堆栈内存溢出
  简体   繁体   English

如何从 signature.xml 文件中获取 OCSP 响应

[英]How to get OCSP response from signature.xml file

 原文  2020-01-14 13:52:29       java/ security/ digital-signature/ xml-signature

问题描述

I have following signature file, that contains signer's certificate, OCSP response and other information:我有以下签名文件,其中包含签名者的证书、OCSP 响应和其他信息:

<?xml version="1.0" encoding="UTF-8"?>
<asic:XAdESSignatures xmlns:asic="http://uri.etsi.org/02918/v1.2.1#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
<ds:Signature Id="S0">
<ds:SignedInfo Id="S0-SignedInfo">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11">
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256">
</ds:SignatureMethod>
<ds:Reference Id="S0-ref-0" URI="Lisa_1.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>zL9dI436Zdwxm0H2Ojs9iolp7s6PxApJDrRe3BFY2Fs=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-1" URI="Lisa_2.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>cNX/ShcNgqfC38HXg7aPsnkKoCd5nzzwwt4VufluiXM=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-2" URI="Lisa_3.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>/vLjJAWc/GEfEpebWvJTRaYY4kL46zG7t/LooLy49tQ=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-3" URI="Lisa_4.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>KdjdZx73736VjhGN2358wBu7wCR9E3CfxszQ5jMEgB0=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-4" URI="Lisa_5.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>5pvrm/hnncmdmcTwLP89IeXUlWGE+xZ/qhKgSI9M0AE=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-5" URI="Lisa_6.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>axdl5fEKUaPvIjKFrd1ccVw+SDbmcEtvvUIHnnFhGwo=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-6" URI="LVKM2019121900083.pdf">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>VDUABdolFkW/0GdCxMIpYVcY0PDSUN4gowCqS7sMnPQ=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="S0-ref-sp" Type="http://uri.etsi.org/01903#SignedProperties" URI="#S0-SignedProperties">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>sBlyyA+c4Gk5pMjprkaXQWiO54S4zYefKZ3uyAhD/4Q=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo><ds:SignatureValue Id="S0-SIG">
ULSFutc0fX+nqz5FkKZKexVtrsD4wTsKZcUYC+jU8P03iPE89oSWv7xoeTfZRRlRqUZTjINMT5yq9gaXWo/pFA==</ds:SignatureValue>
<ds:KeyInfo Id="S0-KeyInfo">
<ds:X509Data><ds:X509Certificate>MIIF1jCCA76gAwIBAgIQAjeRaJLVRMdZL99aR55h0TANBgkqhkiG9w0BAQsFADBj
MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxFzAVBgNVBAMMDkVTVEVJRC1TSyAy
MDE1MB4XDTE3MDYwMTA5MzMxNFoXDTIyMDYwMTIwNTk1OVowgZoxCzAJBgNVBAYT
AkVFMRswGQYDVQQKDBJFU1RFSUQgKE1PQklJTC1JRCkxGjAYBgNVBAsMEWRpZ2l0
YWwgc2lnbmF0dXJlMR4wHAYDVQQDDBVNVVNULEFBRFUsMzUxMDMyNTI3MTQxDTAL
BgNVBAQMBE1VU1QxDTALBgNVBCoMBEFBRFUxFDASBgNVBAUTCzM1MTAzMjUyNzE0
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEI66eCRmjgfzh11IQisWwR0CKfGYY
+KXpL8Wp7hNyCXHyevVmZfPEcWnxY9M3iRbr0My05W3D7FR9oVygzE9FRqOCAhcw
ggITMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgZAMHMGA1UdIARsMGowXQYJKwYB
