Xades4j - XML签名验证错误 - SignaturePolicyNotAvailableException

时间:2014-07-30 08:00:49

标签: java xml verifyerror xades4j

我收到带有Xades EPES签名的XML Invoice,我必须控制它。 所以我尝试用Xades4j做到这一点。我已经解决了很多错误但我坚持错误:

errxades4j.verification.SignaturePolicyNotAvailableException: Verification failed for property 'SignaturePolicyIdentifier': signature policy document is not available
    at xades4j.verification.SignaturePolicyVerifier.verify(SignaturePolicyVerifier.java:67)
    at xades4j.verification.SignaturePolicyVerifier.verify(SignaturePolicyVerifier.java:38)
    at xades4j.verification.QualifyingPropertiesVerifierImpl.verifyProperties(QualifyingPropertiesVerifierImpl.java:58)
    at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:202)

用于验证签名的Java代码:

FileInputStream fis = new FileInputStream("keystore.jks");
KeyStore trustAnchors = KeyStore.getInstance("jks");
trustAnchors.load(fis,"password".toCharArray());
fis.close();

CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false);
XadesVerificationProfile p = new XadesVerificationProfile(certValidator);
XadesVerifier v = p.newVerifier();

DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder db =  dbf.newDocumentBuilder();
FileInputStream is = new FileInputStream(filename);
Document doc = db.parse(is);

Element sigElem = (Element)doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
XAdESVerificationResult r = null;
r = v.verify(sigElem,null);

如果有必要,我可以发布一种XML文件的摘录,我尝试在匿名化后验证。

感谢。 我已经查看并尝试了所有我发现的(在网上,xades4j示例,xades4j junit类......)但似乎没有解决我的错误。

1 个答案:

答案 0 :(得分:3)

您需要指定自己的政策文件提供商,如下所示:p.withPolicyDocumentProvider()。 您必须实现自己的策略提供程序,该提供程序实现接口SignaturePolicyInfoProviderSignaturePolicyDocumentProvider。 (至少我这样做了)

编辑您的评论:

您需要实现SignaturePolicyInfoProvider.getSignaturePolicyDocumentStream(),它会返回InputStream。这可以是FileInputStream

示例

public class FilebasedSignaturePolicyProvider implements  SignaturePolicyDocumentProvider {

    @Override
    public InputStream getSignaturePolicyDocumentStream(ObjectIdentifier sigPolicyId) {
        String oid = sigPolicyId.getIdentifier();

        try {
            return new FileInputStream("directory-to-my-policy-files/" + oid);
        } catch (FileNotFoundException e) {
            // handle error
        }
    }
}
相关问题
最新问题