1
나는 XML- 문서에 서명했고 나는이 문서에 기초하여 서명을 계산했다.서명의 공백은 무엇입니까?
- 서명 알고리즘 : 서명을 위해 사용되는
http://www.w3.org/2000/09/xmldsig#rsa-sha1
- 해싱 알고리즘 : 아래 내 코드의
http://www.w3.org/2000/09/xmldsig#sha1
부.
...
initKeyAndCertificate();
Document signedXmlDoc = getSignXML(signMethod,
digestMethod, decodeXmlDocAsString);
String signedXMLAsString = getSignedXMLAsString(signedXmlDoc);
org.jsoup.nodes.Document document = Jsoup.parse(signedXMLAsString);
Element signatureValueTag = document.select("SignatureValue").first();
String signatureValueAsString = signatureValueTag.text();
System.out.println("=======================================");
System.out.println(signedXMLAsString);
System.out.println("=======================================");
System.out.println(signatureValueAsString);
System.out.println("=======================================");
...
initKeyAndCertificate
있어서
private void initKeyAndCertificate() throws Exception {
String jksFileName = "C:/Java/keys/testkey.jks";
FileInputStream fileInputStream = null;
try {
fileInputStream = new FileInputStream(new File(jksFileName));
} catch (FileNotFoundException fe) {
fe.printStackTrace();
}
final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
char[] KeyStorePass = null;
keyStore.load(fileInputStream, KeyStorePass);
key =
keyStore.getKey("testkey", new char[]{'t', 'e', 's', 't', 'k', 'e', 'y'});
certificate = keyStore.getCertificate("testkey");
try {
fileInputStream.close();
} catch (IOException ex) {
ex.printStackTrace();
}
}
getSignXML
있어서
public Document getSignXML(String signMethod,
String digestMethod, String XmlDocAsString) throws Exception {
final DocumentBuilderFactory documentBuilderFactory =
DocumentBuilderFactory.newInstance();
documentBuilderFactory.setIgnoringElementContentWhitespace(true);
documentBuilderFactory.setCoalescing(true);
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
InputSource is = new InputSource(new StringReader(XmlDocAsString));
Document doc = builder.parse(is);
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
List<Transform> transformList = new ArrayList<Transform>();
Transform transformC14N =
xmlSignatureFactory.newTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS,
(XMLStructure) null);
transformList.add(transformC14N);
Reference reference = xmlSignatureFactory.newReference("",
xmlSignatureFactory.newDigestMethod(digestMethod, null),
transformList, null, null);
SignedInfo signedInfo =
xmlSignatureFactory.newSignedInfo(
xmlSignatureFactory.newCanonicalizationMethod(
CanonicalizationMethod.EXCLUSIVE,
(C14NMethodParameterSpec) null),
xmlSignatureFactory.newSignatureMethod(signMethod, null),
Collections.singletonList(reference));
KeyInfoFactory keyInfoFactory =
xmlSignatureFactory.getKeyInfoFactory();
X509Data x509Data =
keyInfoFactory.newX509Data(Collections.singletonList(certificate));
KeyInfo keyInfo =
keyInfoFactory.newKeyInfo(Collections.singletonList(x509Data));
final Node node = doc.getDocumentElement();
javax.xml.crypto.dsig.XMLSignature xmlSignature =
xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo);
DOMSignContext signContext = new DOMSignContext(key, node);
xmlSignature.sign(signContext);
return doc;
}
getSignedXMLAsString
있어서
private String getSignedXMLAsString(Document signedDocument) {
DOMSource domSource = new DOMSource(signedDocument);
StringWriter stringWriter = new StringWriter();
StreamResult streamResult = new StreamResult(stringWriter);
TransformerFactory transformerFactory = TransformerFactory.newInstance();
Transformer transformer = null;
try {
transformer = transformerFactory.newTransformer();
} catch (TransformerConfigurationException e) {
e.printStackTrace();
}
try {
transformer.transform(domSource, streamResult);
} catch (TransformerException e) {
e.printStackTrace();
}
return stringWriter.toString();
}
signatureValueAsString
i0Ws4MjH7AfPcbHEDCzrMjV+e4O41l43ZXEMHbcCjTmP4WKl7iVH3IcoM6ugS4qMejOHctntH41w 8niOxnCMcjDEnwM6kZtMIJyjrTxMVjSUDyFcKB79Yc/v5hC3dH5deX59W4oxM6Fg72W23s3zcMDD rdRCM5wHqMZW0WvBMoM=
서명에 공백이 있습니다. 서명에서이 공백의 의미는 무엇입니까? 난 그냥 그들을 제거하고 부분 문자열을 연결할 수 있습니까?