BAHOHwEDMFAwHQYIKwYBBQUHAgIwEQwPQ29udHJhY3QgMS4xMS05MC8GCCsGAQUF
BwIBFiNodHRwczovL3d3dy5zay5lZS9yZXBvc2l0b29yaXVtL0NQUzAJBgcEAIvs
QAECMB0GA1UdDgQWBBRjtnSQbEyNFpLQ/5zd52EgS/bP9zCBigYIKwYBBQUHAQME
fjB8MAgGBgQAjkYBATAIBgYEAI5GAQQwUQYGBACORgEFMEcwRRY/aHR0cHM6Ly9z
ay5lZS9lbi9yZXBvc2l0b3J5L2NvbmRpdGlvbnMtZm9yLXVzZS1vZi1jZXJ0aWZp
Y2F0ZXMvEwJFTjATBgYEAI5GAQYwCQYHBACORgEGATAfBgNVHSMEGDAWgBSzq4i8
mdVipIUqCM20HXI7g3JHUTB2BggrBgEFBQcBAQRqMGgwJwYIKwYBBQUHMAGGG2h0
dHA6Ly9haWEuc2suZWUvZXN0ZWlkMjAxNTA9BggrBgEFBQcwAoYxaHR0cHM6Ly9z
ay5lZS91cGxvYWQvZmlsZXMvRVNURUlELVNLXzIwMTUuZGVyLmNydDA8BgNVHR8E
NTAzMDGgL6AthitodHRwOi8vd3d3LnNrLmVlL2NybHMvZXN0ZWlkL2VzdGVpZDIw
MTUuY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQBxq+Wy+RO1FlDhKMnooVm4WaRXtL9Y
IiuMryuoyN01clA2gweAD4Sa8c3Rzt8EoRqdoWvqDAwt3AvrjrWttwSQdbP8b3Al
uBId5j7jop4xt0ZDPld5gcaDemavMBCEZVOlpDzWPiZ8nxiHfjaR5o/sMEKjCjW4
T7n8RUnM3sr3JRSXTZtYBZgmiMeFig7oi348x4W2Dztn0MpycAKancrb959piK3f
nwuHNxd/ptTmA9pn+MB/vwlzJEeozuTcJ0f083ifejBdbg8DYPvdq/XmKpJ97Lvc
gvP01QcrhThpnV8rn0SeQ9k493aYmOUy3fjHH+dZGrzslz4gAjMtRQIi0XC1qpuu
eDEFLwi95CPZ6e/VBr26iCxDrHb1Y3uSox9ZuVSz2eLx4BAUQzVhDIIC3HjXBhap
OLNhuo234I3KEBSWxdLP6winSONaaqiIVDvicPwz3WLV1rLcQGuUBSQG8jpb3yGp
QJd+cJdE3OB6T8Ko5l6tER3PBf53VY5J2MI2ICu0DTT1Bn0yJTPm0g0vk/Y6zGDK
r3Ehyb09qnJnRQl/W/U6iJWMY4wQjNKJMHMUwJoKVGtySl8jUpY1IVM0RJBPhsqy
FyiUelwYmYhVxbMPHdwT9Osi0Dt7pPseQvYu2BcArIzISXOVOO0BJLCGyKBPIa98
R+NCqJyEz0Ltfw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo>
<ds:Object Id="S0-object-xades"><xades:QualifyingProperties Id="S0-QualifyingProperties" Target="#S0" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#"><xades:SignedProperties Id="S0-SignedProperties">
<xades:SignedSignatureProperties Id="S0-SignedSignatureProperties">
<xades:SigningTime>2019-12-20T08:40:24Z</xades:SigningTime>
<xades:SigningCertificate>
<xades:Cert>
<xades:CertDigest>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>wdTxx+frwDnSWdcBRnGZD+YbyfX2UPIZ8g2kJnouk1U=</ds:DigestValue>
</xades:CertDigest>
<xades:IssuerSerial>
<ds:X509IssuerName>CN=ESTEID-SK 2015,2.5.4.97=#0c0e4e545245452d3130373437303133,O=AS Sertifitseerimiskeskus,C=EE</ds:X509IssuerName>
<ds:X509SerialNumber>2946981553353315672823176122903454161</ds:X509SerialNumber>
</xades:IssuerSerial>
</xades:Cert>
</xades:SigningCertificate>
<xades:SignaturePolicyIdentifier>
<xades:SignaturePolicyId>
<xades:SigPolicyId>
<xades:Identifier Qualifier="OIDAsURN">
urn:oid:1.3.6.1.4.1.10015.1000.3.2.1</xades:Identifier>
</xades:SigPolicyId>
<xades:SigPolicyHash>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
</ds:DigestMethod>
<ds:DigestValue>3Tl1oILSvOAWomdI9VeWV6IA/32eSXRUri9kPEz1IVs=</ds:DigestValue>
</xades:SigPolicyHash>
<xades:SigPolicyQualifiers>
<xades:SigPolicyQualifier>
<xades:SPURI>
https://www.sk.ee/repository/bdoc-spec21.pdf</xades:SPURI>
</xades:SigPolicyQualifier>
</xades:SigPolicyQualifiers>
</xades:SignaturePolicyId>
</xades:SignaturePolicyIdentifier>

