我需要在JAVA中对我的
XML消息进行数字签名:
生成的XML签名应具有以下格式:
生成的XML签名应具有以下格式:
- <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
- <SignedInfo>
- <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
- <Reference URI="">
- <Transforms>
- <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
- </Transforms>
- <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
- <DigestValue>DsP5NLca+plhp9tZvGwykfb2whQYt3CQ5sbsVd9Q9aE=</DigestValue>
- </Reference>
- </SignedInfo>
- <SignatureValue>
- LrfE0po3YPvVxB/m77iBWWiR07Ghiuhuj7tO2C2LKqZK2cLrAiidt+3tjbJ3m16quCFxfh7bmjRtJsGi7a3HKtK
- qY4auqrjNB62AtYrxvm+7Qd/cRacom4e3M9uF9JD1zTfoGun9w4WDfDrDaoZ+ZwUgNtf6sTYO5Ctcj5sYcD0=
- </SignatureValue>
- <KeyInfo>
- <KeyName>7D665C81ABBE1A7D0E525BFC171F04D276F07BF2</KeyName>
- </KeyInfo>
- </Signature>
任何人都可以提供一些代码帮助?
编辑:
我想出了这段代码:
- private static Document sign(Document doc) throws InstantiationException,IllegalAccessException,ClassNotFoundException,NoSuchAlgorithmException,InvalidAlgorithmParameterException,KeyException,MarshalException,XMLSignatureException,FileNotFoundException,TransformerException {
- String providerName = System.getProperty("jsr105Provider","org.jcp.xml.dsig.internal.dom.XMLDSigRI");
- XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM",(Provider) Class.forName(providerName).newInstance());
- Reference ref = fac.newReference("",fac.newDigestMethod(DigestMethod.SHA256,null));
- // Create the SignedInfo
- SignedInfo si = fac.newSignedInfo(
- fac.newCanonicalizationMethod(CanonicalizationMethod.EXCLUSIVE,(C14NMethodParameterSpec) null),fac.newSignatureMethod(SignatureMethod.RSA_SHA1,null),Collections.singletonList(ref));
- KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
- kpg.initialize(512);
- KeyPair kp = kpg.generateKeyPair();
- KeyInfoFactory kif = fac.getKeyInfoFactory();
- KeyValue kv = kif.newKeyValue(kp.getPublic());
- KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
- DOMSignContext dsc = new DOMSignContext(kp.getPrivate(),doc.getDocumentElement());
- XMLSignature signature = fac.newXMLSignature(si,ki);
- signature.sign(dsc);
- TransformerFactory tf = TransformerFactory.newInstance();
- Transformer trans = tf.newTransformer();
- trans.transform(new DOMSource(doc),new StreamResult(new FileOutputStream("mySignedFile")));
- return doc;
- }
但问题是我得到了:
- <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
并不是 :
- <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
这是解决方案:
我在这个链接上找到它
http://mail-archives.apache.org/mod_mbox/santuario-dev/200907.mbox/%3C4A704241.9060806@sun.com%3E
问题是RSA-SHA256算法:
这是结果代码:
- private static Document sign(Document doc) throws InstantiationException,(Provider) Class.forName(providerName).newInstance());
- DigestMethod digestMethod = fac.newDigestMethod(DigestMethod.SHA256,null);
- Transform transform = fac.newTransform(ENVELOPED,(TransformParameterSpec) null);
- Reference reference = fac.newReference("",digestMethod,singletonList(transform),null,null);
- SignatureMethod signatureMethod = fac.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",null);
- CanonicalizationMethod canonicalizationMethod = fac.newCanonicalizationMethod(EXCLUSIVE,(C14NMethodParameterSpec) null);
- // Create the SignedInfo
- SignedInfo si = fac.newSignedInfo(canonicalizationMethod,signatureMethod,singletonList(reference));
- KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
- kpg.initialize(2048);
- KeyPair kp = kpg.generateKeyPair();
- KeyInfoFactory kif = fac.getKeyInfoFactory();
- KeyValue kv = kif.newKeyValue(kp.getPublic());
- // Create a KeyInfo and add the KeyValue to it
- KeyInfo ki = kif.newKeyInfo(Collections.singletonList(kv));
- DOMSignContext dsc = new DOMSignContext(kp.getPrivate(),ki);
- signature.sign(dsc);
- TransformerFactory tf = TransformerFactory.newInstance();
- Transformer trans = tf.newTransformer();
- // output the resulting document
- OutputStream os;
- os = new FileOutputStream("xmlOut.xml");
- trans.transform(new DOMSource(doc),new StreamResult(os));
- return doc;
- }
