Xades4j - 如何輸入 SHA256 的哈希值?
[英]Xades4j - How can I enter a hash for SHA256?
問題描述
我需要使用 XAdES-EPES 封裝的 RSA-SHA256 對 xml 文件進行簽名,並使用此哈希:Quzn98x3PMbSHwbUzaj5f5KOpiH0u8bvmwbbbNkO9Es
我簽署了 XML,但它無效,因為我不知道如何輸入該哈希。 這是我的代碼:
public class Firma{
private static final String FOLDER = "C:/ECLIPSE/PRUEBAS_Firma/";
private static final String CERT = "SOLDISP_XXXXX.p12";// "Certificado de
// dispositivo
private static final String PASS = "xxxxxx";
private static final String DOCUMENT = "C:/ECLIPSE/PRUEBAS_Firma/Ejemplo_TicketBAI_B00000034_B2022_0101_SinFirma.xml";
public static void main(String[] args) throws Exception {
System.setProperty("org.apache.xml.security.ignoreLineBreaks", "true");
System.out.println(">>>>>>>>> Firmando XML");
signEpes();
}
private static void signEpes() throws Exception {
Document doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new File(DOCUMENT));
Element elem = doc.getDocumentElement();
DOMHelper.useIdAsXmlId(elem);
KeyingDataProvider kdp = new FileSystemKeyStoreKeyingDataProvider("pkcs12", FOLDER + CERT,
new FirstCertificateSelector(), new DirectPasswordProvider(PASS), new DirectPasswordProvider(PASS),
true);
// politica
SignaturePolicyInfoProvider policyInfoProvider = new SignaturePolicyInfoProvider() {
@Override
public SignaturePolicyBase getSignaturePolicy() {
return new SignaturePolicyIdentifierProperty(
new ObjectIdentifier(
"https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf",
IdentifierType.URI, ""),
new ByteArrayInputStream(
"https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf"
.getBytes())
);
}
};
SignerEPES signer = (SignerEPES) new XadesEpesSigningProfile(kdp, policyInfoProvider).newSigner();
new Enveloped(signer).sign(elem);
outputDocument(doc, "Factura_firmada.xml");
}
protected static void outputDocument(Document doc, String fileName) throws Exception {
TransformerFactory tf = TransformerFactory.newInstance();
File outDir = ensureOutputDir();
FileOutputStream out = new FileOutputStream(new File(outDir, fileName));
tf.newTransformer().transform(new DOMSource(doc), new StreamResult(out));
out.close();
}
private static File ensureOutputDir() {
File dir = new File(toPlatformSpecificFilePath(FOLDER));
dir.mkdir();
return dir;
}
}
拜托,誰能幫幫我??? 提前致謝
1 個解決方案
解決方案1
0 2021-11-05 10:16:30
哈希值必須從源策略頁面 Stream 計算。 下面的代碼做你想做的,改變你需要的任何東西來適應你的場景。 您可以在創建時更改代碼
簽名策略信息提供者
SignaturePolicyInfoProvider policyInfoProvider = new SignaturePolicyInfoProvider() {
@Override
public SignaturePolicyBase getSignaturePolicy() {
try {
//PolicyDocumentStream o PolicyDocumentData calculado a partir del contenido de la URL
URL url = new URL("https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf");
if ("https".equals(url.getProtocol())) {
HttpsURLConnection.setDefaultSSLSocketFactory(getTrustAllClientSecureContext("TLS").getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new TrustAllHostnameVerifier());
}
URLConnection urlConn = url.openConnection();
urlConn.setConnectTimeout(5000);
urlConn.setReadTimeout(60000);
//Dummy "User-Agent"
urlConn.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0");
return new SignaturePolicyIdentifierProperty(new ObjectIdentifier("https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf", IdentifierType.URI), new BufferedInputStream(urlConn.getInputStream()))
.withLocationUrl("https://www.batuz.eus/fitxategiak/batuz/ticketbai/sinadura_elektronikoaren_zehaztapenak_especificaciones_de_la_firma_electronica_v1_0.pdf");
} catch (Exception ex) {
System.out.println("ERROR: SignaturePolicyInfoProvider...");
ex.printStackTrace();
}
return null;
}
};
此外,我還提供了用於 https 通信的輔助代碼。
public SSLContext getTrustAllClientSecureContext(String secureSocketProtocol) {
SSLContext context = null;
if (secureSocketProtocol == null) {
secureSocketProtocol = "TLS";
}
try {
context = SSLContext.getInstance(secureSocketProtocol);
context.init(null, new TrustManager[]{new TrustAllTrustManager()}, null);
} catch (Exception e) {
System.out.println("ERROR: " + e.getMessage());
}
return context;
}
public class TrustAllTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
@Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
public class TrustAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
}
當然,在生產中必須避免連接到 URL 的“允許所有證書”操作,而是最好將相應的證書添加到您的證書存儲中。
如何使用 XAdES4j 簽署 xml,並引用 URI (#DatosEmision)?
[英]How to sign xml with XAdES4j, and reference URI (#DatosEmision)?
如何僅使用 PHP 和 Hash 中的 XPath 使用 sha256 獲取屬性標簽
[英]How to Get the properties tag only using the XPath in PHP & Hash using sha256
如何使用XADES4j,證書存儲窗口和智能卡+ PIN碼對xml簽名
[英]How to sign an xml with XADES4j, certificate store windows and Smart Card + PIN Code
Xades4j - XML簽名驗證錯誤 - SignaturePolicyNotAvailableException
[英]Xades4j - XML Signature Verification error - SignaturePolicyNotAvailableException
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
xades4j如何添加反簽
如何使用 XAdES4j 簽署 xml,並引用 URI (#DatosEmision)?
xades4j:僅簽名一個元素
沒有 KeyInfo 的 xades4j 驗證
Xades4j驗證信封簽名
XAdES4j簽名驗證-URI問題
如何僅使用 PHP 和 Hash 中的 XPath 使用 sha256 獲取屬性標簽
如何使用XADES4j,證書存儲窗口和智能卡+ PIN碼對xml簽名
Xades4j驗證xades-x和xades-xl
Xades4j - XML簽名驗證錯誤 - SignaturePolicyNotAvailableException
相關標簽