XADES4J-XML签名验证错误-SignaturePolicyNotAvailableException
-
21-12-2019 - |
题
我收到带有Xades EPES签名的XML发票,我必须控制它。所以我尝试用Xades4j做到这一点。我已经修复了很多错误,但我坚持错误:
errxades4j.verification.SignaturePolicyNotAvailableException: Verification failed for property 'SignaturePolicyIdentifier': signature policy document is not available
at xades4j.verification.SignaturePolicyVerifier.verify(SignaturePolicyVerifier.java:67)
at xades4j.verification.SignaturePolicyVerifier.verify(SignaturePolicyVerifier.java:38)
at xades4j.verification.QualifyingPropertiesVerifierImpl.verifyProperties(QualifyingPropertiesVerifierImpl.java:58)
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:202)
Java代码用于验证签名 :
FileInputStream fis = new FileInputStream("keystore.jks");
KeyStore trustAnchors = KeyStore.getInstance("jks");
trustAnchors.load(fis,"password".toCharArray());
fis.close();
CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false);
XadesVerificationProfile p = new XadesVerificationProfile(certValidator);
XadesVerifier v = p.newVerifier();
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
DocumentBuilder db = dbf.newDocumentBuilder();
FileInputStream is = new FileInputStream(filename);
Document doc = db.parse(is);
Element sigElem = (Element)doc.getElementsByTagNameNS(Constants.SignatureSpecNS, Constants._TAG_SIGNATURE).item(0);
XAdESVerificationResult r = null;
r = v.verify(sigElem,null);
如有必要,我可以发布我尝试在匿名后验证的XML文件的提取。
谢谢.我已经看过并尝试了所有我发现的(在网上,xades4j示例,xades4j junit类。..)但似乎没有解决我的错误。
解决方案
您需要像这样指定自己的策略文档提供程序: p.withPolicyDocumentProvider()
.并且您必须实现自己的策略提供程序来实现接口 SignaturePolicyInfoProvider
和 SignaturePolicyDocumentProvider
.(至少我是这样做的)
编辑您的评论:
你需要实现 SignaturePolicyInfoProvider.getSignaturePolicyDocumentStream()
, ,它返回一个 InputStream
.这可以是一个 FileInputStream
例子::
public class FilebasedSignaturePolicyProvider implements SignaturePolicyDocumentProvider {
@Override
public InputStream getSignaturePolicyDocumentStream(ObjectIdentifier sigPolicyId) {
String oid = sigPolicyId.getIdentifier();
try {
return new FileInputStream("directory-to-my-policy-files/" + oid);
} catch (FileNotFoundException e) {
// handle error
}
}
}
不隶属于 StackOverflow