大佬教程收集整理的这篇文章主要介绍了Java XML DSig和XPath,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
以下示例位于:http
://markmail.org/message/tdgioazns7l4yg6d#query
:java%20xpath%20xml%20dsig%20bug+page
:1+mid
:tgw5kr7uscwkcran+state
:results,我发现需要将更XPathType.Filter.UNION
改为XPathType.FILTER.INTERSECT
。那似乎解决了我的问题。XML
DSig库现在使用了我期望的正确值。
我正在使用Java XML DSig API签名XML文档的一部分。我试图了解它是如何达到Digest值的。
我的文件是:
<?xml version=\"1.0\" encoding=\"UTF-8\"?><PurchaseOrder><foo>bar</foo></PurchaseOrder>
我的xpath表达式是:
PurchaseOrder/foo/text()
我试图做的是:
当我这样做时,1和2会产生不同的摘要值。我对DSIG代码的处理完全不对,或者我不了解DSIG的工作方式。有任何想法吗?
这是我的测试代码(抱歉,它太长了……我应该回到perl):
public class GenerateXmlSignature2 {
private static final String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><PurchaseOrder><foo>bar</foo></PurchaseOrder>";
private static final String xpath = "PurchaseOrder/foo/text()";
public static void main(String[] args) throws Exception {
Base64 base64 = new Base64();
// Create a DOM XMLSignatureFactory that will be used to
// generate the enveloped signature.
final XMLSignatureFactory fac = XMLSignatureFactory.geTinstance("DOM");
// Create a Reference to the enveloped document (in this case,// you are signing the whole document,so a URI of "" signifies
// that,and also specify the SHA1 digest algorithm and
// the ENVELOPED Transform.
final List<XPathType> xpaths = new ArrayList<XPathType>() {
{
add(new XPathType(xpath,XPathType.Filter.UNION));
}
};
List<Transform> transforms = new ArrayList<Transform>() {{
add(fac.newTransform(
Transform.XPATH2,new XPathFilter2ParameterSpec(xpaths)
)
);
}};
Reference ref = fac.newReference
("",fac.newDigestMethod(DigestMethod.SHA1,null),transforms,null,null);
// Create the SignedInfo.
SignedInfo si = fac.newSignedInfo
(fac.newCanonicalizationMethod
(CanonicalizationMethod.INCLUSIVE,(C14NMethodParameterSpeC) null),fac.newSignatureMethod(SignatureMethod.RSA_SHA1,Collections.singletonList(ref));
// Load the KeyStore and get the signing key and certificate.
KeyStore ks = KeyStore.geTinstance("JKS");
ks.load(new FileInputStream("mykeystore.jks"),"changeit".toCharArray());
KeyStore.PrivateKeyEntry keyEntry =
(KeyStore.PrivateKeyEntry) ks.getEntry
("mykey",new KeyStore.passwordProtection("changeit".toCharArray()));
X509Certificate cert = (X509CertificatE) keyEntry.getCertificate();
// Create the KeyInfo containing the X509Data.
KeyInfoFactory kif = fac.getKeyInfoFactory();
List x509Content = new ArrayList();
x509Content.add(cert.getSubjectX500Principal().getName());
x509Content.add(cert);
X509Data xd = kif.newX509Data(x509Content);
KeyInfo ki = kif.newKeyInfo(Collections.singletonList(xd));
// Instantiate the document to be signed.
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
Document doc = dbf.newDocumentBuilder().parse
(new ByteArrayInputStream(xml.getBytes()));
// Create a DOMSignContext and specify the RSA PrivateKey and
// LOCATIOn of the resulTing XMLSignature's parent element.
DOMSignContext dsc = new DOMSignContext
(keyEntry.getPrivateKey(),doc.getDocumentElement());
// Create the XMLSignature,but don't sign it yet.
XMLSignature signature = fac.newXMLSignature(si,ki);
// Marshal,generate,and sign the enveloped signature.
signature.sign(dsc);
// Output the resulTing document.
TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
trans.transform(new DOMsource(doC),new StreamResult(System.out));
System.out.println("\n\n*** SHA-1 Digest ***");
XPathExpression xpathExpression = XPathFactory.newInstance().newXPath().compile(xpath);
String data = xpathExpression.evaluate(new Inputsource(new StringReader(xml)));
System.out.println("Xpath: " + data);
messageDigest md;
md = messageDigest.geTinstance("SHA");
byte[] sha1hash;
md.update(data.getBytes(),data.length());
sha1hash = md.digest();
String base64Sha1OfCanonicalXml = new String(base64.encode(sha1hash));
System.out.println("Digest: " + base64Sha1OfCanonicalXml);
}
}
以上是大佬教程为你收集整理的Java XML DSig和XPath全部内容,希望文章能够帮你解决Java XML DSig和XPath所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。