XML数字签名Java

作者: 冷月如霜·胡狼
发布时间: 2024-04-18 11:40:45 (14天前)
转自：

4 条回复

0#
回复此人
Ni | 2019-08-31 10-32

<div class =“post-text”itemprop =“text”> <P> 这些是标准的XML签名。见 <a href="http://www.w3.org/TR/2001/PR-xmldsig-core-20010820/" rel="nofollow"> 关于“XML签名语法和处理”的W3文档 </A> 对于规范如何做到这一点。谷歌上的快速搜索引导了Oracle编写的关于Java中XML签名集成的方法： <a href="http://docs.oracle.com/javase/6/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html" rel="nofollow"> XML数字签名API </A> 。如果您还有其他问题，请告诉我们您的尝试。 </p> </DIV>

编辑
1#
回复此人
流浪海。 | 2019-08-31 10-32

<div class =“post-text”itemprop =“text”> <P> 这是解决方案： </p> <P> 我在这个链接上找到它 <a href="http://mail-archives.apache.org/mod_mbox/santuario-dev/200907.mbox/%3C4A704241.9060806@sun.com%3E" rel="noreferrer"> http://mail-archives.apache.org/mod_mbox/santuario-dev/200907.mbox/%3C4A704241.9060806@sun.com%3E </A> 问题是RSA-SHA256算法： </p> <P> 这是结果代码： </p> <pre> <code> private static Document sign(Document doc) throws InstantiationException, IllegalAccessException, ClassNotFoundException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyException, MarshalException, XMLSignatureException, FileNotFoundException, TransformerException { String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI"); XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance()); DigestMethod digestMethod = fac.newDigestMethod(DigestMethod.SHA256, null); Transform transform = fac.newTransform(ENVELOPED, (TransformParameterSpec) null); Reference reference = fac.newReference("", digestMethod, singletonList(transform), null, null); SignatureMethod signatureMethod = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null); CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(EXCLUSIVE, (C14NMethodParameterSpec) null); // Create the SignedInfo SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethod, singletonList(reference)); KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(2048); KeyPair kp = kpg.generateKeyPair(); KeyInfoFactory kif = fac.getKeyInfoFactory(); KeyValue kv = kif.newKeyValue(kp.getPublic()); // Create a KeyInfo and add the KeyValue to it KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv)); DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc.getDocumentElement()); XMLSignature signature = fac.newXMLSignature(si, ki); signature.sign(dsc); TransformerFactory tf = TransformerFactory.newInstance(); Transformer trans = tf.newTransformer(); // output the resulting document OutputStream os; os = new FileOutputStream("xmlOut.xml"); trans.transform(new DOMSource(doc), new StreamResult(os)); return doc; } </code> </pre> </DIV>

编辑
2#
回复此人
WL | 2019-08-31 10-32

<div class =“post-text”itemprop =“text”> <P> 你得到了 <code> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> </code> ，因为那就是你要求的： <code> fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null) </code> 。正如你想的那样 <a href="https://blogs.oracle.com/mullan/entry/using_stronger_xml_signature_algorithms" rel="nofollow"> https://blogs.oracle.com/mullan/entry/using_stronger_xml_signature_algorithms </A> 状态， <code> fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", (SignatureMethodParameterSpec) null) </code> 会得到你 <code> <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> </code> 。 </p> </DIV>

编辑

登录后才能参与评论