<xades:SignatureProductionPlace>
</xades:SignatureProductionPlace>

<xades:SignerRole>
<xades:ClaimedRoles>
<xades:ClaimedRole>Esimees</xades:ClaimedRole>
</xades:ClaimedRoles>
</xades:SignerRole>
</xades:SignedSignatureProperties>
<xades:SignedDataObjectProperties>
<xades:DataObjectFormat ObjectReference="#S0-ref-0">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-1">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-2">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-3">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-4">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-5">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
<xades:DataObjectFormat ObjectReference="#S0-ref-6">
<xades:MimeType>application/pdf</xades:MimeType>
</xades:DataObjectFormat>
</xades:SignedDataObjectProperties>
</xades:SignedProperties><xades:UnsignedProperties Id="S0-UnsigedProperties">
<xades:UnsignedSignatureProperties Id="S0-UnsigedSignatureProperties">
<xades:CertificateValues Id="S0-CertificateValues">
<xades:EncapsulatedX509Certificate Id="S0-CA_CERT1">
MIIGcDCCBVigAwIBAgIQRUgJC4ec7yFWcqzT3mwbWzANBgkqhkiG9w0BAQwFADB1
MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
CSqGSIb3DQEJARYJcGtpQHNrLmVlMCAXDTE1MTIxNzEyMzg0M1oYDzIwMzAxMjE3
MjM1OTU5WjBjMQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVy
aW1pc2tlc2t1czEXMBUGA1UEYQwOTlRSRUUtMTA3NDcwMTMxFzAVBgNVBAMMDkVT
VEVJRC1TSyAyMDE1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0oH6
1NDxbdW9k8nLA1qGaL4B7vydod2Ewp/STBZB3wEtIJCLdkpEsS8pXfFiRqwDVsgG
Gbu+Q99trlb5LI7yi7rIkRov5NftBdSNPSU5rAhYPQhvZZQgOwRaHa5Ey+BaLJHm
LqYQS9hQvQsCYyws+xVvNFUpK0pGD64iycqdMuBl/nWq3fLuZppwBh0VFltm4nhr
/1S0R9TRJpqFUGbGr4OK/DwebQ5PjhdS40gCUNwmC7fPQ4vIH+x+TCk2aG+u3MoA
z0IrpVWqiwzG/vxreuPPAkgXeFCeYf6fXLsGz4WivsZFbph2pMjELu6sltlBXfAG
3fGv43t91VXicyzR/eT5dsB+zFsW1sHV+1ONPr+qzgDxCH2cmuqoZNfIIq+buob3
eA8ee+XpJKJQr+1qGrmhggjvAhc7m6cU4x/QfxwRYhIVNhJf+sKVThkQhbJ9XxuK
k3c18wymwL1mpDD0PIGJqlssMeiuJ4IzagFbgESGNDUd4icm0hQT8CmQeUm1GbWe
