Java Xml签名在添加c14n独占转换时无效
这是我生成xml签名的代码:Java Xml签名在添加c14n独占转换时无效,java,xml,transform,xml-signature,Java,Xml,Transform,Xml Signature,这是我生成xml签名的代码: DOMSignContext dsc = new DOMSignContext (prk, xmldoc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); DigestMethod digestMethod = fac.newDigestMethod("http://www.w3.org/2000/09
DOMSignContext dsc = new DOMSignContext
(prk, xmldoc.getDocumentElement());
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM");
DigestMethod digestMethod =
fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null);
C14NMethodParameterSpec spec = null;
CanonicalizationMethod cm = fac.newCanonicalizationMethod(
"http://www.w3.org/2001/10/xml-exc-c14n#",spec);
SignatureMethod sm = fac.newSignatureMethod(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",null);
ArrayList transformList = new ArrayList();
TransformParameterSpec transformSpec = null;
Transform envTransform = fac.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec);
Transform exc14nTransform = fac.newTransform(
"http://www.w3.org/2001/10/xml-exc-c14n#",transformSpec);
transformList.add(exc14nTransform);
transformList.add(envTransform);
Reference ref = fac.newReference("",digestMethod,transformList,null,null);
ArrayList refList = new ArrayList();
refList.add(ref);
SignedInfo si =fac.newSignedInfo(cm,sm,refList);
这使得参考验证为假,核心有效性为假。但是当我删除envTrasnform
变量时,即fac.new Transform(“http://www.w3.org/2001/10/xml-exc-c14n#“,transformSpec)
并使用以下代码执行:DOMSignContext dsc = new DOMSignContext
(prk, xmldoc.getDocumentElement());
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM");
DigestMethod digestMethod =
fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null);
C14NMethodParameterSpec spec = null;
CanonicalizationMethod cm = fac.newCanonicalizationMethod(
"http://www.w3.org/2001/10/xml-exc-c14n#",spec);
SignatureMethod sm = fac.newSignatureMethod(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",null);
ArrayList transformList = new ArrayList();
TransformParameterSpec transformSpec = null;
Transform envTransform = fac.newTransform(
"http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec);
transformList.add(envTransform);
Reference ref = fac.newReference("",digestMethod,transformList,null,null);
ArrayList refList = new ArrayList();
refList.add(ref);
SignedInfo si =fac.newSignedInfo(cm,sm,refList);
这使得核心有效性和参考有效性为真。为什么会发生这种情况。我得到了这个代码表单链接(创建信封签名部分的代码片段2)。实际上,c14n转换应该在信封签名转换之后执行。它应该在提取要签名的文档后进行规范化(文档当前也包含签名元素。因此,在规范化要签名的实际部分之前,必须将其分离)。顺序应如下所示:
transformList.add(envTransform);
transformList.add(exc14nTransform);