我想通过
对 XML 文件进行数字签名使用 SHA-256 进行单向哈希
规范化方法算法="http://www.w3.org/2001/10/xmlexcc14n#"
- RSA 数字签名
- 2048 位私钥
- W3C 建议 XML 签名语法
- 信封类型签名。
我遵循了提到的 Signature api here !
但我收到以下错误
com.sun.org.apache.xml.internal.security.utils.resolver.ResourceResolverException:无法解析具有 ID 对象的元素
我已经尝试过 Element.setIdAttributeNode 作为“ID”以及 setIdAttributeNS 但没有帮助
下面一行是抛出错误的地方
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
dbFactory.setNamespaceAware ( false );
Document doc = dbFactory.newDocumentBuilder().parse(new FileInputStream(filePath));
String providerName = System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(providerName).newInstance());
// Next, create a Reference to a same-document URI that is an Object element and specify the SHA256 digest algorithm
DigestMethod digestMethod = fac.newDigestMethod(DigestMethod.SHA256, null);
Reference reference = fac.newReference("#CBC",digestMethod);
SignatureMethod signatureMethod = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null);
CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE_WITH_COMMENTS, (C14NMethodParameterSpec) null);
// Create the SignedInfo
SignedInfo si = fac.newSignedInfo(canonicalizationMethod, signatureMethod, Collections.singletonList(reference));
// Create a RSA KeyPair
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair kp = kpg.generateKeyPair();
// Create a KeyValue containing the RSA PublicKey that was generated
KeyInfoFactory kif = fac.getKeyInfoFactory();
KeyValue kv = kif.newKeyValue(kp.getPublic());
// Create a KeyInfo and add the KeyValue to it
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
DOMSignContext dsc = new DOMSignContext(kp.getPrivate(), doc);
//dsc.setDefaultNamespacePrefix("dsig");
// Create the XMLSignature and sign it
XMLSignature signature = fac.newXMLSignature(si, ki,Collections.singletonList(obj), null, null);
signature.sign(dsc);
TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
错误发生在下面一行
signature.sign(dsc)
最佳答案
我添加了以下两行,它解决了问题。
XMLStructure content = new DOMStructure(doc.getDocumentElement());
XMLObject obj = fac.newXMLObject(Collections.singletonList(content), "CBC", null, null);
关于javax.xml.crypto.URIReferenceException : Cannot resolve element with ID Object,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57874186/