我用xades4j库进行xml数字签名。签名似乎一切正常,但我意识到如果 xml 文件具有非英语字母的特殊字母或重音符号(例如 é 或 ñ(,则验证将失败。我使用此代码进行数字签名和验证,下面是签名后无法验证的示例 xml:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<collection Id="root">
<album>
<title>Questions, unanswered</title>
<artist>Steve and the flubberblubs</artist>
<year>1989</year>
<t:tracks xmlns:t="http://test.xades4j/tracks">
<t:song tracknumber="1" length="4:05">
<t:title>What do you know?</t:title>
<t:artist>Steve é flubberblubs</t:artist>
<t:lastplayed>2006-10-17-08:31</t:lastplayed>
</t:song>
<t:song tracknumber="2" length="3:45">
<t:title>Who do you know?</t:title>
<t:artist>Steve and the flubberblubs</t:artist>
<t:lastplayed>2006-10-17-08:35</t:lastplayed>
</t:song>
<t:song tracknumber="3" length="5:14">
<t:title>When do you know?</t:title>
<t:artist>Steve and the flubberblubs</t:artist>
<t:lastplayed>2006-10-17-08:39</t:lastplayed>
</t:song>
<t:song tracknumber="4" length="4:19">
<t:title>Do you know?</t:title>
<t:artist>Steve and the flubberblubs</t:artist>
<t:lastplayed>2006-10-17-08:44</t:lastplayed>
</t:song>
</t:tracks>
</album>
</collection>
我得到的例外是:
[main] WARN org.apache.xml.security.signature.Reference - Verification failed for URI "#root"
[main] WARN org.apache.xml.security.signature.Reference - Expected Digest: KHQDbFVesKu/iTx7o1ad80ADwyDo1/sw/bagFpPMNH0=
[main] WARN org.apache.xml.security.signature.Reference - Actual Digest: S+7XIBhTeXQZ8UOdz1e2gbM1mJFrN9c/pEForMZw0p4=
[main] WARN org.apache.xml.security.signature.Reference - Verification failed for URI "#root"
[main] WARN org.apache.xml.security.signature.Reference - Expected Digest: KHQDbFVesKu/iTx7o1ad80ADwyDo1/sw/bagFpPMNH0=
[main] WARN org.apache.xml.security.signature.Reference - Actual Digest: S+7XIBhTeXQZ8UOdz1e2gbM1mJFrN9c/pEForMZw0p4=
[main] WARN org.apache.xml.security.signature.Reference - Verification failed for URI "#root"
[main] WARN org.apache.xml.security.signature.Reference - Expected Digest: KHQDbFVesKu/iTx7o1ad80ADwyDo1/sw/bagFpPMNH0=
[main] WARN org.apache.xml.security.signature.Reference - Actual Digest: S+7XIBhTeXQZ8UOdz1e2gbM1mJFrN9c/pEForMZw0p4=
Exception in thread "main" xades4j.verification.ReferenceValueException: Reference '#root' cannot be validated
at xades4j.verification.XadesVerifierImpl.doCoreVerification(XadesVerifierImpl.java:313)
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:195)
at xadesTest.Test2.verifyBes(Test2.java:184)
at xadesTest.Test2.main(Test2.java:84)
如果从 xml 中删除音调符号验证,则验证成功。我不知道代码是否缺少任何内容或其他地方存在问题。提前谢谢你。
感谢您分享您的解决方案,它解决了我验证 XAdES 签名的问题:
InputStream iStream = new FileInputStream(SIGNED);
Reader reader = new InputStreamReader(iStream, "utf-8");
InputSource is = new InputSource(reader);
is.setEncoding("utf-8");
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
DocumentBuilder builder = factory.newDocumentBuilder();
//Document doc = builder.parse(new InputSource(new FileReader(SIGNED)));
Document doc = builder.parse(is);
.........