我正在编写Java代码以获取规范化的XML文件,该文件由获得批准方的SSL密钥签名。
我可以从文件中获取内容和签名,如果签名人使用RSA密钥,甚至可以验证签名。
但是,如果使用DSA密钥创建了SSL签名,则XMLSignature对象将失败,并显示以下错误:
javax.xml.crypto.dsig.XMLSignatureException:java.security.InvalidKeyException:没有安装的提供程序支持以下密钥:sun.security.rsa.RSAPublicKeyImpl
我的代码如下:
SignatureCheck result = new SignatureCheck();
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
dbFactory.setNamespaceAware(true);
DocumentBuilder dBuilder = dbFactory.newDocumentBuilder();
Document xml = dBuilder.parse(fileStream);
xml.getDocumentElement().normalize();
// Find Signature element
NodeList nl = xml.getElementsByTagNameNS(XMLSignature.XMLNS, "Signature");
if (nl.getLength() == 0) return result;
// Create a DOM XMLSignatureFactory that will be used to unmarshal the
// document containing the XMLSignature
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
// Create a DOMValidateContext and specify a KeyValue KeySelector
// and document context
DOMValidateContext valContext = new DOMValidateContext(new CertKeySelector(), nl.item(0));
// unmarshal the XMLSignature
XMLSignature signature = fac.unmarshalXMLSignature(valContext);
// Validate the XMLSignature (generated above)
result.isValid = signature.validate(valContext);
答案 0 :(得分:0)
事实证明,实际上XML签名确实接受了这一曲线,我只是在比较错误的证书(ecdsa证书和RSA证书)。