我在尝试生成 wsse 分离数字签名时遇到异常 具有引用 URI,其 id 具有命名空间。
请提出解决方案
代码:
Transform transformObj = fac.newTransform(CanonicalizationMethod.EXCLUSIVE, (TransformParameterSpec) null);
Reference ref = fac.newReference("#id-4F4332715C4C1670E10080000A441E77", digestMethod, Collections.singletonList(transformObj), null, null);
异常(exception):
Exception in thread "main" javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.URIReferenceException: com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException: Cannot resolve element with ID part-Body-4F4332715C4C1670E10080000A441E26
at org.jcp.xml.dsig.internal.dom.DOMReference.dereference(DOMReference.java:352)
at org.jcp.xml.dsig.internal.dom.DOMReference.digest(DOMReference.java:278)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.digestReference(DOMXMLSignature.java:447)
at org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:343)
下面的例子:
使用的输入数据
<Header xmlns="http://w3c.com">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp wsu:Id="ts-4F43326F5C4C1670E10080000A441E26">
<wsu:Created>2012-09-30T22:09:55Z</wsu:Created>
<wsu:Expires>2012-09-30T22:14:55Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<PurchaseOrder wsu:Id="id-4F4332715C4C1670E10080000A441E77" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<Customer>
<Name>JJJ</Name>
<CustomerId>788335</CustomerId>
</Customer>
<Item partNum="C763">
<ProductId>6883-JF3</ProductId>
<Quantity>3</Quantity>
<ShipDate>2002-09-03</ShipDate>
<Name>X20</Name>
</Item>
</Header>
最佳答案
使用验证架构来注册带有 ID 引用的元素,我可以解决这个问题
XMLStructure content = new DOMStructure(doc.getDocumentElement());
XMLObject obj = fac.newXMLObject(Collections.singletonList(content), "id-4F4332715C4C1670E10080000A441E77", null, null);
现在“id”已注册,因此将允许签名。
关于java - 当引用具有分离签名的命名空间的 id 时,如何解决 URI 引用异常?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/33269560/