Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/security/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Java Xml签名在添加c14n独占转换时无效_Java_Xml_Transform_Xml Signature - Fatal编程技术网
Fatal编程技术网
  • java/
  • Java Xml签名在添加c14n独占转换时无效

Java Xml签名在添加c14n独占转换时无效

java xml

Java Xml签名在添加c14n独占转换时无效,java,xml,transform,xml-signature,Java,Xml,Transform,Xml Signature,这是我生成xml签名的代码: DOMSignContext dsc = new DOMSignContext (prk, xmldoc.getDocumentElement()); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM"); DigestMethod digestMethod = fac.newDigestMethod("http://www.w3.org/2000/09

这是我生成xml签名的代码:

DOMSignContext dsc = new DOMSignContext
  (prk, xmldoc.getDocumentElement());

XMLSignatureFactory fac = 
  XMLSignatureFactory.getInstance("DOM");   

  DigestMethod digestMethod = 
      fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null);
  C14NMethodParameterSpec spec = null;
  CanonicalizationMethod cm = fac.newCanonicalizationMethod(
      "http://www.w3.org/2001/10/xml-exc-c14n#",spec);
  SignatureMethod sm = fac.newSignatureMethod( 
      "http://www.w3.org/2000/09/xmldsig#rsa-sha1",null);
  ArrayList transformList = new ArrayList();
  TransformParameterSpec transformSpec = null;
  Transform envTransform =   fac.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec);
  Transform exc14nTransform = fac.newTransform(
      "http://www.w3.org/2001/10/xml-exc-c14n#",transformSpec);
transformList.add(exc14nTransform); 
transformList.add(envTransform);

 Reference ref = fac.newReference("",digestMethod,transformList,null,null);
 ArrayList refList = new ArrayList();
 refList.add(ref);
 SignedInfo si =fac.newSignedInfo(cm,sm,refList);
这使得参考验证为假,核心有效性为假。但是当我删除
envTrasnform
变量时,即
fac.new Transform(“http://www.w3.org/2001/10/xml-exc-c14n#“,transformSpec)
并使用以下代码执行:

DOMSignContext dsc = new DOMSignContext
  (prk, xmldoc.getDocumentElement());

XMLSignatureFactory fac = 
  XMLSignatureFactory.getInstance("DOM");   

  DigestMethod digestMethod = 
      fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null);
  C14NMethodParameterSpec spec = null;
  CanonicalizationMethod cm = fac.newCanonicalizationMethod(
      "http://www.w3.org/2001/10/xml-exc-c14n#",spec);
  SignatureMethod sm = fac.newSignatureMethod( 
      "http://www.w3.org/2000/09/xmldsig#rsa-sha1",null);
  ArrayList transformList = new ArrayList();
  TransformParameterSpec transformSpec = null;
  Transform envTransform = fac.newTransform(
      "http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec);
 transformList.add(envTransform);
 Reference ref = fac.newReference("",digestMethod,transformList,null,null);
 ArrayList refList = new ArrayList();
 refList.add(ref);
 SignedInfo si =fac.newSignedInfo(cm,sm,refList);
这使得核心有效性和参考有效性为真。为什么会发生这种情况。我得到了这个代码表单链接(创建信封签名部分的代码片段2)。

实际上,c14n转换应该在信封签名转换之后执行。它应该在提取要签名的文档后进行规范化(文档当前也包含签名元素。因此,在规范化要签名的实际部分之前,必须将其分离)。顺序应如下所示: 

transformList.add(envTransform);
 transformList.add(exc14nTransform);