BYseqPhMQX97QFBLXJLVy2SCyoAz7Bq1qA43++EcibN+yBc1nQs2Zoq8ck9MK0bC
xDMeUkQUz6VeQGp69ImOQrsw46qTz0mtdQrMSbnkXCuLan5dPm284J9HmaqiYi6j
6KLcZ2NkUnDQFesBVlMEm+fHa2iR6lnAFYZ06UECAwEAAaOCAgowggIGMB8GA1Ud
IwQYMBaAFBLyWj7qVhy/zQas8fElyalL1BSZMB0GA1UdDgQWBBSzq4i8mdVipIUq
CM20HXI7g3JHUTAOBgNVHQ8BAf8EBAMCAQYwdwYDVR0gBHAwbjAIBgYEAI96AQIw
CQYHBACL7EABAjAwBgkrBgEEAc4fAQEwIzAhBggrBgEFBQcCARYVaHR0cHM6Ly93
d3cuc2suZWUvQ1BTMAsGCSsGAQQBzh8BAjALBgkrBgEEAc4fAQMwCwYJKwYBBAHO
HwEEMBIGA1UdEwEB/wQIMAYBAf8CAQAwQQYDVR0eBDowOKE2MASCAiIiMAqHCAAA
AAAAAAAAMCKHIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCcGA1Ud
JQQgMB4GCCsGAQUFBwMJBggrBgEFBQcDAgYIKwYBBQUHAwQwfAYIKwYBBQUHAQEE
cDBuMCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcC5zay5lZS9DQTBKBggrBgEFBQcw
AoY+aHR0cDovL3d3dy5zay5lZS9jZXJ0cy9FRV9DZXJ0aWZpY2F0aW9uX0NlbnRy
ZV9Sb290X0NBLmRlci5jcnQwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL3d3dy5z
ay5lZS9yZXBvc2l0b3J5L2NybHMvZWVjY3JjYS5jcmwwDQYJKoZIhvcNAQEMBQAD
ggEBAHRWDGI3P00r2sOnlvLHKk9eE7X93eT+4e5TeaQsOpE5zQRUTtshxN8Bnx2T
oQ9rgi18q+MwXm2f0mrGakYYG0bix7ZgDQvCMD/kuRYmwLGdfsTXwh8KuL6uSHF+
U/ZTss6qG7mxCHG9YvebkN5Yj/rYRvZ9/uJ9rieByxw4wo7b19p22PXkAkXP5y3+
qK/Oet98lqwI97kJhiS2zxFYRk+dXbazmoVHnozYKmsZaSUvoYNNH19tpS7BLdsg
i9KpbvQLb5ywIMq9ut3+b2Xvzq8yzmHMFtLIJ6Afu1jJpqD82BUAFcvi5vhnP8M7
b974R18WCOpgNQvXDI+2/8ZINeU=</xades:EncapsulatedX509Certificate>
<xades:EncapsulatedX509Certificate Id="S0-RESPONDER_CERT">
MIIEvDCCA6SgAwIBAgIQcpyVmdruRVxNgzI3N/NZQTANBgkqhkiG9w0BAQUFADB1
MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
CSqGSIb3DQEJARYJcGtpQHNrLmVlMB4XDTExMDMxODEwMjE0M1oXDTI0MDMxODEw
MjE0M1owgZ0xCzAJBgNVBAYTAkVFMQ4wDAYDVQQIEwVIYXJqdTEQMA4GA1UEBxMH
VGFsbGlubjEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czENMAsG
A1UECxMET0NTUDEfMB0GA1UEAxMWU0sgT0NTUCBSRVNQT05ERVIgMjAxMTEYMBYG
CSqGSIb3DQEJARYJcGtpQHNrLmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAihvGyhMVrgReHluKln1za6gvCE/mlSREmWjJFpL9llvuEUZoPFIypYA8
g5u1VfgkeW5gDq25jAOq4FyXeDGIa+pJn2h0o2Wc2aeppVG/emfGm/jA8jjeyMrw
