问题
Im trying to write program which should verify XML sign using xades4j library.
I have something like this:
public static void verify() throws Exception
{
FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("C:\\(...)");
KeyStore trustAnchors = KeyStore.getInstance("jks");
trustAnchors.load(null);
CertificateValidationProvider certValidator = new PKIXCertificateValidationProvider(trustAnchors, false, certStore.getStore());
XadesVerificationProfile p = new XadesVerificationProfile(certValidator);
XadesVerifier v = p.newVerifier();
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = factory.newDocumentBuilder();
String pathToXmlFile = "C:\\(..)\\TEST20140709_04.xml";
Document docSource = builder.parse(new FileInputStream(pathToXmlFile));
docSource.getDocumentElement();
//Element sigElem = (Element)factory.newDocumentBuilder().parse(new FileInputStream(pathToXmlFile));
Element sigElem = docSource.getDocumentElement();
SignatureSpecificVerificationOptions ssvo = new SignatureSpecificVerificationOptions();
ssvo.useBaseUri("http://www.ietf.org/rfc/");
XAdESVerificationResult r = v.verify(sigElem, ssvo);
System.out.println(r.getSignatureForm());
System.out.println(r.getSignatureAlgorithmUri());
System.out.println(r.getSignedDataObjects().size());
System.out.println(r.getQualifyingProperties().all().size());
}
I receive this exception:
Exception in thread "main" xades4j.xml.unmarshalling.UnmarshalException: Bad XML signature
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:123)
at bankconnect2.xades.Signer.verify(Signer.java:392)
at bankconnect2.BankConnect2.main(BankConnect2.java:591)
Caused by: org.apache.xml.security.exceptions.XMLSecurityException: **Cannot create a null:null from a http://www.w3.org/2000/09/xmldsig#:Signature element**
at org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpace(ElementProxy.java:249)
at org.apache.xml.security.utils.ElementProxy.<init>(ElementProxy.java:97)
at org.apache.xml.security.utils.SignatureElementProxy.<init>(SignatureElementProxy.java:58)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:341)
at org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:326)
at xades4j.verification.XadesVerifierImpl.verify(XadesVerifierImpl.java:120)
Size of trustAnchors is 0 - shouldn't be > 0? Can you point me where I go wrong?
回答1:
I've noted 2 things:
DocumentBuilderFactoryshould be namespace aware.- You aren't loading anything into the trust anchors keystore. You probably want to load it from a file.
If the unmarshalling exception is still present, there's probably an error on the signature XML.
来源:https://stackoverflow.com/questions/24685913/xades4j-verification-cannot-create-a-nullnull-from-a-http-www-w3-org-2000-0