Xades4j验证 - 无法从http://www.w3.org/2000/09/xmldsig#创建null：null

Question

我正在尝试编写应该使用xades4j库验证XML符号的程序。

我有这样的事情：

public static void verify() throws Exception
         {
        FileSystemDirectoryCertStore certStore = new     FileSystemDirectoryCertStore("C:\\(...)");
        KeyStore trustAnchors = KeyStore.getInstance("jks");
        trustAnchors.load(null);
        CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false, certStore.getStore());

        XadesVerificationProfile p = new XadesVerificationProfile(certValidator);
        XadesVerifier v = p.newVerifier();

        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        DocumentBuilder builder = factory.newDocumentBuilder();     
        String  pathToXmlFile = "C:\\(..)\\TEST20140709_04.xml";

        Document docSource = builder.parse(new FileInputStream(pathToXmlFile));
        docSource.getDocumentElement();

        //Element sigElem = (Element)factory.newDocumentBuilder().parse(new FileInputStream(pathToXmlFile));
        Element sigElem =  docSource.getDocumentElement();
        SignatureSpecificVerificationOptions ssvo = new SignatureSpecificVerificationOptions();
        ssvo.useBaseUri("http://www.ietf.org/rfc/");

        XAdESVerificationResult r = v.verify(sigElem, ssvo);


System.out.println(r.getSignatureForm());
System.out.println(r.getSignatureAlgorithmUri());
System.out.println(r.getSignedDataObjects().size());
System.out.println(r.getQualifyingProperties().all().size());
    }

我收到此例外：

Exception in thread "main" xades4j.xml.unmarshalling.UnmarshalException: Bad XML signature
    at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:123)
    at bankconnect2.xades.Signer.verify(Signer.java:392)
    at bankconnect2.BankConnect2.main(BankConnect2.java:591)
 Caused by: org.apache.xml.security.exceptions.XMLSecurityException: **Cannot create a null:null from a http://www.w3.org/2000/09/xmldsig#:Signature element**
at org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpace(ElementProxy.java:249)
at org.apache.xml.security.utils.ElementProxy.<init>(ElementProxy.java:97)
at org.apache.xml.security.utils.SignatureElementProxy.<init>(SignatureElementProxy.java:58)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:341)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:326)
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:120)

trustAnchors的大小为0 - 不应该是＆gt; 0？ 你能指出我哪里出错吗？

Answer 1

我注意到了两件事：

• DocumentBuilderFactory应该be namespace aware。
• 您没有将任何内容加载到信任锚点密钥库中。您可能想要load it from a file。

如果仍然存在解组异常，则签名XML可能存在错误。