H8fAJrqVQ7c9X2xSwJEch/P2d8CfMZt5YF6gqLtPvG1b+n6otBZA5wjIFfJ/inJB
MUvqHSz3+PLfxO2/T3Wyk/c8M9HIMqTelqyiMGRgWehiU1OsL9armv3dQrHs1wm6
vHaxfpfWB9YAFpeo9aYqhPCxVt/zo2NQB6vxyZS0hsOrXL7SxRToOJaqsnvlbf0e
rPPFtRHUvbojYYgl+fzlz0Jt6QJoNwIDAQABo4IBHTCCARkwEwYDVR0lBAwwCgYI
KwYBBQUHAwkwHQYDVR0OBBYEFKWhSGFt537NmJ50nCm7vYrecgxZMIGCBgNVHSAE
ezB5MHcGCisGAQQBzh8EAQIwaTA+BggrBgEFBQcCAjAyHjAAUwBLACAAdABpAG0A
ZQAgAHMAdABhAG0AcABpAG4AZwAgAHAAbwBsAGkAYwB5AC4wJwYIKwYBBQUHAgEW
G2h0dHBzOi8vd3d3LnNrLmVlL2FqYXRlbXBlbDAfBgNVHSMEGDAWgBQS8lo+6lYc
v80GrPHxJcmpS9QUmTA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vd3d3LnNrLmVl
L3JlcG9zaXRvcnkvY3Jscy9lZWNjcmNhLmNybDANBgkqhkiG9w0BAQUFAAOCAQEA
w2sKwvTHtYGtD8Jw9mNUuj/mWiBSBEBeY2LhW8V6tjBPAPp3s6iWOh0FbVR2LUyr
qRwgT3fyWiGsiDm/6cIqM+IblLp/8ztfRQjquhW6XCD9SK02OQ9ZSdBwcmoAApZL
GXQC34wdgmV/hLTTNxONnDACBKz9U+Dy9a4ZT4tpNkbH8jq/BMne8FzbvRt1bjpX
BP7gjLX+zdx8/hp0Wq4tD+f9NVX0+vm9ahEKuzx4QzPnSB7hhWM9OnLZT7noRQa+
KWk5c+e5VoR5R2t7MjVl8Cd+2llxiSxqMSbU5/23BzAKgN+NQdrBZAzpZ7lfaAuL
FaICP+bAm6uW2JUrM6abOw==</xades:EncapsulatedX509Certificate>
</xades:CertificateValues>
<xades:RevocationValues Id="S0-RevocationValues">
<xades:OCSPValues><xades:EncapsulatedOCSPValue Id="N0">
MIIHWgoBAKCCB1MwggdPBgkrBgEFBQcwAQEEggdAMIIHPDCCAVyhgaAwgZ0xCzAJ
BgNVBAYTAkVFMQ4wDAYDVQQIEwVIYXJqdTEQMA4GA1UEBxMHVGFsbGlubjEiMCAG
A1UEChMZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czENMAsGA1UECxMET0NTUDEf
MB0GA1UEAxMWU0sgT0NTUCBSRVNQT05ERVIgMjAxMTEYMBYGCSqGSIb3DQEJARYJ
cGtpQHNrLmVlGA8yMDE5MTIyMDA4NDAzN1owYDBeMEkwCQYFKw4DAhoFAAQU/ycP
pUs92lD7/iLb2ohCQQ7zE+4EFLOriLyZ1WKkhSoIzbQdcjuDckdRAhACN5FoktVE
x1kv31pHnmHRgAAYDzIwMTkxMjIwMDg0MDM3WqFEMEIwQAYJKwYBBQUHMAECBDMw
MTANBglghkgBZQMEAgEFAAQgjgPEikDH3TdGkQJLlWHBsjYRKmDt80Rnh07j5B9Z
UIcwDQYJKoZIhvcNAQELBQADggEBAAMgn/SzZSF0QARw0NJgXutzAxZZvLFHCGj7
nTJSt/N6BVm3YyNSOgzN3lH+2EhUr1DcDxf4x93x2EwU2MjwRdeD8sBdJxXNPc+m
U4xMQVIkaKMKt7uEDjExfl6oceh35tEa5QNqeAoFaIy4ELTTyULm+nZcDFTn0RlY
xwOsOlnYcgTT7JIUoKmVrHEKAIcK7ToXdvI/8Nziczf1vFDdQl8syVlH1MmmLq5N
