XAdES签名值计算

时间:2016-03-03 09:18:11

标签: java xml-signature electronic-signature 

<?xml version="1.0" encoding="UTF-8"?><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-Id-52043e85-233a-4b03-9339-9194953173c3">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference Id="Reference-Id-b9193c68-f184-4331-aed3-bbeb471a2b79" Type="http://uri.etsi.org/01903#SignedProperties" URI="#Signed-Properties-Id-4ff6d0b3-584b-4297-89b0-793ff00f37a8">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>wlaAcZKVNZgLqGoYtuGRDv99W9p2Vt2yfR6OJNwr2VM=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="Reference-Id-d492a916-52de-4d48-8703-c208e771849b" URI="#Object-Id-aac62ae7-7431-4b97-8449-bed38724903b">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>KYFVIohebyDuvqA11QOvvUmvVXqniThSWADEyaa6FX4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue Id="Signature-Value-Id-af300711-d063-46a0-9dd4-ab4d6001515e">NYL9g+pnT8xbTa/m9rFuj4Ry5WDYWunpDphokYlxe/OvWATZBS7vAUKHJiVW+qAsa1eKrwsHbSa5
H8sC+nIjSfovymp1yKTPZkf+SmvHLSZZ3WzfxquuLCFI68tN3vxgfcmFQbrpsffjufM9zGW0/ZIf
bQXy3FkY3gxjr474m8q+vmVRiequRXTQaREjkL21Bw7upTuy8xvBdvK/P3d9+OUQNCBvs7ereeVv
4wrn31/5czNMNadhdJyQPrC1/j1fte+WPjQ5NXObSCbn7SfJyhSGvcJslEb3hyvzmtkJ/JQF2p4a
f2vGBPFjw58UUBPNR0eTHwyaFfzlGZZQ1MJdaQ==</ds:SignatureValue>

使用电子签名程序生成xml以上。我试图用Java代码做同样的事情。我没弄清楚如何计算SignatureValue。 我试过这个,但结果不同。 (生成的signatureValue不同)

1- Canonicalize the SignedInfo
2- Digest the result with SHA-256
3- Sign the result with private key. (Using same private key as the program uses)

代码受到打击:

    org.apache.xml.security.Init.init();
    Canonicalizer canon = Canonicalizer.getInstance("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
    byte[] content = Util.getContent("test.xml");
    byte canonXmlBytes[] = canon.canonicalize(content);    
    System.out.println(new String(canonXmlBytes));
    byte[] digestSHA256 = Util.digestSHA256(canonXmlBytes);
    //sign digestSHA256 with private key (smartcard private key)

test.xml包含

<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference Id="Reference-Id-b9193c68-f184-4331-aed3-bbeb471a2b79" Type="http://uri.etsi.org/01903#SignedProperties" URI="#Signed-Properties-Id-4ff6d0b3-584b-4297-89b0-793ff00f37a8">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>wlaAcZKVNZgLqGoYtuGRDv99W9p2Vt2yfR6OJNwr2VM=</ds:DigestValue>
</ds:Reference>
<ds:Reference Id="Reference-Id-d492a916-52de-4d48-8703-c208e771849b" URI="#Object-Id-aac62ae7-7431-4b97-8449-bed38724903b">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>KYFVIohebyDuvqA11QOvvUmvVXqniThSWADEyaa6FX4=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>

0 个答案:

没有答案
相关问题
最新问题