gpt4 book ai didi

java - SignedXml checksignature 返回 false。

转载 作者:行者123 更新时间:2023-12-01 10:07:45 29 4
gpt4 key购买 nike

我需要你的帮助。

因此,我在 java 上生成了带有 Xml 签名的文档,当我尝试在 C# 上进行验证时,我得到了 false。然后我在 C# 上生成了带有签名的相同文档,就可以了。返回true

这是我用 C# 生成的 xml:

<GovTalkMessage xmlns="http://www.govtalk.gov.uk/CM/envelope">
<EnvelopeVersion>2.0</EnvelopeVersion>
<Header>
<MessageDetails>
<Class>**********</Class>
<Qualifier>request</Qualifier>
<Function>submit</Function>
<CorrelationID></CorrelationID>
<ResponseEndPoint PollInterval="0" />
<GatewayTimestamp>2015-05-22 10:36:00 46</GatewayTimestamp>
</MessageDetails>
<SenderDetails>
<IDAuthentication>
<SenderID>*******</SenderID>
<Authentication>
<Method>clear</Method>
<Value>******</Value>
</Authentication>
</IDAuthentication>
<EmailAddress>nomail</EmailAddress>
</SenderDetails>
</Header>
<Body>
<Message xmlns="urn:g3.ge:cra:call:CRA_Xcrms_ProcessRequest:v1">
<Request>
<SubcontractId>*********</SubcontractId>
<Parameters>
<ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#" Id="b8fab299-1f02-4952-bc51-51c1a801cfbd">
<NamedCurve URI="urn:oid:1.3.36.3.3.2.8.1.1.7" />
<PublicKey>BHeO8NM3siFsm/4wOuZfuYqxEyHITRIw10nck6VWmsQeIpJ7SA6octSy6CribK+I8CfALnlPCi0ugcfhtndJjRo=</PublicKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<Reference URI="#b8fab299-1f02-4952-bc51-51c1a801cfbd">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>dj0zX2jwmWo31ZHQZ8QD/oCofWM=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>WesZbraD0p0eW0GmhQ8ZpTyQ9Z3xiiWph/mIam2nhVPmXfJCdVVvPPxwL3IfseZLXUa4xQwOO4Goa6DOH8drqSbORdrHiTmB7f5QfeqL1kH3BB5sQuHWyHHtN37284e7/jB+1awxcyVkdE9Vk2lDsHmn4f3vjdk1tvKJOYlfsP0MEJQ4XG2fpCWgGebWHCy1oNUOI9X/hOLxQK+n5MVHM7hiO7xDcziSq2SgAOIoxHgAKEfDUR8fC1QPwQGTpClLoY2QD1wbv1h3FsnK9+Fg7Tx1g0iE6hyppb3dSveZBNWr8fOA9GMgeUzgB54bGQ8PPixRxIBs4L7Wb+Ro9qQG4w==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIFaDCCBFCgAwIBAgIKGKrxUAAAAAACYTANBgkqhkiG9w0BAQUFADBCMRIwEAYKCZImiZPyLGQBGRYCZ2UxEzARBgoJkiaJk/IsZAEZFgNjcmExFzAVBgNVBAMTDkNSQSBJU1NVSU5HIENBMB4XDTE2MDEwNDExMzgxOFoXDTE4MDEwMzExMzgxOFowgY8xCzAJBgNVBAYTAkdFMQwwCgYDVQQIEwNOL0ExEDAOBgNVBAcTB1RiaWxpc2kxEzARBgNVBAoTCkdlb0ZpblRlY2gxCzAJBgNVBAsTAklUMRowGAYDVQQDExFUYW1hciBEYXR1YXNodmlsaTEiMCAGCSqGSIb3DQEJARYTdGFtYXJAZ2VvZmludGVjaC5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvjGHYQc+6pE+S90YcQ72gIu+6Min/rIQdezK6AYuxCLNocQlWM5GN2yzxbFc4S1p6j8D8Q/QKBrJ6p6T/93EyiZcV/CwEE6RC+VZkyzgz14FsQKXvjn20y8iGVIdwN7+vyTnkfFS6QngzrAukJE5TUcBQxw9Ja7Pn5QRaH6r2qiroKgw3DqszpRONMi701RNOcKYhvHZSVNQG6ZN4k/1z1TIEG4BgyhGp/9923Yo1NE8bxai2e6GBULaDV9zgicIP4bQqpAjzKlfVPVD07zE+qQlzViiXUo3Ivkk6LhRX5LtJ7f783MHY4NKMSrrpvy3wXuhvmj5SI/GQCmevqfU8CAwEAAaOCAhAwggIMMAsGA1UdDwQEAwIFoDA7BgkrBgEEAYI3FQcELjAsBiQrBgEEAYI3FQiMrxOCxd0kgeWXFZnFboLIgn1ZherrPoWoyzkCAWQCAQkwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBRs+UHm6cklk/B9F+ftjFRbSTSPiDAfBgNVHSMEGDAWgBTDtujkuZ450dwAyTWTgpsCj5IwSTBOBgNVHR8ERzBFMEOgQaA/hj1odHRwOi8vY3JhLWlzc3VpbmdjYS5jcmEuZ2UvQ2VydEVucm9sbC9DUkElMjBJU1NVSU5HJTIwQ0EuY3JsMG4GCCsGAQUFBwEBBGIwYDBeBggrBgEFBQcwAoZSaHR0cDovL2NyYS1pc3N1aW5nY2EuY3JhLmdlL0NlcnRFbnJvbGwvQ1JBLUlTU1VJTkdDQS5jcmEuZ2VfQ1JBJTIwSVNTVUlORyUyMENBLmNydDA1BgNVHSUELjAsBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwQwYJKwYBBAGCNxUKBDYwNDAMBgorBgEEAYI3FAICMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMAwGCisGAQQBgjcKAwQwDQYJKoZIhvcNAQEFBQADggEBAFPv8dF7lv0koP4qTnf6xyR3GW5hf0k0gOv7LMxuvwNZR6fnupVNx5QS4zEsQnJQoUII9qXyScxaXe96bPRKQqMaJLpMhxjsLMqpPRTLmdIvVExf4Jyo3ZPzquYx/+IokzhJaXK2qV2Z1P/kd0p1I03BYdWEabGz+MsARSer2s4IxeELgVSHKwk/aYY3LdsddbMJg1TO0Knmqvssri/rtJ6h9PAbtheijukEktmjWdLZ+A+/mATmX9i5FOKVkc9bdRmIw0M59ura+r3HThlZ+5J6amFuQJAxp7M6RwnLOqPyk21Hiaccufw4Hr6CvQ8c9lcjbK0k5z7dBDMt+JA4shI=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</ECKeyValue>
</Parameters>
</Request>
</Message>
</Body>
</GovTalkMessage>