qVwE+8XCDdHn6ranXtf8mh3KJds02n2ViBDU8onMEDCGUK35mPLTi9eB5XTtxgyW
ZrTISlIjhjMJNozoFyyeqCW2ih4E1ntm4IC6SWDaP/VoLU6ZrnKgggTEMIIEwDCC
BLwwggOkoAMCAQICEHKclZna7kVcTYMyNzfzWUEwDQYJKoZIhvcNAQEFBQAwdTEL
MAkGA1UEBhMCRUUxIjAgBgNVBAoMGUFTIFNlcnRpZml0c2VlcmltaXNrZXNrdXMx
KDAmBgNVBAMMH0VFIENlcnRpZmljYXRpb24gQ2VudHJlIFJvb3QgQ0ExGDAWBgkq
hkiG9w0BCQEWCXBraUBzay5lZTAeFw0xMTAzMTgxMDIxNDNaFw0yNDAzMTgxMDIx
NDNaMIGdMQswCQYDVQQGEwJFRTEOMAwGA1UECBMFSGFyanUxEDAOBgNVBAcTB1Rh
bGxpbm4xIjAgBgNVBAoTGUFTIFNlcnRpZml0c2VlcmltaXNrZXNrdXMxDTALBgNV
BAsTBE9DU1AxHzAdBgNVBAMTFlNLIE9DU1AgUkVTUE9OREVSIDIwMTExGDAWBgkq
hkiG9w0BCQEWCXBraUBzay5lZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIobxsoTFa4EXh5bipZ9c2uoLwhP5pUkRJloyRaS/ZZb7hFGaDxSMqWAPIOb
tVX4JHluYA6tuYwDquBcl3gxiGvqSZ9odKNlnNmnqaVRv3pnxpv4wPI43sjK8B/H
wCa6lUO3PV9sUsCRHIfz9nfAnzGbeWBeoKi7T7xtW/p+qLQWQOcIyBXyf4pyQTFL
6h0s9/jy38Ttv091spP3PDPRyDKk3pasojBkYFnoYlNTrC/Wq5r93UKx7NcJurx2
sX6X1gfWABaXqPWmKoTwsVbf86NjUAer8cmUtIbDq1y+0sUU6DiWqrJ75W39Hqzz
xbUR1L26I2GIJfn85c9CbekCaDcCAwEAAaOCAR0wggEZMBMGA1UdJQQMMAoGCCsG
AQUFBwMJMB0GA1UdDgQWBBSloUhhbed+zZiedJwpu72K3nIMWTCBggYDVR0gBHsw
eTB3BgorBgEEAc4fBAECMGkwPgYIKwYBBQUHAgIwMh4wAFMASwAgAHQAaQBtAGUA
IABzAHQAYQBtAHAAaQBuAGcAIABwAG8AbABpAGMAeQAuMCcGCCsGAQUFBwIBFhto
dHRwczovL3d3dy5zay5lZS9hamF0ZW1wZWwwHwYDVR0jBBgwFoAUEvJaPupWHL/N
Bqzx8SXJqUvUFJkwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL3d3dy5zay5lZS9y
ZXBvc2l0b3J5L2NybHMvZWVjY3JjYS5jcmwwDQYJKoZIhvcNAQEFBQADggEBAMNr
CsL0x7WBrQ/CcPZjVLo/5logUgRAXmNi4VvFerYwTwD6d7OoljodBW1Udi1Mq6kc
IE938lohrIg5v+nCKjPiG5S6f/M7X0UI6roVulwg/UitNjkPWUnQcHJqAAKWSxl0
At+MHYJlf4S00zcTjZwwAgSs/VPg8vWuGU+LaTZGx/I6vwTJ3vBc270bdW46VwT+
4Iy1/s3cfP4adFquLQ/n/TVV9Pr5vWoRCrs8eEMz50ge4YVjPTpy2U+56EUGvilp
OXPnuVaEeUdrezI1ZfAnftpZcYksajEm1Of9twcwCoDfjUHawWQM6We5X2gLixWi
Aj/mwJurltiVKzOmmzs=</xades:EncapsulatedOCSPValue>
</xades:OCSPValues></xades:RevocationValues></xades:UnsignedSignatureProperties>
</xades:UnsignedProperties></xades:QualifyingProperties></ds:Object>
</ds:Signature>
</asic:XAdESSignatures>

