我必须创建 xml 来生成摘要值
Element objTimer = doc.createElement("Object");
---code gen xml tag and data
objTimer.appendChild(signatureProperties);
和像这样的数据 xml
<Object Id="SigningTime-mindy07w7pug7qwd4fodstkkfmity3ih">
<SignatureProperties
xmlns="">
<SignatureProperty Target="#Signature-zlxulrwt7qtdm8vlpgts0iq3yay4ibj1">
<SigningTime>2023-03-22T10:45:32</SigningTime>
</SignatureProperty>
</SignatureProperties>
</Object>
生成摘要的代码
private String getDigestForRemoteTimer(Document inputNode, String signingTagName) throws Exception {
Node nodeToBeHash = inputNode.getElementsByTagName(signingTagName).item(0);
Canonicalizer c14n = usingNS ? Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS)
: Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
byte[] transformed = c14n.canonicalizeSubtree(nodeToBeHash);
return Base64.getEncoder().encodeToString(DigestCreator.digest(transformed, hashAlgo));
}
通话功能
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
Document newDocument = builder.newDocument();
Node importedNode = newDocument.importNode(objTimer, true);
newDocument.appendChild(importedNode);
digestValueTimer.setTextContent(getDigestForRemoteTimer(newDocument, "Object"));
但是当我检查验证 XML 数字签名时,它有 参考摘要无效,因为计算的摘要与 XML 中的摘要不同。
参考这样检查
<Reference URI="#SigningTime-mindy07w7pug7qwd4fodstkkfmity3ih">
<Transforms>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>Zq/zkl4R8paPaCQpo5D9PVW8k48=</DigestValue>
</Reference>
那么这里有什么错误,我该如何解决?