这是我在 java 中生成的 xml:

<GovTalkMessage xmlns="http://www.govtalk.gov.uk/CM/envelope">
<EnvelopeVersion>2.0</EnvelopeVersion>
<Header>
<MessageDetails>
<Class>*******</Class>
<Qualifier>request</Qualifier>
<Function>submit</Function>
<CorrelationID/>
<ResponseEndPoint PollInterval="0"/>
<GatewayTimestamp>2015-05-22 10:36:00 46</GatewayTimestamp>
</MessageDetails>
<SenderDetails>
<IDAuthentication>
<SenderID>*******</SenderID>
<Authentication>
<Method>clear</Method>
<Value>*******</Value>
</Authentication>
</IDAuthentication>
<EmailAddress>nomail</EmailAddress>
</SenderDetails>
</Header>
<Body>
<Message xmlns="urn:g3.ge:cra:call:CRA_Xcrms_ProcessRequest:v1">
<Request>
<SubcontractId>*******</SubcontractId>
<Parameters>
<ECKeyValue xmlns="http://www.w3.org/2009/xmldsig11#" Id="e05606fa-f84f-4f03-b979-59e3ab07c431">
<NamedCurve URI="urn:oid:1.3.36.3.3.2.8.1.1.7"/>
<PublicKey>BHCX/TfxYEqT+RkvWwe7FUwgcfYv4Delhn4Gh3VDwYdfiPNsbdSrpdTifdzjW4xF2t18Dv6oWHvnxj4vzulyLLU=</PublicKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="#e05606fa-f84f-4f03-b979-59e3ab07c431">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>bkpr3QO9lbDyLHfN78AptsaAiDA=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>tKSd9QHighByIW87N/Flkpt5KlaeOCQjT3ot3oNycNA5143GLjo/LZr6LyILiCef9fkLtxotnANXgAxtU2VQePKJcrqksKxwFeRQg4ZaPv5R41LbNQVNlgM1pa70JpFtRgFwFIm8qzKokcd0dpBG/i+Q3318CRKbAJHXqnOvCU3g8hgWhcKDo8KISkOkvVvDiOXLlmVVspYEc9Miz+2SlXK0psMcpEZTs8Qwl2eUabcQq457pV3sWw+kWQCWWBJbU2t2sXTLw2jqT4gSvz68Txn5WwS5km0ArdmEwN7DqEpBWd9ItSVlQuq45Xi7ymwuHB4cUkx0EYwFjeOa6Y4hZw==</SignatureValue>
<KeyInfo>
<X509Data>
<X509Certificate>MIIFaDCCBFCgAwIBAgIKGKrxUAAAAAACYTANBgkqhkiG9w0BAQUFADBCMRIwEAYKCZImiZPyLGQBGRYCZ2UxEzARBgoJkiaJk/IsZAEZFgNjcmExFzAVBgNVBAMTDkNSQSBJU1NVSU5HIENBMB4XDTE2MDEwNDExMzgxOFoXDTE4MDEwMzExMzgxOFowgY8xCzAJBgNVBAYTAkdFMQwwCgYDVQQIEwNOL0ExEDAOBgNVBAcTB1RiaWxpc2kxEzARBgNVBAoTCkdlb0ZpblRlY2gxCzAJBgNVBAsTAklUMRowGAYDVQQDExFUYW1hciBEYXR1YXNodmlsaTEiMCAGCSqGSIb3DQEJARYTdGFtYXJAZ2VvZmludGVjaC5nZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvjGHYQc+6pE+S90YcQ72gIu+6Min/rIQdezK6AYuxCLNocQlWM5GN2yzxbFc4S1p6j8D8Q/QKBrJ6p6T/93EyiZcV/CwEE6RC+VZkyzgz14FsQKXvjn20y8iGVIdwN7+vyTnkfFS6QngzrAukJE5TUcBQxw9Ja7Pn5QRaH6r2qiroKgw3DqszpRONMi701RNOcKYhvHZSVNQG6ZN4k/1z1TIEG4BgyhGp/9923Yo1NE8bxai2e6GBULaDV9zgicIP4bQqpAjzKlfVPVD07zE+qQlzViiXUo3Ivkk6LhRX5LtJ7f783MHY4NKMSrrpvy3wXuhvmj5SI/GQCmevqfU8CAwEAAaOCAhAwggIMMAsGA1UdDwQEAwIFoDA7BgkrBgEEAYI3FQcELjAsBiQrBgEEAYI3FQiMrxOCxd0kgeWXFZnFboLIgn1ZherrPoWoyzkCAWQCAQkwRAYJKoZIhvcNAQkPBDcwNTAOBggqhkiG9w0DAgICAIAwDgYIKoZIhvcNAwQCAgCAMAcGBSsOAwIHMAoGCCqGSIb3DQMHMB0GA1UdDgQWBBRs+UHm6cklk/B9F+ftjFRbSTSPiDAfBgNVHSMEGDAWgBTDtujkuZ450dwAyTWTgpsCj5IwSTBOBgNVHR8ERzBFMEOgQaA/hj1odHRwOi8vY3JhLWlzc3VpbmdjYS5jcmEuZ2UvQ2VydEVucm9sbC9DUkElMjBJU1NVSU5HJTIwQ0EuY3JsMG4GCCsGAQUFBwEBBGIwYDBeBggrBgEFBQcwAoZSaHR0cDovL2NyYS1pc3N1aW5nY2EuY3JhLmdlL0NlcnRFbnJvbGwvQ1JBLUlTU1VJTkdDQS5jcmEuZ2VfQ1JBJTIwSVNTVUlORyUyMENBLmNydDA1BgNVHSUELjAsBgorBgEEAYI3FAICBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQwQwYJKwYBBAGCNxUKBDYwNDAMBgorBgEEAYI3FAICMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMAwGCisGAQQBgjcKAwQwDQYJKoZIhvcNAQEFBQADggEBAFPv8dF7lv0koP4qTnf6xyR3GW5hf0k0gOv7LMxuvwNZR6fnupVNx5QS4zEsQnJQoUII9qXyScxaXe96bPRKQqMaJLpMhxjsLMqpPRTLmdIvVExf4Jyo3ZPzquYx/+IokzhJaXK2qV2Z1P/kd0p1I03BYdWEabGz+MsARSer2s4IxeELgVSHKwk/aYY3LdsddbMJg1TO0Knmqvssri/rtJ6h9PAbtheijukEktmjWdLZ+A+/mATmX9i5FOKVkc9bdRmIw0M59ura+r3HThlZ+5J6amFuQJAxp7M6RwnLOqPyk21Hiaccufw4Hr6CvQ8c9lcjbK0k5z7dBDMt+JA4shI=</X509Certificate>
</X509Data>
</KeyInfo>
</Signature>
</ECKeyValue>
</Parameters>
</Request>
</Message>
</Body>
</GovTalkMessage>

我生成了这些文件十亿次,但是这个 C# 代码类似于从 C# 生成的文件,但我有由 java 生成的问题文件:

        //it's income xml request
string requestFromService = "myxmlFile.xml";


XmlDocument xmlDocument = new XmlDocument();
xmlDocument.LoadXml(Helpers.readAllFromFile(requestFromService));

XmlElement xml = xmlDocument.DocumentElement;
XmlElement keyValue = xml.GetElementsByTagName("ECKeyValue").Item(0) as XmlElement;

XmlElement signatureElement = xml.GetElementsByTagName("Signature").Item(0) as XmlElement;

keyValue.RemoveChild(signatureElement);

//
var signedXml = new SignedXml(keyValue);
signedXml.LoadXml(signatureElement);
bool result = signedXml.CheckSignature();

Console.WriteLine(String.Format("Result : {0}", result));

System.Security.Cryptography.Xml.SignedXml 的工作原理。为什么xml签名无效?请帮忙。

最佳答案

请注意,进行签名时 XML 的格式很重要。

如果文档的格式如问题所示,则它们包含大量空格。 .NET 通常会忽略这一点。您需要设置一个标志来保留空格:

XmlDocument xmlDocument = new XmlDocument
{
PreserveWhitespace = true
};
xmlDocument.LoadXml(Helpers.readAllFromFile(requestFromService));

此外,您不应在验证之前删除 Signature 元素,而应使用 xml dsig 封装转换来完成此操作。

关于java - SignedXml checksignature 返回 false。,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36329834/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com