I need to get the signer's certificate and OCSP response from a file that I mentioned earlier.我需要从我之前提到的文件中获取签名者的证书和 OCSP 响应。 Below is the code that I used in order to get a signer's certificate and data related to the certificate (written in java):下面是我用来获取签名者证书和与证书相关的数据的代码(用 java 编写):

    public static void main(String[] args) throws Exception {
            File xmlFile = new File("signatures0.xml");
            DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
            DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
            Document doc = dBuilder.parse(xmlFile);
            doc.getDocumentElement().normalize();
            NodeList nodeList = doc.getElementsByTagName("ds:X509Certificate");
            for (int itr = 0; itr < nodeList.getLength(); itr++) {
                Node node = nodeList.item(itr);
                String encodedBlock = node.getTextContent().replace("\n", "");
                byte[] decodedBlock = Base64.getDecoder().decode(encodedBlock.getBytes(StandardCharsets.UTF_8));
                ByteArrayInputStream inputStream = new ByteArrayInputStream(decodedBlock);

                CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
                X509Certificate cert = (X509Certificate) certFactory.generateCertificate(inputStream);
                System.out.println(cert.getIssuerDN());
                System.out.println(cert.getSubjectX500Principal().toString());
                System.out.println(cert.getPublicKey());
                cert.checkValidity();
            }

  }

1 个解决方案

解决方案1
 0  2020-04-18 10:51:43

Actually, I don't understand exactly what you need.其实,我不明白你到底需要什么。 But, In my opinion to get a clear structure you can extract a data, it's better to use pki protocol libraries such as openssl and bouncy castle.但是,在我看来,要获得可以提取数据的清晰结构,最好使用 pki 协议库,例如 openssl 和 bouncy Castle。

These opensource provide you to convert Base64 encoded string to well organized and easy to use Class(structure).这些开源提供您将 Base64 编码的字符串转换为组织良好且易于使用的类(结构)。

So, import the boundcy castle in your project and use the provided simple apis like below.因此,在您的项目中导入边界城堡并使用提供的简单 api,如下所示。 please note that below is a der example, it may provide pem api.请注意,下面是一个 der 示例,它可能提供 pem api。 If not, pem <-> der convertion is required.如果不是,则需要 pem <-> der 转换。

https://www.programcreek.com/java-api-examples/?api=org.bouncycastle.asn1.ocsp.OCSPResponse https://www.programcreek.com/java-api-examples/?api=org.bouncycastle.asn1.ocsp.OCSPResponse

please check请检查

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用脱机签名和OCSP响应创建PADES - How to create PADES using offline signature and OCSP response 如何从Java中的服务器证书获取OCSP URL? - How to get the OCSP url from the server certificate in java? 我如何从jsp获取xml文件作为响应 - how can i get xml file as a response from jsp 如何从 webService 响应中以 XML 形式获取响应? - How to get response as XML from webService response? 如何从ImageShack API获得XML响应? - How get XML response from ImageShack API? 如何在C#或Java握手期间读取ocsp装订响应 - How to read ocsp stapled response during handshake in C# or Java 如何根据 XML 文件生成签名? - How to generate a signature based on an XML file? 如何仅从 SOAP 响应中获取 XML 内容 - How to get only XML content from a SOAP response 如何从Java中获取URL的xml响应并将其存储在MONGODB中 - How to get xml response from URL in Java and store It in MONGODB 在OCSP响应中,responderID的用途是什么? - What is the use of the responderID in the OCSP response?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM