这是我生成xml签名的代码:
DOMSignContext dsc = new DOMSignContext
(prk,xmldoc.getDocumentElement());
XMLSignatureFactory fac =
XMLSignatureFactory.getInstance("DOM");
DigestMethod digestMethod =
fac.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1",null);
C14NMethodParameterSpec spec = null;
CanonicalizationMethod cm = fac.newCanonicalizationMethod(
"http://www.w3.org/2001/10/xml-exc-c14n#",spec);
SignatureMethod sm = fac.newSignatureMethod(
"http://www.w3.org/2000/09/xmldsig#rsa-sha1",null);
ArrayList transformlist = new ArrayList();
TransformParameterSpec transformSpec = null;
Transform envTransform = fac.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec);
Transform exc14nTransform = fac.newTransform(
"http://www.w3.org/2001/10/xml-exc-c14n#",transformSpec);
transformlist.add(exc14nTransform);
transformlist.add(envTransform);
Reference ref = fac.newReference("",digestMethod,transformlist,null,null);
ArrayList refList = new ArrayList();
refList.add(ref);
SignedInfo si =fac.newSignedInfo(cm,sm,refList);
这会将引用验证视为错误,并将核心有效性视为错误.但是当我删除envTrasnform变量即fac.new Transform(“http://www.w3.org/2001/10/xml-exc-c14n#”,transformSpec)并使用以下代码执行时:
DOMSignContext dsc = new DOMSignContext (prk,null); ArrayList transformlist = new ArrayList(); TransformParameterSpec transformSpec = null; Transform envTransform = fac.newTransform( "http://www.w3.org/2000/09/xmldsig#enveloped-signature",transformSpec); transformlist.add(envTransform); Reference ref = fac.newReference("",refList);
解决方法
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
