -->
 <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0">
   <xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+  <xs:import namespace="http://uri.etsi.org/01903/v1.3.2#" schemaLocation="XAdES01903v132-201601.xsd"/>
   <xs:element name="document-signatures">
     <xs:complexType>
       <xs:sequence>

etc/schema/en_31916201v010101.xsd

@@ -5,6 +5,8 @@
 	attributeFormDefault="unqualified">
 	<xsd:import namespace="http://www.w3.org/2000/09/xmldsig#"
 		schemaLocation="xmldsig-core-schema.xsd"/>
+	<xsd:import namespace="http://uri.etsi.org/01903/v1.3.2#"
+		schemaLocation="XAdES01903v132-201601.xsd"/>
 	<xsd:element name="ASiCManifest" type="ASiCManifestType">
 		<xsd:annotation>
 			<xsd:documentation>Schema for ASiCManifest – See ETSI EN 319 162</xsd:documentation>

libdigidocpp.wxs

@@ -50,10 +50,6 @@
       <File Name="libssl-3$(var.OpenSSLSuffix).dll" />
       <File Name="legacy.dll" />
       <File Name="zlib1.dll" />
-      <File Name="xerces-c_3_2.dll" />
-      <File Name="Xalan-C_1_12.dll" />
-      <File Name="XalanMessages_1_12.dll" />
-      <File Name="xsec_2_0.dll" />
       <File Name="libxml2.dll" />
       <File Name="libxmlsec1.dll" />
       <File Name="libxmlsec1-openssl.dll" />
@@ -84,10 +80,6 @@
 
     <ComponentGroup Id="DependenciesDev" Source="$(var.vcpkg)\debug\bin">
       <File Name="zlibd1.dll" />
-      <File Name="xerces-c_3_2D.dll" />
-      <File Name="Xalan-C_1_12D.dll" />
-      <File Name="XalanMessages_1_12D.dll" />
-      <File Name="xsec_2_0D.dll" />
     </ComponentGroup>
 
     <ComponentGroup Id="LibrariesDev" Source="$(var.libdigidocpp)\bin">